First of all thanks for taking the time to read this.Over the last few days my pc has become infected probably from a torrent or something similar it has been disabling all my security programs and stopping other programs from starting up even my internet connection until a friend told me how to get it running again.Sorry I am not particularly pc savvy(but this might change things!) but I have downloaded different antispyware programs hoping one of them might find the problem but maybe this was not the answer.Last night bit defender stopped about 80 threats under the name Application.Downloader.Small.243 and spy doctor said I had Winad Media Decompressor malware but program could not clean it as it kept freezing.I have not posted a hijack this log according to the forum rules yet,I currently have Ad-Aware,Spybot,AVG Free Edition,Bit Defender and Avast working on the pc.Please advise thanks.
EDIT: Moved to the HijackThis Logs forum -- rookie147
Full Version: PC infected please help
Lavasoft Support Forums > Archived Topics > Archives: Resolved/Inactive Topics > Resolved/Inactive HijackThis Logs
Hello onerytk, and welcome to Lavasoft Support Forums. My name is Charles and I will be dealing with your log today.
I'd like you to run a full scan of your system using Ad-Aware, making sure that you save the log. Post that in your next reply, please.
Click here to download HijackThis.
Save HJTsetup.exe to your Desktop.
Double click on the HJTsetup.exe icon to start the program.
Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
Put a check by Create a desktop icon then click Next again.
Continue to follow the rest of the prompts from there.
At the final dialogue box click Finish and it will launch HijackThis.
Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
Click Save to save the log file and post it in your next reply.
Post me back the HijackThis log, along with the Ad-Aware report.
Thanks,
Charles
I'd like you to run a full scan of your system using Ad-Aware, making sure that you save the log. Post that in your next reply, please.
Click here to download HijackThis.
Save HJTsetup.exe to your Desktop.
Double click on the HJTsetup.exe icon to start the program.
Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
Put a check by Create a desktop icon then click Next again.
Continue to follow the rest of the prompts from there.
At the final dialogue box click Finish and it will launch HijackThis.
Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
Click Save to save the log file and post it in your next reply.
Post me back the HijackThis log, along with the Ad-Aware report.
Thanks,
Charles
Hi Charles
Many thanks for looking at my pc problems,it has just taken over 2 hours to perform an ad- aware scan as something is hogging the resources of the pc and CPU seems to be at 100% nearly all the time.
Anyway here are the logs.
Ad-Aware SE Build 1.06r1
Logfile Created on:22 January 2007 16:54:22
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R146 22.01.2007
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):13 total references.
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Search for low-risk threats
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : Prior to deletion, allow unloading Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic settings in log file
Set : Include additional settings in log file
Set : Include reference summary in log file
Set : Include Alternate Datastream details in log file
Set : Play sound at scan completion if scan locates critical objects
22-01-2007 16:54:22 - Scan started. (Full System Scan)
MRU List Object Recognized:
Location: : C:\Documents and Settings\John Kearns\recent
Description : list of recently opened documents
MRU List Object Recognized:
Location: : .DEFAULT\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized:
Location: : S-1-5-18\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized:
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized:
Location: : .DEFAULT\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized:
Location: : S-1-5-18\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized:
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized:
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized:
Location: : S-1-5-21-2281709663-2172987108-98543558-1006\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized:
Location: : S-1-5-21-2281709663-2172987108-98543558-1006\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant
MRU List Object Recognized:
Location: : S-1-5-21-2281709663-2172987108-98543558-1006\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized:
Location: : S-1-5-21-2281709663-2172987108-98543558-1006\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized:
Location: : S-1-5-21-2281709663-2172987108-98543558-1006\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 652
ThreadCreationTime : 22-01-2007 00:45:23
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 732
ThreadCreationTime : 22-01-2007 00:45:31
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 756
ThreadCreationTime : 22-01-2007 00:45:32
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 804
ThreadCreationTime : 22-01-2007 00:45:32
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 816
ThreadCreationTime : 22-01-2007 00:45:32
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 992
ThreadCreationTime : 22-01-2007 00:45:33
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1036
ThreadCreationTime : 22-01-2007 00:45:34
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [msmpeng.exe]
FilePath : C:\Program Files\Windows Defender\
ProcessID : 1072
ThreadCreationTime : 22-01-2007 00:45:34
BasePriority : Normal
FileVersion : 1.1.1593.0
ProductVersion : 1.1.1593.0
ProductName : Windows Defender
CompanyName : Microsoft Corporation
FileDescription : Service Executable
InternalName : MsMpEng.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : MsMpEng.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1148
ThreadCreationTime : 22-01-2007 00:45:34
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1284
ThreadCreationTime : 22-01-2007 00:45:39
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1296
ThreadCreationTime : 22-01-2007 00:45:39
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:12 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1432
ThreadCreationTime : 22-01-2007 00:45:41
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:13 [aswupdsv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 1572
ThreadCreationTime : 22-01-2007 00:45:41
BasePriority : Normal
#:14 [ashserv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 1584
ThreadCreationTime : 22-01-2007 00:45:42
BasePriority : High
FileVersion : 4, 7, 936, 0
ProductVersion : 4, 7, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! antivirus service
InternalName : aswServ
LegalCopyright : Copyright © 2007 ALWIL Software
OriginalFilename : aswServ.exe
#:15 [avgamsvr.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 1608
ThreadCreationTime : 22-01-2007 00:45:42
BasePriority : Normal
FileVersion : 7.5.0.420
ProductVersion : 7.5.0.420
ProductName : AVG 7.5 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Alert Manager
InternalName : avgamsvr
LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
OriginalFilename : avgamsvr.EXE
#:16 [avgupsvc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 1628
ThreadCreationTime : 22-01-2007 00:45:42
BasePriority : Normal
FileVersion : 7.5.0.420
ProductVersion : 7.5.0.420
ProductName : AVG 7.5 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Update Service
InternalName : avgupsvc
LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
OriginalFilename : avgupdsvc.EXE
#:17 [avgemc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 1640
ThreadCreationTime : 22-01-2007 00:45:43
BasePriority : Normal
FileVersion : 7.5.0.432
ProductVersion : 7.5.0.432
ProductName : AVG Anti-Virus system
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG E-Mail Scanner
InternalName : avgemc
LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
OriginalFilename : avgemc.exe
#:18 [netsvc.exe]
FilePath : C:\Program Files\Intel\PROSetWired\NCS\Sync\
ProcessID : 1780
ThreadCreationTime : 22-01-2007 00:45:43
BasePriority : Normal
FileVersion : 1.6.3.0
ProductVersion : 1.6.3.0
ProductName : Intel® Network Configuration Services
CompanyName : Intel® Corporation
FileDescription : NetSvc Module
InternalName : NetSvc
LegalCopyright : Copyright© 2001-2004 Intel Corporation
OriginalFilename : NetSvc.Exe
#:19 [snmp.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1844
ThreadCreationTime : 22-01-2007 00:45:44
BasePriority : Normal
FileVersion : 5.1.2600.3038 (xpsp_sp2_gdr.061119-2303)
ProductVersion : 5.1.2600.3038
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : SNMP Service
InternalName : snmp.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : snmp.exe
#:20 [xcommsvr.exe]
FilePath : C:\Program Files\Common Files\Softwin\BitDefender Communicator\
ProcessID : 1964
ThreadCreationTime : 22-01-2007 00:45:45
BasePriority : Normal
FileVersion : 1, 8, 11, 0
ProductVersion : 1, 8, 11, 0
ProductName : Softwin BitDefender Communicator Server
CompanyName : Softwin
FileDescription : BitDefender Communicator Server
InternalName : XCOMMSVR
LegalCopyright : Copyright © 2003-2004 Softwin
OriginalFilename : xcommsvr.exe
Comments : Manages communication between BitDefender components
#:21 [livesrv.exe]
FilePath : C:\Program Files\Common Files\Softwin\BitDefender Update Service\
ProcessID : 336
ThreadCreationTime : 22-01-2007 00:45:47
BasePriority : Normal
FileVersion : 10, 0, 0, 5
ProductVersion : 10, 0, 0, 5
ProductName : BitDefender 10
CompanyName : SOFTWIN S.R.L.
FileDescription : BitDefender Security Service
InternalName : LiveSrv
LegalCopyright : © 2006 SOFTWIN S.R.L.
OriginalFilename : livesrv.exe
#:22 [ashmaisv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 1352
ThreadCreationTime : 22-01-2007 00:45:54
BasePriority : Normal
#:23 [ashwebsv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 1380
ThreadCreationTime : 22-01-2007 00:45:55
BasePriority : Normal
#:24 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2140
ThreadCreationTime : 22-01-2007 00:45:55
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:25 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 2868
ThreadCreationTime : 22-01-2007 00:46:58
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:26 [issch.exe]
FilePath : C:\Program Files\Common Files\InstallShield\UpdateService\
ProcessID : 3228
ThreadCreationTime : 22-01-2007 00:48:06
BasePriority : Normal
FileVersion : 3, 10, 100, 1155
ProductVersion : 3, 10
ProductName : InstallShield Update Service
CompanyName : InstallShield Software Corporation
FileDescription : InstallShield Update Service Scheduler
InternalName : Scheduler
LegalCopyright : Copyright © 1990-2004 InstallShield Software Corporation
OriginalFilename : issch.exe
#:27 [msascui.exe]
FilePath : C:\Program Files\Windows Defender\
ProcessID : 3312
ThreadCreationTime : 22-01-2007 00:48:10
BasePriority : Normal
FileVersion : 1.1.1593.0
ProductVersion : 1.1.1593.0
ProductName : Windows Defender
CompanyName : Microsoft Corporation
FileDescription : Windows Defender User Interface
InternalName : MSASCUI
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : MSASCUI.exe
#:28 [ashdisp.exe]
FilePath : C:\PROGRA~1\ALWILS~1\Avast4\
ProcessID : 3328
ThreadCreationTime : 22-01-2007 00:48:11
BasePriority : Normal
FileVersion : 4, 7, 936, 0
ProductVersion : 4, 7, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! service GUI component
InternalName : aswDisp
LegalCopyright : Copyright © 2007 ALWIL Software
OriginalFilename : aswDisp.exe
#:29 [moffice.exe]
FilePath : C:\Program Files\Labtec\Desktop\V5.1\
ProcessID : 3384
ThreadCreationTime : 22-01-2007 00:48:14
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : MOffice Application
FileDescription : MOffice MFC Application
InternalName : MOffice
LegalCopyright : Copyright © 2002
OriginalFilename : MOffice.EXE
#:30 [kbdap32a.exe]
FilePath : C:\Program Files\Labtec\Desktop\V5.1\
ProcessID : 3404
ThreadCreationTime : 22-01-2007 00:48:16
BasePriority : Normal
FileVersion : 3.9.2.1
ProductVersion : 3.0.0.0
FileDescription : Multi-Media Keyboard Application
LegalCopyright : Copyright 2001 by LEE,WEI-BIN.
#:31 [bdmcon.exe]
FilePath : C:\Program Files\Softwin\BitDefender10\
ProcessID : 3412
ThreadCreationTime : 22-01-2007 00:48:16
BasePriority : Normal
FileVersion : 10, 0, 0, 2
ProductVersion : 10, 0, 0, 0
ProductName : BitDefender 10
CompanyName : SOFTWIN S.R.L.
FileDescription : BitDefender Management Console
InternalName : Management Console
LegalCopyright : © 2006 SOFTWIN S.R.L.
OriginalFilename : bdmcon.exe
#:32 [bdagent.exe]
FilePath : C:\Program Files\Softwin\BitDefender10\
ProcessID : 3432
ThreadCreationTime : 22-01-2007 00:48:17
BasePriority : Normal
FileVersion : 10, 0, 0, 4
ProductVersion : 10, 0, 0, 1
ProductName : Bitdefender 10
CompanyName : SOFTWIN S.R.L.
FileDescription : BDSwitch Application
InternalName : BDSwitch
LegalCopyright : © 2006 SOFTWIN S.R.L.
OriginalFilename : BDSwitch.exe
#:33 [jusched.exe]
FilePath : C:\Program Files\Java\jre1.5.0_10\bin\
ProcessID : 3484
ThreadCreationTime : 22-01-2007 00:48:18
BasePriority : Normal
#:34 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3524
ThreadCreationTime : 22-01-2007 00:48:19
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE
#:35 [mouse32a.exe]
FilePath : C:\Program Files\Labtec\Desktop\V5.1\
ProcessID : 3632
ThreadCreationTime : 22-01-2007 00:48:24
BasePriority : High
FileVersion : 3.0.1.0
ProductVersion : 3.0.0.0
LegalCopyright : Copyright 2001 by LEE,WEI-BIN.
#:36 [tmas.exe]
FilePath : C:\Program Files\Trend Micro\Tmas\
ProcessID : 3692
ThreadCreationTime : 22-01-2007 00:48:32
BasePriority : Normal
FileVersion : 3, 0, 1, 23
ProductVersion : 3.11
ProductName : Trend Micro Anti-Spyware
CompanyName : Trend Micro Incorporated
FileDescription : Anti-Spyware Main Module
InternalName : tmas.exe
LegalCopyright : Copyright © 2003-2005 Trend Micro Incorporated. All rights reserved.
OriginalFilename : tmas.exe
#:37 [sgmain.exe]
FilePath : C:\Program Files\SpywareGuard\
ProcessID : 3764
ThreadCreationTime : 22-01-2007 00:48:40
BasePriority : Normal
FileVersion : 2.02.0001
ProductVersion : 2.02.0001
ProductName : SpywareGuard
FileDescription : SpywareGuard
InternalName : sgmain
LegalCopyright : Copyright © 2002-2003 Javacool Software LLC
OriginalFilename : sgmain.exe
Comments : SpywareGuard
#:38 [sgbhp.exe]
FilePath : C:\Program Files\SpywareGuard\
ProcessID : 3832
ThreadCreationTime : 22-01-2007 00:48:47
BasePriority : Normal
FileVersion : 2.02.0001
ProductVersion : 2.02.0001
ProductName : SG Browser Hijacking Protection
FileDescription : SG Browser Hijacking Protection
InternalName : sgbhp
LegalCopyright : Copyright © 2002-2003 Javacool Software LLC.
OriginalFilename : sgbhp.exe
Comments : SG Browser Hijacking Protection
#:39 [firefox.exe]
FilePath : C:\PROGRA~1\MOZILL~1\
ProcessID : 10728
ThreadCreationTime : 22-01-2007 07:51:15
BasePriority : Normal
#:40 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 10628
ThreadCreationTime : 22-01-2007 09:18:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : RUNDLL.EXE
#:41 [avgcc.exe]
FilePath : C:\Program Files\Grisoft\AVG Free\
ProcessID : 9948
ThreadCreationTime : 22-01-2007 09:20:26
BasePriority : Normal
FileVersion : 7.5.0.418
ProductVersion : 7.5.0.418
ProductName : AVG 7.5 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC
LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
OriginalFilename : AvgCC.EXE
#:42 [wkcalrem.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\Works Shared\
ProcessID : 10900
ThreadCreationTime : 22-01-2007 10:53:56
BasePriority : Normal
FileVersion : 7.02.0620.0
ProductVersion : 7.02.0620.0
ProductName : Microsoft® Works 7.0
CompanyName : Microsoft® Corporation
FileDescription : Microsoft® Works Calendar Reminder Service
InternalName : WkCalRem
LegalCopyright : Copyright © Microsoft Corporation. All rights reserved.
OriginalFilename : WKCALREM.EXE
#:43 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 8876
ThreadCreationTime : 22-01-2007 13:19:21
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:44 [apdproxy.exe]
FilePath : C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\
ProcessID : 12252
ThreadCreationTime : 22-01-2007 13:19:36
BasePriority : Normal
#:45 [idrivert.exe]
FilePath : C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\
ProcessID : 3868
ThreadCreationTime : 22-01-2007 13:34:24
BasePriority : Normal
FileVersion : 11.00.28844
ProductVersion : 11.00
ProductName : InstallShield ®
CompanyName : Macrovision Corporation
FileDescription : IDriverT Module
InternalName : IDriverT
LegalCopyright : Copyright © 2005 Macrovision Corporation
OriginalFilename : IDriverT.exe
#:46 [idrivert.exe]
FilePath : C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\
ProcessID : 5948
ThreadCreationTime : 22-01-2007 13:34:24
BasePriority : Normal
FileVersion : 11.00.28844
ProductVersion : 11.00
ProductName : InstallShield ®
CompanyName : Macrovision Corporation
FileDescription : IDriverT Module
InternalName : IDriverT
LegalCopyright : Copyright © 2005 Macrovision Corporation
OriginalFilename : IDriverT.exe
#:47 [bdss.exe]
FilePath : C:\Program Files\Common Files\Softwin\BitDefender Scan Server\
ProcessID : 12160
ThreadCreationTime : 22-01-2007 15:34:22
BasePriority : Normal
#:48 [vsserv.exe]
FilePath : C:\Program Files\Softwin\BitDefender10\
ProcessID : 1752
ThreadCreationTime : 22-01-2007 15:34:25
BasePriority : Normal
FileVersion : 10, 0, 0, 40
ProductVersion : 10, 0, 0, 40
ProductName : BitDefender 10
CompanyName : SOFTWIN S.R.L.
FileDescription : BitDefender Security Service
InternalName : VSServ
LegalCopyright : © 2006 SOFTWIN S.R.L.
OriginalFilename : vsserv.exe
#:49 [hijackthis.exe]
FilePath : C:\Documents and Settings\John Kearns\My Documents\hijack this\
ProcessID : 11428
ThreadCreationTime : 22-01-2007 15:48:58
BasePriority : Normal
FileVersion : 1.99.0001
ProductVersion : 1.99.0001
ProductName : HijackThis
CompanyName : Soeperman Enterprises Ltd.
FileDescription : HijackThis
InternalName : HijackThis
LegalCopyright : Freeware
OriginalFilename : HijackThis.exe
Comments : Version history is in Help section
#:50 [notepad.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 11984
ThreadCreationTime : 22-01-2007 15:51:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Notepad
InternalName : Notepad
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : NOTEPAD.EXE
#:51 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 11268
ThreadCreationTime : 22-01-2007 15:52:51
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 0
Objects found so far: 13
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 0
Objects found so far: 13
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 0
Objects found so far: 13
Started tracking cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 0
Objects found so far: 13
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk scan result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 0
Objects found so far: 13
Performing conditional scans..
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 0
Objects found so far: 13
18:08:22 Scan Complete
Summary of this scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:01:13:59.859
Objects scanned:166733
Objects identified:0
Objects ignored:0
New Critical Objects:0
Logfile of HijackThis v1.99.1
Scan saved at 16:51:04, on 22/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Labtec\Desktop\V5.1\moffice.exe
C:\Program Files\Labtec\Desktop\V5.1\kbdap32a.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Labtec\Desktop\V5.1\MOUSE32A.EXE
C:\Program Files\Trend Micro\Tmas\Tmas.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Grisoft\AVG Free\avgcc.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriverT.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Documents and Settings\John Kearns\My Documents\hijack this\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.co.uk
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer From Wanadoo Spain
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: ONSPEED Toolbar - {4E7BD74F-2B8D-469E-84BA-B830E8D4E122} - C:\PROGRA~1\ONSPEE~1\ONSPEE~1.DLL
O3 - Toolbar: ONSPEED - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - C:\Program Files\ONSPEED\Toolband.dll
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Labtec\Desktop\V5.1\moffice.exe
O4 - HKLM\..\Run: [OFFICEKB] C:\Program Files\Labtec\Desktop\V5.1\kbdap32a.exe
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [errorkiller] "C:\Program Files\errorkiller\errorkiller.exe" -boot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.es
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9BF607E0-4CC1-4099-9A07-362C9E4FB090} (WStarter Control) - http://live.pdbox.co.kr:8057/WStarter.cab
O16 - DPF: {A364AF35-0CDF-41E8-8F3B-E0E55E15EBA1} (Zenturi Active Programs Control) - http://www.programchecker.com/dll/nixon.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/vir...l/installer.exe
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by21fd.bay21.hotmail.msn.com/activex/HMAtchmt.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{B2F0D09B-DCD6-47ED-8B97-458C6015B7CC}: NameServer = 80.58.61.250 80.58.61.254
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: McAfee Application Installer Cleanup (0239291169401684) (0239291169401684mcinstcleanup) - Unknown owner - C:\DOCUME~1\JOHNKE~1\LOCALS~1\Temp\023929~1.EXE (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KService - Unknown owner - C:\Program Files\Kontiki\KService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: lxcf_device - Unknown owner - C:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: McAfee Log Manager (McLogManagerService) - Unknown owner - C:\PROGRA~1\McAfee\MSC\mclogsrv.exe (file missing)
O23 - Service: McAfee Update Manager (mcmispupdmgr) - Unknown owner - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe (file missing)
O23 - Service: McAfee Network Agent (McNASvc) - Unknown owner - c:\program files\common files\mcafee\mna\mcnasvc.exe (file missing)
O23 - Service: McAfee Protection Manager (mcpromgr) - Unknown owner - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe (file missing)
O23 - Service: McAfee Task Scheduler (mctskshd.exe) - Unknown owner - C:\PROGRA~1\McAfee\MSC\mctskshd.exe (file missing)
O23 - Service: McAfee User Manager (mcusrmgr) - Unknown owner - C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Many thanks for looking at my pc problems,it has just taken over 2 hours to perform an ad- aware scan as something is hogging the resources of the pc and CPU seems to be at 100% nearly all the time.
Anyway here are the logs.
Ad-Aware SE Build 1.06r1
Logfile Created on:22 January 2007 16:54:22
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R146 22.01.2007
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):13 total references.
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Search for low-risk threats
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : Prior to deletion, allow unloading Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic settings in log file
Set : Include additional settings in log file
Set : Include reference summary in log file
Set : Include Alternate Datastream details in log file
Set : Play sound at scan completion if scan locates critical objects
22-01-2007 16:54:22 - Scan started. (Full System Scan)
MRU List Object Recognized:
Location: : C:\Documents and Settings\John Kearns\recent
Description : list of recently opened documents
MRU List Object Recognized:
Location: : .DEFAULT\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized:
Location: : S-1-5-18\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized:
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized:
Location: : .DEFAULT\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized:
Location: : S-1-5-18\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized:
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized:
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized:
Location: : S-1-5-21-2281709663-2172987108-98543558-1006\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized:
Location: : S-1-5-21-2281709663-2172987108-98543558-1006\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant
MRU List Object Recognized:
Location: : S-1-5-21-2281709663-2172987108-98543558-1006\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized:
Location: : S-1-5-21-2281709663-2172987108-98543558-1006\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized:
Location: : S-1-5-21-2281709663-2172987108-98543558-1006\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 652
ThreadCreationTime : 22-01-2007 00:45:23
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 732
ThreadCreationTime : 22-01-2007 00:45:31
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 756
ThreadCreationTime : 22-01-2007 00:45:32
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 804
ThreadCreationTime : 22-01-2007 00:45:32
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 816
ThreadCreationTime : 22-01-2007 00:45:32
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 992
ThreadCreationTime : 22-01-2007 00:45:33
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1036
ThreadCreationTime : 22-01-2007 00:45:34
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [msmpeng.exe]
FilePath : C:\Program Files\Windows Defender\
ProcessID : 1072
ThreadCreationTime : 22-01-2007 00:45:34
BasePriority : Normal
FileVersion : 1.1.1593.0
ProductVersion : 1.1.1593.0
ProductName : Windows Defender
CompanyName : Microsoft Corporation
FileDescription : Service Executable
InternalName : MsMpEng.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : MsMpEng.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1148
ThreadCreationTime : 22-01-2007 00:45:34
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1284
ThreadCreationTime : 22-01-2007 00:45:39
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1296
ThreadCreationTime : 22-01-2007 00:45:39
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:12 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1432
ThreadCreationTime : 22-01-2007 00:45:41
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:13 [aswupdsv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 1572
ThreadCreationTime : 22-01-2007 00:45:41
BasePriority : Normal
#:14 [ashserv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 1584
ThreadCreationTime : 22-01-2007 00:45:42
BasePriority : High
FileVersion : 4, 7, 936, 0
ProductVersion : 4, 7, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! antivirus service
InternalName : aswServ
LegalCopyright : Copyright © 2007 ALWIL Software
OriginalFilename : aswServ.exe
#:15 [avgamsvr.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 1608
ThreadCreationTime : 22-01-2007 00:45:42
BasePriority : Normal
FileVersion : 7.5.0.420
ProductVersion : 7.5.0.420
ProductName : AVG 7.5 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Alert Manager
InternalName : avgamsvr
LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
OriginalFilename : avgamsvr.EXE
#:16 [avgupsvc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 1628
ThreadCreationTime : 22-01-2007 00:45:42
BasePriority : Normal
FileVersion : 7.5.0.420
ProductVersion : 7.5.0.420
ProductName : AVG 7.5 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Update Service
InternalName : avgupsvc
LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
OriginalFilename : avgupdsvc.EXE
#:17 [avgemc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 1640
ThreadCreationTime : 22-01-2007 00:45:43
BasePriority : Normal
FileVersion : 7.5.0.432
ProductVersion : 7.5.0.432
ProductName : AVG Anti-Virus system
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG E-Mail Scanner
InternalName : avgemc
LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
OriginalFilename : avgemc.exe
#:18 [netsvc.exe]
FilePath : C:\Program Files\Intel\PROSetWired\NCS\Sync\
ProcessID : 1780
ThreadCreationTime : 22-01-2007 00:45:43
BasePriority : Normal
FileVersion : 1.6.3.0
ProductVersion : 1.6.3.0
ProductName : Intel® Network Configuration Services
CompanyName : Intel® Corporation
FileDescription : NetSvc Module
InternalName : NetSvc
LegalCopyright : Copyright© 2001-2004 Intel Corporation
OriginalFilename : NetSvc.Exe
#:19 [snmp.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1844
ThreadCreationTime : 22-01-2007 00:45:44
BasePriority : Normal
FileVersion : 5.1.2600.3038 (xpsp_sp2_gdr.061119-2303)
ProductVersion : 5.1.2600.3038
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : SNMP Service
InternalName : snmp.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : snmp.exe
#:20 [xcommsvr.exe]
FilePath : C:\Program Files\Common Files\Softwin\BitDefender Communicator\
ProcessID : 1964
ThreadCreationTime : 22-01-2007 00:45:45
BasePriority : Normal
FileVersion : 1, 8, 11, 0
ProductVersion : 1, 8, 11, 0
ProductName : Softwin BitDefender Communicator Server
CompanyName : Softwin
FileDescription : BitDefender Communicator Server
InternalName : XCOMMSVR
LegalCopyright : Copyright © 2003-2004 Softwin
OriginalFilename : xcommsvr.exe
Comments : Manages communication between BitDefender components
#:21 [livesrv.exe]
FilePath : C:\Program Files\Common Files\Softwin\BitDefender Update Service\
ProcessID : 336
ThreadCreationTime : 22-01-2007 00:45:47
BasePriority : Normal
FileVersion : 10, 0, 0, 5
ProductVersion : 10, 0, 0, 5
ProductName : BitDefender 10
CompanyName : SOFTWIN S.R.L.
FileDescription : BitDefender Security Service
InternalName : LiveSrv
LegalCopyright : © 2006 SOFTWIN S.R.L.
OriginalFilename : livesrv.exe
#:22 [ashmaisv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 1352
ThreadCreationTime : 22-01-2007 00:45:54
BasePriority : Normal
#:23 [ashwebsv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 1380
ThreadCreationTime : 22-01-2007 00:45:55
BasePriority : Normal
#:24 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2140
ThreadCreationTime : 22-01-2007 00:45:55
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:25 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 2868
ThreadCreationTime : 22-01-2007 00:46:58
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:26 [issch.exe]
FilePath : C:\Program Files\Common Files\InstallShield\UpdateService\
ProcessID : 3228
ThreadCreationTime : 22-01-2007 00:48:06
BasePriority : Normal
FileVersion : 3, 10, 100, 1155
ProductVersion : 3, 10
ProductName : InstallShield Update Service
CompanyName : InstallShield Software Corporation
FileDescription : InstallShield Update Service Scheduler
InternalName : Scheduler
LegalCopyright : Copyright © 1990-2004 InstallShield Software Corporation
OriginalFilename : issch.exe
#:27 [msascui.exe]
FilePath : C:\Program Files\Windows Defender\
ProcessID : 3312
ThreadCreationTime : 22-01-2007 00:48:10
BasePriority : Normal
FileVersion : 1.1.1593.0
ProductVersion : 1.1.1593.0
ProductName : Windows Defender
CompanyName : Microsoft Corporation
FileDescription : Windows Defender User Interface
InternalName : MSASCUI
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : MSASCUI.exe
#:28 [ashdisp.exe]
FilePath : C:\PROGRA~1\ALWILS~1\Avast4\
ProcessID : 3328
ThreadCreationTime : 22-01-2007 00:48:11
BasePriority : Normal
FileVersion : 4, 7, 936, 0
ProductVersion : 4, 7, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! service GUI component
InternalName : aswDisp
LegalCopyright : Copyright © 2007 ALWIL Software
OriginalFilename : aswDisp.exe
#:29 [moffice.exe]
FilePath : C:\Program Files\Labtec\Desktop\V5.1\
ProcessID : 3384
ThreadCreationTime : 22-01-2007 00:48:14
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : MOffice Application
FileDescription : MOffice MFC Application
InternalName : MOffice
LegalCopyright : Copyright © 2002
OriginalFilename : MOffice.EXE
#:30 [kbdap32a.exe]
FilePath : C:\Program Files\Labtec\Desktop\V5.1\
ProcessID : 3404
ThreadCreationTime : 22-01-2007 00:48:16
BasePriority : Normal
FileVersion : 3.9.2.1
ProductVersion : 3.0.0.0
FileDescription : Multi-Media Keyboard Application
LegalCopyright : Copyright 2001 by LEE,WEI-BIN.
#:31 [bdmcon.exe]
FilePath : C:\Program Files\Softwin\BitDefender10\
ProcessID : 3412
ThreadCreationTime : 22-01-2007 00:48:16
BasePriority : Normal
FileVersion : 10, 0, 0, 2
ProductVersion : 10, 0, 0, 0
ProductName : BitDefender 10
CompanyName : SOFTWIN S.R.L.
FileDescription : BitDefender Management Console
InternalName : Management Console
LegalCopyright : © 2006 SOFTWIN S.R.L.
OriginalFilename : bdmcon.exe
#:32 [bdagent.exe]
FilePath : C:\Program Files\Softwin\BitDefender10\
ProcessID : 3432
ThreadCreationTime : 22-01-2007 00:48:17
BasePriority : Normal
FileVersion : 10, 0, 0, 4
ProductVersion : 10, 0, 0, 1
ProductName : Bitdefender 10
CompanyName : SOFTWIN S.R.L.
FileDescription : BDSwitch Application
InternalName : BDSwitch
LegalCopyright : © 2006 SOFTWIN S.R.L.
OriginalFilename : BDSwitch.exe
#:33 [jusched.exe]
FilePath : C:\Program Files\Java\jre1.5.0_10\bin\
ProcessID : 3484
ThreadCreationTime : 22-01-2007 00:48:18
BasePriority : Normal
#:34 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3524
ThreadCreationTime : 22-01-2007 00:48:19
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE
#:35 [mouse32a.exe]
FilePath : C:\Program Files\Labtec\Desktop\V5.1\
ProcessID : 3632
ThreadCreationTime : 22-01-2007 00:48:24
BasePriority : High
FileVersion : 3.0.1.0
ProductVersion : 3.0.0.0
LegalCopyright : Copyright 2001 by LEE,WEI-BIN.
#:36 [tmas.exe]
FilePath : C:\Program Files\Trend Micro\Tmas\
ProcessID : 3692
ThreadCreationTime : 22-01-2007 00:48:32
BasePriority : Normal
FileVersion : 3, 0, 1, 23
ProductVersion : 3.11
ProductName : Trend Micro Anti-Spyware
CompanyName : Trend Micro Incorporated
FileDescription : Anti-Spyware Main Module
InternalName : tmas.exe
LegalCopyright : Copyright © 2003-2005 Trend Micro Incorporated. All rights reserved.
OriginalFilename : tmas.exe
#:37 [sgmain.exe]
FilePath : C:\Program Files\SpywareGuard\
ProcessID : 3764
ThreadCreationTime : 22-01-2007 00:48:40
BasePriority : Normal
FileVersion : 2.02.0001
ProductVersion : 2.02.0001
ProductName : SpywareGuard
FileDescription : SpywareGuard
InternalName : sgmain
LegalCopyright : Copyright © 2002-2003 Javacool Software LLC
OriginalFilename : sgmain.exe
Comments : SpywareGuard
#:38 [sgbhp.exe]
FilePath : C:\Program Files\SpywareGuard\
ProcessID : 3832
ThreadCreationTime : 22-01-2007 00:48:47
BasePriority : Normal
FileVersion : 2.02.0001
ProductVersion : 2.02.0001
ProductName : SG Browser Hijacking Protection
FileDescription : SG Browser Hijacking Protection
InternalName : sgbhp
LegalCopyright : Copyright © 2002-2003 Javacool Software LLC.
OriginalFilename : sgbhp.exe
Comments : SG Browser Hijacking Protection
#:39 [firefox.exe]
FilePath : C:\PROGRA~1\MOZILL~1\
ProcessID : 10728
ThreadCreationTime : 22-01-2007 07:51:15
BasePriority : Normal
#:40 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 10628
ThreadCreationTime : 22-01-2007 09:18:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : RUNDLL.EXE
#:41 [avgcc.exe]
FilePath : C:\Program Files\Grisoft\AVG Free\
ProcessID : 9948
ThreadCreationTime : 22-01-2007 09:20:26
BasePriority : Normal
FileVersion : 7.5.0.418
ProductVersion : 7.5.0.418
ProductName : AVG 7.5 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC
LegalCopyright : Copyright © 2006 GRISOFT, s.r.o.
OriginalFilename : AvgCC.EXE
#:42 [wkcalrem.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\Works Shared\
ProcessID : 10900
ThreadCreationTime : 22-01-2007 10:53:56
BasePriority : Normal
FileVersion : 7.02.0620.0
ProductVersion : 7.02.0620.0
ProductName : Microsoft® Works 7.0
CompanyName : Microsoft® Corporation
FileDescription : Microsoft® Works Calendar Reminder Service
InternalName : WkCalRem
LegalCopyright : Copyright © Microsoft Corporation. All rights reserved.
OriginalFilename : WKCALREM.EXE
#:43 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 8876
ThreadCreationTime : 22-01-2007 13:19:21
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:44 [apdproxy.exe]
FilePath : C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\
ProcessID : 12252
ThreadCreationTime : 22-01-2007 13:19:36
BasePriority : Normal
#:45 [idrivert.exe]
FilePath : C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\
ProcessID : 3868
ThreadCreationTime : 22-01-2007 13:34:24
BasePriority : Normal
FileVersion : 11.00.28844
ProductVersion : 11.00
ProductName : InstallShield ®
CompanyName : Macrovision Corporation
FileDescription : IDriverT Module
InternalName : IDriverT
LegalCopyright : Copyright © 2005 Macrovision Corporation
OriginalFilename : IDriverT.exe
#:46 [idrivert.exe]
FilePath : C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\
ProcessID : 5948
ThreadCreationTime : 22-01-2007 13:34:24
BasePriority : Normal
FileVersion : 11.00.28844
ProductVersion : 11.00
ProductName : InstallShield ®
CompanyName : Macrovision Corporation
FileDescription : IDriverT Module
InternalName : IDriverT
LegalCopyright : Copyright © 2005 Macrovision Corporation
OriginalFilename : IDriverT.exe
#:47 [bdss.exe]
FilePath : C:\Program Files\Common Files\Softwin\BitDefender Scan Server\
ProcessID : 12160
ThreadCreationTime : 22-01-2007 15:34:22
BasePriority : Normal
#:48 [vsserv.exe]
FilePath : C:\Program Files\Softwin\BitDefender10\
ProcessID : 1752
ThreadCreationTime : 22-01-2007 15:34:25
BasePriority : Normal
FileVersion : 10, 0, 0, 40
ProductVersion : 10, 0, 0, 40
ProductName : BitDefender 10
CompanyName : SOFTWIN S.R.L.
FileDescription : BitDefender Security Service
InternalName : VSServ
LegalCopyright : © 2006 SOFTWIN S.R.L.
OriginalFilename : vsserv.exe
#:49 [hijackthis.exe]
FilePath : C:\Documents and Settings\John Kearns\My Documents\hijack this\
ProcessID : 11428
ThreadCreationTime : 22-01-2007 15:48:58
BasePriority : Normal
FileVersion : 1.99.0001
ProductVersion : 1.99.0001
ProductName : HijackThis
CompanyName : Soeperman Enterprises Ltd.
FileDescription : HijackThis
InternalName : HijackThis
LegalCopyright : Freeware
OriginalFilename : HijackThis.exe
Comments : Version history is in Help section
#:50 [notepad.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 11984
ThreadCreationTime : 22-01-2007 15:51:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Notepad
InternalName : Notepad
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : NOTEPAD.EXE
#:51 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 11268
ThreadCreationTime : 22-01-2007 15:52:51
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 0
Objects found so far: 13
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 0
Objects found so far: 13
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 0
Objects found so far: 13
Started tracking cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 0
Objects found so far: 13
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk scan result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 0
Objects found so far: 13
Performing conditional scans..
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 0
Objects found so far: 13
18:08:22 Scan Complete
Summary of this scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:01:13:59.859
Objects scanned:166733
Objects identified:0
Objects ignored:0
New Critical Objects:0
Logfile of HijackThis v1.99.1
Scan saved at 16:51:04, on 22/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Labtec\Desktop\V5.1\moffice.exe
C:\Program Files\Labtec\Desktop\V5.1\kbdap32a.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Labtec\Desktop\V5.1\MOUSE32A.EXE
C:\Program Files\Trend Micro\Tmas\Tmas.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Grisoft\AVG Free\avgcc.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriverT.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Documents and Settings\John Kearns\My Documents\hijack this\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.co.uk
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer From Wanadoo Spain
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: ONSPEED Toolbar - {4E7BD74F-2B8D-469E-84BA-B830E8D4E122} - C:\PROGRA~1\ONSPEE~1\ONSPEE~1.DLL
O3 - Toolbar: ONSPEED - {8B79EE88-E62D-4AA8-B530-CC357BA112B7} - C:\Program Files\ONSPEED\Toolband.dll
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Labtec\Desktop\V5.1\moffice.exe
O4 - HKLM\..\Run: [OFFICEKB] C:\Program Files\Labtec\Desktop\V5.1\kbdap32a.exe
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [errorkiller] "C:\Program Files\errorkiller\errorkiller.exe" -boot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.es
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9BF607E0-4CC1-4099-9A07-362C9E4FB090} (WStarter Control) - http://live.pdbox.co.kr:8057/WStarter.cab
O16 - DPF: {A364AF35-0CDF-41E8-8F3B-E0E55E15EBA1} (Zenturi Active Programs Control) - http://www.programchecker.com/dll/nixon.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/vir...l/installer.exe
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by21fd.bay21.hotmail.msn.com/activex/HMAtchmt.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{B2F0D09B-DCD6-47ED-8B97-458C6015B7CC}: NameServer = 80.58.61.250 80.58.61.254
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: McAfee Application Installer Cleanup (0239291169401684) (0239291169401684mcinstcleanup) - Unknown owner - C:\DOCUME~1\JOHNKE~1\LOCALS~1\Temp\023929~1.EXE (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KService - Unknown owner - C:\Program Files\Kontiki\KService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: lxcf_device - Unknown owner - C:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: McAfee Log Manager (McLogManagerService) - Unknown owner - C:\PROGRA~1\McAfee\MSC\mclogsrv.exe (file missing)
O23 - Service: McAfee Update Manager (mcmispupdmgr) - Unknown owner - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe (file missing)
O23 - Service: McAfee Network Agent (McNASvc) - Unknown owner - c:\program files\common files\mcafee\mna\mcnasvc.exe (file missing)
O23 - Service: McAfee Protection Manager (mcpromgr) - Unknown owner - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe (file missing)
O23 - Service: McAfee Task Scheduler (mctskshd.exe) - Unknown owner - C:\PROGRA~1\McAfee\MSC\mctskshd.exe (file missing)
O23 - Service: McAfee User Manager (mcusrmgr) - Unknown owner - C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Hey there,
Make a list of all the programs installed on your computer:
Open HijackThis
Click the Config... button, then go to the Misc Tools section.
Press Open Uninstall Manager. You'll see a list of programs.
Select Save List... - save it to your Desktop.
The file "uninstall_list.txt" will be created.
Copy and paste the contents of this file to your next reply.
Please also let me know what exactly is causing your CPU to be at 100% all the time- the name of the file.
Thanks,
Charles
Make a list of all the programs installed on your computer:
Open HijackThis
Click the Config... button, then go to the Misc Tools section.
Press Open Uninstall Manager. You'll see a list of programs.
Select Save List... - save it to your Desktop.
The file "uninstall_list.txt" will be created.
Copy and paste the contents of this file to your next reply.
Please also let me know what exactly is causing your CPU to be at 100% all the time- the name of the file.
Thanks,
Charles
QUOTE(rookie147 @ Jan 22 2007, 06:52 PM) 
Hey there,
Make a list of all the programs installed on your computer:
Open HijackThis
Click the Config... button, then go to the Misc Tools section.
Press Open Uninstall Manager. You'll see a list of programs.
Select Save List... - save it to your Desktop.
The file "uninstall_list.txt" will be created.
Copy and paste the contents of this file to your next reply.
Please also let me know what exactly is causing your CPU to be at 100% all the time- the name of the file.
Thanks,
Charles
Make a list of all the programs installed on your computer:
Open HijackThis
Click the Config... button, then go to the Misc Tools section.
Press Open Uninstall Manager. You'll see a list of programs.
Select Save List... - save it to your Desktop.
The file "uninstall_list.txt" will be created.
Copy and paste the contents of this file to your next reply.
Please also let me know what exactly is causing your CPU to be at 100% all the time- the name of the file.
Thanks,
Charles
Hi charles,(I m John by the way)
Here is my list of programs from hijack this,also it seems to be mainly running scans and security programs that suddenly causes the CPU to hit the roof.
3D Groove Playback Engine
Adobe Download Manager 2.2 (Remove Only)
Adobe Reader 7.0.8
Adobe Shockwave Player
Adobe® Photoshop® Album Starter Edition 3.0
Agente ADSL USB
Apple Software Update
ArcSoft Panorama Maker 3
Ashampoo Burning Studio 6
avast! Antivirus
AVG Free Edition
AVI to DVD Converter
BitComet 0.70
BitDefender Antivirus Plus v10
BSPlayer
CCleaner (remove only)
CircleSurround II Plugin for Windows Media Player
CleanCache 3.3
CloneCD
Conexant D850 56K V.9x DFVc Modem
Corel Paint Shop Pro Photo XI
Corel Snapfire
coverXP (remove only)
Dell Driver Reset Tool
Dell Media Experience
Dell Picture Studio v3.0
deskPDF 2.5 Standard Edition
Digital Line Detect
DivX Player
DivX Web Player
Docudesk GPL Ghostscript 8.15
EMCO Malware Destroyer
Error Messages for Windows
ErrorKiller 2.6
EVEREST Home Edition v2.20
ffdshow
Google Desktop
Google Earth
Google Toolbar for Firefox
GSpot Codec Information Appliance
HijackThis 1.99.1
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Intel® Extreme Graphics 2 Driver
Intel® PRO Network Adapters and Drivers
Intel® PROSet for Wired Connections
iTunes
IZArc 3.5 beta 3
J2SE Runtime Environment 5.0 Update 10
Jasc Paint Shop Photo Album 5
Jasc Paint Shop Pro Studio, Dell Editon
K-Lite Codec Pack 2.80 Full
Labtec Desktop V5.1
Lexmark 730 Series
Magic ISO Maker v5.3 (build 0229)
MaxTV
MCU
Media Center 12
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Windows XP Video Decoder Checkup Utility
Microsoft Works 7.0
Modem Helper
Mozilla Firefox (2.0.0.1)
MSXML 4.0 SP2 (KB927978)
NetWaiting
Nikon FotoShare
Nikon Message Center
One-click Audio Converter Uninstall
ONSPEED
ONSPEED Toolbar
Panda ActiveScan
PeerGuardian 2.0
Picasa 2
PictureProject
PPLive 1.3.20
PPMateÍøÂçµçÊÓ 1.7.3.33
ppStream 1.0.0.98
QuickTime
RealPlayer
Registry Mechanic 6.0
Security Update for Microsoft .NET Framework 2.0 (KB917283)
Security Update for Microsoft .NET Framework 2.0 (KB922770)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB926247)
Security Update for Windows XP (KB926255)
Sonic DLA
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
SopCast 1.0.1
SpeedTouch USB Software
Spybot - Search & Destroy 1.4
SpywareBlaster v3.5.1
SpywareGuard v2.2
SUPERAntiSpyware Professional
The Cleaner
TMPGEnc Plus 2.5
Total Video Converter 2.41
Trend Micro Anti-Spyware
TuneUp Utilities 2007
TVUPlayer 2.3.2.10
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
VideoLAN VLC media player 0.8.4a
Virtools 3D Life Player
Winamp (remove only)
WinAVIVideoConverter
Windows Defender
Windows Defender Signatures
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 10 Hotfix - KB895316
Windows Media Player 9 Series TweakMP PowerToy
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
WinMPG VideoConvert 6.6.1
WinRAR archiver
X-Cleaner Deluxe
XP Repair Pro 2006
Yahoo! Toolbar
Hey John,
I think the main problem you're facing is caused by using too many antivirus and antispyware programs, and I think that this is the main reason why everything is running very slowly on your computer. I'm not saying that these are bad programs to have on your computer, but I definately feel that you should cut down the numbers a little bit.
For example, I see at least three antivirus programs running simultaneously, and this is definitely causing a lot of slowdown on your computer. I recommend that you run only one antivirus program, and delete the rest from Add/Remove Programs in the Control Panel. The choice as to which two to remove is of course entirely up to you, please choose between Avast!, AVG and BitDefender, and delete the rest. The reason for this is that if all products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other antivirus products to cause "false alarms". It can also lead to a clash as the products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the programs may conflict and cause:
When you have removed two antiviruses and all but three of your antispyware programs, please post me back a new uninstall list, and a fresh HijackThis log.
Thanks,
Charles
I think the main problem you're facing is caused by using too many antivirus and antispyware programs, and I think that this is the main reason why everything is running very slowly on your computer. I'm not saying that these are bad programs to have on your computer, but I definately feel that you should cut down the numbers a little bit.
For example, I see at least three antivirus programs running simultaneously, and this is definitely causing a lot of slowdown on your computer. I recommend that you run only one antivirus program, and delete the rest from Add/Remove Programs in the Control Panel. The choice as to which two to remove is of course entirely up to you, please choose between Avast!, AVG and BitDefender, and delete the rest. The reason for this is that if all products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other antivirus products to cause "false alarms". It can also lead to a clash as the products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the programs may conflict and cause:
- False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
- System Performance Problems: Your system may lock up due to both software products attempting to access the same file at the same time.
When you have removed two antiviruses and all but three of your antispyware programs, please post me back a new uninstall list, and a fresh HijackThis log.
Thanks,
Charles
Due to lack of feedback, this topic is now closed.
If you need this topic reopened, please request this by sending me a Personal Message including a link to your thread.
This applies only to the original topic starter.
Everyone else please begin a New Topic.
If you need this topic reopened, please request this by sending me a Personal Message including a link to your thread.
This applies only to the original topic starter.
Everyone else please begin a New Topic.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.