Jump to content


Photo

sluggish computer


  • Please log in to reply
1 reply to this topic

#1 koen6

koen6

    Member

  • New Member
  • Pip
  • 1 posts

Posted 31 May 2007 - 03:48 PM

Hello,

My computer has been running slow lately. Especially startup and shutting down takes a very long time. I am not experiencing any other problems, but I wondered if it was a good idea to check it for malware. I read your FAQ, downloaded and ran Ad-Aware SE Personal and Spybot search & destroy (both of which detected and deleted several cookies), and ran AVG Anti-Spyware and subsequently HijachThis.

This is the AVG Anti-Spyware log:

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 7:36:58 AM 5/31/2007

+ Scan result:



C:\Documents and Settings\koenv\Cookies\koenv@ad.admarketplace[1].txt -> TrackingCookie.Admarketplace : Cleaned.
:mozilla.19:C:\Documents and Settings\Koen.KOENLAPTOP\Application Data\Mozilla\Firefox\Profiles\h78rtn3j.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.97:C:\Documents and Settings\Koen.KOENLAPTOP\Application Data\Mozilla\Firefox\Profiles\h78rtn3j.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\koenv\Cookies\koenv@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.58:C:\Documents and Settings\Koen.KOENLAPTOP\Application Data\Mozilla\Firefox\Profiles\h78rtn3j.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.21:C:\Documents and Settings\Koen.KOENLAPTOP\Application Data\Mozilla\Firefox\Profiles\h78rtn3j.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.10:C:\Documents and Settings\Koen.KOENLAPTOP\Application Data\Mozilla\Firefox\Profiles\h78rtn3j.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.26:C:\Documents and Settings\Koen.KOENLAPTOP\Application Data\Mozilla\Firefox\Profiles\h78rtn3j.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.28:C:\Documents and Settings\Koen.KOENLAPTOP\Application Data\Mozilla\Firefox\Profiles\h78rtn3j.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.8:C:\Documents and Settings\Koen.KOENLAPTOP\Application Data\Mozilla\Firefox\Profiles\h78rtn3j.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.9:C:\Documents and Settings\Koen.KOENLAPTOP\Application Data\Mozilla\Firefox\Profiles\h78rtn3j.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.33:C:\Documents and Settings\Koen.KOENLAPTOP\Application Data\Mozilla\Firefox\Profiles\h78rtn3j.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.50:C:\Documents and Settings\Koen.KOENLAPTOP\Application Data\Mozilla\Firefox\Profiles\h78rtn3j.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\koenv\Cookies\koenv@search.msn[2].txt -> TrackingCookie.Msn : Cleaned.
:mozilla.14:C:\Documents and Settings\Koen.KOENLAPTOP\Application Data\Mozilla\Firefox\Profiles\h78rtn3j.default\cookies.txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.84:C:\Documents and Settings\Koen.KOENLAPTOP\Application Data\Mozilla\Firefox\Profiles\h78rtn3j.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.85:C:\Documents and Settings\Koen.KOENLAPTOP\Application Data\Mozilla\Firefox\Profiles\h78rtn3j.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.66:C:\Documents and Settings\Koen.KOENLAPTOP\Application Data\Mozilla\Firefox\Profiles\h78rtn3j.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.67:C:\Documents and Settings\Koen.KOENLAPTOP\Application Data\Mozilla\Firefox\Profiles\h78rtn3j.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.68:C:\Documents and Settings\Koen.KOENLAPTOP\Application Data\Mozilla\Firefox\Profiles\h78rtn3j.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.69:C:\Documents and Settings\Koen.KOENLAPTOP\Application Data\Mozilla\Firefox\Profiles\h78rtn3j.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.116:C:\Documents and Settings\Koen.KOENLAPTOP\Application Data\Mozilla\Firefox\Profiles\h78rtn3j.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.117:C:\Documents and Settings\Koen.KOENLAPTOP\Application Data\Mozilla\Firefox\Profiles\h78rtn3j.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.118:C:\Documents and Settings\Koen.KOENLAPTOP\Application Data\Mozilla\Firefox\Profiles\h78rtn3j.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.75:C:\Documents and Settings\Koen.KOENLAPTOP\Application Data\Mozilla\Firefox\Profiles\h78rtn3j.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.


::Report end


---------
And this is the HijackThis log:

Logfile of HijackThis v1.99.1
Scan saved at 10:23:41 PM, on 5/31/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Documents and Settings\Koen.KOENLAPTOP\My Documents\software\remove_spyware\Ewido\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HPQ\One-Touch\OneTouch.EXE
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Koen.KOENLAPTOP\My Documents\software\remove_spyware\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.chello.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://qus8l.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by chello broadband n.v.
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;<local>
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [QT4HPOT] C:\Program Files\HPQ\One-Touch\OneTouch.EXE
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Documents and Settings\Koen.KOENLAPTOP\My Documents\software\remove_spyware\Ewido\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1138115120210
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://fotoservice.d...geUploader4.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.kodakimag...geUploader3.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = nioo.int
O17 - HKLM\Software\..\Telephony: DomainName = nioo.int
O17 - HKLM\System\CCS\Services\Tcpip\..\{18EB61F9-3008-482A-A6F1-9AAE4228DDD4}: NameServer = 85.255.116.23,85.255.112.74
O17 - HKLM\System\CCS\Services\Tcpip\..\{4B57CF8B-586C-425E-A9EA-6A0F944E3505}: NameServer = 85.255.116.23,85.255.112.74
O17 - HKLM\System\CCS\Services\Tcpip\..\{52EB2D38-7A96-47AB-8EBE-894508D072D9}: NameServer = 85.255.116.23,85.255.112.74
O17 - HKLM\System\CCS\Services\Tcpip\..\{75CE0958-EBAD-4339-89E3-8872E2978598}: NameServer = 85.255.116.23,85.255.112.74
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = nioo.int
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.116.23 85.255.112.74
O17 - HKLM\System\CS2\Services\Tcpip\..\{18EB61F9-3008-482A-A6F1-9AAE4228DDD4}: NameServer = 85.255.116.23,85.255.112.74
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.23 85.255.112.74
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AutoComplete Service (Autocomplete) - Acesoft - C:\Program Files\Acesoft\Tracks Eraser Pro\autocomp.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Documents and Settings\Koen.KOENLAPTOP\My Documents\software\remove_spyware\Ewido\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe



-----------

Are there things that need to be removed?

thanks,
Koen

#2 SWI Support Robot

SWI Support Robot

    Helper robot

  • SWI Bot
  • PipPipPipPipPip
  • 23,523 posts

Posted 03 June 2007 - 06:30 AM

Welcome to SWI. We apologize for the delay; our helpers have been very busy.
If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

Thank you for your patience.

[this is an automated reply]
This is an automated message. It does not count as help.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button