|
Is Deep Freeze Recommended For Home User's?
|
|
|
XLR83r
Suspended due to non-functional email address
|
22. June 2008 @ 01:04 |
Link to this message
|
Logfile of HijackThis v1.99.1
Scan saved at 10:26:40 AM, on 6/22/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows SteadyState\SCTSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\mqsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Windows SteadyState\Bubble.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\WINDOWS\VM30xSnap.exe
D:\Antivirus\Uniblue\SpyEraser\SpyEraser.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SEC\MagicTune 2.5\GammaTray.exe
C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Trend Micro\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/d.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/d...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/d...//www.yahoo.com
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [Bubble] "%ProgramFiles%\Windows SteadyState\Bubble.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [VM30xSnap] VM30xSnap.exe Vimicro USB PC Camera (ZC030x)
O4 - HKCU\..\Run: [Uniblue SpyEraser] "D:\Antivirus\Uniblue\SpyEraser\SpyEraser.exe" -m
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Color Calibration.lnk = ?
O4 - Global Startup: NaturalColorLoad.lnk = ?
O8 - Extra context menu item: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsu...b?1212396050819
O17 - HKLM\System\CCS\Services\Tcpip\..\{E5B6F871-3F97-4DF5-8924-38FE9FB08326}: NameServer = 203.115.130.40 203.115.130.42
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
|
|
Advertisement
|
|
|
|
AfterDawn Addict
|
23. June 2008 @ 05:01 |
Link to this message
|
Hi XLR83r,
Nothing Bad in your Log.. Defag your HD and see if that helps..
Defragment your Hard Drive
1.Open My Computer.
2.Right-click the local disk volume that you want to defragment, and then click Properties.
3.On the Tools tab, click Defragment Now.
4.Click Defragment.
2OG
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
Senior Member
|
23. June 2008 @ 07:43 |
Link to this message
|
Hi XLR83r,
There are many many many reasons as to why a computer can be slow. Only one of them is malware. Defragmenting is definitely a good way to speed up your computer, but there are other ways as well.
First of all, you have to note that both your HijackThis and Windows Service Pack are outdated. It is recommended to update both of these.
I also noted that you have AVG 8. It has been pointed out that version 8 of AVG is a resource hog. Could this be the problem?
Please note that if your HijackThis log is clean, it doesn't necessarily mean that you are clean. Perhaps you could post more information on when and how this slowness started.
Best Regards :D
|
AfterDawn Addict
|
23. June 2008 @ 08:29 |
Link to this message
|
Your HJT or Service Pack has nothing to do with your system speed?
Quote:
Windows® XP Service Pack 3 (SP3) includes all previously released updates for the operating system. This update also includes a small number of new functionalities, which do not significantly change customers? experience with the operating system.
Browser Speed can be increased by getting rid of AVG 8 and installing something like AntiVir by Avara.
Also, Change to FireFox Browser and Speed it up using the following method at: Speeding up Firefox the right way
And, Yeah cdavfrew, I missed AVG 8 LOL
2OG
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
Senior Member
|
23. June 2008 @ 09:20 |
Link to this message
|
Haha.... I said nothing about how updating HJT and service pack will increase system speed. I just recommended it, and the newer version of HJT might catch things which the older version does not :)
I don't miss AVG though.... when I was less tech-savvy, I thought AVG was the best. However, I learned that AVG had horrible detection... I used to capture malware through bad websites and upload them to antivirus vendors, and I found that AVG detected almost none of those malware which most other products detect.
Best Regards :D
|
|
XLR83r
Suspended due to non-functional email address
|
23. June 2008 @ 09:29 |
Link to this message
|
how can i update hijackthis? It's my first time i used it. I only know by scanning it. And also my service pack are fully updated. But i don't know if AVG is not the best. I am confused which antivirus i have to use. I'm thinking about kaspersky or nod32. I can't choose. But I have also recently defrag my system but it is still the same. Which one should I chose? How can I update hijackthis? And also I forgot. What's a resource hog?
This message has been edited since posting. Last time this message was edited on 23. June 2008 @ 09:31
|
Senior Member
|
23. June 2008 @ 09:47 |
Link to this message
|
Hey XLR83r
Sorry for throwing so many technical terms all at once. I'll try to answer all your questions.
You can update HijackThis simply by downloading the latest version, which is 2.02.
No, your service pack is not fully updated, as the latest version is version 3, and you only have service pack 2. You can update your service pack through windows update.
As for the best antivirus, it is an age-old debate. Personally, I believe that Antivir, whether or not you want a paid product or a free program, is the best in terms of detection or speed. See Av-comparatives.org
A resource hog is simply a program or application which uses up a whole lot of memory, making your computer slow.
Could you post more details about your problem of slowness? When did it start? Was it a gradual change? Did you open any programs before the slowness started suddenly?
Best Regards :D
|
|
XLR83r
Suspended due to non-functional email address
|
23. June 2008 @ 10:04 |
Link to this message
|
|
Everything was fast. Until in the 1st week of june it started. It became so slow. And it was a suprise change. My startup is so slow. But i remembered something about zango. I can't remove it. I tried to uninstall it but it didn't work. that's the only thing i remembered. Is it a virus?
|
AfterDawn Addict
|
23. June 2008 @ 11:11 |
Link to this message
|
XLR83r, Sorry I confused you?. If I don?t pick at cdavfrew, he might think I don?t like him? LOL
Try this for zango => zango uninstaller
Then follow this to clean up..
Please download ATF Cleaner by Atribune & save it to your desktop. DO NOT use yet.
Please download and install SUPERAntiSpyware Free
? Double-click SUPERAntiSypware.exe and use the default settings for installation.
? An icon will be created on your desktop. Double-click that icon to launch the program.
? If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here and unzip into the program's folder.)[/i]
? Under the "Configuration and Preferences", click the Preferences... button.
? Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
? Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all others unchecked):
o Close browsers before scanning.
o Scan for tracking cookies.
o Terminate memory threats before quarantining.
? Click the "Close" button to leave the control center screen and exit the program.
? Do not run a scan just yet.
Reboot your computer in "Safe Mode" using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup (but before the Windows icon appears) press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".
Double-click ATF-Cleaner.exe to run the program.
? Under Main "Select Files to Delete" choose: Select All.
? Click the Empty Selected button.
? If you use Firefox browser click Firefox at the top and choose: Select All
? Click the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.
? If you use Opera browser click Opera at the top and choose: Select All
? Click the Empty Selected button.
If you would like to keep your saved passwords, please click No at the prompt.
? Click Exit on the Main menu to close the program.
Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".
Scan with SUPERAntiSpyware as follows:
? Launch the program and back on the main screen, under "Scan for Harmful Software" click Scan your computer.
? On the left, make sure you check C:\Fixed Drive.
? On the right, under "Complete Scan", choose Perform Complete Scan and click "Next".
? After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
? Make sure everything has a checkmark next to it and click "Next".
? A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
? If asked if you want to reboot, click "Yes" and reboot normally.
? To retrieve the removal information after reboot, launch SUPERAntispyware again.
o Click Preferences, then click the Statistics/Logs tab.
o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
o If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
o Please copy and paste the Scan Log results in your next reply.
? Click Close to exit the program.
p.s. cdavfrew, I didn't ask for a-squared yet, may be a little too much at first until we see what SuperAntiSpyware turns up....
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...This message has been edited since posting. Last time this message was edited on 23. June 2008 @ 11:15
|
Senior Member
|
24. June 2008 @ 03:13 |
Link to this message
|
|
****** XLR83r, ignore this
Sob sob... 2oldgeek... you're picking on me? I'm hurt... lol
Yes, a-squared would be too much right now. I would only suggest it as a scanner if the other programs don't work or using it to clean up traces.
********************************
|
Junior Member
|
24. June 2008 @ 14:36 |
Link to this message
|
|
a computer can become slow without a virus or spyware or anyting like that, it could just simply have to mush data on it for the rest of the computer to keep up with, if you consider you somputer old, empty you temp folder, first enable veiwing of hidden files and folders, then goto C:\Documents and Settings\user name here\Local Settings\Temp and empty that folder, it is usually big, so even if its not the cause it might take up alot of space, i had one at about 5gb on time!
|
|
XLR83r
Suspended due to non-functional email address
|
24. June 2008 @ 16:48 |
Link to this message
|
|
Do I have to upgrade my SUPERantispyware to SUPERantispyware Professional?
This message has been edited since posting. Last time this message was edited on 24. June 2008 @ 16:50
|
AfterDawn Addict
|
24. June 2008 @ 18:23 |
Link to this message
|
bullet159,
The purpose of this is to clean out ALL of those folders:
Quote:
Double-click ATF-Cleaner.exe to run the program.
Cleans:
Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
History
Prefetch
Java Cache
Recycle Bin
XLR83r,
There is No need to upgrade it? The Free version does a good job of cleaning Nasties?.
2OG
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
Senior Member
|
25. June 2008 @ 10:05 |
Link to this message
|
Theres some good registry cleaners here you can check out (All freeware)
Registry Cleaners
|
Junior Member
|
25. June 2008 @ 10:11 |
Link to this message
|
Originally posted by 2oldGeek:
bullet159,
The purpose of this is to clean out ALL of those folders:
Quote:
Double-click ATF-Cleaner.exe to run the program.
Cleans:
Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
History
Prefetch
Java Cache
Recycle Bin
XLR83r,
There is No need to upgrade it? The Free version does a good job of cleaning Nasties?.
2OG
oh sorry didn't see that post, if it empties all those folders then that's great i think ill get it my self
|
AfterDawn Addict
|
25. June 2008 @ 10:41 |
Link to this message
|
Hey, bullet159,
Yeah, ATF is good. It doesn?t install, it's a cmd file that just sits on your DeskTop.
chwoolgar,
As far as Reg Cleaners go, I use nothing except PC Tools Registry Mechanic. It?s not free but I?ve been with it since it first came out and have never had a problem with it.
I did get into trouble, a couple of times, using a Free Reg Cleaner?. Quote the Ravin ?Nevermore? lol
2OG
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...This message has been edited since posting. Last time this message was edited on 25. June 2008 @ 10:42
|
|
tripplite
Suspended due to non-functional email address
|
25. June 2008 @ 11:45 |
Link to this message
|
|
registry cleaners??? a deathnote if you ask me.....ccleaner has a great cleaner, it lists what its going to clean ...the changes its going to make and so on so forth!
it doesn't fix structural issues but it cleans up after bad installers/missing file associations and such pesky things.....
sorry for the double post guys!
-tripplite
|
|
tripplite
Suspended due to non-functional email address
|
25. June 2008 @ 11:45 |
Link to this message
|
|
double post....im working on it....sorry
This message has been edited since posting. Last time this message was edited on 25. June 2008 @ 11:46
|
|
XLR83r
Suspended due to non-functional email address
|
26. June 2008 @ 07:15 |
Link to this message
|
|
Does the viewpointSource cause trouble? Because I have one.
|
|
XLR83r
Suspended due to non-functional email address
|
26. June 2008 @ 07:18 |
Link to this message
|
and this is my new hijack list. And does view Point Source cause trouble? Because I read a thread about it and i have One.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:16:16 PM, on 6/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows SteadyState\SCTSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Windows SteadyState\Bubble.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\WINDOWS\VM30xSnap.exe
D:\Antivirus\Uniblue\SpyEraser\SpyEraser.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SEC\MagicTune 2.5\GammaTray.exe
C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
C:\Program Files\a-squared Free\a2service.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/d.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/d...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://en-US.start2.mozilla.com/firefox?...:en-US:official
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/d...//www.yahoo.com
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [Bubble] "%ProgramFiles%\Windows SteadyState\Bubble.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [VM30xSnap] VM30xSnap.exe Vimicro USB PC Camera (ZC030x)
O4 - HKCU\..\Run: [Uniblue SpyEraser] "D:\Antivirus\Uniblue\SpyEraser\SpyEraser.exe" -m
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [Windows SteadyState] C:\Program Files\Windows SteadyState\SCTSvc.exe /PostUninstallWDP (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Windows SteadyState] C:\Program Files\Windows SteadyState\SCTSvc.exe /PostUninstallWDP (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Color Calibration.lnk = ?
O4 - Global Startup: NaturalColorLoad.lnk = ?
O8 - Extra context menu item: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsu...b?1212396050819
O17 - HKLM\System\CCS\Services\Tcpip\..\{E5B6F871-3F97-4DF5-8924-38FE9FB08326}: NameServer = 203.115.130.40 203.115.130.42
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 7755 bytes
|
|
XLR83r
Suspended due to non-functional email address
|
26. June 2008 @ 07:32 |
Link to this message
|
It works fast now. AVG is a real resource hog. After uninstalling it, I install a new antivirus ESET NOD32. It works fast. But still I have the zango problem. I havnt tried using the zango uninstaller. And will the View Point Source affect my system performance?
URGENT! I tried your zango uninstaller while ago after making my post. ESET NOD32 detects it as Win32/Adware.Hotbar Is it safe 2oldgeek?
Another URGENT! I tried also smitfraudfix_v 2.328. ESENT NOD32 detects it as a Win32/PrcView
This message has been edited since posting. Last time this message was edited on 26. June 2008 @ 07:52
|
|
XLR83r
Suspended due to non-functional email address
|
26. June 2008 @ 07:56 |
Link to this message
|
for proof smitfraudfix the log
6/26/2008 7:52:34 PM Real-time file system protection file C:\RECYCLER\S-1-5-21-602162358-1078145449-1708537768-1003\Dc12.exe Win32/PrcView application deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\Explorer.EXE.
6/26/2008 7:50:21 PM Real-time file system protection file C:\Documents and Settings\Edmund Uba\Desktop\SmitfraudFix\Process.exe Win32/PrcView application cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Documents and Settings\Edmund Uba\Desktop\SmitfraudFix_v2.328.exe.
6/26/2008 7:48:15 PM Real-time file system protection file C:\Documents and Settings\Edmund Uba\Desktop\SmitfraudFix\Process.exe Win32/PrcView application cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Documents and Settings\Edmund Uba\Desktop\SmitfraudFix_v2.328.exe.
and this is for zango uninstaller:
6/26/2008 7:34:02 PM Real-time file system protection file C:\DOCUME~1\EDMUND~1\LOCALS~1\Temp\hdm10tz1.exe a variant of Win32/Adware.HotBar application cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\Program Files\Mozilla Firefox\firefox.exe.
6/26/2008 7:33:25 PM Real-time file system protection file C:\DOCUME~1\EDMUND~1\LOCALS~1\Temp\awnzp14u.exe a variant of Win32/Adware.HotBar application cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\Program Files\Mozilla Firefox\firefox.exe.
Are you reccomending virused files or application????????????
This message has been edited since posting. Last time this message was edited on 26. June 2008 @ 07:57
|
Senior Member
|
26. June 2008 @ 08:46 |
Link to this message
|
|
Hi XLR83r
As for why antimalware applications will detect such tools as malware, it is because of the code and commands they contain. If you were to scan either Combofix or Virtumundobegone, they woould be detected all the same. Those applications will use the code and commands for good use, but malware will use it for bad use, and antimalware programs cannot differentiate between good and bad use. Don't worry, and just run them.
What do you mean by viewpoint source?
Best Regards :D
Life is but a dream; you dont feel any pain unless you want to or you fall off the bed.
Success is relative; the more success the more relatives.
A computer once beat me at chess, but it was no match for me at kickboxing.
To be or not to be; thats a dumb question.
|
Senior Member
|
26. June 2008 @ 08:56 |
Link to this message
|
Not for XLR83r*********************
I know that there is some debate about whether or not to use registry cleaners, and the majority generally disagree with registry cleaners. Most people will also say that registry cleaners are pointless. However, I have used Tuneup Utilities, jv16 powertools, CCleaner, Advanced Windowscare, Regscrub, and Premium Booster, all of which contains registry cleaners, and half of them are free! My computer has never experienced any problems, and I must say that registry cleaners do clean out a whole lot of junk once in a while, especially after microsoft updates.
However, I do agree that the wrong registry cleaners will mess up computers, and so I choose my cleaners with special care. I read plenty of reviews about it, and research them thoroughly before downloading and running them. And chwoolgar, even though the registry cleaners you mentioned are free, they are ones I avoid because of bad reviews by users who have had their systems crashed by those programs, and they did not have backups.
Best Regards :D
Life is but a dream; you dont feel any pain unless you want to or you fall off the bed.
Success is relative; the more success the more relatives.
A computer once beat me at chess, but it was no match for me at kickboxing.
To be or not to be; thats a dumb question.
|
|
Advertisement
|
|
|
Senior Member
|
28. June 2008 @ 23:24 |
Link to this message
|
Odd, I myself never had a problem with AVG, not even avg8 after I upgraded, no slowdown at all, and never had a virus knock on wood.
|
