BullGuard
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
My computer keeps crashing & is going extremely slow
   
BullGuard Antivirus Forum > Virus Removal > Removal Help > My computer keeps crashing & is going extremely slow  
Forum Quick Jump
 
New Topic Post reply to : My computer keeps crashing & is going extremely slow Printable version of : My computer keeps crashing & is going extremely slow
[ << Previous Thread | Next Thread >> ]

Natsbouncin...
New Member




Date Joined Sep 2005
Total Posts : 13
 
   Posted 10/15/2005 7:43 AM (GMT +2)    Quote: My computer keeps crashing & is going extremely slowAlert an admin about: My computer keeps crashing & is going extremely slow
HELP...my computer is getting worse,it keeps crashing all the time and is getting slower by the day.When it crashes all i get at the top of the page is(not responding)& when I close the program i get option to send an error report.(this will be my 2nd attempt at writing this postmad) this is now becoming very annoying as is getting unbearable...Please Help! Nat.x
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12981
 
   Posted 10/15/2005 7:55 AM (GMT +2)    Quote: My computer keeps crashing & is going extremely slowAlert an admin about: My computer keeps crashing & is going extremely slow
Hey Nat smile
 
 
Please post a logfile -
 
 
Download:  
Hijackthis
 
Please make a new folder to put your HijackThis.exe into
Click My Computer, then C:\
In the menu bar, File->New->Folder.
That will create a folder named New Folder, which you can rename to "HJT" or "HijackThis".
Now you have C:\HJT\folder.
Run Hijackthis exe- Push - Do a systemscan and save a logfile – button
 And Highlight the Entire Log by pressing Ctrl+A and Copy it. Post log here


Regards - Touch
 
Do not post your log file in a thread started by someone else. Start a new topic so that it may receive proper attention.

Back to Top
 

Natsbouncin...
New Member




Date Joined Sep 2005
Total Posts : 13
 
   Posted 10/15/2005 8:06 AM (GMT +2)    Quote: My computer keeps crashing & is going extremely slowAlert an admin about: My computer keeps crashing & is going extremely slow
Hi,thanx for getting back in touch so soon.Here's my Log file for HighJackThis:

Logfile of HijackThis v1.99.1
Scan saved at 07:03:32, on 15/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Xerox\NWWia\XrxFTPLt.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\DrWeb\spiderml.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Acceleration Software\Anti-Virus\stopsignav.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MessengerDiscovery\msgdiscoveryx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\USER~1.USE\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr6/uk/*http://www.yahoo.co.uk
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr6/uk/*http://www.yahoo.co.uk
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (file missing)
O3 - Toolbar: Hardcore4Eva toolbar - {d58c812e-d61d-41ea-b663-267b2010a215} - C:\Program Files\Hardcore4Eva\tbHard.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [XeroxScannerDaemon] C:\Program Files\Xerox\NWWia\XrxFTPLt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [USSShReg] C:\WINDOWS\System32\ussshreg.exe /r
O4 - HKLM\..\Run: [Mercora] "C:\Program Files\Mercora\MercoraClient.exe" -startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [SpIDerMail] "C:\Program Files\DrWeb\spiderml.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\RunOnce: [ws_uninst] C:\DOCUME~1\USER~1.USE\LOCALS~1\Temp\ws_uninst.exe -s
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MessengerDiscovery] C:\Program Files\MessengerDiscovery\msgdiscoveryx.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: MSN Messenger 7.5.lnk = ?
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesuk.dll (file missing)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesuk.dll (file missing)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\drwebsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\drwebsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\drwebsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\drwebsp.dll
O16 - DPF: ConferenceRoom Java Client - http://java.irc.liveharmony.org:8080/java/cr.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20048BB3-DB68-11CF-9CAF-00AA006CB425} (007installer Control) - http://download.007guard.com/msnnames/msnnames.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by21fd.bay21.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1126776486413
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner37370.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/autocomplete.cab
O16 - DPF: {E154E3CC-0C3A-4101-91D8-6B4876F0FD64} (PrintScreen Class) - http://www.mydisplayimage.com/create/Flash2Image.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ewido security suite control - Unknown owner - C:\Program Files\ewido\security suite\ewidoctrl.exe (file missing)
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe


 
T~Techno-trance is the best dance...
E~Energized when ravers trance...
C~Coming all together from near & far...
H~Having a wicked time wiv no help from any alco bar...
N~Not one beat we will miss...
O~On top of the world:a feeling of ecstasy & bliss!!

Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12981
 
   Posted 10/15/2005 8:16 AM (GMT +2)    Quote: My computer keeps crashing & is going extremely slowAlert an admin about: My computer keeps crashing & is going extremely slow
 
Download this scanner – mwav exe mwav
 
 
Please download Ewido-Free Download: Ewido
Install and update it. Do not scan
 
 
 
 
 
CleanUp 4,0 exe! - Download

CleanUp!, is a quick and easy way to delete temporary files from your system. Simply deleting these temp files may clear some infections, and will make running the following scans faster.
Install and remove checkmark from- delete cookies
Click on the button labeled CleanUp!.
When it finishes it will prompt you to restart Windows - there will be one or two files it cannot delete when Windows is running - however, they will be deleted next time Windows starts up.
 
 
 
Next, please reboot your computer in Safe Mode by doing the following:

Restart the computer.

As soon as the BIOS loads, begin tapping the F8 key on your keyboard. Do so until the Windows Advanced Options menu appears
Using the arrow keys on the keyboard, select Safe mode and then press Enter.
 
 
 
 
 


 
åØåRun the mwav scanner:
Put a checkmark in:

Memory, Startup folders, drive, Registry, System folders and Services.
And:
All local drives og Scan all files
Push:  Scan  Button
The scan can take a couple of hours


 
Run full scan with Ewido
Click on scanner
Click on Complete System Scan and the scan will begin.
While the scan is in progress you will be prompted to clean files, click OK
When it asks if you want to clean the first file, put a check in the lower left corner of the box that says "Perform action on all infections" then choose clean and click OK.
Once the scan has completed, there will be a button located on the bottom of the screen named Save report
Click Save report.
Save the report .txt file to your desktop.

Now close ewido security suite.
 
Reboot to normal mode
 
 
 Post  new hijackthis  log, with ewido log log


Regards - Touch
 
Do not post your log file in a thread started by someone else. Start a new topic so that it may receive proper attention.

Back to Top
 

Natsbouncin...
New Member




Date Joined Sep 2005
Total Posts : 13
 
   Posted 10/15/2005 3:34 PM (GMT +2)    Quote: My computer keeps crashing & is going extremely slowAlert an admin about: My computer keeps crashing & is going extremely slow
Hiya,just finished it all now but its taking even longer to load things up now?? Here's both the log's anyway:

Logfile of HijackThis v1.99.1
Scan saved at 02:27:55, on 15/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\Program Files\Xerox\NWWia\XrxFTPLt.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\DrWeb\spiderml.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\USER~1.USE\LOCALS~1\Temp\Temporary Directory 2 for hijackthis.zip\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr6/uk/*http://www.yahoo.co.uk
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.red.clientapps.yahoo.com/customize/ie/defaults/stp/ymsgr6/uk/*http://www.yahoo.co.uk
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: Hardcore4Eva toolbar - {d58c812e-d61d-41ea-b663-267b2010a215} - C:\Program Files\Hardcore4Eva\tbHard.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [XeroxScannerDaemon] C:\Program Files\Xerox\NWWia\XrxFTPLt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [USSShReg] C:\WINDOWS\System32\ussshreg.exe /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [SpIDerMail] "C:\Program Files\DrWeb\spiderml.exe"
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MessengerDiscovery] C:\Program Files\MessengerDiscovery\msgdiscoveryx.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: MSN Messenger 7.5.lnk = ?
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesuk.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\YAHOO!\COMMON\yhexbmesuk.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\drwebsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\drwebsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\drwebsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\drwebsp.dll
O16 - DPF: ConferenceRoom Java Client - http://java.irc.liveharmony.org:8080/java/cr.cab
O16 - DPF: Yahoo! Chat - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20048BB3-DB68-11CF-9CAF-00AA006CB425} (007installer Control) - http://download.007guard.com/msnnames/msnnames.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by21fd.bay21.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1126776486413
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner37370.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/autocomplete.cab
O16 - DPF: {E154E3CC-0C3A-4101-91D8-6B4876F0FD64} (PrintScreen Class) - http://www.mydisplayimage.com/create/Flash2Image.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe


---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 14:04:03, 15/10/2005
+ Report-Checksum: E0F6AD47

+ Scan result:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/Install.dll\\.Owner -> Spyware.CnsMin : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/Install.dll\\{205FF73B-CA67-11D5-99DD-444553540006} -> Spyware.CnsMin : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/mfc42.dll\\{9EB320CE-BE1D-4304-A081-4B4665414BEF} -> Spyware.PurityScan : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/msvcrt.dll\\{9EB320CE-BE1D-4304-A081-4B4665414BEF} -> Spyware.PurityScan : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/olepro32.dll\\{9EB320CE-BE1D-4304-A081-4B4665414BEF} -> Spyware.PurityScan : Cleaned with backup
C:\WINDOWS\system32\ccapp.exe -> Spyware.Chiem : Cleaned with backup
C:\Documents and Settings\user.USER-4A3N6B1RQY\My Documents\My Pictures\emoticons-badboys\FreeMyEmoticonsV7BadBoys.exe/VVSN.exe -> Adware.SaveNow : Cleaned with backup
C:\Documents and Settings\user.USER-4A3N6B1RQY\My Documents\My Pictures\emoticons-badboys\FreeMyEmoticonsV7BadBoys.exe/VVSN.exe -> Adware.SaveNow : Cleaned with backup
C:\Documents and Settings\user.USER-4A3N6B1RQY\Cookies\user@mysearch.txt -> Spyware.Cookie.Mysearch : Cleaned with backup
C:\Documents and Settings\user.USER-4A3N6B1RQY\Cookies\user@spylog.txt -> Spyware.Cookie.Spylog : Cleaned with backup
C:\Documents and Settings\user.USER-4A3N6B1RQY\Cookies\user@com.txt -> Spyware.Cookie.Com : Cleaned with backup
C:\Documents and Settings\user.USER-4A3N6B1RQY\Cookies\user@feedster.adbrite.txt -> Spyware.Cookie.Adbrite : Cleaned with backup
C:\Documents and Settings\user.USER-4A3N6B1RQY\Cookies\user@microsofteup.112.2o7.txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\user.USER-4A3N6B1RQY\Cookies\user@ivwbox.txt -> Spyware.Cookie.Ivwbox : Cleaned with backup
C:\Documents and Settings\user.USER-4A3N6B1RQY\Cookies\user@adopt.euroclick.txt -> Spyware.Cookie.Euroclick : Cleaned with backup
C:\Documents and Settings\user.USER-4A3N6B1RQY\Cookies\user@e-2dj6wfkoegajsap.stats.esomniture.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\user.USER-4A3N6B1RQY\Cookies\user@e-2dj6wgkieiajgcq.stats.esomniture.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\user.USER-4A3N6B1RQY\Cookies\user@e-2dj6wjliaoc5kco.stats.esomniture.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\user.USER-4A3N6B1RQY\Cookies\user@adbrite.txt -> Spyware.Cookie.Adbrite : Cleaned with backup
C:\Documents and Settings\user.USER-4A3N6B1RQY\Cookies\user@ad.yieldmanager.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\user.USER-4A3N6B1RQY\Cookies\user@e-2dj6wfkouhc5wfq.stats.esomniture.txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\user.USER-4A3N6B1RQY\Cookies\user@112.2o7.txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\user.USER-4A3N6B1RQY\Cookies\user@service.liveperson.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
C:\Documents and Settings\user.USER-4A3N6B1RQY\Cookies\user@burstnet.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\user.USER-4A3N6B1RQY\Application Data\Mercora\MercoraClient\Data\MyPictures.dat -> Spyware.Grokster : Cleaned with backup
C:\Program Files\Common Files\eAcceleration\Installer\eaccel_updater.exe -> Spyware.eAcceleration : Cleaned with backup
C:\Program Files\MessengerDiscovery\killmd.exe -> Spyware.VB : Cleaned with backup
C:\Program Files\DrWeb\infected.!!!\Dc173.exe/VVSN.exe -> Adware.SaveNow : Cleaned with backup
C:\Program Files\DrWeb\infected.!!!\Dc173.exe/VVSN.exe -> Adware.SaveNow : Cleaned with backup
C:\System Volume Information\_restore{049B9781-618F-40AB-A746-56E6F8ACF7F0}\RP123\A0036258.exe/VVSN.exe -> Adware.SaveNow : Cleaned with backup
C:\System Volume Information\_restore{049B9781-618F-40AB-A746-56E6F8ACF7F0}\RP123\A0036258.exe/VVSN.exe -> Adware.SaveNow : Cleaned with backup
C:\System Volume Information\_restore{049B9781-618F-40AB-A746-56E6F8ACF7F0}\RP126\A0036500.exe -> Spyware.eAcceleration : Cleaned with backup
C:\Recycled\Dc60.exe/VVSN.exe -> Adware.SaveNow : Cleaned with backup
C:\Recycled\Dc60.exe/VVSN.exe -> Adware.SaveNow : Cleaned with backup


::Report End


 
T~Techno-trance is the best dance...
E~Energized when ravers trance...
C~Coming all together from near & far...
H~Having a wicked time wiv no help from any alco bar...
N~Not one beat we will miss...
O~On top of the world:a feeling of ecstasy & bliss!!

Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12981
 
   Posted 10/15/2005 5:14 PM (GMT +2)    Quote: My computer keeps crashing & is going extremely slowAlert an admin about: My computer keeps crashing & is going extremely slow
Run Hijackthis and place a check beside each of the following. Once you have checked them, click fix checked.
O3 - Toolbar: Hardcore4Eva toolbar - {d58c812e-d61d-41ea-b663-267b2010a215} - C:\Program Files\Hardcore4Eva\tbHard.dll
<<<<If you don´t know it
-----------------------------------------------------
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" –atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" –osboot
O4 - HKCU\..\Run: [MessengerDiscovery] C:\Program Files\MessengerDiscovery\msgdiscoveryx.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)


 
Next, please reboot your computer in Safe Mode
 
 
 
Delete the following files or folders (delete item in bold). Please do not be concerned if
any of the items are not found as they may have been automatically removed by actions I had
you take earlier in the cleaning process.
 

Open Folder Options in Controlpanel >view and check your settings:
Select
Show hidden files and folders
Display the contents of system folders
Uncheck: Hide protected operating system files
Delete:
 
 
 
Folders:
C:\Program Files\MessengerDiscovery\msgdiscoveryx.exe
-----------------------------------
C:\Program Files\Hardcore4Eva\tbHard.dll
<<< If you have fixed it
 
Reboot and tell how your computer are running now. I don´t need more logs
 


Regards - Touch
 
Do not post your log file in a thread started by someone else. Start a new topic so that it may receive proper attention.

Back to Top
 

Natsbouncin...
New Member




Date Joined Sep 2005
Total Posts : 13
 
   Posted 10/18/2005 10:56 PM (GMT +2)    Quote: My computer keeps crashing & is going extremely slowAlert an admin about: My computer keeps crashing & is going extremely slow
Firstly i have to say~sorry~for takin so long to reply back to your post with info on how my computers now running,ive been away. To be truthfull its still taking ages to load up when i first turn my computer on,but its not crashing half as much as it was so,Thanxfor doing that much!! Is there anything that i could further do to speed up the loading up time when i first log on??
Nat.x


 
T~Techno-trance is the best dance...
E~Energized when ravers trance...
C~Coming all together from near & far...
H~Having a wicked time wiv no help from any alco bar...
N~Not one beat we will miss...
O~On top of the world:a feeling of ecstasy & bliss!!

Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12981
 
   Posted 10/19/2005 11:48 AM (GMT +2)    Quote: My computer keeps crashing & is going extremely slowAlert an admin about: My computer keeps crashing & is going extremely slow
It´s okay smile
 
 
Hide systemfiles again
From Windows Explorer, go to Tools>Folder Options> View tab.
Untick - Show hidden files and folder
Tick - Hide file extensions for known types
Tick - Hide protected operating system files
 
Click Yes to confirm & then click OK
 
To completely and immediately remove any infected file or files in the data store, turn off and then turn on System Restore. To do so, follow these steps:
Go to Start >> Run - type sysdm.cpl & press Enter
Select the System Restore Tab
Tick on the checkbox - Turn off System Restore on all drives
Click Apply
Turn it back 'On' by unticking the same checkbox & click OK
Hide systemfiles again
From Windows Explorer, go to Tools>Folder Options> View tab.
Untick - Show hidden files and folder
Tick - Hide file extensions for known types
Tick - Hide protected operating system files
 
Click Yes to confirm & then click OK
 
To completely and immediately remove any infected file or files in the data store, turn off and then turn on System Restore. To do so, follow these steps:
Go to Start >> Run - type sysdm.cpl & press Enter
Select the System Restore Tab
Tick on the checkbox - Turn off System Restore on all drives
Click Apply
Turn it back 'On' by unticking the same checkbox & click OK
 
 
Visit Microsoft  and check for Critical Security Updates
Microsoft Update

You may also want to read this article, how to protect you against hijackers/malware -
Protection against hijackers/malware
 
----------------------------------------------------------------------- 
 
It is possible you have some corrupted systemfiles
 
It is therefore worth checking to see if there are any corrupt system files using scannow sfc.
To do this simply go to the Run box on the Start Menu and type in:
sfc /scannow  (space between sfc and/)
This command will immediately initiate the Windows File Protection service  to scan all protected files and verify their integrity, replacing any files with which it finds a problem.
---------------------------------------------------------------
See if your computer need a defragmentation
Reboot and tel how things are running



Regards - Touch
 
Do not post your log file in a thread started by someone else. Start a new topic so that it may receive proper attention.

Back to Top
 
New Topic Post reply to : My computer keeps crashing & is going extremely slow Printable version of : My computer keeps crashing & is going extremely slow
 
Forum Information
Currently it is Thursday, December 18, 2014 8:25 PM (GMT +2)
There are a total of 60,830 posts in 13,364 threads.
In the last 3 days there were 4 new threads and 5 reply posts. View Active Threads
Who's Online
This forum has 36990 registered members. Please welcome our newest member, Penipuhati.
8 Guest(s), 0 Registered Member(s) are currently online.  Details
5 Latest Threads
Ex Display Kitchens For Sale (0)12/18/2014 3:41:50 PM (Penipuhati)
IS BULLGUARD BLOCKING WEBS.COM? (3)12/18/2014 11:12:18 AM (bobashabiniu)
Computer Attacks (hacks) on the increase??? (4)12/18/2014 11:11:43 AM (bobashabiniu)
Please help me in choosing web hosting (4)12/18/2014 11:11:21 AM (bobashabiniu)
Antivirus (3)12/18/2014 11:09:52 AM (alice william)