TheTechGuide Forum

General Category => Tech Clinic => Topic started by: Moe C on September 30, 2006, 05:07:03 PM

Title: slow comp
Post by: Moe C on September 30, 2006, 05:07:03 PM

ok my comp is really slow when it starts takes like 5mins to start and it freezes alot comp is slow and it freezes i was working well for days but suddenly the next time i opend it it got like this i have scaned my comp no virus detected and i deleted some files i dont need i think that was slowing it down but it still dosnt work and i dont have the recovery disk it got broken

/sad.gif\' class=\'bbc_emoticon\' alt=\':(\' /> so what do?? plz help

Title: slow comp
Post by: guestolo on September 30, 2006, 05:24:06 PM

Quote

and i deleted some files i dont need i think that was slowing it down but it still dosnt work

What files did you delete?
Are you sure none were critical for the stability of your operating system?

Can you do the following
From my signature below, download and save too a permanent folder of it's own onto your harddrive
Hijackthis 1.99.1
Open Hijackthis.exe

Do a "SCAN and Save a Log file"
A log will open in Notepad
Copy and paste the WHOLE contents of the log here... Don't try and fix anything yet----It is all important

Title: slow comp
Post by: Moe C on September 30, 2006, 05:43:31 PM

Logfile of HijackThis v1.99.1
Scan saved at 0:41:34, on 01.10.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Hgiork\Kinqxja.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\wt\updater\wcmdmgr.exe
C:\PROGRA~1\COMMON~1\AOL\115783~1\EE\AOLHOS~1.EXE
C:\PROGRA~1\COMMON~1\AOL\115783~1\EE\AOLServiceHost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\mshome\Desktop\hijackthis.exe
C:\Program Files\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75 (http://\"http://runonce.msn.com/?v=msgrv75\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html (http://\"http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ (http://\"http://www.yahoo.com/\")
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com (http://\"http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com\")
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WIND
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:"C:\WINDOWS\svchost.exe",
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Akwyxmon] C:\Program Files\Hgiork\Kinqxja.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1157832268\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\TPT Registry_Cleaner (Trial)\regclean.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: svchost.exe
O4 - Global User Startup: svchost.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZNfox000 (http://\"http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000\")
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {FA13A9FA-CA9B-11D2-9780-00104B242EA3} (WildTangent Control) - file://H:\games\WebDriverFullInstall.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{3CBB55E7-1303-4237-AB62-6804124674DD}: NameServer = 213.131.66.138 213.131.66.246
O17 - HKLM\System\CS2\Services\Tcpip\..\{3CBB55E7-1303-4237-AB62-6804124674DD}: NameServer = 213.131.66.138 213.131.66.246
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

ok thats all it said

Title: slow comp
Post by: guestolo on October 01, 2006, 09:25:34 AM

Can you do the following please
Go to either of these links
http://virusscan.jotti.org/ (http://\"http://virusscan.jotti.org/\")
OR
http://www.virustotal.com/flash/index_en.html (http://\"http://www.virustotal.com/flash/index_en.html\")

Use the browse button and navigate to the file on your harddrive
C:\Program Files\Hgiork\Kinqxja.exe <- this file
Right click on the file and choose Select
Then use the Submit button
Let it finish scanning
Could you post back the results of the scan back here please
Are there any other files in the Hgiork folder?

Also
==Download this file - Combofix.exe (http://\"http://download.bleepingcomputer.com/sUBs/combofix.exe\") and save it too desktop
Double click combofix.exe & follow the prompts.
When finished, it shall produce a log for you.
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
Post back this log please

Title: slow comp
Post by: Moe C on October 01, 2006, 12:26:44 PM

AntiVir
Found Trojan/DelProx.A
ArcaVir
Found Trojan.Small.Cy
Avast
Found Win32:Trojano-1035
AVG Antivirus
Found Small.P
BitDefender
Found Trojan.Small.CY
ClamAV
Found Trojan.Small-158
Dr.Web
Found Trojan.DownLoader.1389
F-Prot Antivirus
Found W32/Downloader.AAW
Fortinet
Found W32/Small.SN!tr.dldr
Kaspersky Anti-Virus
Found Trojan.Win32.Small.cy
NOD32
Found Win32/Small.CY
Norman Virus Control
Found nothing
UNA
Found Trojan.Win32.Rog
VirusBuster
Found Trojan.Small.ADM
VBA32
Found Trojan.Win32.Small.cy

thats all it said when i scanned C:\Program Files\Hgiork\Kinqxja.exe

and the combo fix my comp coulnt let me open it if its recommended ill try again

i havent played Runescape in 3 months about this problem and i really need runescape

Title: slow comp
Post by: guestolo on October 01, 2006, 02:32:43 PM

Quote

and the combo fix my comp coulnt let me open it if its recommended ill try again

Yes, try it again

Why won't it run, are you getting any error messages, let me know exactly please

Title: slow comp
Post by: Moe C on October 01, 2006, 03:47:00 PM

it says press y or no i press y it wont do anything

Title: slow comp
Post by: guestolo on October 01, 2006, 03:56:05 PM

Press Y
Then hit Enter on your keyboard

Wait for the log to open, it will take a few minutes

Title: slow comp
Post by: Moe C on October 01, 2006, 04:34:12 PM

mshome - 06-10-01 22:51:22.59 Service Pack 2
ComboFix 06.09.28 - Running from: "C:\Documents and Settings\mshome\Desktop"

((((((((((((((((((((((((((((((( Files Created from 2006-09-01 to 2006-10-01 ))))))))))))))))))))))))))))))))))

2006-09-29   12:52   3,952   -ra------   C:\WINDOWS\system32\drivers\DMICall.sys
2006-09-09   22:31   65,536   --a------   C:\WINDOWS\system32\MFC71DEU.DLL
2006-09-09   22:31   61,440   --a------   C:\WINDOWS\system32\MFC71ITA.DLL
2006-09-09   22:31   61,440   --a------   C:\WINDOWS\system32\MFC71ESP.DLL
2006-09-09   22:31   57,344   --a------   C:\WINDOWS\system32\MFC71ENU.DLL
2006-09-09   22:31   49,152   --a------   C:\WINDOWS\system32\MFC71KOR.DLL
2006-09-09   22:31   49,152   --a------   C:\WINDOWS\system32\MFC71JPN.DLL
2006-09-09   22:31   45,056   --a------   C:\WINDOWS\system32\MFC71CHT.DLL
2006-09-09   22:31   40,960   --a------   C:\WINDOWS\system32\MFC71CHS.DLL
2006-09-09   22:31   1,060,864   --a------   C:\WINDOWS\system32\MFC71.dll
2006-09-09   22:31   1,047,552   --a------   C:\WINDOWS\system32\MFC71u.dll
2006-09-09   22:07   173,184   --a------   C:\WINDOWS\system32\ygpss.scr
2006-09-09   22:06   86,016   --a------   C:\WINDOWS\unvise32qt.exe
2006-09-09   22:06   8,552   --a------   C:\WINDOWS\system32\drivers\asctrm.sys
2006-09-09   22:05   102,400   --a------   C:\WINDOWS\system32\SimpleRegistry.dll
2006-09-09   22:05   10,752   --a------   C:\WINDOWS\system32\aamd532.dll

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2006-09-29 12:51   --------   d--------   C:\Program Files\Common Files\Sony Shared
2006-09-20 22:35   --------   d--------   C:\Program Files\SwiftSwitch
2006-09-19 02:47   --------   d--------   C:\Program Files\TalkGeek.org Autofighter
2006-09-18 01:12   --------   d--------   C:\Program Files\HyCam2
2006-09-16 16:22   --------   d--------   C:\Program Files\MSN Messenger
2006-09-15 21:50   --------   d--------   C:\Program Files\USB Game Controller
2006-09-15 21:27   --------   d--------   C:\Program Files\Metal Gear Solid
2006-09-09 23:54   --------   d--------   C:\Program Files\GameHouse
2006-09-09 23:52   --------   d--------   C:\Program Files\AWS
2006-09-09 23:52   --------   d--------   C:\Documents and Settings\mshome\Application Data\Aim
2006-09-09 23:51   --------   d--------   C:\Program Files\AIM Toolbar
2006-09-09 22:07   --------   d--------   C:\Program Files\Common Files\Nullsoft
2006-09-09 22:06   --------   d--------   C:\Program Files\Real
2006-09-09 22:06   --------   d--------   C:\Program Files\QuickTime
2006-09-09 22:05   --------   d--------   C:\Program Files\Pure Networks
2006-09-09 22:04   --------   d--------   C:\Program Files\America Online 9.0
2006-09-09 21:47   --------   d--------   C:\Program Files\Eidos Interactive
2006-08-21 14:21   16896   --a------   C:\WINDOWS\system32\fltlib.dll
2006-08-21 11:14   23040   --a------   C:\WINDOWS\system32\fltMc.exe
2006-08-21 11:14   128896   --a------   C:\WINDOWS\system32\drivers\fltMgr.sys
2006-07-27 15:24   679424   --a------   C:\WINDOWS\system32\inetcomm.dll
2006-07-21 10:24   72704   --a------   C:\WINDOWS\system32\hlink.dll

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Registry Cleaner"="\"C:\\Program Files\\TPT Registry_Cleaner (Trial)\\regclean.exe\""
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp"="C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe"
"ccRegVfy"="C:\\Program Files\\Common Files\\Symantec Shared\\ccRegVfy.exe"
"Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"Akwyxmon"="C:\\Program Files\\Hgiork\\Kinqxja.exe"
"BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent"
"HostManager"="C:\\Program Files\\Common Files\\AOL\\1157832268\\EE\\AOLHostManager.exe"
"AOLDialer"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"
"AOL Spyware Protection"="\"C:\\PROGRA~1\\COMMON~1\\AOL\\AOLSPY~1\\AOLSP Scheduler.exe\""
"RealTray"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER"
"wcmdmgr"="C:\\WINDOWS\\wt\\updater\\wcmdmgrl.exe -launch"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,e2,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000000

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Norton SystemWorks One Button Checkup.job
C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer.job
C:\WINDOWS\tasks\A89D17DF918A8E37.job

Completion time: 01.10.2006 22:59:07.23
ComboFix2.txt
ComboFix.txt

i think thats it

Title: slow comp
Post by: guestolo on October 01, 2006, 05:40:34 PM

Can you do the following
Make sure you do them in the exact order please

I need you too make 2 text files on your desktop
First: RIGHT CLICK an empty spot on the desktop and select NEW>>Text Document
Name the new text document
follow.txt
Left click anywhere on your desktop to set the new name
Open follow.txt and copy>>Paste All the below instructions to it
After you paste it>>X out and save the changes

Make another text document on desktop
Call it emy.txt

Copy>>Paste ONLY the [color=\"#FF0000\"]Red[/color] text below to it and save the changes
Ensure you copy from Files to delete: and below in the RED
=======================================

[color=\"#FF0000\"]Files to delete:
C:\WINDOWS\svchost.exe
C:\Program Files\Hgiork\Kinqxja.exe
C:\WINDOWS\tasks\A89D17DF918A8E37.job
C:\Documents and Settings\mshome\Start Menu\Programs\Startup\svchost.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\svchost.exe

Folders to delete:
C:\Program Files\Hgiork[/color]

=========================================================
Download The Avenger.zip (http://\"http://swandog46.geekstogo.com/avenger.zip\") by Swandog46 to your Desktop.

* Click on Avenger.zip to open the file
* Extract avenger.exe to your desktop

Close down all Browser windows and any other unnecessary windows that are open
Including this one
Use follow.txt to follow along with all instructions below
You should now have ONLY 'follow.txt' open

Can you now
Open Hijackthis.exe
Open Misc tools section>>Under 'System Tools'
Click the button>>Open Process Manager

Left click to Highlight ONLY the one process that looks like the following
C:\WINDOWS\svchost.exe
After you have highlighted the above process
Click the Kill Process button
Click Yes to the prompt

Don't confuse it with others that look similiar to this C:\WINDOWS\System32\svchost.exe <-this is legit

In Hijackthis click Back Under 'Other Stuff'
Then click Scan button on the bottom left
When the scan has finished
Put a tick next to the following entries
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WIND
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:"C:\WINDOWS\svchost.exe",

O4 - HKLM\..\Run: [Akwyxmon] C:\Program Files\Hgiork\Kinqxja.exe
O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\TPT Registry_Cleaner (Trial)\regclean.exe"
O4 - Global Startup: svchost.exe
O4 - Global User Startup: svchost.exe

After you have checked the above entries
click FIX CHECKED
OK the prompt and exit Hijackthis

Now, start The Avenger program by clicking on its icon on your desktop>>Ok the prompt

* Beside "Load Script from File:" click the folder icon
* Next to Look in: box use the Drop down menu and left click to Highlight Desktop
* Find emy.txt and double click on it to Select it
* Now click on the Green Light to begin execution of the script
* Answer "Yes" twice when prompted.

Avenger should now Reboot your computer

Back in Windows

Post back the following please
1. Post the log created by Avenger>>C:\Avenger.txt
2. Post a fresh hijackthis log
3. After you paste back the log from Hijackthis
Close Hijackthis>>After you close, ReOpen it
supply an uninstall list from Hijackthis
Open MISC TOOLS SECTION>>Open UNINSTALL MANAGER
Click the SAVE LIST... button
Save the list to your desktop then copy>>Paste back here the Whole contents

Title: slow comp
Post by: Moe C on October 02, 2006, 12:27:19 AM

id idnt understand what u said here

Left click to Highlight ONLY the one process that looks like the following
C:\WINDOWS\svchost.exe
After you have highlighted the above process
Click the Kill Process button
Click Yes to the prompt

Title: slow comp
Post by: guestolo on October 02, 2006, 12:29:51 AM

Open Hijackthis>>Open Misc tools section
Open the Process Manager
Under running Processes
Do you see this Exact process name

C:\WINDOWS\svchost.exe

If you do, Left click on it to Highlight it and then use the Kill process button in hijackthis to end process on it

Title: slow comp
Post by: Moe C on October 02, 2006, 12:32:21 AM

wait nvm i got it im almost done i think

Title: slow comp
Post by: Moe C on October 02, 2006, 09:39:34 AM

its says unable to delete O4 - Global Startup: svchost.exe
and O4 - Global User Startup: svchost.exe cause its alredy in use use task maganer to close this program i dont have it open and it says that

Title: slow comp
Post by: Moe C on October 02, 2006, 12:57:08 PM

acually it says this file maybe in use task manager to shutdown the program and run hijackthis again to delete the file when i delete O4 - Global Startup: svchost.exe and
O4 - Global User Startup: svchost.exe

only those 2 wont get deleted but all the resy did.

Title: slow comp
Post by: guestolo on October 02, 2006, 06:21:15 PM

Where are all the logs I asked for???

Quote

1. Post the log created by Avenger>>C:\Avenger.txt
2. Post a fresh hijackthis log
3. After you paste back the log from Hijackthis
Close Hijackthis>>After you close, ReOpen it
supply an uninstall list from Hijackthis
Open MISC TOOLS SECTION>>Open UNINSTALL MANAGER
Click the SAVE LIST... button
Save the list to your desktop then copy>>Paste back here the Whole contents

Title: slow comp
Post by: Moe C on October 03, 2006, 08:35:22 AM

i still didnt get to that part it wont let me delete global and the otehr one

Title: slow comp
Post by: guestolo on October 03, 2006, 08:36:24 AM

Carry on with ALL the instructions I posted earlier than post back all the logs
If you get stuck at one point
continue, let me know about it later

Title: slow comp
Post by: Moe C on October 03, 2006, 12:47:19 PM

Post back the following please
1. Post the log created by Avenger>>C:\Avenger.txt

here it is:

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\saqdppdy

*******************

Script file located at: \??\C:\WINDOWS\system32\ognkpltl.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File C:\WINDOWS\svchost.exe deleted successfully.
File C:\Program Files\Hgiork\Kinqxja.exe deleted successfully.
File C:\WINDOWS\tasks\A89D17DF918A8E37.job deleted successfully.

File C:\Documents and Settings\mshome\Start Menu\Programs\Startup\svchost.exe not found!
Deletion of file C:\Documents and Settings\mshome\Start Menu\Programs\Startup\svchost.exe failed!

Could not process line:
C:\Documents and Settings\mshome\Start Menu\Programs\Startup\svchost.exe
Status: 0xc0000034

File C:\Documents and Settings\All Users\Start Menu\Programs\Startup\svchost.exe not found!
Deletion of file C:\Documents and Settings\All Users\Start Menu\Programs\Startup\svchost.exe failed!

Could not process line:
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\svchost.exe
Status: 0xc0000034

Folder C:\Program Files\Hgiork deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

2. Post a fresh hijackthis log
3. After you paste back the log from Hijackthis

i didnt understand that part plz explain it easly tell me what im suppose to do weres the fresh hijackthis log?

Title: slow comp
Post by: Moe C on October 03, 2006, 01:41:16 PM

ok now here is the freash hijackthis log i think:

Logfile of HijackThis v1.99.1
Scan saved at 0:41:34, on 01.10.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Hgiork\Kinqxja.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\wt\updater\wcmdmgr.exe
C:\PROGRA~1\COMMON~1\AOL\115783~1\EE\AOLHOS~1.EXE
C:\PROGRA~1\COMMON~1\AOL\115783~1\EE\AOLServiceHost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\mshome\Desktop\hijackthis.exe
C:\Program Files\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75 (http://\"http://runonce.msn.com/?v=msgrv75\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html (http://\"http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ (http://\"http://www.yahoo.com/\")
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com (http://\"http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com\")
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WIND
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,"C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:"C:\WINDOWS\svchost.exe",
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Akwyxmon] C:\Program Files\Hgiork\Kinqxja.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1157832268\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
O4 - HKCU\..\Run: [Registry Cleaner] "C:\Program Files\TPT Registry_Cleaner (Trial)\regclean.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: svchost.exe
O4 - Global User Startup: svchost.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZNfox000 (http://\"http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000\")
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {FA13A9FA-CA9B-11D2-9780-00104B242EA3} (WildTangent Control) - file://H:\games\WebDriverFullInstall.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{3CBB55E7-1303-4237-AB62-6804124674DD}: NameServer = 213.131.66.138 213.131.66.246
O17 - HKLM\System\CS2\Services\Tcpip\..\{3CBB55E7-1303-4237-AB62-6804124674DD}: NameServer = 213.131.66.138 213.131.66.246
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

that is how it gave it to me.

here is the uninstall list thing:

America Online (Choose which version to remove)
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Connectivity Services
AOL Spyware Protection
AOL You've Got Pictures Screensaver
Autofighter
GhostMouse 2.0
HijackThis 1.99.1
Hitman 2: Silent Assassin
HyperCam 2
J2SE Runtime Environment 5.0 Update 6
LiveReg (Symantec Corporation)
Metal Gear Solid
Mozilla Firefox (1.5)
MSN Messenger 7.5
Norton SystemWorks 2003
Norton WMI Update
RealPlayer Basic
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911280)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
SwiftSwitch
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
USB Game Controller
WildTangent Updater
WildTangent Web Driver
Windows Installer 3.1 (KB893803)
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781

ok now i think i gave u all the logs u asked for

Title: slow comp
Post by: guestolo on October 03, 2006, 11:46:21 PM

That's an old Hijackthis log
Can you run a fresh scan and save logfile with hijackthis and post the FRESH log please

I removed your signatures, ONLY in these posts to this thread

Title: slow comp
Post by: trusted man on October 04, 2006, 02:03:45 AM

try get ur computer fast get higher gbz

Title: slow comp
Post by: Moe C on October 04, 2006, 08:07:39 AM

here is the NEW hijackthis log

Logfile of HijackThis v1.99.1
Scan saved at 15:05, on 06-10-04
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\PROGRA~1\COMMON~1\AOL\115783~1\EE\AOLHOS~1.EXE
C:\PROGRA~1\COMMON~1\AOL\115783~1\EE\AOLServiceHost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\mshome\Desktop\Runescape\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75 (http://\"http://runonce.msn.com/?v=msgrv75\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html (http://\"http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ (http://\"http://www.yahoo.com/\")
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com (http://\"http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com\")
F2 - REG:system.ini: Shell=explorer.exe "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe"
F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,"C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe",
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1157832268\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: svchost.exe
O4 - Global User Startup: svchost.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZNfox000 (http://\"http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000\")
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {FA13A9FA-CA9B-11D2-9780-00104B242EA3} (WildTangent Control) - file://H:\games\WebDriverFullInstall.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{3CBB55E7-1303-4237-AB62-6804124674DD}: NameServer = 213.131.66.138 213.131.66.246
O17 - HKLM\System\CS2\Services\Tcpip\..\{3CBB55E7-1303-4237-AB62-6804124674DD}: NameServer = 213.131.66.138 213.131.66.246
O17 - HKLM\System\CS3\Services\Tcpip\..\{3CBB55E7-1303-4237-AB62-6804124674DD}: NameServer = 213.131.66.138 213.131.66.246
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

Title: slow comp
Post by: guestolo on October 04, 2006, 08:33:29 AM

A bad file returned
Can you do the following, we have to rid you of some junk to get this computer running better

Follow along closely please:
==Download and save [color=\"red\"]Brute Force Uninstaller[/color] (http://\"http://www.merijn.org/files/bfu.zip\")[/b] to the desktop

Right click the BFU folder on your desktop, and choose Extract All
Click "Next"
In the box to choose where to extract the files to, click "Browse"
Click on the + sign next to "My Computer"
Click on "Local Disk (C:)
Click "Make New Folder"
Type in BFU
Click "Next", and Uncheck the "Show Extracted Files" box and then click "Finish".

[color=\"red\"]RIGHT-CLICK HERE[/color] (http://\"http://metallica.geekstogo.com/alcanshorty.bfu\")[/b] and choose "Save As" (in IE it's "Save Target As") in order to download [color=\"red\"]Alcan worm remover[/color].
Save it to the
same folder you made earlier (c:\BFU).

==Download [color=\"#FF0000\"]ATF-Cleaner[/color] (http://\"http://www.atribune.org/ccount/click.php?id=1\") by Atribune. Save it too your desktop
This program is for XP and Windows 2000 only
Don't run it yet

==Download, install, and update AVG Anti-Spyware 7.5 (http://\"http://www.ewido.net/en/download/\")[list=1]

Load AVG Anti-Spyware 7.5 and then click the Update tab at the top. Under Manual Update click Start update.
After the update finishes (the status bar at the bottom will display "Update successful")
Close AVG Anti-Spyware 7.5. Do not run it yet.

Print the rest of these instructions, or copy them to a text file on your desktop for use in safe mode
Reboot your computer into Safe Mode. To boot into Safe Mode, please restart your computer. Tap F8 before Windows loads. Select Safe Mode at the top, on the screen that appears.
Sign in with your normal user account

Once in safe mode
========================================================
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

If you use Firefox browser

Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.

This will remove all files from the items that are checked so if you have some cookies you'd like to save. please move them to a different directory first.
====================================================

==Go to Start > My Computer and navigate to the C:\BFU folder.

Start the Brute Force Uninstaller by doubleclicking BFU.exe
Put a check in Show log after script ends
Next to the scriptline to execute field click the folder icon (http://metallica.geekstogo.com/foldericon.png) and select alcanshorty.bfu
Press Execute and let it do it’s job. (You ought to see a progress bar if you did this correctly.)
Wait for the complete script execution box to pop up and press OK.
Press exit to terminate the BFU program.

AVG Anti-Spyware 7.5 scan

Then run AVG Anti-Spyware 7.5 and click on the Scanner tab at the top
Click the "Settings" tab and then change the recommended action to Quarantine and ensure that Automatically generate report after every scan is selected
Click back to the "Scan" tab and then click on Complete System Scan.
This scan can take quite a while to run, so be prepared.
AVG Anti-Spyware 7.5 will list any infections found on the left hand side. When the scan has finished, it will automatically set the recommended action. Click the Apply all actions button. AVG Anti-Spyware 7.5 will display "All actions have been applied" on the right hand side.
Click on "Save Report", then "Save Report As". This will create a text file. Make sure you know where to find this file again (like on the Desktop).

Do a "System scan only" with Hijackthis and put a check next to these entries:

F2 - REG:system.ini: Shell=explorer.exe "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe"
F2 - REG:system.ini: UserInit=C:\WINDOWS\SYSTEM32\Userinit.exe,"C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe","C:\WINDOWS\svchost.exe",
O4 - Global Startup: svchost.exe
O4 - Global User Startup: svchost.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZNfox000 (http://\"http://edits.mywebsearch.com/toolbaredits/...html?p=ZNfox000\")

After you have ticked the above entries, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis

Reboot back to Normal windows

Post back all the following, even if takes more than one reply to do so please

1. Post a fresh hijackthis log
2. Post the report from AVG Anti-Spyware 7.5

Title: slow comp
Post by: Moe C on October 04, 2006, 01:01:49 PM

ok when i did a system scan only i didnt find

REG:system.ini: Shell=explorer.exe "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe" "C:\WINDOWS\svchost.exe"

O4 - Global Startup: svchost.exe

O4 - Global User Startup: svchost.exe

but the rest were deleted.

here is the new hijackthis log

Logfile of HijackThis v1.99.1
Scan saved at 19:58, on 06-10-04
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\COMMON~1\AOL\115783~1\EE\AOLHOS~1.EXE
C:\PROGRA~1\COMMON~1\AOL\115783~1\EE\AOLServiceHost.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSCNo.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\mshome\Desktop\Runescape\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75 (http://\"http://runonce.msn.com/?v=msgrv75\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html (http://\"http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ (http://\"http://www.yahoo.com/\")
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com (http://\"http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com\")
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1157832268\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZNfox000 (http://\"http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000\")
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {FA13A9FA-CA9B-11D2-9780-00104B242EA3} (WildTangent Control) - file://H:\games\WebDriverFullInstall.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{3CBB55E7-1303-4237-AB62-6804124674DD}: NameServer = 213.131.66.138 213.131.66.246
O17 - HKLM\System\CS2\Services\Tcpip\..\{3CBB55E7-1303-4237-AB62-6804124674DD}: NameServer = 213.131.66.138 213.131.66.246
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

here is the BFU thing i found dunno wat it is do u need it here it is anyway.

BFU v1.00.9
Windows XP SP2 (WinNT 5.01.2600 SP2)
Script started at 18:29:28, on 06-10-04

Option Unload Explorer: Yes
Failed: DllUnregister C:\WINDOWS\DH.dll|1 (file not found)
Failed: DllUnregister C:\Program Files\Deskbar\deskbar.dll|1 (file not found)
Failed: DllUnregister \asappsrv.dll|1 (file not found)
Failed: ServiceStop Network Monitor (service not found)
Failed: ServiceStop cmdService (service not found)
Failed: ServiceDisable Network Monitor (service not found)
Failed: ServiceDisable cmdService (service not found)
Failed: ServiceDelete Network Monitor (service not found)
Failed: ServiceDelete cmdService (service not found)
Failed: RegDelValue HKCU\System\CurrentControlSet\Control\Lsa|p2pnetwork (key not found)
Failed: RegDelValue HKCU\Microsoft\Windows\CurrentVersion\policies\Explorer\Run|WinUpdate.exe (key not found)
Option pause between commands: 300 ms
Option pause between commands: 50 ms
Failed: FolderDelete C:\Program Files\MsConfigs (folder not found)
Failed: FolderDelete C:\Program Files\winupdates (folder not found)
Failed: FolderDelete C:\Program Files\winupdate (folder not found)
Failed: FolderDelete C:\Program Files\winsupdater (folder not found)
Failed: FolderDelete C:\Program Files\MsUpdate (folder not found)
Failed: FolderDelete C:\Program Files\MsMovies (folder not found)
Failed: FolderDelete C:\Program Files\wmplayer (folder not found)
Failed: FolderDelete C:\Program Files\outlook (folder not found)
Failed: FileDelete C:\Program Files\Common Files\Windows\mc-*-*.exe (operation failed)
Failed: FileDelete C:\Program Files\Common Files\Download\mc-*-*.exe (operation failed)
Failed: FolderDelete C:\Program Files\MediaPipe (folder not found)
Failed: FolderDelete C:\Program Files\p2pnetworks (folder not found)
Failed: FileDelete C:\DOCUME~1\mshome\LOCALS~1\Temp\~DF2354.tmp (operation failed)
Failed: FolderDelete C:\Documents and Settings\mshome\Local Settings\Temporary Internet Files\Content.IE5\1BEKRMW1 (operation failed)
Failed: FolderDelete C:\Program Files\Maxifiles (folder not found)
Failed: FolderDelete C:\Program Files\DNS (folder not found)
Failed: FolderDelete C:\Program Files\EQAdvice (folder not found)
Failed: FolderDelete C:\Program Files\FCAdvice (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\FreeProd1 (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\FreeProd2 (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\InetGet (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\InetGet2 (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\svchostsys (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\simtest (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\misc001 (folder not found)
Failed: FolderDelete C:\Program Files\InetGet2 (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\VCClient (folder not found)
Failed: FolderDelete C:\Program Files\Network Monitor (folder not found)
Failed: FolderDelete C:\WINDOWS\inet20001 (folder not found)
Failed: FolderDelete C:\Program Files\Update06 (folder not found)
Failed: FolderDelete C:\Program Files\Update03 (folder not found)
Failed: FolderDelete C:\Program Files\Update04 (folder not found)
Failed: FolderDelete C:\Program Files\Update08 (folder not found)
Failed: FolderDelete C:\Program Files\W-Update (folder not found)
Failed: FolderDelete C:\Program Files\Yazzle Sudoku (folder not found)
Failed: FolderDelete C:\Program Files\Cas (folder not found)
Failed: FolderDelete C:\Program Files\CasStub (folder not found)
Failed: FolderDelete C:\Program Files\Cas2Stub (folder not found)
Failed: FolderDelete C:\Program Files\ipwins (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\Snowball Wars (folder not found)
Failed: FolderDelete C:\temp (folder not found)
Failed: FolderDelete C:\WINDOWS\mdrive (folder not found)
Failed: FolderDelete C:\WINDOWS\system32\crunner (folder not found)
Failed: FolderDelete C:\Program Files\PECarlin (folder not found)
Failed: FolderDelete C:\Program Files\AXVenore (folder not found)
Failed: FolderDelete C:\Program Files\SDVita (folder not found)
Failed: FolderDelete C:\Program Files\EQBranch (folder not found)
Failed: FolderDelete C:\Program Files\EQArticle (folder not found)
Failed: FolderDelete C:\Program Files\PSHope (folder not found)
Failed: FolderDelete C:\Program Files\Batty (folder not found)
Failed: FolderDelete C:\Program Files\Batty2 (folder not found)
Failed: FolderDelete C:\Program Files\AXFibula (folder not found)
Failed: FolderDelete C:\Program Files\CMFibula (folder not found)
Failed: FolderDelete C:\Program Files\PSLister (folder not found)
Failed: FolderDelete C:\Program Files\PSCloner (folder not found)
Failed: FolderDelete C:\Program Files\cmapp (folder not found)
Failed: FolderDelete C:\Program Files\cmman (folder not found)
Failed: FolderDelete C:\Program Files\cmsystem (folder not found)
Failed: FolderDelete C:\Program Files\fcengine (folder not found)
Failed: FolderDelete C:\Program Files\wincmapp (folder not found)
Failed: FolderDelete C:\Program Files\Deskbar\Cache (folder not found)
Failed: FolderDelete C:\Program Files\popupwithcast (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\cloader (folder not found)
Failed: FolderDelete C:\Program Files\Common Files\misc001 (folder not found)
Failed: FileMove C:\WINDOWS\win*-*.exe|C:\bintheredunthat (source file not found)
Script completed.

is there anything else you need.

Title: slow comp
Post by: Moe C on October 04, 2006, 01:33:44 PM

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 19:38 06-10-04

+ Scan result:

C:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll -> Adware.Aws : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Rotue -> Adware.InternetOptimizer : No action taken.
C:\FOUND.010\FILE0001.CHK -> Adware.Look2Me : No action taken.
C:\WINDOWS\NDNuninstall7_14.exe -> Adware.NewDotNet : No action taken.
C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : No action taken.
HKU\.DEFAULT\Software\New.net -> Adware.NewDotNet : No action taken.
HKU\S-1-5-18\Software\New.net -> Adware.NewDotNet : No action taken.
C:\WINDOWS\system32\ld100.tmp -> Downloader.Zlob.qz : No action taken.
C:\WINDOWS\system32\regperf.exe -> Downloader.Zlob.qz : No action taken.
C:\Documents and Settings\mshome\Desktop\Runescape\backups\backup-20061002-162202-815-svchost.exe -> Logger.KeyLogger.fl : No action taken.
C:\Documents and Settings\mshome\Desktop\Runescape\backups\backup-20061002-162538-879-svchost.exe -> Logger.KeyLogger.fl : No action taken.
C:\Documents and Settings\mshome\Desktop\Runescape\backups\backup-20061002-163052-302-svchost.exe -> Logger.KeyLogger.fl : No action taken.
C:\Documents and Settings\mshome\Desktop\Runescape\backups\backup-20061002-163232-914-svchost.exe -> Logger.KeyLogger.fl : No action taken.
C:\Documents and Settings\mshome\Desktop\Runescape\backups\backup-20061002-185305-785-svchost.exe -> Logger.KeyLogger.fl : No action taken.
C:\Documents and Settings\mshome\Desktop\Runescape\backups\backup-20061002-185342-770-svchost.exe -> Logger.KeyLogger.fl : No action taken.
C:\Documents and Settings\mshome\Desktop\Runescape\backups\backup-20061002-191736-220-svchost.exe -> Logger.KeyLogger.fl : No action taken.
C:\Documents and Settings\mshome\Desktop\Runescape\backups\backup-20061002-191815-836-svchost.exe -> Logger.KeyLogger.fl : No action taken.
C:\Documents and Settings\mshome\Desktop\Runescape\backups\backup-20061002-192244-145-svchost.exe -> Logger.KeyLogger.fl : No action taken.
C:\Documents and Settings\mshome\Desktop\Runescape\backups\backup-20061002-192244-697-svchost.exe -> Logger.KeyLogger.fl : No action taken.
C:\Documents and Settings\mshome\Desktop\Runescape\backups\backup-20061002-195239-118-svchost.exe -> Logger.KeyLogger.fl : No action taken.
C:\Documents and Settings\mshome\Desktop\Runescape\backups\backup-20061002-195239-607-svchost.exe -> Logger.KeyLogger.fl : No action taken.
C:\RECYCLED\NPROTECT\00004338.exe -> Logger.KeyLogger.fl : No action taken.
C:\RECYCLED\NPROTECT\00004356.exe -> Logger.KeyLogger.fl : No action taken.
C:\System Volume Information\_restore{4F768561-45AE-46C4-9125-0732C6F1C5C8}\RP137\A0286392.exe -> Logger.KeyLogger.fl : No action taken.
C:\System Volume Information\_restore{4F768561-45AE-46C4-9125-0732C6F1C5C8}\RP138\A0287480.exe -> Logger.KeyLogger.fl : No action taken.
C:\avenger\backup.zip/avenger/svchost.exe -> Logger.KeyLogger.fl : No action taken.
C:\WINDOWS\system32\csrs.dll -> Logger.SCKeyLog.o : No action taken.
C:\WINDOWS\system32\BPKhk.dll -> Not-A-Virus.Monitor.Win32.Perflogger.c : No action taken.
C:\WINDOWS\system32\bpkr.exe -> Not-A-Virus.Monitor.Win32.Perflogger.c : No action taken.
C:\WINDOWS\system32\BPKwb.dll -> Not-A-Virus.Monitor.Win32.Perflogger.d : No action taken.
:mozilla.100:C:\RECYCLED\NPROTECT\00002979.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.100:C:\RECYCLED\NPROTECT\00002981.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.100:C:\RECYCLED\NPROTECT\00002983.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.100:C:\RECYCLED\NPROTECT\00002986.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.100:C:\RECYCLED\NPROTECT\00002987.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.100:C:\RECYCLED\NPROTECT\00002992.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.100:C:\RECYCLED\NPROTECT\00002994.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.100:C:\RECYCLED\NPROTECT\00002995.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.100:C:\RECYCLED\NPROTECT\00002997.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.100:C:\RECYCLED\NPROTECT\00003000.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.101:C:\RECYCLED\NPROTECT\00002981.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.101:C:\RECYCLED\NPROTECT\00002983.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.101:C:\RECYCLED\NPROTECT\00002986.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.101:C:\RECYCLED\NPROTECT\00002987.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.101:C:\RECYCLED\NPROTECT\00002992.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.101:C:\RECYCLED\NPROTECT\00002994.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.101:C:\RECYCLED\NPROTECT\00002995.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.101:C:\RECYCLED\NPROTECT\00002997.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.101:C:\RECYCLED\NPROTECT\00003000.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003343.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003344.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003347.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003348.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003349.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003352.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003353.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003354.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003355.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003358.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003359.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003361.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003364.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003365.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003367.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003369.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003370.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003377.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003379.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003380.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003383.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003386.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003388.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003390.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003393.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003410.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003412.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003418.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003420.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003422.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003423.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003425.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003427.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003429.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.104:C:\RECYCLED\NPROTECT\00003439.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003001.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003281.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003283.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003286.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003287.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003289.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003292.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003293.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003295.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003296.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003299.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003301.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003302.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003305.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003306.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003309.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003310.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003314.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003316.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003318.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003319.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003323.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003324.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003325.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003327.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003330.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003333.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003334.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003335.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003337.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003339.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003340.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003342.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003343.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003344.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003347.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003348.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003349.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003352.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003353.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003354.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003355.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003358.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003359.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003361.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003364.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003365.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003367.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003369.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003370.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003377.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003379.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003380.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003383.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003386.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003388.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003390.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003393.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003410.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003412.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003418.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003420.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003422.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003423.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003425.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003427.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003429.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.105:C:\RECYCLED\NPROTECT\00003439.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003001.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003281.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003283.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003286.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003287.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003289.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003292.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003293.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003295.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003296.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003299.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003301.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003302.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003305.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003306.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003309.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003310.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003313.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003314.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003316.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003318.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003319.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003323.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003324.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003325.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003327.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003330.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003333.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003334.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003335.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003337.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003339.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003340.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003342.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.106:C:\RECYCLED\NPROTECT\00003440.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003086.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003088.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003089.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003090.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003170.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003179.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003182.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003184.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003186.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003193.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003197.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003200.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003202.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003205.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003207.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003208.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003210.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003212.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003215.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003216.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003219.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003222.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003223.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003226.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003228.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003229.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003232.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003234.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003235.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003238.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003241.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003244.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003264.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003265.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003266.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003268.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003270.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003272.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003274.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003276.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003278.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003280.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003313.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003440.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003442.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003452.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003470.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003471.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003473.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003474.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003477.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003481.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003495.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003496.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003498.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003499.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003500.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003502.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003504.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003505.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003508.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003511.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003539.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003541.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003543.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003545.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003547.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003548.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003551.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003553.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003554.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003556.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003557.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003564.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003566.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003568.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003569.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003570.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003571.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003572.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003574.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003576.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003577.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003579.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003580.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003582.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003584.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003586.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003588.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003589.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003590.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003592.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003594.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003596.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003597.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003599.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003601.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003603.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003604.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003605.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003607.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003609.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003611.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003613.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003614.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003615.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003617.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003618.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.107:C:\RECYCLED\NPROTECT\00003621.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003002.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003005.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003007.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003009.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003011.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003013.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003014.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003016.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003017.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003021.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003024.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003074.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003075.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003077.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003081.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003086.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003088.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003089.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003090.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003170.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003179.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003182.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003184.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003186.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003193.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003197.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003200.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003202.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003205.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003207.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003208.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003210.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003212.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003215.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003216.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003219.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003222.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003223.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003226.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003228.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003229.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003232.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003234.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003235.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003238.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003241.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003244.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003264.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003265.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003266.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003268.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003270.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003272.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003274.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003276.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003278.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003280.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003442.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003452.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003470.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003471.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003473.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003474.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003477.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003481.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003495.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003496.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003498.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003499.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003500.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003502.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003504.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003505.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003508.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003511.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003539.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003541.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003543.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003545.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003547.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003548.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003551.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003553.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003554.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003556.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003557.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003564.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003566.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003568.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003569.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003570.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003571.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003572.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003574.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003576.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003577.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003579.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003580.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003582.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003584.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003586.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003588.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003589.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003590.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003592.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003594.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003596.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003597.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003599.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003601.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003603.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003604.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003605.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003607.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003609.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003611.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003613.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003614.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003615.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003617.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003618.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.108:C:\RECYCLED\NPROTECT\00003621.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00002810.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00002811.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00002812.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00002813.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00002815.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00002818.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00002819.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00002821.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00002825.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00002827.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00002831.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00002833.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00002835.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00002837.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00002842.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00002850.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00002854.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00002856.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00002857.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00002859.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00002861.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00002863.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00002864.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00002866.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003002.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003005.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003007.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003009.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003011.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003013.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003014.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003016.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003017.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003021.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003024.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003025.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003028.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003030.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003031.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003033.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003034.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003035.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003036.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003038.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003040.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003044.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003046.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003047.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003049.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003051.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003053.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003055.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003057.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003058.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003060.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003063.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003066.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003068.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003069.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003070.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003072.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003074.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003075.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003077.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.109:C:\RECYCLED\NPROTECT\00003081.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00002810.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00002811.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00002812.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00002813.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00002815.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00002818.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00002819.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00002821.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00002825.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00002827.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00002831.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00002833.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00002835.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00002837.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00002842.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00002850.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00002854.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00002856.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00002857.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00002859.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00002861.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00002863.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00002864.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00002866.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003025.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003028.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003030.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003031.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003033.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003034.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003035.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003036.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003038.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003040.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003044.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003046.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003047.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003049.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003051.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003053.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003055.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003057.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003058.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003060.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003063.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003066.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003068.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003069.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003070.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003072.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.110:C:\RECYCLED\NPROTECT\00003627.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.111:C:\RECYCLED\NPROTECT\00002867.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.111:C:\RECYCLED\NPROTECT\00002869.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.111:C:\RECYCLED\NPROTECT\00002871.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.111:C:\RECYCLED\NPROTECT\00003627.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.112:C:\RECYCLED\NPROTECT\00002867.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.112:C:\RECYCLED\NPROTECT\00002869.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.112:C:\RECYCLED\NPROTECT\00002871.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.112:C:\RECYCLED\NPROTECT\00003628.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.112:C:\RECYCLED\NPROTECT\00003629.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.113:C:\RECYCLED\NPROTECT\00003628.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.113:C:\RECYCLED\NPROTECT\00003629.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.113:C:\RECYCLED\NPROTECT\00003630.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.114:C:\RECYCLED\NPROTECT\00003630.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.114:C:\RECYCLED\NPROTECT\00003632.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.114:C:\RECYCLED\NPROTECT\00003633.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.114:C:\RECYCLED\NPROTECT\00003635.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.114:C:\RECYCLED\NPROTECT\00003636.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.115:C:\RECYCLED\NPROTECT\00003632.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.115:C:\RECYCLED\NPROTECT\00003633.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.115:C:\RECYCLED\NPROTECT\00003635.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.115:C:\RECYCLED\NPROTECT\00003636.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.119:C:\RECYCLED\NPROTECT\00003638.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.119:C:\RECYCLED\NPROTECT\00003640.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.119:C:\RECYCLED\NPROTECT\00003642.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.120:C:\RECYCLED\NPROTECT\00003638.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.120:C:\RECYCLED\NPROTECT\00003640.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.120:C:\RECYCLED\NPROTECT\00003642.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.120:C:\RECYCLED\NPROTECT\00003644.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.121:C:\RECYCLED\NPROTECT\00003644.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.126:C:\RECYCLED\NPROTECT\00003646.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.127:C:\RECYCLED\NPROTECT\00003646.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.130:C:\RECYCLED\NPROTECT\00003748.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.130:C:\RECYCLED\NPROTECT\00003749.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.130:C:\RECYCLED\NPROTECT\00003752.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.130:C:\RECYCLED\NPROTECT\00003753.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.131:C:\RECYCLED\NPROTECT\00003748.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.131:C:\RECYCLED\NPROTECT\00003749.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.131:C:\RECYCLED\NPROTECT\00003752.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.131:C:\RECYCLED\NPROTECT\00003753.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.131:C:\RECYCLED\NPROTECT\00003755.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.132:C:\FOUND.035\FILE0016.CHK -> TrackingCookie.2o7 : No action taken.
:mozilla.132:C:\RECYCLED\NPROTECT\00003679.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.132:C:\RECYCLED\NPROTECT\00003683.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.132:C:\RECYCLED\NPROTECT\00003684.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.132:C:\RECYCLED\NPROTECT\00003685.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.132:C:\RECYCLED\NPROTECT\00003688.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.132:C:\RECYCLED\NPROTECT\00003697.MOZ -> TrackingCookie.2o7 : No action taken.
:mozilla.132:C:\RECYCLED\NPROTEC

Title: slow comp
Post by: guestolo on October 04, 2006, 09:59:08 PM

I want to see one more log please
By the way, why didn't you let AVG antispyware quarantine all listed items?

I'll update myself to the latest scanner and see if instructions are different

Download the latest version of [color=\"red\"]SmitfraudFix[/color] (http://\"http://siri.urz.free.fr/Fix/SmitfraudFix.zip\")[/url] (by S!Ri)
Extract the contents (a folder named SmitfraudFix) to your Desktop.

Open the SmitfraudFix folder and double-click smitfraudfix.cmd
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

[color=\"#3366FF\"]Note[/color] : [color=\"#FF0000\"]process.exe[/color] [color=\"#3366FF\"]is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.[/color]

Title: slow comp
Post by: Moe C on October 05, 2006, 05:27:19 AM

here is the smithfroudfix log

SmitFraudFix v2.104

Scan done at 12:23:43.23, 06-10-05
Run from C:\Documents and Settings\mshome\Desktop\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\mshome

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\mshome\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Start Menu

»»»»»»»»»»»»»»»»»»»»»»»»

»»»»»»»»»»»»»»»»»»»»»»»» Desktop

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys

»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""

»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32

»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection

»»»»»»»»»»»»»»»»»»»»»»»» End

PS: congratulations on 8000 posts

/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />

Title: slow comp
Post by: guestolo on October 05, 2006, 07:01:45 PM

Did you finally let AVG Antispyware clean the infected objects?

We need to ensure it does

Can you do the following
Your last hijackthis log looks good, but I want to make sure nothing is left behind

First, we need to update your version of Java for security reasons

Download the latest version of Java Runtime Environment (JRE) 5.0 Update 9 (http://\"http://java.sun.com/javase/downloads/index.jsp\").
Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
Click the "Download" button to the right.
Check the box that says: "Accept License Agreement[/i]".
The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.

DO NOT install it yet

Access your Windows Control panel and open the Java icon
Under the General tab, click the "Delete Files" button
Leave all 3 selections checked at the next window and press "OK"

Close Java and access your Add/remove programs
Search in the list
J2SE Runtime Environment 5.0 Update 6
It should have the following icon next to it: (http://users.telenet.be/bluepatchy/miekiemoes/images/javaicon.gif)
Select it and click Remove

Load AVG Anti-Spyware 7.5 and then click the Update tab at the top. Under Manual Update click Start update.
After the update finishes (the status bar at the bottom will display "Update successful")

Can you make sure you do the following properly

Then run AVG Anti-Spyware 7.5 and click on the Scanner tab at the top
Click the "Settings" tab and then change the recommended action to Quarantine and ensure that Automatically generate report after every scan is selected
Click back to the "Scan" tab and then click on Complete System Scan.
This scan can take quite a while to run, so be prepared.
AVG Anti-Spyware 7.5 will list any infections found on the left hand side. When the scan has finished, it will automatically set the recommended action. Click the Apply all actions button. AVG Anti-Spyware 7.5 will display "All actions have been applied" on the right hand side.
Click on "Save Report", then "Save Report As". This will create a text file. Make sure you know where to find this file again (like on the Desktop).

Do a "System scan only" with Hijackthis and put a check next to these entries:

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...html?p=ZNfox000 (http://\"http://edits.mywebsearch.com/toolbaredits/...html?p=ZNfox000\")

After you have ticked the above entries, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis

Reboot Your computer
Back in Windows
Double click on the Java installer you saved to desktop
Follow the prompts to finish the installation
After the new version of Java is installed, you can delete the installer from desktop

Post back all the following, even if takes more than one reply to do so please

1. Post a fresh hijackthis log
2. Post the new report from AVG Anti-Spyware 7.5

Also, related to your question about missing Paint
What happens when you go to START.>RUN>>type in
mspaint.exe
Hit OK
Does paint open?
Can you do the following
Create a .bat file for me
Open Notepad (START>>>RUN>>>type in notepad)
Hit OK
Copy the contents of the CODE box, not including the word "code"
Paste it to the empty Notepad file
In Notepad click FILE>>SAVE AS
Change the Save as Type to All Files.
Name the file as find.bat

Code: [Select]

dir %Systemdrive%\mspaint.exe /a h /s > files.txt
start notepad files.txt

Save this file on the desktop
Double click on find.bat
A dos box will open and appear to do nothing
Leave it search for a couple minutes, eventually notepad will open with some info
Copy>>paste back here all the info please

Recap
Post a fresh Hijackthis log
The new report from AVG Antispyware
The contents of the text file from find.bat

Title: slow comp
Post by: Moe C on October 06, 2006, 03:46:08 PM

i did EXACTLY what u did and it took me 4 hours to scan the AVG thing :'(

here is the hijack this log:

Logfile of HijackThis v1.99.1
Scan saved at 22:39, on 06-10-06
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\SoftCodec\isamonitor.exe
C:\Program Files\SoftCodec\pmsngr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\SoftCodec\isamini.exe
C:\Program Files\SoftCodec\pmmon.exe
C:\PROGRA~1\COMMON~1\AOL\115783~1\EE\AOLHOS~1.EXE
C:\PROGRA~1\COMMON~1\AOL\115783~1\EE\AOLServiceHost.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Common Files\Symantec Shared\NMain.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSCNo.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\mshome\Desktop\Runescape\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75 (http://\"http://runonce.msn.com/?v=msgrv75\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html (http://\"http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ (http://\"http://www.yahoo.com/\")
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com (http://\"http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com\")
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {202a961f-23ae-42b1-9505-ffe3c818d717} - C:\Program Files\SoftCodec\isaddon.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1157832268\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {FA13A9FA-CA9B-11D2-9780-00104B242EA3} (WildTangent Control) - file://H:\games\WebDriverFullInstall.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{3CBB55E7-1303-4237-AB62-6804124674DD}: NameServer = 213.131.66.138 213.131.66.246
O17 - HKLM\System\CS2\Services\Tcpip\..\{3CBB55E7-1303-4237-AB62-6804124674DD}: NameServer = 213.131.66.138 213.131.66.246
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: hydrodictyon - {b166be07-30a4-4d38-b781-44528a630706} - C:\WINDOWS\system32\gqagksr.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

here is the Paint file thing:

Volume in drive C has no label.
Volume Serial Number is 10FB-4A25

Directory of C:\WINDOWS\system32\dllcache

04-08-04 02:56 343,040 mspaint.exe
1 File(s) 343,040 bytes

here is the AVG report

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 22:14 06-10-06

+ Scan result:

C:\System Volume Information\_restore{4F768561-45AE-46C4-9125-0732C6F1C5C8}\RP141\A0292732.dll -> Adware.Aws : Cleaned with backup (quarantined).
HKU\S-1-5-21-1644491937-1935655697-682003330-1003\Software\Internet Security -> Adware.IntCodec : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{4F768561-45AE-46C4-9125-0732C6F1C5C8}\RP141\A0292714.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{4F768561-45AE-46C4-9125-0732C6F1C5C8}\RP141\A0292715.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{4F768561-45AE-46C4-9125-0732C6F1C5C8}\RP141\A0292699.exe -> Downloader.Zlob.qz : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{4F768561-45AE-46C4-9125-0732C6F1C5C8}\RP140\A0292565.exe -> Logger.KeyLogger.fl : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{4F768561-45AE-46C4-9125-0732C6F1C5C8}\RP141\A0292701.exe -> Logger.KeyLogger.fl : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{4F768561-45AE-46C4-9125-0732C6F1C5C8}\RP141\A0292702.exe -> Logger.KeyLogger.fl : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{4F768561-45AE-46C4-9125-0732C6F1C5C8}\RP141\A0292703.exe -> Logger.KeyLogger.fl : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{4F768561-45AE-46C4-9125-0732C6F1C5C8}\RP141\A0292704.exe -> Logger.KeyLogger.fl : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{4F768561-45AE-46C4-9125-0732C6F1C5C8}\RP141\A0292705.exe -> Logger.KeyLogger.fl : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{4F768561-45AE-46C4-9125-0732C6F1C5C8}\RP141\A0292706.exe -> Logger.KeyLogger.fl : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{4F768561-45AE-46C4-9125-0732C6F1C5C8}\RP141\A0292707.exe -> Logger.KeyLogger.fl : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{4F768561-45AE-46C4-9125-0732C6F1C5C8}\RP141\A0292708.exe -> Logger.KeyLogger.fl : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{4F768561-45AE-46C4-9125-0732C6F1C5C8}\RP141\A0292709.exe -> Logger.KeyLogger.fl : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{4F768561-45AE-46C4-9125-0732C6F1C5C8}\RP141\A0292710.exe -> Logger.KeyLogger.fl : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{4F768561-45AE-46C4-9125-0732C6F1C5C8}\RP141\A0292711.exe -> Logger.KeyLogger.fl : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{4F768561-45AE-46C4-9125-0732C6F1C5C8}\RP141\A0292712.exe -> Logger.KeyLogger.fl : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{4F768561-45AE-46C4-9125-0732C6F1C5C8}\RP141\A0292700.dll -> Logger.SCKeyLog.o : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{4F768561-45AE-46C4-9125-0732C6F1C5C8}\RP141\A0292716.dll -> Not-A-Virus.Monitor.Win32.Perflogger.c : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{4F768561-45AE-46C4-9125-0732C6F1C5C8}\RP141\A0292717.exe -> Not-A-Virus.Monitor.Win32.Perflogger.c : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{4F768561-45AE-46C4-9125-0732C6F1C5C8}\RP141\A0292718.dll -> Not-A-Virus.Monitor.Win32.Perflogger.d : Cleaned with backup (quarantined).
:mozilla.55:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.56:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.57:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.64:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.65:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.66:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.67:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.40:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.41:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.42:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.50:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.51:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.52:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.53:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.54:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.86:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.78:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.79:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.35:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.36:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.77:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.44:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.45:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.46:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.47:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.38:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.61:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.62:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.63:C:\Documents and Settings\mshome\Application Data\Mozilla\Firefox\Profiles\5mavzum0.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\System Volume Information\_restore{4F768561-45AE-46C4-9125-0732C6F1C5C8}\RP141\A0292713.exe -> Trojan.Small.cy : Cleaned with backup (quarantined).

Title: slow comp
Post by: guestolo on October 06, 2006, 10:19:06 PM

I see some problems in your log, let's finally get rid of them

Delete your copy of Smitfraudfix.zip and Smitfraudfix folder
I need you to download the latest version

After you have rid yourself of the previous version
Download the latest version of [color=\"red\"]SmitfraudFix[/color] (http://\"http://siri.urz.free.fr/Fix/SmitfraudFix.zip\")[/url] (by S!Ri)
Extract the contents (a folder named SmitfraudFix) to your Desktop.

DO NOT run it yet

[color=\"#3366FF\"]Note[/color] : [color=\"#FF0000\"]process.exe[/color] [color=\"#3366FF\"]is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.[/color]

Reboot your computer into Safe Mode. To boot into Safe Mode, please restart your computer. Tap F8 before Windows loads. Select Safe Mode on the screen that appears.
Sign in with your normal user account

Open the SmitfraudFix folder again and double-click smitfraudfix.cmd
Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.

You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.

The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".

The tool may need to restart your computer to finish the cleaning process. A text file will appear onscreen, with results from the cleaning process
I'll need to see these later, by default they are also saved at C:\rapport.txt

Reboot back to Normal windows
Post back ALL the following

1. Post a fresh hijackthis log
2. Post the log from the new Smitfraudfix>>C:\Rapport.txt

Title: slow comp
Post by: Moe C on October 07, 2006, 06:03:09 AM

ok questiolo i got keyloggers and LOTS of viruses on my comp im doing what u said but i may not repley in days cause my comp blacks out sometimes when i start my comp after 10sec it just blacks but dont worry im doing what u said now just telling u i may not replay

Title: slow comp
Post by: Moe C on October 07, 2006, 06:23:43 AM

ok here is the hijackthis log:

Logfile of HijackThis v1.99.1
Scan saved at 13:21, on 06-10-07
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\COMMON~1\AOL\115783~1\EE\AOLHOS~1.EXE
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\COMMON~1\AOL\115783~1\EE\AOLServiceHost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSCNo.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Documents and Settings\mshome\Desktop\Runescape\hijackthis.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1157832268\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {FA13A9FA-CA9B-11D2-9780-00104B242EA3} (WildTangent Control) - file://H:\games\WebDriverFullInstall.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{3CBB55E7-1303-4237-AB62-6804124674DD}: NameServer = 213.131.66.138 213.131.66.246
O17 - HKLM\System\CS2\Services\Tcpip\..\{3CBB55E7-1303-4237-AB62-6804124674DD}: NameServer = 213.131.66.138 213.131.66.246
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

here is the rapport:

SmitFraudFix v2.105

Scan done at 13:15:33.68, 06-10-07
Run from C:\Documents and Settings\mshome\Desktop\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix run in safe mode

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{b166be07-30a4-4d38-b781-44528a630706}"="hydrodictyon"

[HKEY_CLASSES_ROOT\CLSID\{b166be07-30a4-4d38-b781-44528a630706}\InProcServer32]
@="C:\WINDOWS\system32\gqagksr.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{b166be07-30a4-4d38-b781-44528a630706}\InProcServer32]
@="C:\WINDOWS\system32\gqagksr.dll"

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Killing process

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Generic Renos Fix

GenericRenosFix by S!Ri

C:\WINDOWS\system32\gqagksr.dll -> Hoax.Win32.Renos.gen.e
C:\WINDOWS\system32\gqagksr.dll -> Deleted

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Deleting infected files

C:\DOCUME~1\ALLUSE~1\STARTM~1\Online Security Guide.url Deleted
C:\DOCUME~1\ALLUSE~1\STARTM~1\Security Troubleshooting.url Deleted
C:\Program Files\SoftCodec\ Deleted

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Deleting Temp Files

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» Registry Cleaning

Registry Cleaning done.

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â»Â» End

Title: slow comp
Post by: Rsowners on October 07, 2006, 07:35:30 AM

check for spywarte!!! spyware slows computer down sooooooooooooooo muchQ!

Title: slow comp
Post by: Moe C on October 07, 2006, 08:16:33 AM

plz do not post in my thread only questolo

Title: slow comp
Post by: guestolo on October 07, 2006, 09:12:38 AM

That's looking better
Can you do the following
Set Windows To Show Hidden Files and Folders
* Click Start.
* Open My Computer.
* Select the Tools menu and click Folder Options.
* Select the View Tab.
* Under the Hidden files and folders heading select Show hidden files and folders.
* Uncheck the Hide protected operating system files (recommended) option.
* Uncheck the Hide Extensions for known file types
* Click Yes to confirm.
* Click OK.

Navigate to C:\WINDOWS\system32\dllcache\mspaint.exe <-this file

RIGHT CLICK on mspaint.exe and click COPY
Go back to C:\WINDOWS\system32 <-this folder
RIGHT CLICK and select PASTE

Quote

check for spywarte!!! spyware slows computer down sooooooooooooooo muchQ!

We have been checking

/wink.gif\' class=\'bbc_emoticon\' alt=\';)\' />
emy, 2 programs I wouldn't be without, they are yours for free
The scans don't take near as long as AVG anti-spyware

I suggest you download and run scans with them, Hold onto them
Download and Install
Ad-Aware SE Personal 1.06 (http://\"ftp://ftp.download.com/pub/win95/utilities/aawsepersonal.exe\")

Open Ad-Aware, ensure to click the check for updates now link and Connect to download the latest updates
Close out after it is updated, as we will need it later
Open Ad-Aware SE 1.06
Click START>>NEXT
When it's finished scanning
At this point you should either right click on the screen and and choose the "Select All" Objects option or individually put a checkmark in each objects checkbox
click on the Next button. Ad-Aware SE will now present you with a confirmation box as to whether or not you would like to remove the objects you have just selected. Press the "OK" button

RESTART your computer to finish the cleaning process
===================================

Download and Install Spybot 1.4 from
HERE (http://\"http://fileforum.betanews.com/detail/Spybot_Search_and_Destroy/1043809773/1\")

After installation--Click the UPDATE button on the left
SEARCH FOR UPDATES on the right
Check, and then download all updates
After update is complete

Click the "Search & Destroy" button on the left
"Check for Problems"---When the Scan is complete
FIX all selected problems in RED

RESTART the computer to finish any cleaning process

Come back here and post one last hijackthis log
Let me know if Ad-Aware and Spybot found anything
Let me also know how everything's running please, just some quick final steps

Title: slow comp
Post by: Moe C on October 07, 2006, 11:27:02 AM

dont know about adware, didnt look good but i did what u told me. Spybot found 27 errors
and all them were fixed except this one:

winsoftware.winantiviruspro2006.

here is a HJT log:

Logfile of HijackThis v1.99.1
Scan saved at 18:24, on 06-10-07
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\COMMON~1\AOL\115783~1\EE\AOLHOS~1.EXE
C:\PROGRA~1\COMMON~1\AOL\115783~1\EE\AOLServiceHost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSCNo.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\mshome\Desktop\Runescape\hijackthis.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1157832268\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {FA13A9FA-CA9B-11D2-9780-00104B242EA3} (WildTangent Control) - file://H:\games\WebDriverFullInstall.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{3CBB55E7-1303-4237-AB62-6804124674DD}: NameServer = 213.131.66.138 213.131.66.246
O17 - HKLM\System\CS2\Services\Tcpip\..\{3CBB55E7-1303-4237-AB62-6804124674DD}: NameServer = 213.131.66.138 213.131.66.246
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

Title: slow comp
Post by: guestolo on October 07, 2006, 11:32:59 AM

I missed this in your log
Do a "System scan only" with Hijackthis and put a check next to these entries:

O16 - DPF: {FA13A9FA-CA9B-11D2-9780-00104B242EA3} (WildTangent Control) - file://H:\games\WebDriverFullInstall.exe

After you have ticked the above entries, close All other open windows
Including this one
Leave Hijackthis open and click FIX CHECKED
OK the prompt and exit Hijackthis

If you don't need, or use either of the below, remove them from Add/remove programs
WildTangent Updater
WildTangent Web Driver

Can you run Spybot one more time please
Let it finish
When it's done
Right click in the scan results window and choose to Save a full report
Save the report to desktop then copy>>paste back here the whole contents please

Title: slow comp
Post by: Moe C on October 07, 2006, 01:09:24 PM

WildTangent Updater and
WildTangent Web Driver

arent in my add or remove list.

tehre is the spybot thing.

--- Search result list ---
Microsoft.WindowsSecurityCenter.AntiVirusDisableNotify: Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify!=dword:0

Winsoftware.WinAntiVirusPro2006: Tracking cookie (Internet Explorer: mshome) (Cookie, fixed)

Winsoftware.WinAntiVirusPro2006: Tracking cookie (Internet Explorer: mshome) (Cookie, fixed)

Winsoftware.WinAntiVirusPro2006: Tracking cookie (Internet Explorer: mshome) (Cookie, fixed)

PestTrap: Tracking cookie (Internet Explorer: mshome) (Cookie, fixed)

Winsoftware.WinAntiVirusPro2006: Tracking cookie (Internet Explorer: mshome) (Cookie, fixed)

Winsoftware.WinAntiVirusPro2006: Tracking cookie (Internet Explorer: mshome) (Cookie, fixed)

Winsoftware.WinAntiVirusPro2006: Tracking cookie (Internet Explorer: mshome) (Cookie, fixed)

Winsoftware.WinAntiVirusPro2006: Tracking cookie (Internet Explorer: mshome) (Cookie, fixed)

Advertising.com: Tracking cookie (Firefox: default) (Cookie, fixed)

Advertising.com: Tracking cookie (Firefox: default) (Cookie, fixed)

Advertising.com: Tracking cookie (Firefox: default) (Cookie, fixed)

Avenue A, Inc.: Tracking cookie (Firefox: default) (Cookie, fixed)

DoubleClick: Tracking cookie (Firefox: default) (Cookie, fixed)

FastClick: Tracking cookie (Firefox: default) (Cookie, fixed)

FastClick: Tracking cookie (Firefox: default) (Cookie, fixed)

MediaPlex: Tracking cookie (Firefox: default) (Cookie, fixed)

SexTracker: Tracking cookie (Firefox: default) (Cookie, fixed)

--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2006-10-07 unins000.exe (51.41.0.0)
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-02-06 advcheck.dll (1.0.2.0)
2006-02-20 Tools.dll (2.0.0.2)
2006-10-06 Includes\Cookies.sbi (*)
2006-10-06 Includes\Dialer.sbi (*)
2006-10-06 Includes\Hijackers.sbi (*)
2006-10-06 Includes\Keyloggers.sbi (*)
2006-10-06 Includes\Malware.sbi (*)
2006-10-06 Includes\Revision.sbi (*)
2006-10-06 Includes\Security.sbi (*)
2006-10-06 Includes\Spybots.sbi (*)
2006-10-06 Includes\Trojans.sbi (*)
2005-02-17 Includes\Tracks.uti
2006-10-06 Includes\PUPS.sbi (*)

--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ Windows Media Player 9: Security Update for Windows Media Player 9 (KB917734)
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Security Update for Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Security Update for Windows XP (KB893066)
/ Windows XP / SP3: Security Update for Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update for Windows XP (KB894391)
/ Windows XP / SP3: Security Update for Windows XP (KB896358)
/ Windows XP / SP3: Security Update for Windows XP (KB896422)
/ Windows XP / SP3: Security Update for Windows XP (KB896423)
/ Windows XP / SP3: Security Update for Windows XP (KB896424)
/ Windows XP / SP3: Security Update for Windows XP (KB896428)
/ Windows XP / SP3: Update for Windows XP (KB898461)
/ Windows XP / SP3: Security Update for Windows XP (KB899587)
/ Windows XP / SP3: Security Update for Windows XP (KB899589)
/ Windows XP / SP3: Security Update for Windows XP (KB899591)
/ Windows XP / SP3: Update for Windows XP (KB900485)
/ Windows XP / SP3: Security Update for Windows XP (KB900725)
/ Windows XP / SP3: Security Update for Windows XP (KB901017)
/ Windows XP / SP3: Security Update for Windows XP (KB901214)
/ Windows XP / SP3: Security Update for Windows XP (KB902400)
/ Windows XP / SP3: Security Update for Windows XP (KB904706)
/ Windows XP / SP3: Security Update for Windows XP (KB905414)
/ Windows XP / SP3: Security Update for Windows XP (KB905749)
/ Windows XP / SP3: Security Update for Windows XP (KB905915)
/ Windows XP / SP3: Security Update for Windows XP (KB908519)
/ Windows XP / SP3: Security Update for Windows XP (KB908531)
/ Windows XP / SP3: Update for Windows XP (KB910437)
/ Windows XP / SP3: Security Update for Windows XP (KB911280)
/ Windows XP / SP3: Security Update for Windows XP (KB911562)
/ Windows XP / SP3: Security Update for Windows XP (KB911567)
/ Windows XP / SP3: Security Update for Windows XP (KB911927)
/ Windows XP / SP3: Security Update for Windows XP (KB912812)
/ Windows XP / SP3: Security Update for Windows XP (KB912919)
/ Windows XP / SP3: Security Update for Windows XP (KB913446)
/ Windows XP / SP3: Security Update for Windows XP (KB913580)
/ Windows XP / SP3: Security Update for Windows XP (KB914388)
/ Windows XP / SP3: Security Update for Windows XP (KB914389)
/ Windows XP / SP3: Security Update for Windows XP (KB916281)
/ Windows XP / SP3: Update for Windows XP (KB916595)
/ Windows XP / SP3: Security Update for Windows XP (KB917159)
/ Windows XP / SP3: Security Update for Windows XP (KB917344)
/ Windows XP / SP3: Security Update for Windows XP (KB917422)
/ Windows XP / SP3: Security Update for Windows XP (KB917953)
/ Windows XP / SP3: Security Update for Windows XP (KB918439)
/ Windows XP / SP3: Security Update for Windows XP (KB918899)
/ Windows XP / SP3: Security Update for Windows XP (KB919007)
/ Windows XP / SP3: Security Update for Windows XP (KB920214)
/ Windows XP / SP3: Security Update for Windows XP (KB920670)
/ Windows XP / SP3: Security Update for Windows XP (KB920683)
/ Windows XP / SP3: Security Update for Windows XP (KB920685)
/ Windows XP / SP3: Update for Windows XP (KB920872)
/ Windows XP / SP3: Security Update for Windows XP (KB921398)
/ Windows XP / SP3: Security Update for Windows XP (KB921883)
/ Windows XP / SP3: Update for Windows XP (KB922582)
/ Windows XP / SP3: Security Update for Windows XP (KB922616)
/ Windows XP / SP3: Security Update for Windows XP (KB925486)

--- Startup entries list ---
Located: HK_LM:Run, !AVG Anti-Spyware
command: "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
file: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
size: 6266880
MD5: 1cf87dfe2b0492774a42d73deb9f73c8

Located: HK_LM:Run, AOL Spyware Protection
command: "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
file: C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
size: 79448
MD5: 217697c43bff8d740cfbb9ad87621519

Located: HK_LM:Run, AOLDialer
command: C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
file: C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
size: 34904
MD5: 25d2aa5a7ca01db369a39149a1ab2f30

Located: HK_LM:Run, BluetoothAuthenticationAgent
command: rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
file: C:\WINDOWS\system32\rundll32.exe
size: 33280
MD5: da285490bbd8a1d0ce6623577d5ba1ff

Located: HK_LM:Run, ccApp
command: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
file: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 50880
MD5: 0a0acc6852a00997987fdf8a914755a5

Located: HK_LM:Run, ccRegVfy
command: C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
file: C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
size: 34504
MD5: b3847ac31520a40d3ff96a9bfcc066c0

Located: HK_LM:Run, HostManager
command: C:\Program Files\Common Files\AOL\1157832268\EE\AOLHostManager.exe
file: C:\Program Files\Common Files\AOL\1157832268\EE\AOLHostManager.exe
size: 125528
MD5: 2e6ed35c3e2374bc63c8b91b90da72e2

Located: HK_LM:Run, RealTray
command: C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
file:

Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
file: C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
size: 49263
MD5: 065afacc3d0e993edfea1e59450917e4

Located: HK_LM:Run, Symantec NetDriver Monitor
command: C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
file: C:\PROGRA~1\SYMNET~1\SNDMon.exe
size: 100056
MD5: f9418981ee4d7e995d359833adab59d5

Located: HK_CU:Run, ctfmon.exe
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996a38c0b0cf151c2140ae29fc8

Located: HK_CU:Run, MsnMsgr
command: "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
file: C:\Program Files\MSN Messenger\MsnMsgr.Exe
size: 7094272
MD5: b83e12b5341c5dcecc5c217a824ffeb1

Located: HK_CU:Run, Yahoo! Pager
command: "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
file: C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
size: 4621816
MD5: 5bd3a6f7c5fef8626f41f9196717ea62

Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll

Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll

Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll

Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll

Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll

Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, wzcnotif
command: wzcdlg.dll
file: wzcdlg.dll

--- Browser helper object list ---
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} (Yahoo! IE Services Button)
BHO name:
CLSID name: Yahoo! IE Services Button
Path: C:\Program Files\Yahoo!\Common\
Long name: yiesrvc.dll
Short name:
Date (created): 06-10-06 20:29:32
Date (last access): 06-10-07
Date (last write): 06-07-31 15:32:32
Filesize: 185848
Attributes: archive
MD5: FFCFF90506D2055936B2E577C50ACEA6
CRC32: 55FC20B6
Version: 2006.7.31.1

--- ActiveX list ---
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0)
DPF name: Java Runtime Environment 1.5.0
CLSID name: Java Plug-in 1.5.0_09
Installer:
Codebase: http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (http://\"http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab\")
Path: C:\Program Files\Java\jre1.5.0_09\bin\
Long name: NPJPI150_09.dll
Short name: NPJPI1~1.DLL
Date (created): 06-09-07 15:51:26
Date (last access): 06-10-06
Date (last write): 06-09-07 16:06:08
Filesize: 69746
Attributes: archive
MD5: 8AE51909A86EB22287148FC3139F7968
CRC32: C809E456
Version: 5.0.90.1

--- Process list ---
PID: 0 ( 0) [System]
PID: 440 ( 4) \SystemRoot\System32\smss.exe
PID: 496 ( 440) \??\C:\WINDOWS\system32\csrss.exe
PID: 520 ( 440) \??\C:\WINDOWS\system32\winlogon.exe
PID: 564 ( 520) C:\WINDOWS\system32\services.exe
size: 108032
MD5: C6CE6EEC82F187615D1002BB3BB50ED4
PID: 576 ( 520) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 84885F9B82F4D55C6146EBF6065D75D2
PID: 716 ( 564) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 768 ( 564) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 804 ( 564) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 852 ( 564) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 952 ( 564) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1036 ( 564) C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
size: 308936
MD5: BA2FEB4DE7146B972FFBFD5D48F3FC90
PID: 1192 ( 564) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 1352 (1328) C:\WINDOWS\Explorer.EXE
size: 1032192
MD5: A0732187050030AE399B241436565E64
PID: 1428 ( 564) C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
size: 10328
MD5: AA2770FD967DAB91A597619C4EADC0C9
PID: 1448 ( 564) C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
size: 100016
MD5: 7FB54900AA9792AB6307C699EC1859D4
PID: 1500 ( 564) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
size: 204800
MD5: E8FBDCC8D618D1BB84B828F247A6244B
PID: 1520 ( 564) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1532 (1448) C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
size: 46768
MD5: CAF7C2FDDADF73A02AC84C6FB6030BBF
PID: 1600 ( 564) C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
size: 135168
MD5: 4914A155F9B73317B14F94BBA4A79639
PID: 1792 ( 564) C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
size: 172065
MD5: 305365A42F7D38D8D10B233ECE1C84C6
PID: 1828 ( 564) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 8F078AE4ED187AAABC0A305146DE6716
PID: 1916 ( 564) C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
size: 316544
MD5: 67C5AF84809468061121FBCBECB19285
PID: 232 (1352) C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 50880
MD5: 0A0ACC6852A00997987FDF8A914755A5
PID: 268 (1352) C:\WINDOWS\system32\rundll32.exe
size: 33280
MD5: DA285490BBD8A1D0CE6623577D5BA1FF
PID: 340 (1352) C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
size: 79448
MD5: 217697C43BFF8D740CFBB9AD87621519
PID: 356 (1352) C:\Program Files\Real\RealPlayer\RealPlay.exe
size: 26112
MD5: 849D97FE4CC09CFC2772D10F641E1BAF
PID: 364 (1352) C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
size: 6266880
MD5: 1CF87DFE2B0492774A42D73DEB9F73C8
PID: 376 (1352) C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
size: 49263
MD5: 065AFACC3D0E993EDFEA1E59450917E4
PID: 384 (1352) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 24232996A38C0B0CF151C2140AE29FC8
PID: 828 ( 716) C:\PROGRA~1\COMMON~1\AOL\115783~1\EE\AOLHOS~1.EXE
size: 125528
MD5: 2E6ED35C3E2374BC63C8B91B90DA72E2
PID: 1000 ( 828) C:\PROGRA~1\COMMON~1\AOL\115783~1\EE\AOLServiceHost.exe
size: 110680
MD5: C2208152DE85F44A73ABB6BB5866B314
PID: 2256 ( 716) C:\WINDOWS\system32\wbem\wmiprvse.exe
size: 218112
MD5: 075EA6C849AB0FE416A3D6DD65C3CF41
PID: 2316 ( 564) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: F1958FBF86D5C004CF19A5951A9514B7
PID: 2384 (1916) C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSCNo.exe
size: 296064
MD5: C828E38EC2EAF7705A996B6C357D7903
PID: 2796 ( 564) C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
size: 116336
MD5: 00FF9F38A83706E7605F83852171197A
PID: 2624 (3660) C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
size: 99832
MD5: 3D137EFD03CFD9213AB7715A852308B4
PID: 1116 (1352) C:\Program Files\Mozilla Firefox\firefox.exe
size: 7190637
MD5: 43658E87F7B183F2245491FBCC695E05
PID: 1144 (1352) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 2484 (1352) C:\WINDOWS\system32\notepad.exe
size: 69120
MD5: 388B8FBC36A8558587AFC90FB23A3B99
PID: 1200 ( 716) C:\Program Files\Messenger\msmsgs.exe
size: 1694208
MD5: 74E6E96C6F0E2ECA4EDBB7F7A468F259
PID: 4 ( 0) System

--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 06-10-07 20:07:15

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\windows\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch (http://\"http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch\")
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome (http://\"http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome\")
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch (http://\"http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch\")
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://home.microsoft.com/access/autosearch.asp?p=%s (http://\"http://home.microsoft.com/access/autosearch.asp?p=%s\")
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
C:\windows\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch (http://\"http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch\")
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home (http://\"http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home\")
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://www.microsoft.com/isapi/redir.dll?p...&ar=msnhome (http://\"http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome\")
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch (http://\"http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch\")
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm (http://\"http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm\")
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm (http://\"http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm\")

--- Winsock Layered Service Provider list ---

--- Uninstall list ---
Ad-Aware SE Personal 1.06 (Ad-Aware SE Personal)
uninstall cmd: C:\PROGRA~1\LAVASOFT\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\LAVASOFT\AD-AWA~1\INSTALL.LOG
publisher: Lavasoft
help link: http://www.lavasoft.com (http://\"http://www.lavasoft.com\")

(AddressBook)

(AIMToolbar)

America Online (Choose which version to remove) (America Online us)
uninstall cmd: C:\Program Files\Common Files\aolshare\aolunins_us.exe

AOL Connectivity Services (AOL Connectivity Services)
uninstall cmd: "C:\Program Files\Common Files\AOL\ACS\AcsUninstall.exe" /c

AOL Spyware Protection 1.0.76 (AOL Spyware Protection)
uninstall cmd: C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\UNWISE.EXE C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\INSTALL.LOG
publisher: AOL Spyware Protection
comments: AOL Spyware Protection

AOL You've Got Pictures Screensaver (AOL YGP Screensaver)
uninstall cmd: C:\Program Files\Common Files\AOL\Screensaver\uninst_ygpss.exe

AOL Coach Version 2.0(Build:20041026.5 en) (AolCoach2_en)
uninstall cmd: C:\Program Files\Common Files\AolCoach\en_en\AolCInUn.exe -lang=en_en -ext=UDP

AVG Anti-Spyware 7.5 (AVGAntiSpyware75)
install location: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5
uninstall cmd: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
publisher: Grisoft Ltd.
help link: http://www.grisoft.com (http://\"http://www.grisoft.com\")

(BackWeb-8876480 Uninstaller)

(Branding)

(Connection Manager)

(DirectAnimation)

(DirectDrawEx)

(DXM_Runtime)

(Fontcore)

GhostMouse 2.0 (GhostMouse 2.0)
uninstall cmd: C:\WINDOWS\uninst.exe -fC:\GMouse20\DeIsL2.isu -cC:\GMouse20\_ISREG32.DLL

HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: C:\Documents and Settings\mshome\Desktop\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.

Hitman 2: Silent Assassin (Hitman 2: Silent Assassin)
uninstall cmd: C:\PROGRA~1\EIDOSI~1\HITMAN~1\UNWISE.EXE C:\PROGRA~1\EIDOSI~1\HITMAN~1\INSTALL.LOG

HyperCam 2 (HyperCam 2)
uninstall cmd: "C:\Program Files\HyCam2\UnHyCam2.exe"

(ICW)

(IE40)

(IE4Data)

(IE5BAKEX)

(IEData)

Windows XP Hotfix - KB873339 20041117.092459 (KB873339)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873339 (http://\"http://support.microsoft.com?kbid=873339\")

(KB884016)

Windows XP Hotfix - KB885250 20050118.202711 (KB885250)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885250 (http://\"http://support.microsoft.com?kbid=885250\")

Windows XP Hotfix - KB885835 20041027.181713 (KB885835)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885835 (http://\"http://support.microsoft.com?kbid=885835\")

Windows XP Hotfix - KB885836 20041028.173203 (KB885836)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885836 (http://\"http://support.microsoft.com?kbid=885836\")

Windows XP Hotfix - KB886185 20041021.090540 (KB886185)
uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=886185 (http://\"http://support.microsoft.com?kbid=886185\")

Windows XP Hotfix - KB887472 20041014.162858 (KB887472)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887472 (http://\"http://support.microsoft.com?kbid=887472\")

Windows XP Hotfix - KB887742 20041103.095002 (KB887742)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887742 (http://\"http://support.microsoft.com?kbid=887742\")

Windows XP Hotfix - KB888113 20041116.131036 (KB888113)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888113 (http://\"http://support.microsoft.com?kbid=888113\")

Windows XP Hotfix - KB888302 20041207.111426 (KB888302)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888302 (http://\"http://support.microsoft.com?kbid=888302\")

Security Update for Windows XP (KB890046) 1 (KB890046)
install date: 20051226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890046 (http://\"http://support.microsoft.com?kbid=890046\")

Windows XP Hotfix - KB890859 1 (KB890859)
install date: 20051226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890859 (http://\"http://support.microsoft.com?kbid=890859\")

Windows XP Hotfix - KB891781 20050110.165439 (KB891781)
uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=891781 (http://\"http://support.microsoft.com?kbid=891781\")

Security Update for Windows XP (KB893066) 2 (KB893066)
install date: 20051226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893066 (http://\"http://support.microsoft.com?kbid=893066\")

Security Update for Windows XP (KB893756) 1 (KB893756)
install date: 20051226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893756 (http://\"http://support.microsoft.com?kbid=893756\")

(KB893803)

Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467 (http://\"http://go.microsoft.com/fwlink/?LinkId=42467\")

Update for Windows XP (KB894391) 1 (KB894391)
install date: 20051226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=894391 (http://\"http://support.microsoft.com?kbid=894391\")

Security Update for Windows XP (KB896358) 1 (KB896358)
install date: 20051226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896358 (http://\"http://support.microsoft.com?kbid=896358\")

Security Update for Windows XP (KB896422) 1 (KB896422)
install date: 20051226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896422 (http://\"http://support.microsoft.com?kbid=896422\")

Security Update for Windows XP (KB896423) 1 (KB896423)
install date: 20051226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896423 (http://\"http://support.microsoft.com?kbid=896423\")

Security Update for Windows XP (KB896424) 1 (KB896424)
install date: 20051226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896424 (http://\"http://support.microsoft.com?kbid=896424\")

Security Update for Windows XP (KB896428) 1 (KB896428)
install date: 20051226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896428 (http://\"http://support.microsoft.com?kbid=896428\")

Update for Windows XP (KB898461) 1 (KB898461)
install date: 20051226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=898461 (http://\"http://support.microsoft.com?kbid=898461\")

Security Update for Windows XP (KB899587) 1 (KB899587)
install date: 20051226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899587 (http://\"http://support.microsoft.com?kbid=899587\")

Security Update for Windows XP (KB899589) 1 (KB899589)
install date: 20051226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899589 (http://\"http://support.microsoft.com?kbid=899589\")

Security Update for Windows XP (KB899591) 1 (KB899591)
install date: 20051226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899591 (http://\"http://support.microsoft.com?kbid=899591\")

Update for Windows XP (KB900485) 2 (KB900485)
install date: 20060426
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900485 (http://\"http://support.microsoft.com?kbid=900485\")

Security Update for Windows XP (KB900725) 1 (KB900725)
install date: 20051226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900725 (http://\"http://support.microsoft.com?kbid=900725\")

Security Update for Windows XP (KB901017) 1 (KB901017)
install date: 20051226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901017 (http://\"http://support.microsoft.com?kbid=901017\")

Security Update for Windows XP (KB901214) 1 (KB901214)
install date: 20051226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901214 (http://\"http://support.microsoft.com?kbid=901214\")

Security Update for Windows XP (KB902400) 1 (KB902400)
install date: 20051226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=902400 (http://\"http://support.microsoft.com?kbid=902400\")

Security Update for Windows XP (KB904706) 2 (KB904706)
install date: 20051226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=904706 (http://\"http://support.microsoft.com?kbid=904706\")

Security Update for Windows XP (KB905414) 1 (KB905414)
install date: 20051226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905414 (http://\"http://support.microsoft.com?kbid=905414\")

Security Update for Windows XP (KB905749) 1 (KB905749)
install date: 20051226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905749 (http://\"http://support.microsoft.com?kbid=905749\")

Security Update for Windows XP (KB905915) 1 (KB905915)
install date: 20051226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905915 (http://\"http://support.microsoft.com?kbid=905915\")

Security Update for Windows XP (KB908519) 1 (KB908519)
install date: 20060112
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908519 (http://\"http://support.microsoft.com?kbid=908519\")

Security Update for Windows XP (KB908531) 1 (KB908531)
install date: 20060412
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908531 (http://\"http://support.microsoft.com?kbid=908531\")

Update for Windows XP (KB910437) 1 (KB910437)
install date: 20051226
uninstall cmd: "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=910437 (http://\"http://support.microsoft.com?kbid=910437\")

Security Update for Windows XP (KB911280) 1 (KB911280)
install date: 20060617
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911280 (http://\"http://support.microsoft.com?kbid=911280\")

Security Update for Windows XP (KB911562) 1 (KB911562)
install date: 20060412
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911562 (http://\"http://support.microsoft.com?kbid=911562\")

Security Update for Windows Media Player (KB911564) (KB911564)
install date: 20060215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911564 (http://\"http://support.microsoft.com/?kbid=911564\")

Security Update for Windows Media Player 9 (KB911565) (KB911565)
install date: 20060215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911565 (http://\"http://support.microsoft.com/?kbid=911565\")

Security Update for Windows XP (KB911567) 1 (KB911567)
install date: 20060412
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911567 (http://\"http://support.microsoft.com?kbid=911567\")

Security Update for Windows XP (KB911927) 1 (KB911927)
install date: 20060215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911927 (http://\"http://support.microsoft.com?kbid=911927\")

Security Update for Windows XP (KB912812) 1 (KB912812)
install date: 20060412
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912812 (http://\"http://support.microsoft.com?kbid=912812\")

Security Update for Windows XP (KB912919) 1 (KB912919)
install date: 20060108
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912919 (http://\"http://support.microsoft.com?kbid=912919\")

Security Update for Windows XP (KB913446) 1 (KB913446)
install date: 20060215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913446 (http://\"http://support.microsoft.com?kbid=913446\")

Security Update for Windows XP (KB913580) 1 (KB913580)
install date: 20060513
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913580 (http://\"http://support.microsoft.com?kbid=913580\")

Security Update for Windows XP (KB914388) 1 (KB914388)
install date: 20060919
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914388 (http://\"http://support.microsoft.com?kbid=914388\")

Security Update for Windows XP (KB914389) 1 (KB914389)
install date: 20060617
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914389 (http://\"http://support.microsoft.com?kbid=914389\")

Security Update for Windows XP (KB916281) 1 (KB916281)
install date: 20060620
uninstall cmd: "C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=916281 (http://\"http://support.microsoft.com?kbid=916281\")

Update for Windows XP (KB916595) 1 (KB916595)
install date: 20060920
uninstall cmd: "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=916595 (http://\"http://support.microsoft.com?kbid=916595\")

Security Update for Windows XP (KB917159) 1 (KB917159)
install date: 20060919
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917159 (http://\"http://support.microsoft.com?kbid=917159\")

Security Update for Windows XP (KB917344) 1 (KB917344)
install date: 20060617
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917344 (http://\"http://support.microsoft.com?kbid=917344\")

Security Update for Windows XP (KB917422) 1 (KB917422)
install date: 20060919
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917422 (http://\"http://support.microsoft.com?kbid=917422\")

Security Update for Windows Media Player 9 (KB917734) (KB917734_WMP9)
install date: 20060618
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=917734 (http://\"http://support.microsoft.com/?kbid=917734\")

Security Update for Windows XP (KB917953) 1 (KB917953)
install date: 20060617
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917953 (http://\"http://support.microsoft.com?kbid=917953\")

Security Update for Windows XP (KB918439) 1 (KB918439)
install date: 20060617
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=918439 (http://\"http://support.microsoft.com?kbid=918439\")

Security Update for Windows XP (KB918899) 1 (KB918899)
install date: 20061004
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=918899 (http://\"http://support.microsoft.com?kbid=918899\")

Security Update for Windows XP (KB919007) 1 (KB919007)
install date: 20060919
uninstall cmd: "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=919007 (http://\"http://support.microsoft.com?kbid=919007\")

Security Update for Windows XP (KB920214) 1 (KB920214)
install date: 20060918
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920214 (http://\"http://support.microsoft.com?kbid=920214\")

Security Update for Windows XP (KB920670) 1 (KB920670)
install date: 20060919
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920670 (http://\"http://support.microsoft.com?kbid=920670\")

Security Update for Windows XP (KB920683) 1 (KB920683)
install date: 20060918
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920683 (http://\"http://support.microsoft.com?kbid=920683\")

Security Update for Windows XP (KB920685) 1 (KB920685)
install date: 20060918
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920685 (http://\"http://support.microsoft.com?kbid=920685\")

Update for Windows XP (KB920872) 1 (KB920872)
install date: 20060919
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920872 (http://\"http://support.microsoft.com?kbid=920872\")

Security Update for Windows XP (KB921398) 1 (KB921398)
install date: 20061001
uninstall cmd: "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=921398 (http://\"http://support.microsoft.com?kbid=921398\")

Security Update for Windows XP (KB921883) 1 (KB921883)
install date: 20060912
uninstall cmd: "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=921883 (http://\"http://support.microsoft.com?kbid=921883\")

Update for Windows XP (KB922582) 1 (KB922582)
install date: 20060921
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922582 (http://\"http://support.microsoft.com?kbid=922582\")

Security Update for Windows XP (KB922616) 1 (KB922616)
install date: 20060919
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922616 (http://\"http://support.microsoft.com?kbid=922616\")

Security Update for Windows XP (KB925486) 1 (KB925486)
install date: 20061004
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=925486 (http://\"http://support.microsoft.com?kbid=925486\")

LiveReg (Symantec Corporation) 2.2.0.1621 (LiveReg)
install location: C:\Program Files\Common Files\Symantec Shared\LiveReg
uninstall cmd: C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
publisher: Symantec Corporation

Metal Gear Solid (Metal Gear Solid)
uninstall cmd: G:\Games\Metal Gear Solid\Uninstal.exe

(MobileOptionPack)

Mozilla Firefox (1.5) 1.5 (en-US) (Mozilla Firefox (1.5))
install location: C:\Program Files\Mozilla Firefox
uninstall cmd: C:\Program Files\Mozilla Firefox\uninstall\uninstall.exe /ua "1.5 (en-US)"
publisher: Mozilla

(MPlayer2)

(MSI30-Beta1)

(MSI30-Beta2)

(MSI30-KB884016)

(MSI30-RC1)

(MSI30-RC2)

(MSI30a-KB884016)

(MSI31-Beta)

(MSI31-RC1)

(NetMeeting)

Norton CleanSweep (Norton CleanSweep)
version: 7
version (major): 7
version (minor): 1
install location: C:\Program Files\Norton SystemWorks\Norton CleanSweep
publisher: Symantec Corporation

Norton Speed Disk 7.0 for Windows NT (Norton Speed Disk)

Norton Utilities 2003 for Windows (Norton Utilities)
version (major): 7
install location: C:\Program Files\Norton SystemWorks\Norton Utilities\NORTON.EXE
publisher: Symantec Corporation

(OutlookExpress)

(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

(Personal Antispy)

RealPlayer Basic (RealPlayer 6.0)
uninstall cmd: C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0

(SchedulingAgent)

(Sevinst)

Adobe Flash Player 9 ActiveX 9 (ShockwaveFlash)
uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe -q
publisher: Adobe Systems
help link: http://www.adobe.com/go/flashplayer_support/ (http://\"http://www.adobe.com/go/flashplayer_support/\")

Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited

Ultimate Paint 2.88 Freeware Edition 2.88 (UP286_is1)
install location: C:\Program Files\UP\
uninstall cmd: "C:\Program Files\UP\unins000.exe"
publisher: J-T-L Development

Yahoo! Toolbar (Yahoo! Companion)
uninstall cmd: C:\PROGRA~1\YAHOO!\COMMON\unyt.exe

Yahoo! Browser Services (Yahoo! Customizations)
uninstall cmd: C:\PROGRA~1\YAHOO!\COMMON\unyext.exe

Yahoo! Mail (Yahoo! Internet Mail)
uninstall cmd: C:\WINDOWS\system32\regsvr32.exe /u /s C:\PROGRA~1\YAHOO!\COMMON\ymmapi.dll

Yahoo! Messenger (Yahoo! Messenger)
uninstall cmd: C:\PROGRA~1\YAHOO!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\YAHOO!\MESSEN~1\INSTALL.LOG

Yahoo! Toolbar (Yahoo! Toolbar)

Norton WMI Update 2005.1.2.20 ({1526D87C-A955-4FAB-BF18-697BA457E352})
version (major): 2005
version (minor): 1
estimated size: 2048
install date: 20051231
install source: C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\LIVEUP~1\DOWNLO~1\EXITEM~1.1_E\
uninstall cmd: MsiExec.exe /X{1526D87C-A955-4FAB-BF18-697BA457E352}
publisher: Symantec Corporation

2.1.20060807 ({2CCBABCB-6427-4A55-B091-49864623C43F})
version: 20060807
version (major): 2
version (minor): 1

J2SE Runtime Environment 5.0 Update 9 1.5.0.90 ({3248F0A8-6813-11D6-A77B-00B0D0150090})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 149081
install date: 20061006
install source: C:\Documents and Settings\mshome\Local Settings\Application Data\Sun\Java\jre1.5.0_09\
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
publisher: Sun Microsystems, Inc.
contact: http://java.com (http://\"http://java.com\")
help link: http://java.com (http://\"http://java.com\")
readme: C:\Program Files\Java\jre1.5.0_09\README.txt

WebFldrs XP 9.50.7523 ({350C97B0-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154279267
version (major): 9
version (minor): 50
estimated size: 2484
install date: 20051226
install source: C:\WINDOWS\system32\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/windows (http://\"http://www.microsoft.com/windows\")

Norton SystemWorks 2003 6.0.0 ({43C3D832-AC96-463A-2003-1B8D1BFA252F})
version: 100663296
version (major): 6
install date: 20051226
install source: H:\
uninstall cmd: MsiExec.exe /I{43C3D832-AC96-463A-2003-1B8D1BFA252F}
publisher: Symantec Corporation

9.0.0 ({58DD5143-4417-4F43-A7DD-5B8B29CEDBEA})
version: 150994944
version (major): 9
estimated size: 65196
install date: 20051226
install source: H:\NAV\
uninstall cmd: MsiExec.exe /I{58DD5143-4417-4F43-A7DD-5B8B29CEDBEA}
publisher: Symantec Corporation

1.0.0 ({C8D79874-7F2B-4346-99F1-DAA8AABF9DCA})
version: 16777216
version (major): 1
estimated size: 458
install date: 20051226
install source: H:\Support\ShrdLcns\
uninstall cmd: MsiExec.exe /I{C8D79874-7F2B-4346-99F1-DAA8AABF9DCA}
publisher: Symantec Corp.

Symantec Network Drivers Update 5.5.1.6 ({CA0A1E54-CE0F-4366-B09C-A87B61DC5633})
version: 84213761
version (major): 5
version (minor): 5
estimated size: 2794
install date: 20051226
install source: C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\LIVEUP~1\DOWNLO~1\EXITEM~1.4_E\
publisher: Symantec Corporation

MSN Messenger 7.5 7.5.0324.0 ({CEB3A11A-03EA-11DA-BFBD-00065BBDC0B5})
version: 117768516
version (major): 7
version (minor): 5
estimated size: 15809
install date: 20060916
install source: C:\DOCUME~1\mshome\LOCALS~1\Temp\IXP000.TMP\
uninstall cmd: MsiExec.exe /I{CEB3A11A-03EA-11DA-BFBD-00065BBDC0B5}
publisher: Microsoft Corporation

--- System Services ---
Service (registry key): .NET CLR Data
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET CLR Networking
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NETFramework
Start: 0
Type: 0
Error Control: 0

Service (registry key): Abiosdsk
Start: 4
Type: 1
Error Control: 0

Service (registry key): abp480n5
Start: 4
Type: 1
Error Control: 1

Service (registry key): ac97intc
Display name: IntelÂ® 82801 Audio Driver Install Service (WDM)
Image path: system32\drivers\ac97intc.sys
Image size: 96256
Image MD5: 0F2D66D5F08EBE2F77BB904288DCF6F0
Start: 3
Type: 1
Error Control: 1

Service (registry key): ACPI
Display name: Microsoft ACPI Driver
Image path: system32\DRIVERS\ACPI.sys
Image size: 187776
Image MD5: A10C7534F7223F4A73A948967D00E69B
Start: 0
Type: 1
Error Control: 1

Service (registry key): ACPIEC
Start: 4
Type: 1
Error Control: 1

Service (registry key): adpu160m
Start: 4
Type: 1
Error Control: 1

Service (registry key): aec
Display name: Microsoft Kernel Acoustic Echo Canceller
Image path: system32\drivers\aec.sys
Image size: 142464
Image MD5: 1EE7B434BA961EF845DE136224C30FEC
Start: 3
Type: 1
Error Control: 1

Service (registry key): AFD
Display name: AFD
Description: AFD Networking Support Environment
Image path: \SystemRoot\System32\drivers\afd.sys
Start: 1
Type: 1
Error Control: 1

Service (registry key): agp440
Display name: Intel AGP Bus Filter
Image path: system32\DRIVERS\agp440.sys
Image size: 42368
Image MD5: 2C428FA0C3E3A01ED93C9B2A27D8D4BB
Start: 0
Type: 1
Error Control: 1

Service (registry key): Aha154x
Start: 4
Type: 1
Error Control: 1

Service (registry key): aic78u2
Start: 4
Type: 1
Error Control: 1

Service (registry key): aic78xx
Start: 4
Type: 1
Error Control: 1

Service (registry key): Alerter
Display name: Alerter
Description: Notifies selected users and computers of administrative alerts. If the service is stopped, programs that use administrative alerts will not receive them. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: 8F078AE4ED187AAABC0A305146DE6716
Start: 4
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation

Service (registry key): ALG
Display name: Application Layer Gateway Service
Description: Provides support for 3rd party protocol plug-ins for Internet Connection Sharing and the Windows Firewall.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\alg.exe
Image size: 44544
Image MD5: F1958FBF86D5C004CF19A5951A9514B7
Start: 3
Type: 16
Error Control: 1<

Title: slow comp
Post by: guestolo on October 07, 2006, 02:26:08 PM

Looks good, Spybot is finding nothing but tracking cookies related to Winantivirus

Ad-Aware and/or Spybot may have taken care of WildTangent in add/remove, don't worry about it

Can you do the following

Open Spybot 1.4
Click the "Immunize" button on the left>>>OK at the prompt>>Immunzine at the top green cross
Check Immunize after every Spybot update

Another free program to hold onto
*Install SpywareBlaster 3.5.1 by JavaCool (http://\"http://www.javacoolsoftware.com/spywareblaster.html\")

After installation
Click the UPDATES button on the left>>Then click "Check for Updates"

After updating click the PROTECTION button on the left
and click "Enable All Protection"
"Check for updates every couple of weeks"
after every update just simply click the "enable protection on all unprotected items"

If everything is running better
We must clear your infected system restore points

Turn off System Restore:
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

Restart your computer
Reverse the changes with System restore to ensure it's reenabled

Let me know how everything's running please
Is your AntiVirus software kept up to date and still able to update definitions?

Title: slow comp
Post by: Moe C on October 08, 2006, 08:28:57 AM

everything use to start up slow when i first open my comp but now it dosnt and it use to freeze but now it freezes only a little but runescape still wont load loads very very slowly before this problem ahppend i use to play runescape good but now no and my computer takes like 10 secs to open up it shows a little flashlight and a folder seaching then my computer opends up before this problem my computer use to open fast without loading.

Title: slow comp
Post by: guestolo on October 08, 2006, 11:01:39 AM

The last log looked good
It could be somthing else slowing the computer

But just in case, can you do the following for me

Download and save too desktop
F-Secure Blacklight(blbeta.exe) (http://\"https://europe.f-secure.com/exclude/blacklight/blbeta.exe\")

Double click to run blbeta.exe
* Accept the user agreement.
* Click Scan.
* After the scan finishes, click on Next, then Exit.
Do not rename any files if found by blacklight, I need to see the log

BlackLight will create a log on your desktop with the name "fsbl-xxxxxxx.log".

Also, Open the Runescape folder on your desktop and right click on Hijackthis.exe
RENAME it to emy.exe
Run a fresh scan scan save log file with emy.exe (Hijackthis) and post the fresh log please

Also, I asked earlier, is Norton's expired?
Are you still able to update it?

Title: slow comp
Post by: Moe C on October 08, 2006, 12:32:33 PM

heres a fresh hijackthis log:

Logfile of HijackThis v1.99.1
Scan saved at 19:27, on 06-10-08
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\COMMON~1\AOL\115783~1\EE\AOLHOS~1.EXE
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\PROGRA~1\COMMON~1\AOL\115783~1\EE\AOLServiceHost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSCNo.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Documents and Settings\mshome\Desktop\Runescape\emy.exe
C:\Program Files\Messenger\msmsgs.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1157832268\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CS3\Services\Tcpip\..\{3CBB55E7-1303-4237-AB62-6804124674DD}: NameServer = 213.131.66.138 213.131.66.246
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

and here the fsbl thing:

10/08/06 19:20:59 [Info]: BlackLight Engine 1.0.47 initialized
10/08/06 19:20:59 [Info]: OS: 5.1 build 2600 (Service Pack 2)
10/08/06 19:20:59 [Note]: 7019 4
10/08/06 19:20:59 [Note]: 7005 0
10/08/06 19:21:16 [Note]: 7006 0
10/08/06 19:21:16 [Note]: 7011 1660
10/08/06 19:21:18 [Note]: 7026 0
10/08/06 19:21:18 [Note]: 7026 0
10/08/06 19:21:30 [Note]: FSRAW library version 1.7.1020
10/08/06 19:25:27 [Note]: 7007 0

wat do u mean by norton update whatever you said?
why did u tell me to rename hijackthis to emy.exe?

just wondering

/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />

Title: slow comp
Post by: guestolo on October 08, 2006, 01:28:23 PM

Quote

wat do u mean by norton update whatever you said?
why did u tell me to rename hijackthis to emy.exe?

If Norton's is old and outdated and not able to update the virus definitions anymore
I have links to free AV's that can update
You ONLY want to run one Antivirus software however, so let me know if Norton's is kept up to date

I asked you to rename hijackthis because some malware can hide from the usual hijackthis.exe name
Renaming it can let us view these entries
Your log is clean however

/smile.gif\' class=\'bbc_emoticon\' alt=\':)\' />

But, let's disable some entries on startup, I'm sure this will help out the slowness on startup

Go to START>>>RUN>>>type in services.msc
Hit OK
In the next window, look on the right hand side for this service
name---- AVG Antispyware Guard

Double click on it
In the drop down menu, change the startup type to Disabled
Apply and OK it
You can close the Services(local) window

Next: AVG antispyware would of set an icon by the clock
Right click on this icon and left click
Start with Windows
to uncheck this selection

The Sun java updater is not that reliable, let's disable it on startup
Open the Windows Control Panel>>Open the Java icon
Under the Update tab
Uncheck "Check for Updates Automatically"
Select Never at the prompt
Apply and OK this
Exit Java and the control panel
You can manually check for updates
I like to use that link I provided earlier
When and if there is an update, download the installer
Uninstall the older update>>reboot and install the newest

Realplayers system tray does not need to be running on startup
You can stop this from happening by right-clicking on the tray icon and disabling StartCenter via Preferences

Finally, Can you open Spybot 1.4
once loaded>>Click on MODE at the top
Select ADVANCED MODE
Choose YES at the prompt
Click on SETTINGS at the bottom left of the next screen
Then click SETTINGS again in the top left column

On the Right hand side
Scroll down to the "System Start" under Automation
UNCHECK everything under System start
Leave only "No Automation" selected
Close Spybot

Reboot your computer

Post back and let me know how things are running

Title: slow comp
Post by: Moe C on October 08, 2006, 02:20:26 PM

dude so sorry to say this but my comp is gone :'( its broken stupid dumb comp its still the same btu got better but tunrescape wont load

/sad.gif\' class=\'bbc_emoticon\' alt=\':(\' /> i told my dad to get me a laptop is there any otehr way to fix this problem if there isnt then ill have to wait 1 month for my new laptop didnt play runescape for 4 months and going to 5 months now i fell down to 200000 something rank

/sad.gif\' class=\'bbc_emoticon\' alt=\':(\' /> so if there is any otehr way u could think of of fixing my comp tell me please. if there isnt i guess ill have to wait 1 month ill the antivirus update thing u toold me cause last time i cheaked it my comp blacked out

no, my antivirus thing isnt up-to- date i cant update it.

Title: slow comp
Post by: guestolo on October 08, 2006, 02:30:56 PM

I don't understand what your saying

Quote

dude so sorry to say this but my comp is gone

What do you mean it's gone

Did you do my last instructions?
Can you do the following, Norton's appears corrupt or way out of date
and may not be compatible with XP service pack 2

Access your add/remove programs
Select Norton SystemWorks 2003 and then Remove
You can also remove
LiveReg (Symantec Corporation)
and
Norton WMI Update

Ensure you reboot the computer after removal

Come back here and post a fresh hijackthis log, let me know if things improved

Did you delete any legitimate files from your computer earlier
I noticed mspaint.exe was missing, anything else you remember
Do you have your XP cd?

Title: slow comp
Post by: Moe C on October 09, 2006, 07:55:12 AM

i cant remove norton 2003 cause it says a program from norton is running and i keep clikcing ok after 20 seconds it comes again it says ur comp is at risk of the following areas
-virus protection turned off

i got to my security center and it wont turn virus protetion on do u know how to get rid of this message cause i need it to delte norton 2003

Title: slow comp
Post by: guestolo on October 09, 2006, 12:00:32 PM

Can you try the following

Use your Windows task manager and end process on any of the following
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSCNo.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe

Try removing Norton from add/remove again

If you still can't get that too run
Use Internet Explorer

Go to the following link
http://service1.symantec.com/SUPPORT/nsw.n...dtype=&seg= (http://\"http://service1.symantec.com/SUPPORT/nsw.nsf/0f75ab1a9982283d88256c250066dc94/08ef138ded0cce14c1256b36003bf60a?OpenDocument&prod=&ver=&pcode=&src=&miniver=&tpre=&prev=&dtype=&seg=\")

Follow steps 1 and 2
Reboot the computer after you have this done
Post a fresh hijackthis log to ensure it's gone, we must get you a new AV however once done

Title: slow comp
Post by: Moe C on October 09, 2006, 03:14:57 PM

what do u mena XP xds if you mean recovery disks no i dont have them ii do but cd #1 is broken 2 and 3 are working ok i did everything you said i think its getting better but still... ruenscape wont load

/sad.gif\' class=\'bbc_emoticon\' alt=\':(\' /> paint program was gone and calculator is gone dont know how but i dont think i need it but if u want tell me how to get it heres a fresh hijackthis log:

Logfile of HijackThis v1.99.1
Scan saved at 22:14, on 06-10-09
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\COMMON~1\AOL\115783~1\EE\AOLHOS~1.EXE
C:\PROGRA~1\COMMON~1\AOL\115783~1\EE\AOLServiceHost.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\mshome\Desktop\Runescape\emy.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1157832268\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{3CBB55E7-1303-4237-AB62-6804124674DD}: NameServer = 213.131.66.138 213.131.66.246
O17 - HKLM\System\CS2\Services\Tcpip\..\{3CBB55E7-1303-4237-AB62-6804124674DD}: NameServer = 213.131.66.138 213.131.66.246
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Title: slow comp
Post by: guestolo on October 11, 2006, 02:35:48 PM

Sorry for the delay, we should get a new Antivirus on your computer
If you need a free version, I highly recommend you download and install
Either
AVG 7 by Grisoft (http://\"http://free.grisoft.com/doc/2/lng/us/tpl/v5\")
OR
Avast Home Edition by ALWIL (http://\"http://www.avast.com/eng/down_home.html\")

After installation, ensure it is updated and run a full system scan
Let it fix whatever it finds
Reboot afterwards

Can you go to START>>RUN
type in exactly the following
sfc /scannow
Hit Ok

Let this scan finish or let me know what it prompts you
Does it ask for CD?
So you don't have the CD for XP?

come back here and post one more hijackthis log
What files do you figure you are missing?