[VidenTheColdOne]

for quite some time my computer has been having some problems. It lags a bit after being on for long periods of time, and even though i have 2 gigs of memory, it is always giving me memory error messages, especially after gaming. I cant help but think there is a problem somewhere, but i have not been able to pin it down. Any help would be appreciated. I followed the instructions on scanning, but i still have problems.

So, here are all my logs. Thanks!

HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:15:01 PM, on 5/4/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\csrss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Windows Defender\MsMpEng.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
E:\Program Files\Alwil Software\Avast4\ashServ.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Comodo\Firewall\cmdagent.exe
E:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
E:\WINDOWS\system32\nvsvc32.exe
D:\Programs\PrfldSvc.exe
E:\Program Files\Spyware Doctor\pctsAuxs.exe
E:\Program Files\Spyware Doctor\pctsSvc.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
E:\Program Files\Spyware Doctor\pctsTray.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\wdfmgr.exe
E:\Program Files\Viewpoint\Common\ViewpointService.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\713xRMTMon.exe
E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
E:\Program Files\Ideazon\ZEngine\Zboard.exe
E:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\Program Files\Saitek\Software\SaiSmart.exe
E:\Program Files\Saitek\Software\SaiMfd.exe
E:\WINDOWS\RTHDCPL.EXE
E:\Program Files\Saitek\Software\Profiler.exe
E:\Program Files\Microsoft IntelliPoint\ipoint.exe
E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABA.EXE
E:\WINDOWS\system32\BtUsrBdg.exe
E:\WINDOWS\system32\BTSetBootKey.exe
e:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
E:\WINDOWS\System32\alg.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe
E:\progra~1\valve\steam\steam.exe
E:\PROGRA~1\Mozilla Firefox\firefox.exe
E:\WINDOWS\system32\wscntfy.exe
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe
E:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.c...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - E:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - E:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [TV Card Remote Control Device Monitor] E:\WINDOWS\713xRMTMon.exe
O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Zboard] E:\Program Files\Ideazon\ZEngine\Zboard.exe
O4 - HKLM\..\Run: [Windows Defender] "E:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SaiSmart] E:\Program Files\Saitek\Software\SaiSmart.exe
O4 - HKLM\..\Run: [SaiMfd] E:\Program Files\Saitek\Software\SaiMfd.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Profiler] E:\Program Files\Saitek\Software\Profiler.exe
O4 - HKLM\..\Run: [PHIME2002ASync] E:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] E:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ISTray] "E:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [IntelliPoint] "e:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "E:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [EPSON Stylus C88 Series] E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABA.EXE /P23 "EPSON Stylus C88 Series" /O5 "LPT1:" /M "Stylus C88"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "E:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [BTUSRBDG] BtUsrBdg.exe
O4 - HKLM\..\Run: [BTSETBOOTKEY] BTSetBootKey.exe
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "E:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Ad-Watch] E:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "e:\progra~1\valve\steam\steam.exe" -silent
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - E:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - E:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - E:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - E:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://game1.pogo.com
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcaf...01/mcinsctl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1206990587437
O16 - DPF: {68BCE50A-DC9B-4519-A118-6FDA19DB450D} (Info Class) - http://www.blizzard....des/cabs/si.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcaf...,26/mcgdmgr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{FCCC5573-1720-4710-BE2C-FE210F2EE059}: NameServer = 208.67.222.222,208.67.220.220
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - E:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - E:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Private Folder Service (prfldsvc) - Unknown owner - D:\Programs\PrfldSvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - E:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - E:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - E:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 10020 bytes


Active Scan:

;*******************************************************************************
*********************************************************************************
*******************
ANALYSIS: 2008-05-04 22:12:58
PROTECTIONS: 2
MALWARE: 4
SUSPECTS: 0
;*******************************************************************************
*********************************************************************************
*******************
PROTECTIONS
Description Version Active Updated
;===============================================================================
=================================================================================
===================
Bitdefender Antivirus 8.0 No Yes
avast! antivirus 4.8.1169 [VPS 080504-0] 4.8.1169 No Yes
;===============================================================================
=================================================================================
===================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===============================================================================
=================================================================================
===================
00148914 Cookie/Tucows TrackingCookie No 0 Yes No E:\Documents and Settings\Viden\Application Data\Mozilla\Firefox\Profiles\1umvvheq.default\cookies.txt[.tucows.com/]
00148914 Cookie/Tucows TrackingCookie No 0 Yes No E:\Documents and Settings\Viden\Application Data\Mozilla\Firefox\Profiles\1umvvheq.default\cookies.txt[.tucows.com/]
00255579 Adware/IST.ISTBar Adware No 1 Yes No E:\Program Files\Common Files\Totem Shared\Update\WindowsEx.dll.041
01017023 Generic Malware Virus/Trojan No 0 No No D:\Programs\WinAce.Archiver.v2.61.Incl.Keygen\Keygen-TSZ\keygen.rar[Keygen.exe]
02916438 Application/FamilyKeylogger.B HackTools No 0 Yes No E:\WINDOWS\system32\svcl32\svcl32.dll
;===============================================================================
=================================================================================
===================
SUSPECTS
Sent Location T
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================
VULNERABILITIES
Id Severity Description T
;===============================================================================
=================================================================================
===================
;===============================================================================
=================================================================================
===================

Malwarebytes:

Malwarebytes' Anti-Malware 1.11
Database version: 716

Scan type: Quick Scan
Objects scanned: 38703
Time elapsed: 12 minute(s), 11 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\Software\The Weather Channel (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Weather Services (Adware.Hotbar) -> No action taken.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\DW4 (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\wxfw.dll (Adware.Hotbar) -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
E:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe (Adware.Hotbar) -> No action taken.

[Advertisements]

http://www.geekstogo...ks-t197094.html

It was posted May 4th, 2008.

I am having some problems with my computer being slow. It seems to be leaking memory somewhere, but i cannot figure it out. It could have an infection, i followed the steps to remove infections, but i feel like there is still something wrong. Im constantly getting "Out of virtual memory" Notifications when i have 2 gb of DDR2 RAM, which should be more than enough. I posted my Hijack This logs, among other things, and it would be great if someone could go over them, or if anybody has any idea why i keep running low on memory. Also, if you know of any programs i can turn off that are running in the background. If any other information is required i will be more than happy to post anything needed. My system specs can be located on my profile page. Thanks.

[VidenTheColdOne]

http://www.geekstogo...ks-t197094.html

It was posted May 4th, 2008.

I am having some problems with my computer being slow. It seems to be leaking memory somewhere, but i cannot figure it out. It could have an infection, i followed the steps to remove infections, but i feel like there is still something wrong. Im constantly getting "Out of virtual memory" Notifications when i have 2 gb of DDR2 RAM, which should be more than enough. I posted my Hijack This logs, among other things, and it would be great if someone could go over them, or if anybody has any idea why i keep running low on memory. Also, if you know of any programs i can turn off that are running in the background. If any other information is required i will be more than happy to post anything needed. My system specs can be located on my profile page. Thanks.

[JSntgRvr]

Hi, VidenTheColdOne

Welcome.

I have merge your topics. Lets take a deeper look:

Download Deckard's System Scanner (DSS) from here or here to your Desktop. Note: You must be logged onto an account with administrator privileges.

• Close all applications and windows.
• Double-click on dss.exe to run it, and follow the prompts.
• When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
• Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of both, the main.txt and the extra.txt in your next reply.

If the files are too long, attach them to a reply:

• Scroll down to [Manage Attachments]
• Browse to the following folder:
  
  • C:\Deckard\System Scanner
• Click Upload to upload these files one by one
• Submit your reply

[VidenTheColdOne]

Ok, i have done as you asked. I'm going to post them in attachments as they are rather large (i have a lot of files) Thank you so much for your help.

Attached Files

•  main.txt   28.65KB   143 downloads
•  extra.txt   24.6KB   128 downloads

[JSntgRvr]

Hi, VidenTheColdOne

How long have you experienced this issue? I see no signs of malware.

Jotti File Submission:

• Please go to Jotti's malware scan
  
• Copy and paste the following file path into the "File to upload & scan"box on the top of the page:
  
  
  • E:\windows\system32\drivers\pcibus.sys
• Click on the submit button
  
• Please post the results in your next reply.

[VidenTheColdOne]

I have been having problems prolly since a bit after i built the computer. I had 1 gig, so i thought buying another would fix the problem, but it didn't.

File: pcibus.sys
Status: OK
(Note: file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5: d6829acfa6315db9a963d3ede2bcbcff
Packers detected: -Bit9
reports:
Scan taken on 08 May 2008 01:04:33 (GMT)
A-Squared Found nothing
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Fortinet Found nothing
Ikarus Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Sophos Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found nothing

Edited by JSntgRvr, 07 May 2008 - 08:04 PM.

[VidenTheColdOne]

sorry bout the HTML tags, don't know why that happened. If you find it easier to talk on a chat client just let me know. It's difficult to pinpoint my problems, but i know there is something wrong.

[JSntgRvr]

Hi, VidenTheColdOne

Since the issue doesn't seem to be malware related, posting in our tech forums will be your best way to go. Here is the link:

http://www.geekstogo...php?a...&s=&f=5