now the situation worsened..
I can't log onto normal mode because it takes too long to get through. More than half an hour would go by, and it still wouldnt go through since CPU usage has been at 100% the entire time. I cant go on "safemode with networking" cause it does the samething. The only thing that does work is safemode without networking. I'm on my second computer right now. And I'm sending the log using a floppy disk.
here's what I done:
I've been using several adaware programs. Ad-aware, pestpatrol, spybot search and destroy, microsoft anti-spyware, and spy doctor. I did it before the situation worsened, and after. I also defragmented my computer and erased unneeded files.
before the log, i also closed the 5 running rundll32.exe i dont know if that changes anything in the log.
this is in safemode:
Logfile of HijackThis v1.99.1
Scan saved at 10:36:57 PM, on 7/24/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Owner\Desktop\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKCU\..\Run: [Utopia Angel] "C:\Utopia\Angel\Angel.exe"
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar3.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar3.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .xml: C:\Program Files\Netscape\Netscape Browser\PLUGINS\npTrident.dll
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O16 - DPF: {68459DB3-59C9-449D-815B-65F729385C16} (VoiceSecure Control) - http://www.voice4web.com/vs.cab
O20 - Winlogon Notify: Dynamic Directory - C:\WINDOWS\system32\ejentprf.dll
O20 - Winlogon Notify: MediaContentIndex - C:\WINDOWS\system32\kcrberos(3).dll
O20 - Winlogon Notify: RunOnce - C:\WINDOWS\system32\IEIresizeW7.dll
O20 - Winlogon Notify: RunOnceEx - C:\WINDOWS\system32\kcrberos(3).dll
O20 - Winlogon Notify: RunServicesOnce - C:\WINDOWS\system32\azmfd.dll
O20 - Winlogon Notify: Shell Extensions - C:\WINDOWS\system32\ejentprf.dll
O20 - Winlogon Notify: ShellCompatibility - C:\WINDOWS\system32\azmfd.dll
O20 - Winlogon Notify: ShellScrap - C:\WINDOWS\system32\kcrberos(3).dll
O20 - Winlogon Notify: ShellServiceObjectDelayLoad - C:\WINDOWS\system32\azmfd.dll
O20 - Winlogon Notify: SideBySide - C:\WINDOWS\system32\kcrberos(3).dll
O20 - Winlogon Notify: StillImage - C:\WINDOWS\system32\ejentprf.dll
O20 - Winlogon Notify: Syncmgr - C:\WINDOWS\system32\IEIresizeW7.dll
O20 - Winlogon Notify: Telephony - C:\WINDOWS\system32\kcrberos(3).dll
O20 - Winlogon Notify: ThemeManager - C:\WINDOWS\system32\IEIresizeW7.dll
O20 - Winlogon Notify: Themes - C:\WINDOWS\system32\IEIresizeW7.dll
O20 - Winlogon Notify: Uninstall - C:\WINDOWS\system32\IEIresizeW7.dll
O20 - Winlogon Notify: URL - C:\WINDOWS\system32\kcrberos(3).dll
O20 - Winlogon Notify: WebCheck - C:\WINDOWS\system32\kcrberos(3).dll
O20 - Winlogon Notify: WindowsUpdate - C:\WINDOWS\system32\azmfd.dll
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\UB-VPN\cvpnd.exe
Edited by kingocto, 24 July 2005 - 08:59 PM.