[k-lee97]

hi all,
i had trouble with the pc running slow and unexplained changes in the taskbar set up amongst other things , anyway i sorted through the things to before posting a hijack this log and though it took more than 24 hours , i think it did some good , i do still have the problem of incredibly slow response from the pc in general i mean to load the geeks to go main page takes over a minute which is better than the 5 minutes it took before i guess even closing a ie page takes sometimes more than a minute after pressing x , i do have a suspicion of the norton internet security 2008 which i bought after i had all the problems , i know in 2006 norton had a bad name for being heavy but i was assured its better now ! maybe i am just being a sucker or maybe the problem is something else so just to make sure i will add a hijack this log , if any one in the know could take a look i would be very gratefull .thanks to the guys for the site .

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:26:00, on 21/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\dslagent.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\gsicon.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\dl-files-d\Star Wars Jedi Knight - Jedi Academy (2 Cds)\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [EPSON Stylus Photo R270 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBNP.EXE /FU "C:\WINDOWS\TEMP\E_SB3.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail....es/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1195985419839
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.su...ows-i586-jc.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn...ro.cab56649.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logme...trl.cab?lmi=100
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 7922 bytes
hope i posted this right ,

[Advertisements]

Hi there I can see nothing readilly apparent but to be on the safe side and to try and speed you up

Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 onlyDouble-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

THEN

Please download Deckard's System Scanner (DSS) and save it to your Desktop.

• Close all other windows before proceeding.
• Double-click on dss.exe and follow the prompts.
• When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.

[Essexboy]

Hi there I can see nothing readilly apparent but to be on the safe side and to try and speed you up

Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 onlyDouble-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

THEN

Please download Deckard's System Scanner (DSS) and save it to your Desktop.

• Close all other windows before proceeding.
• Double-click on dss.exe and follow the prompts.
• When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.

[k-lee97]

well the atf was fine but the dss printed only the main txt no extra ???? maybe i am doing something wrong .



Deckard's System Scanner v20071014.68
Run by kenny on 2008-01-26 16:20:01
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Total Physical Memory: 256 MiB (512 MiB recommended).


-- HijackThis (run as kenny.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:20:07, on 26/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\dslagent.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\gsicon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\kenny\Desktop\dss.exe
D:\PROGRA~1\TRENDM~1\HIJACK~1\kenny.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [EPSON Stylus Photo R270 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBNP.EXE /FU "C:\WINDOWS\TEMP\E_SB3.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.2.lnk.disabled
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail....es/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1195985419839
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.su...ows-i586-jc.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn...ro.cab56649.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logme...trl.cab?lmi=100
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--
End of file - 7806 bytes

-- Files created between 2007-12-26 and 2008-01-26 -----------------------------

2008-01-25 11:31:59 0 dr-h----- C:\Documents and Settings\kenny\Recent
2008-01-24 18:57:26 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-01-24 18:57:20 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-01-24 16:54:52 0 d-------- C:\Documents and Settings\anat\Application Data\OpenOffice.org2
2008-01-23 22:01:20 0 d-------- C:\WINDOWS\pss
2008-01-21 16:41:53 0 d-------- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2008-01-21 13:14:26 0 d-------- C:\Documents and Settings\Administrator\Application Data\Grisoft
2008-01-21 13:02:04 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-01-21 13:02:04 0 d-------- C:\Documents and Settings\Administrator\My Documents
2008-01-21 13:02:04 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-01-21 13:02:04 0 d-------- C:\Documents and Settings\Administrator\Favorites
2008-01-21 13:02:04 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-01-21 13:02:04 0 d--hs---- C:\Documents and Settings\Administrator\Cookies
2008-01-21 13:02:04 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-01-21 13:02:04 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-01-21 13:02:03 0 d--h----- C:\Documents and Settings\Administrator\Templates
2008-01-21 13:02:03 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2008-01-21 13:02:03 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-01-21 13:02:03 0 d--h----- C:\Documents and Settings\Administrator\Recent
2008-01-21 13:02:03 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2008-01-21 13:02:03 524288 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-01-20 18:51:13 8 --a------ C:\Documents and Settings\kenny\usb
2008-01-20 14:36:31 0 d-------- C:\Documents and Settings\kenny\Application Data\OpenOffice.org2
2008-01-19 16:42:39 0 d-------- C:\Documents and Settings\kian\Application Data\OpenOffice.org2
2008-01-19 16:37:37 0 d-------- C:\Program Files\OpenOffice.org 2.2
2008-01-10 20:28:57 0 d-------- C:\VundoFix Backups
2008-01-05 18:06:59 0 d-------- C:\Documents and Settings\anat\Application Data\DivX
2008-01-05 17:43:45 0 d-------- C:\Documents and Settings\anat\Application Data\vlc
2008-01-05 16:39:37 0 d-------- C:\Documents and Settings\anat\Application Data\Symantec
2008-01-05 16:39:36 0 d-------- C:\Documents and Settings\anat\Application Data\Grisoft
2008-01-01 06:58:21 0 d-------- C:\Documents and Settings\kian\Application Data\Symantec
2008-01-01 06:55:50 0 d-------- C:\Documents and Settings\kian\Application Data\Grisoft
2007-12-31 19:27:31 44928 --a------ C:\WINDOWS\system32\drivers\SDTHOOK.SYS <Not Verified; Panda Software; Panda® Antivirus>
2007-12-31 13:11:45 106496 --a------ C:\WINDOWS\system32\TwnLib20.dll <Not Verified; Pegasus Software; TWNLIB20>
2007-12-31 13:11:42 471040 -----n--- C:\WINDOWS\system32\ImagXRA7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7>
2007-12-31 13:11:41 262144 -----n--- C:\WINDOWS\system32\ImagXR7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7>
2007-12-31 13:11:41 1568768 -----n--- C:\WINDOWS\system32\ImagX7.dll <Not Verified; Pegasus Imaging Corp.; ImagXpress7>
2007-12-31 13:11:40 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe <Not Verified; Ahead Software Gmbh; Ahead Software Gmbh NeroCheck>
2007-12-31 13:11:36 0 d-------- C:\Program Files\Ahead
2007-12-30 20:57:12 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-12-30 12:38:33 0 d-------- C:\Documents and Settings\kenny\Application Data\Grisoft
2007-12-30 12:38:07 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-12-29 10:25:41 0 d-------- C:\Documents and Settings\kenny\Application Data\U3
2007-12-28 13:28:51 0 d-------- C:\WINDOWS\CSC
2007-12-27 16:10:31 0 d-------- C:\Documents and Settings\kenny\Application Data\Symantec
2007-12-27 16:07:08 0 d-------- C:\Program Files\Windows Sidebar
2007-12-27 16:05:27 0 d-------- C:\Program Files\Norton Internet Security
2007-12-27 16:03:09 0 d-------- C:\Program Files\Symantec
2007-12-27 16:03:09 0 d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2007-12-27 15:58:56 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-12-27 15:52:57 0 d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2007-12-27 09:38:40 9732 --ahs---- C:\WINDOWS\system32\prqss.ini2
2007-12-27 00:11:15 0 d-------- C:\Documents and Settings\kenny\.housecall6.6
2007-12-27 00:10:15 0 d-------- C:\WINDOWS\Sun
2007-12-27 00:10:15 0 d-------- C:\Documents and Settings\kenny\Application Data\Sun
2007-12-27 00:08:47 0 d-------- C:\Program Files\Java
2007-12-27 00:08:17 0 d-------- C:\Program Files\Common Files\Java
2007-12-26 16:22:40 0 d-------- C:\Documents and Settings\kenny\Application Data\Ahead
2007-12-26 16:20:53 0 d-------- C:\Documents and Settings\All Users\Application Data\Ahead


-- Find3M Report ---------------------------------------------------------------

2008-01-23 16:49:50 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-01-20 14:23:32 0 d-------- C:\Program Files\EPSON Print CD
2007-12-31 13:11:37 0 d-------- C:\Program Files\Common Files\Ahead
2007-12-31 09:42:15 0 d-------- C:\Documents and Settings\kenny\Application Data\Real
2007-12-27 16:06:44 0 d-------- C:\Program Files\Common Files
2007-12-27 15:47:09 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-12-27 10:10:53 0 d-------- C:\Program Files\QuickTime
2007-12-25 15:42:24 0 d-------- C:\Program Files\EA Sports
2007-12-25 09:56:28 43520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2007-12-25 08:43:07 0 d-------- C:\Program Files\Barbie™
2007-12-25 08:43:06 0 d-------- C:\Program Files\Common Files\Knowledge Adventure
2007-12-21 14:24:33 0 d-------- C:\Documents and Settings\kenny\Application Data\Help
2007-12-21 14:19:00 0 d-------- C:\Program Files\ArcSoft
2007-12-20 18:06:48 0 d-------- C:\Program Files\SureThing CD Labeler 5
2007-12-20 18:06:46 0 d-------- C:\Program Files\Common Files\SureThing Shared
2007-12-18 21:02:36 0 d-------- C:\Documents and Settings\kenny\Application Data\EPSON
2007-12-18 20:42:12 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-12-18 20:41:03 0 d-------- C:\Program Files\Common Files\InstallShield
2007-12-18 20:38:46 0 d-------- C:\Program Files\EPSON
2007-12-17 13:59:45 0 d-------- C:\Program Files\Canon
2007-12-05 14:59:33 0 d-------- C:\Documents and Settings\kenny\Application Data\Adobe
2007-12-04 20:17:17 0 d-------- C:\Program Files\Sega
2007-11-30 19:39:32 0 d-------- C:\Documents and Settings\kenny\Application Data\SUPERAntiSpyware.com
2007-11-30 12:28:08 0 d--hs---- C:\Documents and Settings\kenny\Application Data\.#
2007-11-30 09:53:21 0 d-------- C:\Program Files\OLYMPUS
2007-11-30 09:53:12 0 d-------- C:\Program Files\MSXML 4.0
2007-11-30 09:51:15 0 d-------- C:\Documents and Settings\kenny\Application Data\OLYMPUS
2007-11-30 08:54:26 0 d-------- C:\Program Files\PIXELA
2007-11-29 20:44:54 0 d-------- C:\Program Files\LucasArts
2007-11-29 12:51:29 0 d-------- C:\Program Files\Common Files\Adobe
2007-11-28 20:56:15 0 d-------- C:\Documents and Settings\kenny\Application Data\WinRAR
2007-11-28 18:47:49 0 d-------- C:\Documents and Settings\kenny\Application Data\Media Player Classic
2007-11-28 18:47:04 0 d-------- C:\Program Files\K-Lite Codec Pack
2007-11-28 18:46:15 0 d-------- C:\Program Files\Codec Pack - All In 1
2007-11-28 18:44:01 0 d-------- C:\Documents and Settings\kenny\Application Data\dvdcss
2007-11-28 18:43:51 0 d-------- C:\Documents and Settings\kenny\Application Data\vlc
2007-11-28 18:43:14 0 d-------- C:\Program Files\VideoLAN
2007-11-28 08:21:17 0 d-------- C:\Program Files\CCleaner
2007-11-27 21:45:54 0 d-------- C:\Program Files\Real
2007-11-27 21:45:10 0 d-------- C:\Program Files\MSN Messenger
2007-11-26 16:59:08 737280 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2007-11-26 16:43:41 0 d-------- C:\Program Files\Windows Media Connect 2
2007-11-24 20:44:02 0 -r-hs---- C:\MSDOS.SYS
2007-11-24 20:44:02 0 -r-hs---- C:\IO.SYS
2007-11-24 20:44:02 0 -----n--- C:\CONFIG.SYS
2007-11-24 20:44:02 0 -----n--- C:\AUTOEXEC.BAT
2007-11-24 20:40:55 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-11-24 18:33:39 62 ---hs---- C:\Documents and Settings\kenny\Application Data\desktop.ini


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
25/08/2007 03:51 316784 --a------ C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
27/12/2007 16:06 116088 --a------ C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"= C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [25/08/2007 03:51 316784]

[-HKEY_CLASSES_ROOT\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar.1]
[HKEY_CLASSES_ROOT\CoIEPlg.CoToolbar]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DSLAGENTEXE"="dslagent.exe" [15/01/2003 09:05 C:\WINDOWS\system32\dslagent.exe]
"SoundMan"="SOUNDMAN.EXE" [26/02/2004 16:53 C:\WINDOWS\SOUNDMAN.EXE]
"nwiz"="nwiz.exe" [29/09/2004 05:23 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [29/09/2004 05:23]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [25/08/2007 05:07]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" []
"GSICONEXE"="gsicon.exe" [08/01/2003 10:36 C:\WINDOWS\system32\gsicon.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [29/09/2004 05:23]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [11/06/2007 09:25]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus Photo R270 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBNP.exe" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [28/12/2007 08:51]

C:\Documents and Settings\kenny\Start Menu\Programs\Startup\
OpenOffice.org 2.2.lnk.disabled [20/01/2008 14:37:44]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [20/12/2006 13:55 77824]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"OM2_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor .exe" -NoStart
"OM_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"OM2_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
"OM_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe
"DAEMON Tools-1033"="D:\dl-files-d\Star Wars Jedi Knight - Jedi Academy (2 Cds)\daemon.exe" -lang 1033
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

*Newly Created Service* - COMHOST



-- End of Deckard's System Scanner: finished at 2008-01-26 16:20:39 ------------

thanks for the help.

[Essexboy]

Hmm I can only see one dodgy file - but that is inactive. Maybe you just need a wash and brush up. Lets try that first and see how we progress

Prefetch is clickable for more information

Click start then run, type prefetch then press enter, click edit then select all, (all files will highlight), right click any file, click delete, confirm

Click start then all programmes, accessories, system tools to run disc clean up

Reboot

Click start then all programmes, accessories, system tools to run defragmenter

Download, install and run Tune Up 2007 Trial

Run Tune Up disc clean up

Run Tune Up registry clean up

Then click Optimize and Improve to run Reg Defrag, the screen will lose colour during the process which can take a few minutes and then needs a reboot

Those will have cleared the drive of obsolete software errors

These are suggestions for making the most of the free trial

Click optimize and improve then system optimizer to optimize the computer, select computer with an internet connection from the drop down menu, this also requires a reboot

After the reboot, click optimize then system optimizer to accelerate downloads, select the speed just above your actual connection speed, this requires a reboot.

After the reboot, click optimize then system optimizer to run system advisor

Let me know how that goes, if there is no improvement I will look deeper

[k-lee97]

the tuneup is a nice little program , gone through most of the options there , it has made a difference , i dont know if you saw my last entry in the waiting room or if you came from the original entry but i tryed the kaspersky online scanner and it came up with " Infected: Email-Worm.Win32.VB.dn " now i have tryed to google this and only got a kaspersky page so i dont actually know if this is genuine or not as none of the other prog's i used found this inc norton int security 2008 , avg , spybot and superantispyware amongst others , what do you think ???

[Essexboy]

Reading up on this it is only recognised by two AV's and has no description. So I will get you to run the scan from the other that detects it to see if it is present

Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

• Doubleclick the drweb-cureit.exe file and Allow to run the express scan
• This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
• Once the short scan has finished, mark the drives that you want to scan.
• Select all drives. A red dot shows which drives have been chosen.
• Click the green arrow at the right, and the scan will start.
• Click 'Yes to all' if it asks if you want to cure/move the file.
• When the scan has finished, in the menu, click file and choose save report list
• Save the report to your desktop. The report will be called DrWeb.csv
• Close Dr.Web Cureit.

[k-lee97]

i deleted the winrar file that was the culprit , i then ran the anti v you suggested and it came up clean , i thought everything would be fine now but then again it came right on back to the slow load the slow response even the slow close of page's , ?????????? i am very happy and gratefull for your help but maybe i need to think of buying a new 256 ram card , dont even know if there is such a thing anymore , maybe that is the only solution ! anyway serious thanks for the help and advice .................

[Essexboy]

Total Physical Memory: 256 MiB (512 MiB recommended).

This may well be part of your problem


http://www.crucial.com/systemscanner/ if you go to that site they will scan your system and let you know what memory your computer can take, how much and the rough price

[Essexboy]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.