Computer is running slow - Hijackthis log attached

Discussion in 'Computer Support' started by Neal2222@gmail.com, Jul 2, 2006.

  1. Guest

    Norton Antivirus will not "Live Update" so I loaded AVG. I ran it and
    it says "no virus found". I have run Adaware and Spynot and Ace
    Utilities Registry Cleaner. Computer is still slow. It is a P4 with 1
    GB RAM. Dell 4600. My Hijackthis log is below. Any help would be
    apprecuated.

    Logfile of HijackThis v1.99.1
    Scan saved at 4:25:34 AM, on 7/2/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\NILaunch.exe
    C:\Program Files\Audio Deck\EnMixCPL.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Pure Networks\Network Magic\nmapp.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\NETGEAR\WG111T Configuration Utility\wlan111t.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\HIJACKTHIS\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    http://www.dell.com
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
    Settings,ProxyOverride = localhost
    O2 - BHO: Adobe PDF Reader Link Helper -
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat
    7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Google Toolbar Helper -
    {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program
    files\google\googletoolbar1.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
    c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [Net-It Launcher] C:\WINDOWS\system32\NILaunch.exe
    O4 - HKLM\..\Run: [EnvyHFCPL] C:\Program Files\Audio Deck\EnMixCPL.exe
    1
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
    C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE
    C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network
    Magic\nmapp.exe" -autorun -nosplash
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    /STARTUP
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft
    IntelliPoint\ipoint.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT
    Corporation\BlueSoleil\BlueSoleil.exe
    O4 - Global Startup: NETGEAR WG111T Smart Wizard.lnk = C:\Program
    Files\NETGEAR\WG111T Configuration Utility\wlan111t.exe
    O8 - Extra context menu item: &Google Search - res://c:\program
    files\google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word -
    res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://c:\program
    files\google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page -
    res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: E&xport to Microsoft Excel -
    res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Similar Pages - res://c:\program
    files\google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English -
    res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
    C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console -
    {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
    Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
    C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Web Entry - {B4E30F61-16D9-11D3-85D1-005004229569} -
    C:\lotus\org6\organize\bandobjs.dll (file missing)
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
    (no file)
    O9 - Extra button: MUSICMATCH MX Web Player -
    {d81ca86b-ef63-42af-bee3-4502d9a03c2d} -
    http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
    O12 - Plugin for .spop: C:\Program Files\Internet
    Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft
    SmartIssue) -
    https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
    O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script
    Runner Class) -
    https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
    Advantage Validation Tool) -
    http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) -
    https://www-secure.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
    O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo
    Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
    O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue)
    - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
    O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script
    Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class)
    -
    http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121190730000
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)
    -
    http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1150765419390
    O16 - DPF: {963BE66B-121D-4E6C-BF9F-1A774D9A2E41} -
    http://moneycentral.msn.com/cabs/pmupdate2.exe
    O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo
    Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
    O16 - DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} -
    http://www.trueswitch.com/sbc/TrueInstallSBC.exe
    O18 - Protocol: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} -
    C:\Program Files\Common Files\Pure Networks Shared\puresp.dll
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. -
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. -
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. -
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program
    Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
    Corporation - C:\Program Files\Common
    Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation -
    C:\Program Files\Intel\NCS\Sync\NetSvc.exe
    O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure
    Networks, Inc. - C:\Program Files\Pure Networks\Network
    Magic\nmsrvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
    Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Rio MSC Manager (RioMSC) - Digital Networks North
    America, Inc. - C:\WINDOWS\system32\RioMSC.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation -
    C:\Program Files\Common Files\Symantec Shared\Security
    Center\SymWSC.exe
    , Jul 2, 2006
    #1
    1. Advertising

  2. wrote:
    > Norton Antivirus will not "Live Update" so I loaded AVG. I ran it and
    > it says "no virus found". I have run Adaware and Spynot and Ace
    > Utilities Registry Cleaner. Computer is still slow. It is a P4 with 1
    > GB RAM. Dell 4600. My Hijackthis log is below. Any help would be
    > apprecuated.
    >
    > Logfile of HijackThis v1.99.1
    > Scan saved at 4:25:34 AM, on 7/2/2006
    > Platform: Windows XP SP2 (WinNT 5.01.2600)
    > MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    >
    > Running processes:
    > C:\WINDOWS\System32\smss.exe
    > C:\WINDOWS\system32\winlogon.exe
    > C:\WINDOWS\system32\services.exe
    > C:\WINDOWS\system32\lsass.exe
    > C:\WINDOWS\system32\svchost.exe
    > C:\WINDOWS\System32\svchost.exe
    > C:\WINDOWS\system32\spoolsv.exe
    > C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    > C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    > C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    > C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    > C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    > C:\WINDOWS\system32\nvsvc32.exe
    > C:\WINDOWS\system32\MsPMSPSv.exe
    > C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
    > C:\WINDOWS\Explorer.EXE
    > C:\WINDOWS\system32\NILaunch.exe
    > C:\Program Files\Audio Deck\EnMixCPL.exe
    > C:\WINDOWS\system32\RUNDLL32.EXE
    > C:\Program Files\Pure Networks\Network Magic\nmapp.exe
    > C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    > C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    > C:\WINDOWS\system32\ctfmon.exe
    > C:\Program Files\NETGEAR\WG111T Configuration Utility\wlan111t.exe
    > C:\WINDOWS\System32\svchost.exe
    > C:\WINDOWS\system32\taskmgr.exe
    > C:\Program Files\Internet Explorer\iexplore.exe
    > C:\HIJACKTHIS\HijackThis.exe
    >
    > R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    > http://www.dell.com
    > R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
    > Settings,ProxyOverride = localhost
    > O2 - BHO: Adobe PDF Reader Link Helper -
    > {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat
    > 7.0\ActiveX\AcroIEHelper.dll
    > O2 - BHO: Google Toolbar Helper -
    > {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program
    > files\google\googletoolbar1.dll
    > O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
    > c:\program files\google\googletoolbar1.dll
    > O4 - HKLM\..\Run: [Net-It Launcher] C:\WINDOWS\system32\NILaunch.exe
    > O4 - HKLM\..\Run: [EnvyHFCPL] C:\Program Files\Audio Deck\EnMixCPL.exe
    > 1
    > O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
    > C:\WINDOWS\system32\NvCpl.dll,NvStartup
    > O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    > O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE
    > C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    > O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network
    > Magic\nmapp.exe" -autorun -nosplash
    > O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    > /STARTUP
    > O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft
    > IntelliPoint\ipoint.exe"
    > O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    > O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT
    > Corporation\BlueSoleil\BlueSoleil.exe
    > O4 - Global Startup: NETGEAR WG111T Smart Wizard.lnk = C:\Program
    > Files\NETGEAR\WG111T Configuration Utility\wlan111t.exe
    > O8 - Extra context menu item: &Google Search - res://c:\program
    > files\google\GoogleToolbar1.dll/cmsearch.html
    > O8 - Extra context menu item: &Translate English Word -
    > res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
    > O8 - Extra context menu item: Backward Links - res://c:\program
    > files\google\GoogleToolbar1.dll/cmbacklinks.html
    > O8 - Extra context menu item: Cached Snapshot of Page -
    > res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
    > O8 - Extra context menu item: E&xport to Microsoft Excel -
    > res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    > O8 - Extra context menu item: Similar Pages - res://c:\program
    > files\google\GoogleToolbar1.dll/cmsimilar.html
    > O8 - Extra context menu item: Translate Page into English -
    > res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
    > O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
    > C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    > O9 - Extra 'Tools' menuitem: Sun Java Console -
    > {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
    > Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    > O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
    > C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    > O9 - Extra button: Web Entry - {B4E30F61-16D9-11D3-85D1-005004229569} -
    > C:\lotus\org6\organize\bandobjs.dll (file missing)
    > O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
    > (no file)
    > O9 - Extra button: MUSICMATCH MX Web Player -
    > {d81ca86b-ef63-42af-bee3-4502d9a03c2d} -
    > http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
    > O12 - Plugin for .spop: C:\Program Files\Internet
    > Explorer\Plugins\NPDocBox.dll
    > O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft
    > SmartIssue) -
    > https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
    > O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script
    > Runner Class) -
    > https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
    > O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
    > Advantage Validation Tool) -
    > http://go.microsoft.com/fwlink/?linkid=39204
    > O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) -
    > https://www-secure.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
    > O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo
    > Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
    > O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue)
    > - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
    > O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script
    > Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
    > O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class)
    > -
    > http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121190730000
    > O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class)
    > -
    > http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1150765419390
    > O16 - DPF: {963BE66B-121D-4E6C-BF9F-1A774D9A2E41} -
    > http://moneycentral.msn.com/cabs/pmupdate2.exe
    > O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo
    > Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
    > O16 - DPF: {FFFFFFFF-CACE-BABE-BABE-00AA0055595A} -
    > http://www.trueswitch.com/sbc/TrueInstallSBC.exe
    > O18 - Protocol: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} -
    > C:\Program Files\Common Files\Pure Networks Shared\puresp.dll
    > O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    > O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    > O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. -
    > C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    > O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. -
    > C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    > O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. -
    > C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    > O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program
    > Files\IVT Corporation\BlueSoleil\BTNtService.exe
    > O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
    > Corporation - C:\Program Files\Common
    > Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    > O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation -
    > C:\Program Files\Intel\NCS\Sync\NetSvc.exe
    > O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure
    > Networks, Inc. - C:\Program Files\Pure Networks\Network
    > Magic\nmsrvc.exe
    > O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
    > Corporation - C:\WINDOWS\system32\nvsvc32.exe
    > O23 - Service: Rio MSC Manager (RioMSC) - Digital Networks North
    > America, Inc. - C:\WINDOWS\system32\RioMSC.exe
    > O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation -
    > C:\Program Files\Common Files\Symantec Shared\Security
    > Center\SymWSC.exe
    >

    Why is it that Hijackthis log files when posted are like twenty times
    longer than my HJT logfile? It's a given, "Help me analize this" and the
    log file is longer than Tutankama's history.
    =?ISO-8859-1?Q?R=F4g=EAr?=, Jul 2, 2006
    #2
    1. Advertising

  3. pcbutts1 Guest

    <> wrote in message
    <>...

    > Norton Antivirus will not "Live Update" so I loaded AVG. I ran it and
    > it says "no virus found". I have run Adaware and Spynot and Ace
    > Utilities Registry Cleaner. Computer is still slow. It is a P4 with 1
    > GB RAM. Dell 4600. My Hijackthis log is below. Any help would be
    > apprecuated.


    Remove the following malware:

    > https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsi.cab O16 -
    > DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner
    > Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
    > O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
    > Advantage Validation Tool) -
    > https://www-secure.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab O16 -
    > DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) -
    > http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab O16 - DPF:
    > {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) -
    > http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab O16 - DPF:
    > {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class)
    > - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab O16 - DPF:
    > {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class)


    > https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab O16 -


    > O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation -
    > C:\Program Files\Common Files\Symantec Shared\Security
    > Center\SymWSC.exe
    pcbutts1, Jul 2, 2006
    #3
  4. pcbutts1 wrote:
    > <> wrote in message
    > <>...
    >
    >
    >>Norton Antivirus will not "Live Update" so I loaded AVG. I ran it and
    >>it says "no virus found". I have run Adaware and Spynot and Ace
    >>Utilities Registry Cleaner. Computer is still slow. It is a P4 with 1
    >>GB RAM. Dell 4600. My Hijackthis log is below. Any help would be
    >>apprecuated.

    >
    >
    > Remove the following malware:
    >
    >
    >>https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsi.cab O16 -
    >>DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner
    >>Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
    >>O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
    >>Advantage Validation Tool) -
    >>https://www-secure.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab O16 -
    >>DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) -
    >>http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab O16 - DPF:
    >>{44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) -
    >>http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab O16 - DPF:
    >>{44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class)
    >>- http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab O16 - DPF:
    >>{6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class)

    >
    >
    >>https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab O16 -

    >
    >
    >>O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation -
    >>C:\Program Files\Common Files\Symantec Shared\Security
    >>Center\SymWSC.exe


    Actually, I couldn't agree more. I consider anything "Symantec" to be
    malware. It can royally screw up a wet dream. But maybe you should
    preface the advice with "you need to get rid of that Norton shit on your
    computer".
    =?ISO-8859-1?Q?R=F4g=EAr?=, Jul 2, 2006
    #4
  5. Noel Paton Guest

    <> wrote in message
    news:...
    > Norton Antivirus will not "Live Update" so I loaded AVG. I ran it and
    > it says "no virus found". I have run Adaware and Spynot and Ace
    > Utilities Registry Cleaner. Computer is still slow. It is a P4 with 1
    > GB RAM. Dell 4600. My Hijackthis log is below. Any help would be
    > apprecuated.
    >
    > Logfile of HijackThis v1.99.1
    > Scan saved at 4:25:34 AM, on 7/2/2006
    > Platform: Windows XP SP2 (WinNT 5.01.2600)
    > MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    >


    This is NOT the right place to post HJY logs - there are dedicated forums
    with trained helpers for that purpose!!!

    Checking for/Help with Hijackware
    http://aumha.org/a/parasite.htm
    http://aumha.org/a/quickfix.htm
    http://aumha.net/viewtopic.php?t=5878
    http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction
    http://mvps.org/winhelp2002/unwanted.htm
    http://inetexplorer.mvps.org/data/prevention.htm
    http://inetexplorer.mvps.org/tshoot.html
    http://www.mvps.org/sramesh2k/Malware_Defence.htm
    http://defendingyourmachine.blogspot.com/
    http://www.elephantboycomputers.com/page2.html#Removing_Malware

    When all else fails, HijackThis v1.99.1
    (http://aumha.org/downloads/hijackthis.zip) is the preferred tool to use.
    It will help you to both identify and remove any hijackware/spyware.
    **Post your log to http://aumha.net/viewforum.php?f=30,
    http://castlecops.com/forum67.html,
    http://forums.subratam.org/index.php?showforum=7, or other appropriate
    forums for expert analysis, not here.**

    Having said that, it's obvious that you are not very diligent with updates -
    you are running a vulnerable version of Sun Java (v1.5.0.2 -- the latest is
    1.5.0.7). You need to UNINSTALL all old versions of Java before installing
    the current one - or your system may still be vulnerable to certain
    exploits.

    WRT Norton - you need to uninstall it complatetly - which requirs more than
    just using Add/Remove Programs...
    http://basconotw.mvps.org/SymRem.htm


    HTH
    --
    Noel Paton (MS-MVP 2002-2006, Windows)

    Nil Carborundum Illegitemi
    http://www.crashfixpc.com/millsrpch.htm

    http://tinyurl.com/6oztj

    Please read http://dts-l.org/goodpost.htm on how to post messages to NG's
    Noel Paton, Jul 2, 2006
    #5
  6. pcbutts1 Guest

    =?ISO-8859-1?Q?R=F4g=EAr?= <> wrote in message
    <>...

    > pcbutts1 wrote:
    >> <> wrote in message
    >> <>...
    >>
    >>
    >>> Norton Antivirus will not "Live Update" so I loaded AVG. I ran it
    >>> and it says "no virus found". I have run Adaware and Spynot and Ace
    >>> Utilities Registry Cleaner. Computer is still slow. It is a P4 with
    >>> 1 GB RAM. Dell 4600. My Hijackthis log is below. Any help would be
    >>> apprecuated.

    >>
    >>
    >> Remove the following malware:
    >>
    >>

    > https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsi.cab O16 -
    > DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner
    > Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
    > O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
    > Advantage Validation Tool) -
    > https://www-secure.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab O16 -
    > DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) -
    > http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab O16 - DPF:
    > {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) -
    > http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab O16 - DPF:
    > {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class)
    > - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab O16 - DPF:
    > {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class)
    >>
    >>
    >>> https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab O16 -

    >>
    >>
    >>> O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation -
    >>> C:\Program Files\Common Files\Symantec Shared\Security
    >>> Center\SymWSC.exe

    >
    > Actually, I couldn't agree more. I consider anything "Symantec" to be
    > malware. It can royally screw up a wet dream. But maybe you should
    > preface the advice with "you need to get rid of that Norton shit on
    > your computer".


    **** off, wodger, you duff ****.
    pcbutts1, Jul 2, 2006
    #6
  7. pcbutts1 Guest

    First ignore the other pcbutts1 who replied to this thread it is a troll
    giving you bad advice. Second ignore the post by Noel Paton he is a fake MS
    MVP who is also giving out bad advice. HJT logs are acceptable in this
    group. The only things I see in your log that should be fixed are the 2
    lines below but that will do nothing about your Norton or slowness issue.
    Have HJT fix the lines below then download Crap Cleaner from here
    http://www.pcbutts1.com/downloads/ccsetup130.exe run it using the default
    setting. When done go here and update your version of Java
    http://www.java.com . Dump Norton and just use AVG.

    O9 - Extra button: Web Entry - {B4E30F61-16D9-11D3-85D1-005004229569} -
    C:\lotus\org6\organize\bandobjs.dll (file missing)
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
    (no file)


    --


    The best live web video on the internet http://www.seedsv.com/webdemo.htm
    NEW Embedded system W/Linux. We now sell DVR cards.
    See it all at http://www.seedsv.com/products.htm
    Sharpvision simply the best http://www.seedsv.com



    <> wrote in message
    news:...
    > Norton Antivirus will not "Live Update" so I loaded AVG. I ran it and
    > it says "no virus found". I have run Adaware and Spynot and Ace
    > Utilities Registry Cleaner. Computer is still slow. It is a P4 with 1
    > GB RAM. Dell 4600. My Hijackthis log is below. Any help would be
    > apprecuated.
    >
    > Logfile of HijackThis v1.99.1
    > Scan saved at 4:25:34 AM, on 7/2/2006
    > Platform: Windows XP SP2 (WinNT 5.01.2600)
    > MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    >
    pcbutts1, Jul 2, 2006
    #7
  8. pcbutts1 wrote:

    > **** off, wodger, you duff ****.


    Mommy, is that you?
    =?ISO-8859-1?Q?R=F4g=EAr?=, Jul 2, 2006
    #8
  9. Rhonda Lea Kirk wrote:

    > when you wake up, Noel, you might want to consider that KMan has a
    > legitimate point.
    >
    > When you chastise people who know no better, you send them straight into
    > the loving arms of pcbutthead.
    >
    > It's posts like yours that do his foul work for him.


    That fucking chicken never had a legitimate point to make in his life.
    And since you seem to like to cozy up to such shit, you are now in my
    Bozo bin. Have a nice life, bitch.
    =?ISO-8859-1?Q?R=F4g=EAr?=, Jul 2, 2006
    #9
  10. Top Guest

    Rôgêr laid this down on his screen :
    > pcbutts1 wrote:


    >> **** off, wodger, you duff ****.


    > Mommy, is that you?


    No, that is your brother, or least she used to your brother. She
    is your sister.

    Dad

    --
    Never mind that Man behind the curtin
    Top, Jul 2, 2006
    #10
  11. Top Guest

    Noel Paton formulated the question :
    >
    >>


    > This is NOT the right place to post HJY logs - there are
    > dedicated forums with trained helpers for that purpose!!!


    Why is not the right place? It's been done for a long time.

    Top

    --
    Never mind that Man behind the curtin
    Top, Jul 2, 2006
    #11
  12. Noel Paton Guest

    "Top" <> wrote in message
    news:...
    > Noel Paton formulated the question :
    >>
    >>>

    >
    >> This is NOT the right place to post HJY logs - there are
    >> dedicated forums with trained helpers for that purpose!!!

    >
    > Why is not the right place? It's been done for a long time.
    >



    Only at the instigation of idiots like pcbutts1

    --
    Noel Paton (MS-MVP 2002-2006, Windows)

    Nil Carborundum Illegitemi
    http://www.crashfixpc.com/millsrpch.htm

    http://tinyurl.com/6oztj

    Please read http://dts-l.org/goodpost.htm on how to post messages to NG's
    Noel Paton, Jul 2, 2006
    #12
  13. Leythos Guest

    In article <>, pcbutts1
    @seedsv.com says...
    > The only things I see in your log that should be fixed are the 2
    > lines below but that will do nothing about your Norton or slowness issue.
    > Have HJT fix the lines below then download Crap Cleaner from here


    Only download software you can validate as uncompromised - in the case
    of non-vendor site you have no guarantee that the files are unmodified
    or uncompromised. Anyone providing a link to a non-vendors site with a
    direct download should not be trusted, the vendors sites are the safest
    place to download their application.

    No person of sound mind would download files from a hack site that
    requires a password to access the unknown files when they are available
    directly from the vendors.

    Always remember - only download files from Trusted Sites.

    The following links will take you to vendors sites for Spy Ware / Ad
    ware removal tools and also for Antivirus tools. After you install any
    of these applications and update them, run them in SAFE MODE to allow
    them to properly clean your system.

    First, make sure that your Java is updated to the latest version:
    http://www.java.com/en/download/index.jsp

    These sites are for downloading Anti-Malware and Anti-Spyware tools, in
    order that I would use them myself:

    Dave Lipman's tools:
    http://www.claymania.com/removal-trojan-adware.html
    http://www.ik-cs.com/got-a-virus.htm

    Secured2K's AntiPauper (download link/info at)
    http://forums.mcafeehelp.com/viewtopic.php?t=65072

    AdAwareSE can be found here:
    http://www.lavasoft.de/support/download/

    SpyBot Search and Destroy can be found here:
    http://www.safer-networking.org/en/download/index.html

    HiJack can be found here:
    http://www.spywareinfo.com/~merijn/downloads.html

    Ewido Security Suite Trial can be found here:
    http://www.ewido.net/en/download/

    CrapCleaner can be found at the vendors site here:
    http://www.ccleaner.com/ccdownload.asp

    CleanUp can be found at the vendors site here:
    http://www.stevengould.org/software/cleanup/download.html
    or from another reputable source:
    http://www.tucows.com/get/405276_152071

    The following are two links to Antivirus software in order that I would
    use them:

    You can also download Symantec Trial version of their Antivirus software
    from here:
    http://www.symantec.com/downloads/

    Download AVG Personal Free edition from here:
    http://free.grisoft.com/freeweb.php/doc/2/

    These are the actual vendors sites, not some unknown or authorized no-
    name site. They also don't artificially increase the hits for sites that
    get paid for the amount of traffic they can generate like one poster has
    admitted to in this group.

    --


    remove 999 in order to email me
    Leythos, Jul 2, 2006
    #13
  14. Rôgêr wrote:
    > Rhonda Lea Kirk wrote:
    >
    >> when you wake up, Noel, you might want to consider that KMan has a
    >> legitimate point.
    >>
    >> When you chastise people who know no better, you send them straight
    >> into the loving arms of pcbutthead.
    >>
    >> It's posts like yours that do his foul work for him.

    >
    > That fucking chicken never had a legitimate point to make in his life.
    > And since you seem to like to cozy up to such shit, you are now in my
    > Bozo bin. Have a nice life, bitch.


    And to you as well, Rôgêr.

    I'm always grateful when the control freaks self-identify. Saves me the
    time I might waste befriending the wrong sort of people. :)

    rl
    --
    Rhonda Lea Kirk

    If you ever need some proof that time can heal your wounds,
    just step inside my heart and walk around these rooms;
    where the shadows used to be.... Mary Chapin Carpenter
    Rhonda Lea Kirk, Jul 2, 2006
    #14
  15. Top wrote:
    > Noel Paton formulated the question :
    >>
    >>>

    >
    >> This is NOT the right place to post HJY logs - there are
    >> dedicated forums with trained helpers for that purpose!!!

    >
    > Why is not the right place? It's been done for a long time.


    And whenever someone goes to google for an entry to learn what it is,
    all they find is a whole load of HJT logs, because the pages that
    actually explain the various entries are buried.

    In this case, I'm wondering if butthead is able to explain the two
    entries he's having the OP remove.

    As near as I can tell, removing them won't do a thing to solve the
    problem. Once again, he's telling someone to remove totally innocuous
    entries.

    rl
    --
    Rhonda Lea Kirk

    If you ever need some proof that time can heal your wounds,
    just step inside my heart and walk around these rooms;
    where the shadows used to be.... Mary Chapin Carpenter
    Rhonda Lea Kirk, Jul 3, 2006
    #15
  16. Duane Arnold Guest

    wrote:
    > Norton Antivirus will not "Live Update" so I loaded AVG. I ran it and
    > it says "no virus found". I have run Adaware and Spynot and Ace
    > Utilities Registry Cleaner. Computer is still slow. It is a P4 with 1
    > GB RAM. Dell 4600. My Hijackthis log is below. Any help would be
    > apprecuated.
    >

    Typical Norton I dumped that crap long ago. You might wan to hit it with
    a online AV scanner like Trend Micro's House Call.

    Duane :)
    Duane Arnold, Jul 3, 2006
    #16
  17. Top Guest

    Noel Paton wrote :
    > "Top" <> wrote in message
    > news:...
    >> Noel Paton formulated the question :
    >>>
    >>>>

    >>
    >>> This is NOT the right place to post HJY logs - there are
    >>> dedicated forums with trained helpers for that purpose!!!

    >>
    >> Why is not the right place? It's been done for a long time.
    >>



    > Only at the instigation of idiots like pcbutts1


    No Noel, you are the idiot. I've seen hijack logs posted for over
    2 years and you are the first person that has complained. If you
    don't know enough about the NG don't open your mouth and prove
    yourself a fool.

    Top

    --
    Never mind that Man behind the curtin
    Top, Jul 3, 2006
    #17
  18. Top Guest

    on 7/2/2006, Rhonda Lea Kirk supposed :
    > Top wrote:
    >> Noel Paton formulated the question :
    >>>
    >>>>

    >>
    >>> This is NOT the right place to post HJY logs - there are
    >>> dedicated forums with trained helpers for that purpose!!!

    >>
    >> Why is not the right place? It's been done for a long time.


    > And whenever someone goes to google for an entry to learn what
    > it is, all they find is a whole load of HJT logs, because the
    > pages that actually explain the various entries are buried.


    > In this case, I'm wondering if butthead is able to explain the
    > two entries he's having the OP remove.


    > As near as I can tell, removing them won't do a thing to solve
    > the problem. Once again, he's telling someone to remove
    > totally innocuous entries.


    > rl


    If you believe his info is bad that does not make it OT.

    Top

    --
    Never mind that Man behind the curtin
    Top, Jul 3, 2006
    #18
  19. Toolman Tim Guest

    Top wrote:
    > Noel Paton wrote :
    >> "Top" <> wrote in message
    >> news:...
    >>> Noel Paton formulated the question :
    >>>>
    >>>>>
    >>>
    >>>> This is NOT the right place to post HJY logs - there are
    >>>> dedicated forums with trained helpers for that purpose!!!
    >>>
    >>> Why is not the right place? It's been done for a long time.
    >>>

    >
    >
    >> Only at the instigation of idiots like pcbutts1

    >
    > No Noel, you are the idiot. I've seen hijack logs posted for over
    > 2 years and you are the first person that has complained. If you
    > don't know enough about the NG don't open your mouth and prove
    > yourself a fool.
    >
    > Top


    Well, he's not the only one that complained/complains. Margobitch whines
    about it too. Like anyone cares <g>

    --
    When I was a child, I remember my Mom telling me, "Son, when you grow
    up, you can marry any girl you please." When I became a young man, I
    learned the sad fact was that I could not please any of them.
    Toolman Tim, Jul 3, 2006
    #19
  20. Top wrote:
    > Rhonda Lea Kirk supposed :
    >> Top wrote:
    >>> Noel Paton formulated the question :


    >>>> This is NOT the right place to post HJY logs - there are
    >>>> dedicated forums with trained helpers for that purpose!!!


    >>> Why is not the right place? It's been done for a long time.


    >> And whenever someone goes to google for an entry to learn what
    >> it is, all they find is a whole load of HJT logs, because the
    >> pages that actually explain the various entries are buried.

    >
    >> In this case, I'm wondering if butthead is able to explain the
    >> two entries he's having the OP remove.

    >
    >> As near as I can tell, removing them won't do a thing to solve
    >> the problem. Once again, he's telling someone to remove
    >> totally innocuous entries.


    > If you believe his info is bad that does not make it OT.


    I addressed two different issues in one post, and neither I nor anyone
    else asserted that posting HJT logs is off-topic. Topicality has nothing
    to do with the problem it creates.

    Just to make it perfectly clear:

    A. Posting HJT logs in newsgroups makes a mess in google that prevents
    obtaining meaningful search results. The forums are bad enough;
    newsgroup posts make it worse.

    and

    B. pcbutthead hasn't got a friggin' clue what he's doing.

    Please don't mix up or mix together points A and B, because they're not
    related.

    rl
    --
    Rhonda Lea Kirk

    If you ever need some proof that time can heal your wounds,
    just step inside my heart and walk around these rooms;
    where the shadows used to be.... Mary Chapin Carpenter
    Rhonda Lea Kirk, Jul 3, 2006
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. UnderDog

    HijackThis Log

    UnderDog, May 8, 2004, in forum: Computer Support
    Replies:
    5
    Views:
    5,611
    Boomer
    May 8, 2004
  2. Michael

    Computer Problems & HijackThis Log Help

    Michael, Aug 7, 2004, in forum: Computer Support
    Replies:
    2
    Views:
    1,899
    °Mike°
    Aug 9, 2004
  3. Replies:
    3
    Views:
    672
  4. Replies:
    4
    Views:
    525
    What's in a Name?
    Sep 2, 2005
  5. John Dalberg
    Replies:
    4
    Views:
    1,352
    Kraftee
    Jun 17, 2007
Loading...

Share This Page