100% CPU Usage, Slow Startup, Slow load of applications + Freezing. [F]

Status
Not open for further replies.

Consequences

Baseband Member
Messages
31
Deckard's System Scanner v20071014.68
Run by AJ on 2008-06-18 13:36:23
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Total Physical Memory: 511 MiB (512 MiB recommended).


-- HijackThis (run as AJ.exe) --------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:38:21 PM, on 6/18/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.17184)
Boot mode: Normal

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe
F:\Program Files\Ideazon\Zboard Software\Driver\Zboard.exe
F:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
F:\Program Files\Windows Live\Messenger\msnmsgr.exe
F:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
F:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe
F:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe
F:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
F:\Program Files\SpywareGuard\sgmain.exe
F:\WINDOWS\system32\wuauclt.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\SpywareGuard\sgbhp.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Documents and Settings\AJ\Desktop\dss.exe
F:\PROGRA~1\TRENDM~1\HIJACK~1\AJ.exe
F:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Welcome to Windows Internet Explorer Beta 1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = mrfindalot.com
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - F:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - F:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - F:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - F:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\program files\google\googletoolbar4.dll
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - F:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [LXBUCATS] rundll32 F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Launch LGDCore] "F:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "F:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKCU\..\Run: [msnmsgr] "F:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] F:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKLM\..\Policies\Explorer\Run: [ZboardTray] "F:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe" /autolaunch
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "F:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "F:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: SpywareGuard.lnk = F:\Program Files\SpywareGuard\sgmain.exe
O8 - Extra context menu item: &AOL Toolbar Search - f:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - F:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: f:\windows\system32\nwprovau.dll
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/betapit/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {32305793-C19A-48E7-AD2F-D87FF7B264A4} (TenebrilSpywareScanner Control) - http://www.tenebril.com/assets/activeX/SpywareScannerV2.ocx
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.3.102.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,4943/mcfscan.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/optimize2/pcpitstop2.dll

--
End of file - 6547 bytes

-- Files created between 2008-05-18 and 2008-06-18 -----------------------------

2008-06-13 13:42:35 0 d-------- F:\Program Files\Common Files\Java
2008-06-13 13:28:50 0 d-------- F:\Program Files\SpywareGuard
2008-06-13 13:25:42 21312 --a------ F:\WINDOWS\choice.exe
2008-06-13 13:21:15 0 d-------- F:\Program Files\SpywareBlaster
2008-06-12 19:40:55 0 d-------- F:\Documents and Settings\AJ\Application Data\Malwarebytes
2008-06-12 19:40:30 0 d-------- F:\Program Files\Malwarebytes' Anti-Malware
2008-06-12 19:40:30 0 d-------- F:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-08 18:48:06 0 d-------- F:\Documents and Settings\AJ\Application Data\Uniblue
2008-06-05 19:29:50 0 d-------- F:\Documents and Settings\AJ\Application Data\fretsonfire
2008-06-05 19:28:37 0 d-------- F:\Program Files\Frets on Fire


-- Find3M Report ---------------------------------------------------------------

2008-06-13 13:46:37 0 d-------- F:\Program Files\Java
2008-06-13 13:42:35 0 d-------- F:\Program Files\Common Files
2008-05-12 14:40:38 315392 --a------ F:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
2008-05-12 14:08:21 0 d-------- F:\Program Files\PCPitstop
2008-05-12 13:13:29 0 d-------- F:\Program Files\SwiftKit
2008-05-12 13:07:15 0 d-------- F:\Program Files\Miranda IM
2008-05-12 12:55:03 0 d-------- F:\Program Files\Viewpoint
2008-05-12 12:53:23 0 d-------- F:\Documents and Settings\AJ\Application Data\Viewpoint
2008-05-06 19:45:31 0 d-------- F:\Program Files\BfSV
2008-05-06 19:29:01 0 d-------- F:\Program Files\Common Files\Adobe
2008-05-03 18:24:16 0 d-------- F:\Program Files\Windows Defender
2008-05-01 15:47:59 0 d-------- F:\Program Files\LimeWire
2008-04-30 15:14:36 0 d-------- F:\Program Files\RegCure
2008-04-30 15:03:42 0 d-------- F:\Program Files\Steam
2008-04-28 18:15:27 0 d-------- F:\Program Files\Lavasoft
2008-04-28 18:08:38 0 d-------- F:\Program Files\Common Files\Wise Installation Wizard
2008-04-27 21:03:20 0 d-------- F:\Program Files\AIM6
2008-04-27 21:03:16 0 d-------- F:\Program Files\Common Files\AOL
2008-04-27 21:02:32 0 d-------- F:\Program Files\AIMTunes
2008-04-27 21:02:31 0 d-------- F:\Program Files\Ogg Converter
2008-04-27 21:02:31 0 d-------- F:\Program Files\Novel Games
2008-04-27 21:02:27 0 d-------- F:\Program Files\Microsoft Xbox 360 Accessories
2008-04-27 21:02:27 0 d-------- F:\Program Files\Common Files\ATI Technologies
2008-04-27 20:59:14 0 d-------- F:\Program Files\AIM6(2)
2008-04-27 20:54:57 0 d-------- F:\Program Files\Windows Media Connect 2
2008-04-27 20:53:23 0 d-------- F:\Program Files\ffdshow
2008-04-27 20:53:23 0 d-------- F:\Program Files\DivX
2008-04-27 20:50:25 0 d-------- F:\Program Files\Common Files\Java(2)
2008-04-27 20:50:06 0 d-------- F:\Documents and Settings\AJ\Application Data\Ideazon
2008-04-27 20:49:52 0 d--h----- F:\Program Files\InstallShield Installation Information
2008-04-27 20:49:52 0 d-------- F:\Program Files\Ideazon
2008-04-26 13:54:34 0 d-------- F:\Program Files\Trend Micro
2008-04-17 19:37:11 1338 --a------ F:\WINDOWS\mozver.dat


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LXBUCATS"="F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll" [09/10/2004 07:55 AM]
"Launch LGDCore"="F:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [12/13/2007 06:57 PM]
"Launch LCDMon"="F:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [12/13/2007 06:43 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="F:\Program Files\Windows Live\Messenger\msnmsgr.exe" [10/18/2007 12:34 PM]
"Uniblue RegistryBooster 2"="F:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" []

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="F:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t

F:\Documents and Settings\AJ\Start Menu\Programs\Startup\
SpywareGuard.lnk - F:\Program Files\SpywareGuard\sgmain.exe [8/29/2003 7:05:35 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]
"ZboardTray"="F:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe" /autolaunch

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Zboard]
Winlognotif.dll 09/03/2003 07:14 AM 49152 F:\WINDOWS\system32\Winlognotif.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=interceptor.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\F:^Documents and Settings^AJ^Start Menu^Programs^Startup^Registration .LNK]
backup=F:\WINDOWS\pss\Registration .LNKStartup


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
"F:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
F:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Echovoice Gamer Statistics]
F:\Program Files\Echovoice\Gamer Statistics\G15 Echovoice Gamer Statistics.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"F:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lsass]
"F:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
"F:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE F:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Pitstop Optimize2 Reminder]
F:\Program Files\PCPitstop\Optimize2\Reminder.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"F:\Program Files\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
RTHDCPL.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"F:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
F:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
%systemroot%\system32\dumprep 0 -u

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusScan Online]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
F:\Program Files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XboxStat]
"f:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"iPodService"=3 (0x3)
"sdCoreService"=2 (0x2)
"sdAuxService"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"ATI Smart"=2 (0x2)
"VRSService"=2 (0x2)
"iPod Service"=3 (0x3)
"usnjsvc"=3 (0x3)
"McSysmon"=2 (0x2)
"McShield"=2 (0x2)
"McODS"=2 (0x2)
"mcmispupdmgr"=3 (0x3)
"IDriverT"=3 (0x3)
"gusvc"=3 (0x3)
"Emproxy"=3 (0x3)
"WMPNetworkSvc"=2 (0x2)
"WLSetupSvc"=3 (0x3)
"Viewpoint Manager Service"=2 (0x2)
"RichVideo"=2 (0x2)
"NVSvc"=2 (0x2)
"MDM"=2 (0x2)
"McRedirector"=2 (0x2)
"mcpromgr"=2 (0x2)
"McNASvc"=2 (0x2)
"mcmscsvc"=2 (0x2)
"McAfee HackerWatch Service"=2 (0x2)
"aawservice"=2 (0x2)




-- End of Deckard's System Scanner: finished at 2008-06-18 13:44:06 ------------
 
Re: 100% CPU Usage, Slow Startup, Slow load of applications + Freezing.

Hello Consequences,


Step1 | Kaspersky WebScanner

Please do an online scan with Kaspersky WebScanner

Click on Accept

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    • Extended (if available otherwise Standard)
    • Scan Options:
    • Scan Archives
      Scan Mail Bases
  • Click OK
  • Now under select a target to scan:
    • Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

Step2 | MBAM

Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Logs needed in next post.

Kaspersky
MBAM


Mak
 
Re: 100% CPU Usage, Slow Startup, Slow load of applications + Freezing.

Hey just wanted to say thanks for the reply.

With step one Im having a problem running Kaspersky WebScanner because I believe it runs off of java, and Ive been having problems with running java ever since the incident happend. I have the lastest Java downloaded and installed but I am willing to do whatever you suggest to get it to work so i can get the Kaspersky WebScanner working.

Also with the Malware Bytes' Anti-Malware Ive done what youve asked and let the scan run but the scan found no infected objects. At the other tech site I went to, to get help Ive done the same exact steps but with the malware bytes ive found some infected stuff.

For more Info on what I did: 100% CPU Usage from "System" [RESOLVED] - Geeks to Go!

Deckard's System Scanner v20071014.68
Run by AJ on 2008-06-19 20:03:29
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Total Physical Memory: 511 MiB (512 MiB recommended).


-- HijackThis (run as AJ.exe) --------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:06:30 PM, on 6/19/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.17184)
Boot mode: Normal

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\Explorer.EXE
F:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe
F:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
F:\Program Files\Ideazon\Zboard Software\Driver\Zboard.exe
F:\Program Files\Windows Live\Messenger\msnmsgr.exe
F:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
F:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe
F:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe
F:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\WINDOWS\system32\wuauclt.exe
F:\Documents and Settings\AJ\Desktop\dss.exe
F:\PROGRA~1\TRENDM~1\HIJACK~1\AJ.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Welcome to Windows Internet Explorer Beta 1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = mrfindalot.com
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - F:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - F:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - F:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - F:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\program files\google\googletoolbar4.dll
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - F:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [LXBUCATS] rundll32 F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Launch LGDCore] "F:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "F:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKCU\..\Run: [msnmsgr] "F:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKLM\..\Policies\Explorer\Run: [ZboardTray] "F:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe" /autolaunch
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "F:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "F:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O8 - Extra context menu item: &AOL Toolbar Search - f:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - F:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: f:\windows\system32\nwprovau.dll
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/betapit/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {32305793-C19A-48E7-AD2F-D87FF7B264A4} (TenebrilSpywareScanner Control) - http://www.tenebril.com/assets/activeX/SpywareScannerV2.ocx
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.3.102.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,4943/mcfscan.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/optimize2/pcpitstop2.dll

--
End of file - 6225 bytes

-- Files created between 2008-05-19 and 2008-06-19 -----------------------------

2008-06-18 17:13:51 0 d-------- F:\Program Files\MSConfig CleanUp
2008-06-13 13:42:35 0 d-------- F:\Program Files\Common Files\Java
2008-06-13 13:28:50 0 d-------- F:\Program Files\SpywareGuard
2008-06-13 13:25:42 21312 --a------ F:\WINDOWS\choice.exe
2008-06-13 13:21:15 0 d-------- F:\Program Files\SpywareBlaster
2008-06-12 19:40:55 0 d-------- F:\Documents and Settings\AJ\Application Data\Malwarebytes
2008-06-12 19:40:30 0 d-------- F:\Program Files\Malwarebytes' Anti-Malware
2008-06-12 19:40:30 0 d-------- F:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-08 18:48:06 0 d-------- F:\Documents and Settings\AJ\Application Data\Uniblue
2008-06-05 19:29:50 0 d-------- F:\Documents and Settings\AJ\Application Data\fretsonfire
2008-06-05 19:28:37 0 d-------- F:\Program Files\Frets on Fire


-- Find3M Report ---------------------------------------------------------------

2008-06-13 13:46:37 0 d-------- F:\Program Files\Java
2008-06-13 13:42:35 0 d-------- F:\Program Files\Common Files
2008-05-12 14:40:38 315392 --a------ F:\WINDOWS\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
2008-05-12 14:08:21 0 d-------- F:\Program Files\PCPitstop
2008-05-12 13:13:29 0 d-------- F:\Program Files\SwiftKit
2008-05-12 13:07:15 0 d-------- F:\Program Files\Miranda IM
2008-05-12 12:55:03 0 d-------- F:\Program Files\Viewpoint
2008-05-12 12:53:23 0 d-------- F:\Documents and Settings\AJ\Application Data\Viewpoint
2008-05-06 19:45:31 0 d-------- F:\Program Files\BfSV
2008-05-06 19:29:01 0 d-------- F:\Program Files\Common Files\Adobe
2008-05-03 18:24:16 0 d-------- F:\Program Files\Windows Defender
2008-05-01 15:47:59 0 d-------- F:\Program Files\LimeWire
2008-04-30 15:14:36 0 d-------- F:\Program Files\RegCure
2008-04-30 15:03:42 0 d-------- F:\Program Files\Steam
2008-04-28 18:15:27 0 d-------- F:\Program Files\Lavasoft
2008-04-28 18:08:38 0 d-------- F:\Program Files\Common Files\Wise Installation Wizard
2008-04-27 21:03:20 0 d-------- F:\Program Files\AIM6
2008-04-27 21:03:16 0 d-------- F:\Program Files\Common Files\AOL
2008-04-27 21:02:32 0 d-------- F:\Program Files\AIMTunes
2008-04-27 21:02:31 0 d-------- F:\Program Files\Ogg Converter
2008-04-27 21:02:31 0 d-------- F:\Program Files\Novel Games
2008-04-27 21:02:27 0 d-------- F:\Program Files\Microsoft Xbox 360 Accessories
2008-04-27 21:02:27 0 d-------- F:\Program Files\Common Files\ATI Technologies
2008-04-27 20:59:14 0 d-------- F:\Program Files\AIM6(2)
2008-04-27 20:54:57 0 d-------- F:\Program Files\Windows Media Connect 2
2008-04-27 20:53:23 0 d-------- F:\Program Files\ffdshow
2008-04-27 20:53:23 0 d-------- F:\Program Files\DivX
2008-04-27 20:50:25 0 d-------- F:\Program Files\Common Files\Java(2)
2008-04-27 20:50:06 0 d-------- F:\Documents and Settings\AJ\Application Data\Ideazon
2008-04-27 20:49:52 0 d--h----- F:\Program Files\InstallShield Installation Information
2008-04-27 20:49:52 0 d-------- F:\Program Files\Ideazon
2008-04-26 13:54:34 0 d-------- F:\Program Files\Trend Micro
2008-04-17 19:37:11 1338 --a------ F:\WINDOWS\mozver.dat


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LXBUCATS"="F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll" [09/10/2004 07:55 AM]
"Launch LGDCore"="F:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [12/13/2007 06:57 PM]
"Launch LCDMon"="F:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [12/13/2007 06:43 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="F:\Program Files\Windows Live\Messenger\msnmsgr.exe" [10/18/2007 12:34 PM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="F:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]
"ZboardTray"="F:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe" /autolaunch

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Zboard]
Winlognotif.dll 09/03/2003 07:14 AM 49152 F:\WINDOWS\system32\Winlognotif.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=interceptor.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"iPodService"=3 (0x3)
"sdCoreService"=2 (0x2)
"sdAuxService"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"ATI Smart"=2 (0x2)
"VRSService"=2 (0x2)
"iPod Service"=3 (0x3)
"usnjsvc"=3 (0x3)
"McSysmon"=2 (0x2)
"McShield"=2 (0x2)
"McODS"=2 (0x2)
"mcmispupdmgr"=3 (0x3)
"IDriverT"=3 (0x3)
"gusvc"=3 (0x3)
"Emproxy"=3 (0x3)
"WMPNetworkSvc"=2 (0x2)
"WLSetupSvc"=3 (0x3)
"Viewpoint Manager Service"=2 (0x2)
"RichVideo"=2 (0x2)
"NVSvc"=2 (0x2)
"MDM"=2 (0x2)
"McRedirector"=2 (0x2)
"mcpromgr"=2 (0x2)
"McNASvc"=2 (0x2)
"mcmscsvc"=2 (0x2)
"McAfee HackerWatch Service"=2 (0x2)
"aawservice"=2 (0x2)




-- End of Deckard's System Scanner: finished at 2008-06-19 20:12:50 ------------
 
Re: 100% CPU Usage, Slow Startup, Slow load of applications + Freezing.

Hello Consequences,

The scans were basically just to double check everything. As it seems that everything is fine. We will continue this in the Windows thread.
 
Status
Not open for further replies.
Back
Top Bottom