1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Help needed with hijacklog

Discussion in 'Virus & Other Malware Removal' started by muffin862, Sep 2, 2005.

Thread Status:
Not open for further replies.
Advertisement
  1. muffin862

    muffin862 Thread Starter

    Joined:
    Mar 20, 2003
    Messages:
    102
    I need help. My pc is running really slow. I did all the clean ups and ran spybot and adaware. Its not any better. can someone tell me if i am missing something?

    Logfile of HijackThis v1.98.2
    Scan saved at 2:24:29 AM, on 02/09/2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
    C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\pctspk.exe
    C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\TSKMAN.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\mmc.exe
    C:\WINDOWS\system32\DfrgNtfs.exe
    C:\Documents and Settings\RTO\My Documents\hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ca.red.clientapps.yahoo.com/customize/rogers/defaults/sb/*http://www.yahoo.com/search/ie.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ca.red.clientapps.yahoo.com/customize/rogers/defaults/sp/*http://www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://neopets.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ca.red.clientapps.yahoo.com/customize/rogers/defaults/sb/*http://www.yahoo.com/search/ie.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
    O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
    O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
    O4 - HKLM\..\Run: [VTPreset] VTPreset.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html
    O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: 6th Street Omaha Poker by pogo - http://game1.pogo.com/applet-6.2.2.51/omaha/omaha-ob-assets.cab
    O16 - DPF: Aces Up! by pogo - http://game1.pogo.com/applet-6.3.2.32/aces/aces-ob-assets.cab
    O16 - DPF: Ali Baba Slots TM by pogo - http://game1.pogo.com/applet-6.3.0.53/slots/alibaba-ob-assets.cab
    O16 - DPF: Backgammon by pogo - http://game1.pogo.com/applet-6.1.3.21/backgammon/backgammon-ob-assets.cab
    O16 - DPF: Battle Phlinx by pogo - http://game1.pogo.com/applet-6.3.2.25/battlephlinx/battlephlinx-ob-assets.cab
    O16 - DPF: Big Shot Roulette TM by pogo - http://game1.pogo.com/applet-6.2.0.30/roulette/roulette-ob-assets.cab
    O16 - DPF: Blackjack by pogo - http://game1.pogo.com/applet-6.3.2.25/blackjack/blackjack-ob-assets.cab
    O16 - DPF: Buckaroo Blackjack TM by pogo - http://game1.pogo.com/applet-6.2.0.30/videoblackjack/videoblackjack-ob-assets.cab
    O16 - DPF: Canasta by pogo - http://game1.pogo.com/applet-6.3.0.46/canasta/canasta-ob-assets.cab
    O16 - DPF: Checkers by pogo - http://game3.pogo.com/applet-6.1.2.25/checkers2/checkers-ob-assets.cab
    O16 - DPF: Chess by pogo - http://game1.pogo.com/applet-6.1.5.21/chess2/chess2-ob-assets.cab
    O16 - DPF: Cribbage by pogo - http://game1.pogo.com/applet-6.1.5.21/cribbage/cribbage-ob-assets.cab
    O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-6.2.1.34/checkeredflag/checkeredflag-ob-assets.cab
    O16 - DPF: Dominoes by pogo - http://game5.pogo.com/applet-6.1.3.21/domino/domino-ob-assets.cab
    O16 - DPF: Euchre by pogo - http://game1.pogo.com/applet-6.2.0.30/euchre/euchre-ob-assets.cab
    O16 - DPF: EZ Win Bingo by pogo - http://game1.pogo.com/applet-6.1.3.28/bingo/bingoe-ob-assets.cab
    O16 - DPF: First Class Solitaire by pogo - http://game1.pogo.com/applet-6.3.0.46/solitaire2/solitaire2-ob-assets.cab
    O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.3.0.53/superbingo/superbingo-ob-assets.cab
    O16 - DPF: Greenback Bayou by pogo - http://greenback.pogo.com/applet-6.0.3.35/greenback/greenback-ob-assets.cab
    O16 - DPF: Harvest Mania by pogo - http://game1.pogo.com/applet-6.3.0.53/harvest/harvest-ob-assets.cab
    O16 - DPF: Hearts by pogo - http://game1.pogo.com/applet-6.1.4.22/hearts/hearts-ob-assets.cab
    O16 - DPF: High Stakes Poker by pogo - http://game1.pogo.com/applet-6.3.2.32/drawpoker/drawpoker-ob-assets.cab
    O16 - DPF: High Stakes Pool by pogo - http://game1.pogo.com/applet-6.2.5.42/pool2/pool-ob-assets.cab
    O16 - DPF: Jigsaw Detective by pogo - http://game1.pogo.com/applet-6.3.1.33/jigsaw/jigsaw-ob-assets.cab
    O16 - DPF: Jokers Wild Poker by pogo - http://game1.pogo.com/applet-6.2.0.30/videopoker2/jokerswild-ob-assets.cab
    O16 - DPF: Jungle Gin by pogo - http://game1.pogo.com/applet-6.3.3.27/gin/gin-ob-assets.cab
    O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.3.3.27/lottso/lottso-ob-assets.cab
    O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.1.3.21/mahjong/mahjong-ob-assets.cab
    O16 - DPF: Multiline Slots by pogo - http://game1.pogo.com/applet-6.3.3.27/mlslots/mlslots-ob-assets.cab
    O16 - DPF: NASCAR Web Racing by pogo - http://game1.pogo.com/applet-6.1.4.29/nascar/nascar-ob-assets.cab
    O16 - DPF: Pai Gow by pogo - http://game1.pogo.com/applet-6.1.3.21/paigow/paigow-ob-assets.cab
    O16 - DPF: Payday FreeCell by pogo - http://game1.pogo.com/applet-6.3.2.25/freecell/freecell-ob-assets.cab
    O16 - DPF: Penguin Blocks by pogo - http://game1.pogo.com/applet-6.3.3.27/penguins/penguins-ob-assets.cab
    O16 - DPF: Perfect Pair Solitaire by pogo - http://game1.pogo.com/applet-6.2.5.42/waterwheel/waterwheel-ob-assets.cab
    O16 - DPF: Phlinx by pogo - http://game1.pogo.com/applet-6.3.2.25/flinger/flinger-ob-assets.cab
    O16 - DPF: Pinochle by pogo - http://game1.pogo.com/applet-6.2.5.28/pinochle/pinochle-ob-assets.cab
    O16 - DPF: Pirate's Gold by pogo - http://game1.pogo.com/applet-6.2.2.51/piratesgold/piratesgold-ob-assets.cab
    O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-6.2.5.28/popfu/popfu-ob-assets.cab
    O16 - DPF: PoppaZoppa by pogo - http://game1.pogo.com/applet-6.3.0.53/poppazoppa/poppazoppa-ob-assets.cab
    O16 - DPF: Poppit by pogo - http://game1.pogo.com/applet-6.3.0.53/poppit2/poppit2-ob-assets.cab
    O16 - DPF: Poppit TM by pogo - http://game5.pogo.com/applet-6.0.4.37/poppit/poppit-ob-assets.cab
    O16 - DPF: Showbiz Slots 2 by pogo - http://game1.pogo.com/applet-6.1.5.28/slots/showbiz2-ob-assets.cab
    O16 - DPF: Showbiz Slots by pogo - http://game1.pogo.com/applet-6.1.5.28/slots/showbiz-ob-assets.cab
    O16 - DPF: Spades by pogo - http://game1.pogo.com/applet-6.2.1.41/spades/spades-ob-assets.cab
    O16 - DPF: Spider Solitaire by pogo - http://game1.pogo.com/applet-6.3.1.26/spider/spider-ob-assets.cab
    O16 - DPF: Squelchies by pogo - http://game1.pogo.com/applet-6.3.0.46/squelchies/squelchies-ob-assets.cab
    O16 - DPF: Sweet Tooth TM by pogo - http://game1.pogo.com/applet-6.2.4.32/sweettooth/sweettooth-ob-assets.cab
    O16 - DPF: Texas Hold'em Poker by pogo - http://game1.pogo.com/applet-6.2.0.30/holdem/holdem-ob-assets.cab
    O16 - DPF: Tri-Peaks by pogo - http://game1.pogo.com/applet-6.3.2.32/peaks/peaks-ob-assets.cab
    O16 - DPF: Tumble Bees by pogo - http://game1.pogo.com/applet-6.3.1.26/jumbee/jumbee-ob-assets.cab
    O16 - DPF: Turbo 21 TM by pogo - http://game1.pogo.com/applet-6.2.3.36/turbo21/turbo21-ob-assets.cab
    O16 - DPF: Video Poker by pogo - http://game1.pogo.com/applet-6.1.5.21/videopoker2/videopoker-ob-assets.cab
    O16 - DPF: Word Whomp by pogo - http://game1.pogo.com/applet-6.3.3.27/wordwhomp2/whomp2-ob-assets.cab
    O16 - DPF: Word Whomp Whackdown by pogo - http://whackdown.pogo.com/applet-6.0.4.37/whackdown/whackdown-ob-assets.cab
    O16 - DPF: WordJong by pogo - http://game1.pogo.com/applet-6.2.1.34/wordjong/wordjong-ob-assets.cab
    O16 - DPF: World Class Solitaire by pogo - http://game1.pogo.com/applet-6.3.0.53/worldclass/worldclass-ob-assets.cab
    O16 - DPF: Yahoo! Bingo - http://download.games.yahoo.com/games/clients/y/xt0_x.cab
    O16 - DPF: Yahoo! Freecell Solitaire - http://yog55.games.scd.yahoo.com/yog/y/fs10_x.cab
    O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
    O16 - DPF: {01CA75F1-054B-4A63-9221-C6926369EC52} (HS_live Control) - http://install.homestead.com/~site/InstallFiles/SIFiles/lpxlive/HS_live.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
    O16 - DPF: {217234FC-041F-4F27-84AB-8329440C4DED} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_4ca.cab
    O16 - DPF: {237F3A38-E718-4FE3-AB18-BCF0AF75B34A} (DownloadScanEngine.ctlDSE300663) - http://downloads.rogershelp.com/updates.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1097508038668
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
    O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensavers.com/dm/installers/si/1/sinstaller.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://play06.pogo.com/game/deluxe/zuma/popcaploader_v5.cab
    O19 - User stylesheet: C:\Documents and Settings\RTO\My Documents\neopets.css

    Thank you :)
     
  2. Sponsor

  3. D_Trojanator

    D_Trojanator Malware Specialist

    Joined:
    May 13, 2005
    Messages:
    4,699
    You are using an outdated version of HijackThis. Please download HijackThis version 1.99.1 from here:
    http://www.downloads.subratam.org/hijackthis.zip
    and make sure to unzip it to a permanent folder. Then please run HijackThis, click Scan and Save log, and post the new log here. I would be happy to take a look at it.

    DAvid
     
  4. muffin862

    muffin862 Thread Starter

    Joined:
    Mar 20, 2003
    Messages:
    102
    Thank you. Here is the new log

    Logfile of HijackThis v1.99.1
    Scan saved at 3:58:51 AM, on 02/09/2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\WINDOWS\system32\pctspk.exe
    C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
    C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\TSKMAN.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Gerry\My Documents\hi jack\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ca.red.clientapps.yahoo.com/customize/rogers/defaults/sb/*http://www.yahoo.com/search/ie.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ca.red.clientapps.yahoo.com/customize/rogers/defaults/sp/*http://www.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pogo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ca.red.clientapps.yahoo.com/customize/rogers/defaults/sb/*http://www.yahoo.com/search/ie.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn5\yt.dll
    O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
    O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
    O4 - HKLM\..\Run: [VTPreset] VTPreset.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: 6th Street Omaha Poker by pogo - http://game1.pogo.com/applet-6.2.2.51/omaha/omaha-ob-assets.cab
    O16 - DPF: Aces Up! by pogo - http://game1.pogo.com/applet-6.3.2.32/aces/aces-ob-assets.cab
    O16 - DPF: Ali Baba Slots TM by pogo - http://game1.pogo.com/applet-6.3.0.53/slots/alibaba-ob-assets.cab
    O16 - DPF: Backgammon by pogo - http://game1.pogo.com/applet-6.1.3.21/backgammon/backgammon-ob-assets.cab
    O16 - DPF: Battle Phlinx by pogo - http://game1.pogo.com/applet-6.3.2.25/battlephlinx/battlephlinx-ob-assets.cab
    O16 - DPF: Big Shot Roulette TM by pogo - http://game1.pogo.com/applet-6.2.0.30/roulette/roulette-ob-assets.cab
    O16 - DPF: Blackjack by pogo - http://game1.pogo.com/applet-6.3.2.25/blackjack/blackjack-ob-assets.cab
    O16 - DPF: Buckaroo Blackjack TM by pogo - http://game1.pogo.com/applet-6.2.0.30/videoblackjack/videoblackjack-ob-assets.cab
    O16 - DPF: Canasta by pogo - http://game1.pogo.com/applet-6.3.0.46/canasta/canasta-ob-assets.cab
    O16 - DPF: Checkers by pogo - http://game3.pogo.com/applet-6.1.2.25/checkers2/checkers-ob-assets.cab
    O16 - DPF: Chess by pogo - http://game1.pogo.com/applet-6.1.5.21/chess2/chess2-ob-assets.cab
    O16 - DPF: Cribbage by pogo - http://game1.pogo.com/applet-6.1.5.21/cribbage/cribbage-ob-assets.cab
    O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-6.2.1.34/checkeredflag/checkeredflag-ob-assets.cab
    O16 - DPF: Dominoes by pogo - http://game5.pogo.com/applet-6.1.3.21/domino/domino-ob-assets.cab
    O16 - DPF: Euchre by pogo - http://game1.pogo.com/applet-6.2.0.30/euchre/euchre-ob-assets.cab
    O16 - DPF: EZ Win Bingo by pogo - http://game1.pogo.com/applet-6.1.3.28/bingo/bingoe-ob-assets.cab
    O16 - DPF: First Class Solitaire by pogo - http://game1.pogo.com/applet-6.3.0.46/solitaire2/solitaire2-ob-assets.cab
    O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.3.0.53/superbingo/superbingo-ob-assets.cab
    O16 - DPF: Greenback Bayou by pogo - http://greenback.pogo.com/applet-6.0.3.35/greenback/greenback-ob-assets.cab
    O16 - DPF: Harvest Mania by pogo - http://game1.pogo.com/applet-6.3.0.53/harvest/harvest-ob-assets.cab
    O16 - DPF: Hearts by pogo - http://game1.pogo.com/applet-6.1.4.22/hearts/hearts-ob-assets.cab
    O16 - DPF: High Stakes Poker by pogo - http://game1.pogo.com/applet-6.3.2.32/drawpoker/drawpoker-ob-assets.cab
    O16 - DPF: High Stakes Pool by pogo - http://game1.pogo.com/applet-6.2.5.42/pool2/pool-ob-assets.cab
    O16 - DPF: Jigsaw Detective by pogo - http://game1.pogo.com/applet-6.3.1.33/jigsaw/jigsaw-ob-assets.cab
    O16 - DPF: Jokers Wild Poker by pogo - http://game1.pogo.com/applet-6.2.0.30/videopoker2/jokerswild-ob-assets.cab
    O16 - DPF: Jungle Gin by pogo - http://game1.pogo.com/applet-6.3.3.27/gin/gin-ob-assets.cab
    O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.3.3.27/lottso/lottso-ob-assets.cab
    O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.1.3.21/mahjong/mahjong-ob-assets.cab
    O16 - DPF: Multiline Slots by pogo - http://game1.pogo.com/applet-6.3.3.27/mlslots/mlslots-ob-assets.cab
    O16 - DPF: NASCAR Web Racing by pogo - http://game1.pogo.com/applet-6.1.4.29/nascar/nascar-ob-assets.cab
    O16 - DPF: Pai Gow by pogo - http://game1.pogo.com/applet-6.1.3.21/paigow/paigow-ob-assets.cab
    O16 - DPF: Payday FreeCell by pogo - http://game1.pogo.com/applet-6.3.2.25/freecell/freecell-ob-assets.cab
    O16 - DPF: Penguin Blocks by pogo - http://game1.pogo.com/applet-6.3.3.27/penguins/penguins-ob-assets.cab
    O16 - DPF: Perfect Pair Solitaire by pogo - http://game1.pogo.com/applet-6.2.5.42/waterwheel/waterwheel-ob-assets.cab
    O16 - DPF: Phlinx by pogo - http://game1.pogo.com/applet-6.3.2.25/flinger/flinger-ob-assets.cab
    O16 - DPF: Pinochle by pogo - http://game1.pogo.com/applet-6.2.5.28/pinochle/pinochle-ob-assets.cab
    O16 - DPF: Pirate's Gold by pogo - http://game1.pogo.com/applet-6.2.2.51/piratesgold/piratesgold-ob-assets.cab
    O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-6.2.5.28/popfu/popfu-ob-assets.cab
    O16 - DPF: PoppaZoppa by pogo - http://game1.pogo.com/applet-6.3.0.53/poppazoppa/poppazoppa-ob-assets.cab
    O16 - DPF: Poppit by pogo - http://game1.pogo.com/applet-6.3.0.53/poppit2/poppit2-ob-assets.cab
    O16 - DPF: Poppit TM by pogo - http://game5.pogo.com/applet-6.0.4.37/poppit/poppit-ob-assets.cab
    O16 - DPF: Showbiz Slots 2 by pogo - http://game1.pogo.com/applet-6.1.5.28/slots/showbiz2-ob-assets.cab
    O16 - DPF: Showbiz Slots by pogo - http://game1.pogo.com/applet-6.1.5.28/slots/showbiz-ob-assets.cab
    O16 - DPF: Spades by pogo - http://game1.pogo.com/applet-6.2.1.41/spades/spades-ob-assets.cab
    O16 - DPF: Spider Solitaire by pogo - http://game1.pogo.com/applet-6.3.1.26/spider/spider-ob-assets.cab
    O16 - DPF: Squelchies by pogo - http://game1.pogo.com/applet-6.3.0.46/squelchies/squelchies-ob-assets.cab
    O16 - DPF: Sweet Tooth TM by pogo - http://game1.pogo.com/applet-6.2.4.32/sweettooth/sweettooth-ob-assets.cab
    O16 - DPF: Texas Hold'em Poker by pogo - http://game1.pogo.com/applet-6.2.0.30/holdem/holdem-ob-assets.cab
    O16 - DPF: Tri-Peaks by pogo - http://game1.pogo.com/applet-6.3.2.32/peaks/peaks-ob-assets.cab
    O16 - DPF: Tumble Bees by pogo - http://game1.pogo.com/applet-6.3.1.26/jumbee/jumbee-ob-assets.cab
    O16 - DPF: Turbo 21 TM by pogo - http://game1.pogo.com/applet-6.2.3.36/turbo21/turbo21-ob-assets.cab
    O16 - DPF: Video Poker by pogo - http://game1.pogo.com/applet-6.1.5.21/videopoker2/videopoker-ob-assets.cab
    O16 - DPF: Word Whomp by pogo - http://game1.pogo.com/applet-6.3.3.27/wordwhomp2/whomp2-ob-assets.cab
    O16 - DPF: Word Whomp Whackdown by pogo - http://whackdown.pogo.com/applet-6.0.4.37/whackdown/whackdown-ob-assets.cab
    O16 - DPF: WordJong by pogo - http://game1.pogo.com/applet-6.2.1.34/wordjong/wordjong-ob-assets.cab
    O16 - DPF: World Class Solitaire by pogo - http://game1.pogo.com/applet-6.3.0.53/worldclass/worldclass-ob-assets.cab
    O16 - DPF: Yahoo! Bingo - http://download.games.yahoo.com/games/clients/y/xt0_x.cab
    O16 - DPF: Yahoo! Freecell Solitaire - http://yog55.games.scd.yahoo.com/yog/y/fs10_x.cab
    O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
    O16 - DPF: {01CA75F1-054B-4A63-9221-C6926369EC52} (HS_live Control) - http://install.homestead.com/~site/InstallFiles/SIFiles/lpxlive/HS_live.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
    O16 - DPF: {217234FC-041F-4F27-84AB-8329440C4DED} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/ydropper/ydropper1_4ca.cab
    O16 - DPF: {237F3A38-E718-4FE3-AB18-BCF0AF75B34A} (DownloadScanEngine.ctlDSE300663) - http://downloads.rogershelp.com/updates.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1097508038668
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
    O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensavers.com/dm/installers/si/1/sinstaller.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://play06.pogo.com/game/deluxe/zuma/popcaploader_v5.cab
    O19 - User stylesheet: C:\Documents and Settings\RTO\My Documents\neopets.css
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: Task Manager Lite - BRIGADOON SOFTWARE INC. - C:\WINDOWS\system32\TSKMAN.exe
     
  5. D_Trojanator

    D_Trojanator Malware Specialist

    Joined:
    May 13, 2005
    Messages:
    4,699
    There doesn't appear to be anything wrong witht the logs.
    Do you play those Pogo games by the way...........
    Do you have any particular examples of your problem?
    David
     
  6. muffin862

    muffin862 Thread Starter

    Joined:
    Mar 20, 2003
    Messages:
    102
    I dont play all of them but my kids may. we have a club pogo account there. The kids pc (the one the log is from) is really dragging and freezing up while playing the flash games. I have rebooted, disc defrag, disc clean up, disc check, ran all the spyware stuff and antivirus i cant find why it's lagging.
     
  7. D_Trojanator

    D_Trojanator Malware Specialist

    Joined:
    May 13, 2005
    Messages:
    4,699
    Ewido is best for removing malware...........
    Clean-up is great for removing the junk from the computer..........
    They should speed it up somewhat.

    Please download ewido security suite from here it is a free version of the program.
    1. Install ewido security suite
    2. When installing, under "Additional Options" uncheck..
      • Install background guard
      • Install scan via context menu
    3. Launch ewido, there should be an icon on your desktop, double-click it.
    4. The program will now open to the main screen.
    5. When you run ewido for the first time, you will get a warning "Database could not be found!". Click OK. We will fix this in a moment.
    6. You will need to update ewido to the latest definition files.
      • On the left hand side of the main screen click update.
      • Then click on Start Update.
    7. The update will start and a progress bar will show the updates being installed.
      (the status bar at the bottom will display ("Update successful")
    If you are having problems with the updater, you can use this link to manually update ewido.
    ewido manual updates

    DO NOT RUN IT YET!

    ---------------------------------------------------------------------------------

    CleanUp!

    *Download Cleanup from Here
    • A window will open and choose SAVE, then DESKTOP as the destination.
    • On your Desktop, click on Cleanup40.exe icon.
    • Then, click RUN and place a checkmark beside "I Agree"
    • Then click NEXT followed by START and OK.
    • A window will appear with many choices, keep all the defaults as set when the Slide Bar to the left is set to Standard Quality.
    • Click OK
    • DO NOT RUN IT YET!

    ---------------------------------------------------------------------------------

    Once you have downloaded both programs........
    • To get into the Windows 2000 / XP Safe mode, as the computer is booting press and hold your "F8 Key" which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to move to "Safe Mode" and press your Enter key.
    • Load up Ewdio
    • Click on scanner
    • Click on Complete System Scan and the scan will begin.
    • You will be prompted to clean the first infection.
    • Select "Perform action on all infections", then proceed.
    • Once the scan has completed, there will be a button located on the bottom of the screen named Save report
    • Click Save report.
    • Save the report .txt file to your desktop or a location where you can find it easily.
    Close ewido security suite.


    * Run Cleanup:
    • Click on the "Cleanup" button and let it run.
    • Once its done, close the program.

    Do you know how much RAM the computer has?
    David
     
  8. muffin862

    muffin862 Thread Starter

    Joined:
    Mar 20, 2003
    Messages:
    102
    yea it has a 224 ram and 80 gig hard drive i still have 73% hard drive left.
     
  9. D_Trojanator

    D_Trojanator Malware Specialist

    Joined:
    May 13, 2005
    Messages:
    4,699
    aha! Ram may be the probelm.........
    You really should update to 512, or 1gb for best performance, but obviousely that's up to you.
    Carry on with ewido and clean-up though...........

    David
     
  10. muffin862

    muffin862 Thread Starter

    Joined:
    Mar 20, 2003
    Messages:
    102
    IE just froze up on me again. Error report said it was IBIS Toolbar i dont have that i check in add/remove only toolbar i have is yahoo.
     
  11. D_Trojanator

    D_Trojanator Malware Specialist

    Joined:
    May 13, 2005
    Messages:
    4,699
    Ok, ewido should definately help with that............
    Daviid
     
  12. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/395690