fooked computer

[mr v]

arite guys!

right before i make my own gonna have to be using this un for a while.

basically i've deleted a lot of the big files, games, etc, but its still running slow as a bastard, when i minimise windows music skips and shit like that.

 

anyone know how i can sort this out not too drastically?

[Steve]

Follow the instructions in the first post in this thread: -

 

http://www.digitalvertigo.co.uk/index.php?showtopic=90

 

Post up your log and we'll go from there.

[mr v]

phwoar this means fook all to me.

really appreciate this steve man, here's me log:

 

 

Logfile of HijackThis v1.99.1

Scan saved at 20:08:43, on 21/09/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\CTsvcCDA.EXE

c:\program files\mcafee.com\agent\mcdetect.exe

c:\PROGRA~1\mcafee.com\vso\mcshield.exe

c:\PROGRA~1\mcafee.com\agent\mctskshd.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\Tablet.exe

C:\WINDOWS\System32\MsPMSPSv.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\System32\dlbtcoms.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\hkcmd.exe

C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Real\RealPlayer\RealPlay.exe

C:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe

C:\WINDOWS\system32\RUNDLL32.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe

C:\PROGRA~1\mcafee.com\vso\mcvsescn.exe

C:\Program Files\McAfee.com\VSO\oasclnt.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe

C:\WINDOWS\SYSTEM32\Wtablet\TabUserW.exe

C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe

c:\progra~1\mcafee.com\vso\mcvsftsn.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Creative\MediaSource\CTCMS.exe

C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe

C:\WINDOWS\system32\SNDVOL32.EXE

C:\Program Files\WinRAR\WinRAR.exe

C:\Program Files\WinRAR\WinRAR.exe

C:\Documents and Settings\Will\My Documents\hijackthis beaaaaatch\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/uk/enu/gen/default.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lookfor.cc?pin=28129

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://lookfor.cc/sp.php?pin=28129

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://lookfor.cc/sp.php?pin=28129

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://lookfor.cc/sp.php?pin=28129

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lookfor.cc?pin=28129

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"

O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"

O4 - HKLM\..\Run: [intelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask

O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe

O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe

O4 - HKLM\..\Run: [VirusScan] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe

O4 - HKLM\..\Run: [Dell Photo AIO Printer 922] "C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"

O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain

O4 - HKLM\..\Run: [iexplore.exe] C:\Program Files\Internet Explorer\iexplore.exe

O4 - HKLM\..\Run: [TotalRecorderScheduler] C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe

O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe

O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\SYSTEM32\Wtablet\TabUserW.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://www.miniclip.com/platypus/miniclipGameLoader.dll

O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...83/mcinsctl.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by105fd.bay105.hotmail.msn.com/resources/MsnPUpld.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {CD17FAAA-17B4-4736-AAEF-436EDC304C8C} - http://www.contentwatch.com/audit/includes...uditControl.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE

O23 - Service: dlbt_device - Dell - C:\WINDOWS\System32\dlbtcoms.exe

O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe

O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe

O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe

O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe

O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe

O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\System32\Tablet.exe

[Steve]

OK these instructions are gonna be a bit lengthy, but it's worth doing all the steps. It doesn't take too long and hopefully you'll notice a difference.

 

Download and install CCleaner from HERE but don't run it just yet.

 

Go to Add/Remove Programs and look for something called Wild Tangent. If you see anything resembling that, uninstall it and then reboot your PC before continuing.

 

Run HijackThis, do a scan and check off all of the following if found: -

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/uk/enu/gen/default.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lookfor.cc?pin=28129

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://lookfor.cc/sp.php?pin=28129

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://lookfor.cc/sp.php?pin=28129

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://lookfor.cc/sp.php?pin=28129

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lookfor.cc?pin=28129

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll

O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab

O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://www.miniclip.com/platypus/miniclipGameLoader.dll

O16 - DPF: {CD17FAAA-17B4-4736-AAEF-436EDC304C8C} - http://www.contentwatch.com/audit/includes...uditControl.cab

 

Make sure you close all other windows (Internet Explorer etc.) and then hit Fix Checked.

 

Reboot your PC again and start Windows Explorer, not Internet Explorer, then hit Tools then Folder Options. Click on the View tab and make sure the following are set like this: -

 

Show hidden files and folders (Selected)

Hide extensions for known file types (NOT selected)

Hide protected operating system files (Recommended) (NOT Selected)

 

Then hit Apply then OK.

 

Locate the following folder in bold and delete it if found: -

 

C:\Program Files\WildTangent

 

Now run CCleaner and let it clean up your hard drive. Once it's done, start Internet Explorer and hit Tools then Internet Options. Click on the Programs tab and hit Reset Web Settings, then hit the General tab and re-enter your desired homepage. Finally, click on the Security tab, Internet Zone icon, then make sure it's not been set to low - if it has, click on Default Level. Then hit Apply then OK. Now reboot once again.

 

Download RegSeeker from HERE. Run it and make sure the box in the bottom left corner to backup before deletion is checked. Click "Clean The Registry" in the menu on the left hand side. Make sure all the boxes on the next screen are checked then hit "OK!". Once the scan is complete, hit "Select All" at the bottom of the screen, then "Select All" again from the little menu that pops up. Right click any one of the items on the list and choose "Delete selected items", then exit the program. At this point you definitely must reboot.

 

Download NTREGOPT from HERE. Run it and hit "OK" to scan your registry. It only takes a minute or two and then a prompt will appear telling you to reboot. Once your PC has restarted, the new compacted registry will have replaced the old one.

 

At this point you should be OK. I'd run Disc Defragmenter from the System Tools section of the Start menu if you haven't done it in a while. It can take ages to run, so do it when you don't need to use the PC.

 

Also, your Java installation is out of date. Uninstall the version you have, reboot, then go HERE and get the latest version.

 

If this doesn't solve your problem, get back to me.

[Steve]

How did you get on with this?

[mr v]

to be fair, a little temporary increase, but nowt to shout about.

think i'm probably just gonna have to reformat this machine, its a bastard.