Go Back   Cyber Tech Help Support Forums > Software > Malware Removal

Notices

Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs

Reply
 
Topic Tools
  #1  
Old July 16th, 2010, 04:39 PM
edingerd edingerd is offline
New Member
 
Join Date: Jul 2010
Posts: 5
Windows XP running slow

A friend give me his old Toshiba laptop. It has Windows XP and IE8. The computer runs extremely slow. Additionally sound is distorted and browser is hijacked. Any assiatnace would be greatly appreciated.
Reply With Quote
  #2  
Old July 20th, 2010, 12:11 AM
AnnMarie's Avatar
AnnMarie AnnMarie is offline
CTH Subscriber
 
Join Date: Oct 2001
O/S: Windows Vista 32-bit
Location: New Zealand
Posts: 59,810
Hi edingerd and welcome. Do you still need assistance?
Reply With Quote
  #3  
Old July 21st, 2010, 04:40 AM
edingerd edingerd is offline
New Member
 
Join Date: Jul 2010
Posts: 5
thank you and yes i still need help its gettin bad
Reply With Quote
  #4  
Old July 21st, 2010, 04:55 AM
AnnMarie's Avatar
AnnMarie AnnMarie is offline
CTH Subscriber
 
Join Date: Oct 2001
O/S: Windows Vista 32-bit
Location: New Zealand
Posts: 59,810
Ok, I need to see some logs to be able to help you remove malware but before you provide them, you need to know that I will not remove malware from computers that have filesharing software installed (such as Limewire and Bit Torrent) so if you want my help, please uninstall any such programs now and reboot.

Go here and download DDS to your Desktop and doubleclick on DDs.scr to run it. If your security software includes script blocking features, please disable these before you run this utility. When the scan has finished, two logs will open. Copy and paste both reports in this topic. The logs will be reasonably large so you may have to divide them into sections and make several posts to post them.

Next, go here and download TDSSKiller.zip to your Desktop and unzip it.

Once the contents are extracted, doubleclick on TDSSKiller.exe to run it. When the utility has completed scanning, a log will be generated (C:\TDSSKiller<random>.txt). Please post the log in this thread.

Also download the latest version of Gmer (Download EXE) from here to your Desktop.

When you have done this, close all running programs including those in your notification area (bottom righthand corner of your screen) and doubleclick on Gmer.exe to run it. Click on the Rootkit/Malware tab and look at the righthand side (under Files) and uncheck all drives with the exception of your C drive and then click on Scan (before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan). When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Save the file and copy the information and post it here please.

Warning! Please do not select the "Show all" checkbox during the scan

Please do not run any programs other than those that I suggest or install any new software while I am helping you.
Reply With Quote
  #5  
Old July 21st, 2010, 10:36 PM
edingerd edingerd is offline
New Member
 
Join Date: Jul 2010
Posts: 5
d.d.s. page 1

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-03-17.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 12/6/2008 9:44:33 AM
System Uptime: 7/21/2010 10:19:03 AM (4 hours ago)
Motherboard: ATI | | SB450
Processor: Intel(R) Celeron(R) M CPU 410 @ 1.46GHz | U23 | 1463/mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 52 GiB total, 39.06 GiB free.
D: is CDROM ()
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP69: 6/9/2010 1:46:56 AM - Software Distribution Service 3.0
RP70: 6/9/2010 3:04:17 AM - Software Distribution Service 3.0
RP71: 6/9/2010 1:58:23 AM - Software Distribution Service 3.0
RP72: 6/9/2010 3:00:22 AM - Software Distribution Service 3.0
RP73: 6/9/2010 11:22:22 AM - Removed Ad-Aware
RP74: 6/9/2010 11:23:37 AM - Removed Adobe Reader 7.0
RP75: 6/9/2010 11:25:51 AM - Removed Atheros Client Utility
RP76: 6/9/2010 11:27:01 AM - Removed Atheros Wireless LAN MiniPCI/PCIe card Driver
RP77: 6/9/2010 12:02:11 PM - Restore Operation
RP78: 6/9/2010 12:10:06 PM - Software Distribution Service 3.0
RP79: 6/9/2010 12:24:21 PM - Removed Microsoft Office Home and Student 2007
RP80: 6/9/2010 12:31:46 PM - Removed Microsoft Digital Image Starter Edition 2006 Editor
RP81: 6/9/2010 12:32:40 PM - Removed Microsoft Digital Image Starter Edition 2006 Library
RP82: 6/10/2010 8:28:04 PM - Software Distribution Service 3.0
RP83: 6/11/2010 4:17:40 AM - Software Distribution Service 3.0
RP84: 6/11/2010 10:51:59 PM - Software Distribution Service 3.0
RP85: 6/13/2010 12:52:12 AM - System Checkpoint
RP86: 6/14/2010 5:48:50 PM - Software Distribution Service 3.0
RP87: 6/15/2010 10:02:29 PM - System Checkpoint
RP88: 6/17/2010 8:43:56 AM - Restore Operation
RP89: 6/18/2010 3:17:52 PM - System Checkpoint
RP90: 6/19/2010 3:19:09 PM - System Checkpoint
RP91: 6/21/2010 2:53:40 PM - System Checkpoint
RP92: 6/22/2010 9:16:47 AM - Installed Java(TM) 6 Update 20
RP93: 6/22/2010 9:20:48 AM - Software Distribution Service 3.0
RP94: 6/22/2010 10:18:50 AM - Restore Operation
RP95: 6/22/2010 11:32:44 AM - Restore Operation
RP96: 6/22/2010 6:13:22 PM - Software Distribution Service 3.0
RP97: 6/23/2010 8:08:32 PM - System Checkpoint
RP98: 6/25/2010 9:37:04 AM - System Checkpoint
RP99: 6/27/2010 9:50:32 AM - System Checkpoint
RP100: 6/27/2010 7:45:36 PM - Restore Operation
RP101: 6/27/2010 8:09:18 PM - Restore Operation
RP102: 6/29/2010 10:04:43 PM - System Checkpoint
RP103: 6/30/2010 10:53:56 PM - System Checkpoint
RP104: 7/12/2010 4:51:40 AM - System Checkpoint
RP105: 7/12/2010 5:59:58 PM - Installed PC SpeedScan Pro
RP106: 7/13/2010 1:06:56 PM - Revo Uninstaller's restore point - PC SpeedScan Pro
RP107: 7/13/2010 1:08:07 PM - Removed PC SpeedScan Pro
RP108: 7/13/2010 1:45:36 PM - Revo Uninstaller's restore point - PConPoint v4.1
RP109: 7/13/2010 1:53:22 PM - avast! Free Antivirus Setup
RP110: 7/15/2010 5:28:26 AM - System Checkpoint
RP111: 7/16/2010 4:06:04 PM - Revo Uninstaller's restore point - Yahoo! Messenger
RP112: 7/16/2010 4:14:07 PM - Revo Uninstaller's restore point - Yahoo! Music Engine
RP113: 7/16/2010 4:22:06 PM - Revo Uninstaller's restore point - Yahoo! Toolbar
RP114: 7/17/2010 11:13:03 AM - Revo Uninstaller's restore point - Spyware Doctor 7.0
RP115: 7/17/2010 12:49:04 PM - Revo Uninstaller's restore point - MSN
RP116: 7/17/2010 12:50:12 PM - Revo Uninstaller's restore point - MSN
RP117: 7/17/2010 12:56:24 PM - Revo Uninstaller's restore point - Mini-Cam
RP118: 7/17/2010 1:00:19 PM - Revo Uninstaller's restore point - Microsoft Works
RP119: 7/17/2010 9:50:35 PM - Removed Windows Defender
RP120: 7/19/2010 1:27:46 AM - System Checkpoint
RP121: 7/20/2010 3:59:24 AM - System Checkpoint
==== Installed Programs ======================
Ad-Aware
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.0
Atheros Client Utility
Atheros Wireless LAN MiniPCI/PCIe card Driver
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
avast! Free Antivirus
Bejeweled 2 Deluxe 1.1
Belarc Advisor 7.2
Blasterball 2 Revolution
CCleaner (remove only)
CD/DVD Drive Acoustic Silencer
CleanUp!
DVD-RAM Driver
FATE
Google AFE
Google Toolbar for Internet Explorer
Hard Disk Recovery Utilities
High Definition Audio Driver Package - KB888111
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB981793)
InterActual Player
InterVideo WinDVD for TOSHIBA
J2SE Runtime Environment 5.0 Update 6
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyConnect Special Offer
Office 2003 Trial Assistant
PConPoint v1.1
QuickTime
RealPlayer Basic
REALTEK GbE & FE Ethernet NIC Driver
Realtek High Definition Audio Driver
Revo Uninstaller 1.89
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981349)
Sonic DLA
Sonic RecordNow!
SpeedPlexer - Broadband Speedtest
Spybot - Search & Destroy
Synaptics Pointing Device Driver
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Controls
TOSHIBA Game Console
TOSHIBA Hotkey Utility
TOSHIBA PC Diagnostic Tool
TOSHIBA Power Saver
Toshiba Registration
TOSHIBA Software Upgrades
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA TouchPad ON/Off Utility
TOSHIBA Utilities
TOSHIBA Virtual Sound
TOSHIBA Zooming Utility
Touch and Launch
Undelete Plus 2.98
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
WebFldrs XP
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 10
Windows XP Service Pack 3
==== Event Viewer Messages From Past Week ========
Reply With Quote
  #6  
Old July 21st, 2010, 10:40 PM
edingerd edingerd is offline
New Member
 
Join Date: Jul 2010
Posts: 5
==== Event Viewer Messages From Past Week ========

7/20/2010 5:40:08 AM, error: ati2mtag [108] - The driver ati2dvag for the display device \Device\Video0 got stuck in an infinite loop. This usually indicates a problem with the device itself or with the device driver programming the hardware incorrectly. Please check with your hardware device vendor for any driver updates.
7/20/2010 12:18:41 PM, error: System Error [1003] - Error code 000000ea, parameter1 842230e8, parameter2 83f82908, parameter3 83d588e8, parameter4 00000001.
7/18/2010 4:00:00 AM, error: Schedule [7901] - The At29.job command failed to start due to the following error: %%2147942402
7/18/2010 3:25:00 AM, error: Schedule [7901] - The At4.job command failed to start due to the following error: %%2147942402
7/18/2010 3:00:00 AM, error: Schedule [7901] - The At28.job command failed to start due to the following error: %%2147942402
7/18/2010 2:25:00 AM, error: Schedule [7901] - The At3.job command failed to start due to the following error: %%2147942402
7/17/2010 9:51:58 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
7/17/2010 9:25:00 AM, error: Schedule [7901] - The At10.job command failed to start due to the following error: %%2147942402
7/17/2010 9:00:00 AM, error: Schedule [7901] - The At34.job command failed to start due to the following error: %%2147942402
7/17/2010 5:00:01 PM, error: Schedule [7901] - The At42.job command failed to start due to the following error: %%2147942402
7/17/2010 4:25:00 PM, error: Schedule [7901] - The At17.job command failed to start due to the following error: %%2147942402
7/17/2010 4:00:00 PM, error: Schedule [7901] - The At41.job command failed to start due to the following error: %%2147942402
7/17/2010 3:25:00 PM, error: Schedule [7901] - The At16.job command failed to start due to the following error: %%2147942402
7/17/2010 3:00:00 PM, error: Schedule [7901] - The At40.job command failed to start due to the following error: %%2147942402
7/17/2010 2:25:00 PM, error: Schedule [7901] - The At15.job command failed to start due to the following error: %%2147942402
7/17/2010 2:00:00 PM, error: Schedule [7901] - The At39.job command failed to start due to the following error: %%2147942402
7/17/2010 12:30:58 PM, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
7/17/2010 12:30:58 PM, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver.
7/17/2010 12:00:00 PM, error: Schedule [7901] - The At37.job command failed to start due to the following error: %%2147942402
7/17/2010 11:25:03 AM, error: Schedule [7901] - The At12.job command failed to start due to the following error: %%2147942402
7/17/2010 11:13:26 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the PC Tools Security Service service to connect.
7/17/2010 11:13:26 AM, error: Service Control Manager [7000] - The PC Tools Security Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/17/2010 11:11:30 AM, error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 5 time(s).
7/17/2010 11:04:50 AM, error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 4 time(s).
7/17/2010 11:00:04 AM, error: Schedule [7901] - The At36.job command failed to start due to the following error: %%2147942402
7/17/2010 10:58:47 AM, error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 3 time(s).
7/17/2010 10:52:27 AM, error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 2 time(s).
7/17/2010 10:45:40 AM, error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s).
7/17/2010 10:25:20 AM, error: Schedule [7901] - The At11.job command failed to start due to the following error: %%2147942402
7/17/2010 10:00:02 AM, error: Schedule [7901] - The At35.job command failed to start due to the following error: %%2147942402
7/17/2010 1:25:00 PM, error: Schedule [7901] - The At14.job command failed to start due to the following error: %%2147942402
7/17/2010 1:00:03 PM, error: Schedule [7901] - The At38.job command failed to start due to the following error: %%2147942402
7/16/2010 9:51:16 AM, error: Dhcp [1002] - The IP address lease 192.168.1.68 for the Network Card with network address 0016E367BCDA has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
7/16/2010 9:00:04 PM, error: Schedule [7901] - The At46.job command failed to start due to the following error: %%2147942402
7/16/2010 8:25:01 AM, error: Schedule [7901] - The At9.job command failed to start due to the following error: %%2147942402
7/16/2010 8:25:00 PM, error: Schedule [7901] - The At21.job command failed to start due to the following error: %%2147942402
7/16/2010 8:00:01 AM, error: Schedule [7901] - The At33.job command failed to start due to the following error: %%2147942402
7/16/2010 8:00:00 PM, error: Schedule [7901] - The At45.job command failed to start due to the following error: %%2147942402
7/16/2010 7:25:01 PM, error: Schedule [7901] - The At20.job command failed to start due to the following error: %%2147942402
7/16/2010 7:25:00 AM, error: Schedule [7901] - The At8.job command failed to start due to the following error: %%2147942402
7/16/2010 7:00:01 PM, error: Schedule [7901] - The At44.job command failed to start due to the following error: %%2147942402
7/16/2010 7:00:00 AM, error: Schedule [7901] - The At32.job command failed to start due to the following error: %%2147942402
7/16/2010 6:25:00 PM, error: Schedule [7901] - The At19.job command failed to start due to the following error: %%2147942402
7/16/2010 6:00:02 PM, error: Schedule [7901] - The At43.job command failed to start due to the following error: %%2147942402
7/16/2010 5:25:01 PM, error: Schedule [7901] - The At18.job command failed to start due to the following error: %%2147942402
7/16/2010 12:25:00 PM, error: Schedule [7901] - The At13.job command failed to start due to the following error: %%2147942402
7/16/2010 12:17:00 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
7/16/2010 12:17:00 PM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
7/15/2010 9:25:00 PM, error: Schedule [7901] - The At22.job command failed to start due to the following error: %%2147942402
7/15/2010 9:13:44 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Dnscache service.
7/15/2010 6:25:00 AM, error: Schedule [7901] - The At7.job command failed to start due to the following error: %%2147942402
7/15/2010 6:00:01 AM, error: Schedule [7901] - The At31.job command failed to start due to the following error: %%2147942402
7/15/2010 5:25:00 AM, error: Schedule [7901] - The At6.job command failed to start due to the following error: %%2147942402
7/15/2010 5:00:00 AM, error: Schedule [7901] - The At30.job command failed to start due to the following error: %%2147942402
7/15/2010 4:56:24 PM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
7/15/2010 4:54:15 PM, error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
7/15/2010 4:25:01 AM, error: Schedule [7901] - The At5.job command failed to start due to the following error: %%2147942402
7/15/2010 11:25:00 PM, error: Schedule [7901] - The At24.job command failed to start due to the following error: %%2147942402
7/15/2010 11:00:00 PM, error: Schedule [7901] - The At48.job command failed to start due to the following error: %%2147942402
7/15/2010 10:25:02 PM, error: Schedule [7901] - The At23.job command failed to start due to the following error: %%2147942402
7/15/2010 10:00:05 PM, error: Schedule [7901] - The At47.job command failed to start due to the following error: %%2147942402
7/14/2010 2:00:00 AM, error: Schedule [7901] - The At27.job command failed to start due to the following error: %%2147942402
7/14/2010 12:25:00 AM, error: Schedule [7901] - The At1.job command failed to start due to the following error: %%2147942402
7/14/2010 12:22:00 AM, error: Schedule [7901] - The At25.job command failed to start due to the following error: %%2147942402
7/14/2010 1:25:00 AM, error: Schedule [7901] - The At2.job command failed to start due to the following error: %%2147942402
7/14/2010 1:00:00 AM, error: Schedule [7901] - The At26.job command failed to start due to the following error: %%2147942402

==== End Of File ===========================
Reply With Quote
  #7  
Old July 21st, 2010, 10:41 PM
edingerd edingerd is offline
New Member
 
Join Date: Jul 2010
Posts: 5
DDS (Ver_10-03-17.01) - NTFSx86
Run by admin at 14:06:13.68 on Wed 07/21/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.446.24 [GMT -7:00]

AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
svchost.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\toshiba\ivp\ism\pinger.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Toshiba\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\HEG8HQ64\dds[1].scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uSearch Bar = hxxp://www.toshiba.com/search
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = iexplore
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - No File
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [THotkey] c:\program files\toshiba\toshiba applet\thotkey.exe
mRun: [PadTouch] c:\program files\toshiba\touch and launch\PadExe.exe
mRun: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [CFSServ.exe] CFSServ.exe -NoClient
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [Tvs] c:\program files\toshiba\tvs\TvsTray.exe
mRun: [TFncKy] TFncKy.exe
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe " -t
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel
IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
Hosts: 127.0.0.1 www.spywareinfo.com

============= SERVICES / DRIVERS ===============

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-7-13 165456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswF sBlk.sys [2010-7-13 17744]
S3 msdemgr;msdemgr;c:\windows\system32\msdemgr.sys [2010-6-17 2304]

=============== Created Last 30 ================

2010-07-17 17:23:41 0 d-----w- c:\program files\Spyware Doctor
2010-07-14 00:43:49 0 d-----w- c:\program files\PConPoint
2010-07-13 20:53:33 38848 ----a-w- c:\windows\avastSS.scr
2010-07-13 20:53:22 0 d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software
2010-07-13 20:04:57 0 d-----w- c:\program files\VS Revo Group
2010-07-13 01:00:04 393216 ----a-w- c:\windows\system32\AscConTest.dll
2010-07-13 01:00:04 36864 ----a-w- c:\windows\system32\ascbalon.dll
2010-07-13 01:00:04 307200 ----a-w- c:\windows\system32\AscSQLite.dll
2010-07-13 01:00:04 20480 ----a-w- c:\windows\system32\SysRestore.dll
2010-07-13 00:59:41 0 d-----w- c:\program files\Ascentive
2010-07-12 22:59:26 0 d-----w- c:\docume~1\alluse~1\applic~1\The Game Equation
2010-07-02 04:48:17 0 d-----w- c:\docume~1\admin\applic~1\Freezetag
2010-07-01 18:23:13 0 d-----w- c:\docume~1\admin\applic~1\WildTangentv1000
2010-07-01 18:08:17 53248 ----a-w- c:\windows\system32\Iasv32.dll
2010-06-28 03:14:07 0 d-----w- c:\windows\system32\wbem\Repository
2010-06-27 20:08:14 0 d-----w- c:\documents and settings\admin\GameHouse
2010-06-22 17:08:58 0 d-----w- c:\docume~1\alluse~1\applic~1\RegCure
2010-06-22 16:46:28 112 ----a-w- c:\docume~1\alluse~1\applic~1\ErxxGM.dat
2010-06-22 16:37:59 0 d-sh--w- c:\documents and settings\admin\IECompatCache
2010-06-22 16:36:40 0 d-sh--w- c:\documents and settings\admin\PrivacIE
2010-06-22 16:31:26 0 d-sh--w- c:\documents and settings\admin\IETldCache
2010-06-22 16:25:22 0 dc-h--w- c:\windows\ie8

==================== Find3M ====================

2010-07-01 17:40:21 536 ----a-w- c:\docume~1\admin\applic~1\wklnhst.dat
2010-06-17 18:01:41 53248 ----a-w- c:\windows\system32\6to4v32.dll
2010-06-17 18:01:39 2304 ----a-w- c:\windows\system32\msdemgr.sys
2010-06-17 07:06:47 1698 ----a-w- c:\windows\Qjuhoganis.dat
2010-06-12 03:29:24 4096 ----a-w- c:\windows\d3dx.dat
2010-05-21 21:14:28 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-04 17:20:39 832512 ----a-w- c:\windows\system32\wininet(2)(3).dll
2010-05-04 17:20:39 1168384 ----a-w- c:\windows\system32\urlmon(2)(3).dll
2010-05-04 17:20:39 105984 ----a-w- c:\windows\system32\url(2)(3).dll
2010-05-04 17:20:38 3600384 ----a-w- c:\windows\system32\mshtml(2)(3).dll
2010-05-04 17:20:36 268288 ----a-w- c:\windows\system32\iertutil(2)(3).dll
2010-05-04 17:20:35 6067200 ----a-w- c:\windows\system32\ieframe(2)(3).dll
2010-05-02 05:22:50 1851264 ----a-w- c:\windows\system32\win32k.sys
2009-01-10 05:51:05 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009010920090 110\index.dat

============= FINISH: 14:08:49.14 ===============
Reply With Quote
  #8  
Old July 21st, 2010, 11:33 PM
AnnMarie's Avatar
AnnMarie AnnMarie is offline
CTH Subscriber
 
Join Date: Oct 2001
O/S: Windows Vista 32-bit
Location: New Zealand
Posts: 59,810
Please also post the other logs I asked for.
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Topics
Topic Topic Starter Forum Replies Last Post
Windows 7 - Running Slow GymWrecker Windows 7 2 December 10th, 2010 11:27 PM
Windows XP SP2 Pro Running Slow f14jag Windows XP 8 August 18th, 2006 02:22 PM
Please Help! Windows is running slow. Dub!tch Malware Removal 1 September 22nd, 2005 03:26 AM
windows xp running much too slow thedman Malware Removal 1 December 2nd, 2004 06:22 PM
WIndows XP running unusually slow.... Like REALLY REALLY slow. Any ideas?? FrankieBonez Windows XP 8 July 24th, 2004 06:59 AM


All times are GMT +1. The time now is 04:52 PM.