|
Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs |
|
Topic Tools |
#1
|
|||
|
|||
Windows XP running slow
A friend give me his old Toshiba laptop. It has Windows XP and IE8. The computer runs extremely slow. Additionally sound is distorted and browser is hijacked. Any assiatnace would be greatly appreciated.
|
#2
|
||||
|
||||
Hi edingerd and welcome. Do you still need assistance?
|
#3
|
|||
|
|||
thank you and yes i still need help its gettin bad
|
#4
|
||||
|
||||
Ok, I need to see some logs to be able to help you remove malware but before you provide them, you need to know that I will not remove malware from computers that have filesharing software installed (such as Limewire and Bit Torrent) so if you want my help, please uninstall any such programs now and reboot.
Go here and download DDS to your Desktop and doubleclick on DDs.scr to run it. If your security software includes script blocking features, please disable these before you run this utility. When the scan has finished, two logs will open. Copy and paste both reports in this topic. The logs will be reasonably large so you may have to divide them into sections and make several posts to post them. Next, go here and download TDSSKiller.zip to your Desktop and unzip it. Once the contents are extracted, doubleclick on TDSSKiller.exe to run it. When the utility has completed scanning, a log will be generated (C:\TDSSKiller<random>.txt). Please post the log in this thread. Also download the latest version of Gmer (Download EXE) from here to your Desktop. When you have done this, close all running programs including those in your notification area (bottom righthand corner of your screen) and doubleclick on Gmer.exe to run it. Click on the Rootkit/Malware tab and look at the righthand side (under Files) and uncheck all drives with the exception of your C drive and then click on Scan (before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan). When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Save the file and copy the information and post it here please. Warning! Please do not select the "Show all" checkbox during the scan Please do not run any programs other than those that I suggest or install any new software while I am helping you. |
#5
|
|||
|
|||
d.d.s. page 1
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-03-17.01) Microsoft Windows XP Home Edition Boot Device: \Device\HarddiskVolume1 Install Date: 12/6/2008 9:44:33 AM System Uptime: 7/21/2010 10:19:03 AM (4 hours ago) Motherboard: ATI | | SB450 Processor: Intel(R) Celeron(R) M CPU 410 @ 1.46GHz | U23 | 1463/mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 52 GiB total, 39.06 GiB free. D: is CDROM () ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP69: 6/9/2010 1:46:56 AM - Software Distribution Service 3.0 RP70: 6/9/2010 3:04:17 AM - Software Distribution Service 3.0 RP71: 6/9/2010 1:58:23 AM - Software Distribution Service 3.0 RP72: 6/9/2010 3:00:22 AM - Software Distribution Service 3.0 RP73: 6/9/2010 11:22:22 AM - Removed Ad-Aware RP74: 6/9/2010 11:23:37 AM - Removed Adobe Reader 7.0 RP75: 6/9/2010 11:25:51 AM - Removed Atheros Client Utility RP76: 6/9/2010 11:27:01 AM - Removed Atheros Wireless LAN MiniPCI/PCIe card Driver RP77: 6/9/2010 12:02:11 PM - Restore Operation RP78: 6/9/2010 12:10:06 PM - Software Distribution Service 3.0 RP79: 6/9/2010 12:24:21 PM - Removed Microsoft Office Home and Student 2007 RP80: 6/9/2010 12:31:46 PM - Removed Microsoft Digital Image Starter Edition 2006 Editor RP81: 6/9/2010 12:32:40 PM - Removed Microsoft Digital Image Starter Edition 2006 Library RP82: 6/10/2010 8:28:04 PM - Software Distribution Service 3.0 RP83: 6/11/2010 4:17:40 AM - Software Distribution Service 3.0 RP84: 6/11/2010 10:51:59 PM - Software Distribution Service 3.0 RP85: 6/13/2010 12:52:12 AM - System Checkpoint RP86: 6/14/2010 5:48:50 PM - Software Distribution Service 3.0 RP87: 6/15/2010 10:02:29 PM - System Checkpoint RP88: 6/17/2010 8:43:56 AM - Restore Operation RP89: 6/18/2010 3:17:52 PM - System Checkpoint RP90: 6/19/2010 3:19:09 PM - System Checkpoint RP91: 6/21/2010 2:53:40 PM - System Checkpoint RP92: 6/22/2010 9:16:47 AM - Installed Java(TM) 6 Update 20 RP93: 6/22/2010 9:20:48 AM - Software Distribution Service 3.0 RP94: 6/22/2010 10:18:50 AM - Restore Operation RP95: 6/22/2010 11:32:44 AM - Restore Operation RP96: 6/22/2010 6:13:22 PM - Software Distribution Service 3.0 RP97: 6/23/2010 8:08:32 PM - System Checkpoint RP98: 6/25/2010 9:37:04 AM - System Checkpoint RP99: 6/27/2010 9:50:32 AM - System Checkpoint RP100: 6/27/2010 7:45:36 PM - Restore Operation RP101: 6/27/2010 8:09:18 PM - Restore Operation RP102: 6/29/2010 10:04:43 PM - System Checkpoint RP103: 6/30/2010 10:53:56 PM - System Checkpoint RP104: 7/12/2010 4:51:40 AM - System Checkpoint RP105: 7/12/2010 5:59:58 PM - Installed PC SpeedScan Pro RP106: 7/13/2010 1:06:56 PM - Revo Uninstaller's restore point - PC SpeedScan Pro RP107: 7/13/2010 1:08:07 PM - Removed PC SpeedScan Pro RP108: 7/13/2010 1:45:36 PM - Revo Uninstaller's restore point - PConPoint v4.1 RP109: 7/13/2010 1:53:22 PM - avast! Free Antivirus Setup RP110: 7/15/2010 5:28:26 AM - System Checkpoint RP111: 7/16/2010 4:06:04 PM - Revo Uninstaller's restore point - Yahoo! Messenger RP112: 7/16/2010 4:14:07 PM - Revo Uninstaller's restore point - Yahoo! Music Engine RP113: 7/16/2010 4:22:06 PM - Revo Uninstaller's restore point - Yahoo! Toolbar RP114: 7/17/2010 11:13:03 AM - Revo Uninstaller's restore point - Spyware Doctor 7.0 RP115: 7/17/2010 12:49:04 PM - Revo Uninstaller's restore point - MSN RP116: 7/17/2010 12:50:12 PM - Revo Uninstaller's restore point - MSN RP117: 7/17/2010 12:56:24 PM - Revo Uninstaller's restore point - Mini-Cam RP118: 7/17/2010 1:00:19 PM - Revo Uninstaller's restore point - Microsoft Works RP119: 7/17/2010 9:50:35 PM - Removed Windows Defender RP120: 7/19/2010 1:27:46 AM - System Checkpoint RP121: 7/20/2010 3:59:24 AM - System Checkpoint ==== Installed Programs ====================== Ad-Aware Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 7.0 Atheros Client Utility Atheros Wireless LAN MiniPCI/PCIe card Driver ATI - Software Uninstall Utility ATI Control Panel ATI Display Driver avast! Free Antivirus Bejeweled 2 Deluxe 1.1 Belarc Advisor 7.2 Blasterball 2 Revolution CCleaner (remove only) CD/DVD Drive Acoustic Silencer CleanUp! DVD-RAM Driver FATE Google AFE Google Toolbar for Internet Explorer Hard Disk Recovery Utilities High Definition Audio Driver Package - KB888111 Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB981793) InterActual Player InterVideo WinDVD for TOSHIBA J2SE Runtime Environment 5.0 Update 6 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyConnect Special Offer Office 2003 Trial Assistant PConPoint v1.1 QuickTime RealPlayer Basic REALTEK GbE & FE Ethernet NIC Driver Realtek High Definition Audio Driver Revo Uninstaller 1.89 Security Update for Step By Step Interactive Training (KB898458) Security Update for Windows Internet Explorer 7 (KB938127-v2) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 7 (KB972260) Security Update for Windows Internet Explorer 7 (KB982381) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 10 (KB936782) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB938464-v2) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958215) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960714) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371-v2) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB981349) Sonic DLA Sonic RecordNow! SpeedPlexer - Broadband Speedtest Spybot - Search & Destroy Synaptics Pointing Device Driver TOSHIBA Assist TOSHIBA ConfigFree TOSHIBA Controls TOSHIBA Game Console TOSHIBA Hotkey Utility TOSHIBA PC Diagnostic Tool TOSHIBA Power Saver Toshiba Registration TOSHIBA Software Upgrades TOSHIBA Speech System Applications TOSHIBA Speech System SR Engine(U.S.) Version1.0 TOSHIBA Speech System TTS Engine(U.S.) Version1.0 TOSHIBA TouchPad ON/Off Utility TOSHIBA Utilities TOSHIBA Virtual Sound TOSHIBA Zooming Utility Touch and Launch Undelete Plus 2.98 Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) WebFldrs XP Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Media Format 11 runtime Windows Media Player 10 Windows XP Service Pack 3 ==== Event Viewer Messages From Past Week ======== |
#6
|
|||
|
|||
==== Event Viewer Messages From Past Week ========
7/20/2010 5:40:08 AM, error: ati2mtag [108] - The driver ati2dvag for the display device \Device\Video0 got stuck in an infinite loop. This usually indicates a problem with the device itself or with the device driver programming the hardware incorrectly. Please check with your hardware device vendor for any driver updates. 7/20/2010 12:18:41 PM, error: System Error [1003] - Error code 000000ea, parameter1 842230e8, parameter2 83f82908, parameter3 83d588e8, parameter4 00000001. 7/18/2010 4:00:00 AM, error: Schedule [7901] - The At29.job command failed to start due to the following error: %%2147942402 7/18/2010 3:25:00 AM, error: Schedule [7901] - The At4.job command failed to start due to the following error: %%2147942402 7/18/2010 3:00:00 AM, error: Schedule [7901] - The At28.job command failed to start due to the following error: %%2147942402 7/18/2010 2:25:00 AM, error: Schedule [7901] - The At3.job command failed to start due to the following error: %%2147942402 7/17/2010 9:51:58 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found. 7/17/2010 9:25:00 AM, error: Schedule [7901] - The At10.job command failed to start due to the following error: %%2147942402 7/17/2010 9:00:00 AM, error: Schedule [7901] - The At34.job command failed to start due to the following error: %%2147942402 7/17/2010 5:00:01 PM, error: Schedule [7901] - The At42.job command failed to start due to the following error: %%2147942402 7/17/2010 4:25:00 PM, error: Schedule [7901] - The At17.job command failed to start due to the following error: %%2147942402 7/17/2010 4:00:00 PM, error: Schedule [7901] - The At41.job command failed to start due to the following error: %%2147942402 7/17/2010 3:25:00 PM, error: Schedule [7901] - The At16.job command failed to start due to the following error: %%2147942402 7/17/2010 3:00:00 PM, error: Schedule [7901] - The At40.job command failed to start due to the following error: %%2147942402 7/17/2010 2:25:00 PM, error: Schedule [7901] - The At15.job command failed to start due to the following error: %%2147942402 7/17/2010 2:00:00 PM, error: Schedule [7901] - The At39.job command failed to start due to the following error: %%2147942402 7/17/2010 12:30:58 PM, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory. 7/17/2010 12:30:58 PM, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver. 7/17/2010 12:00:00 PM, error: Schedule [7901] - The At37.job command failed to start due to the following error: %%2147942402 7/17/2010 11:25:03 AM, error: Schedule [7901] - The At12.job command failed to start due to the following error: %%2147942402 7/17/2010 11:13:26 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the PC Tools Security Service service to connect. 7/17/2010 11:13:26 AM, error: Service Control Manager [7000] - The PC Tools Security Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/17/2010 11:11:30 AM, error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 5 time(s). 7/17/2010 11:04:50 AM, error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 4 time(s). 7/17/2010 11:00:04 AM, error: Schedule [7901] - The At36.job command failed to start due to the following error: %%2147942402 7/17/2010 10:58:47 AM, error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 3 time(s). 7/17/2010 10:52:27 AM, error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 2 time(s). 7/17/2010 10:45:40 AM, error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s). 7/17/2010 10:25:20 AM, error: Schedule [7901] - The At11.job command failed to start due to the following error: %%2147942402 7/17/2010 10:00:02 AM, error: Schedule [7901] - The At35.job command failed to start due to the following error: %%2147942402 7/17/2010 1:25:00 PM, error: Schedule [7901] - The At14.job command failed to start due to the following error: %%2147942402 7/17/2010 1:00:03 PM, error: Schedule [7901] - The At38.job command failed to start due to the following error: %%2147942402 7/16/2010 9:51:16 AM, error: Dhcp [1002] - The IP address lease 192.168.1.68 for the Network Card with network address 0016E367BCDA has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message). 7/16/2010 9:00:04 PM, error: Schedule [7901] - The At46.job command failed to start due to the following error: %%2147942402 7/16/2010 8:25:01 AM, error: Schedule [7901] - The At9.job command failed to start due to the following error: %%2147942402 7/16/2010 8:25:00 PM, error: Schedule [7901] - The At21.job command failed to start due to the following error: %%2147942402 7/16/2010 8:00:01 AM, error: Schedule [7901] - The At33.job command failed to start due to the following error: %%2147942402 7/16/2010 8:00:00 PM, error: Schedule [7901] - The At45.job command failed to start due to the following error: %%2147942402 7/16/2010 7:25:01 PM, error: Schedule [7901] - The At20.job command failed to start due to the following error: %%2147942402 7/16/2010 7:25:00 AM, error: Schedule [7901] - The At8.job command failed to start due to the following error: %%2147942402 7/16/2010 7:00:01 PM, error: Schedule [7901] - The At44.job command failed to start due to the following error: %%2147942402 7/16/2010 7:00:00 AM, error: Schedule [7901] - The At32.job command failed to start due to the following error: %%2147942402 7/16/2010 6:25:00 PM, error: Schedule [7901] - The At19.job command failed to start due to the following error: %%2147942402 7/16/2010 6:00:02 PM, error: Schedule [7901] - The At43.job command failed to start due to the following error: %%2147942402 7/16/2010 5:25:01 PM, error: Schedule [7901] - The At18.job command failed to start due to the following error: %%2147942402 7/16/2010 12:25:00 PM, error: Schedule [7901] - The At13.job command failed to start due to the following error: %%2147942402 7/16/2010 12:17:00 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect. 7/16/2010 12:17:00 PM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/15/2010 9:25:00 PM, error: Schedule [7901] - The At22.job command failed to start due to the following error: %%2147942402 7/15/2010 9:13:44 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Dnscache service. 7/15/2010 6:25:00 AM, error: Schedule [7901] - The At7.job command failed to start due to the following error: %%2147942402 7/15/2010 6:00:01 AM, error: Schedule [7901] - The At31.job command failed to start due to the following error: %%2147942402 7/15/2010 5:25:00 AM, error: Schedule [7901] - The At6.job command failed to start due to the following error: %%2147942402 7/15/2010 5:00:00 AM, error: Schedule [7901] - The At30.job command failed to start due to the following error: %%2147942402 7/15/2010 4:56:24 PM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period. 7/15/2010 4:54:15 PM, error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0. 7/15/2010 4:25:01 AM, error: Schedule [7901] - The At5.job command failed to start due to the following error: %%2147942402 7/15/2010 11:25:00 PM, error: Schedule [7901] - The At24.job command failed to start due to the following error: %%2147942402 7/15/2010 11:00:00 PM, error: Schedule [7901] - The At48.job command failed to start due to the following error: %%2147942402 7/15/2010 10:25:02 PM, error: Schedule [7901] - The At23.job command failed to start due to the following error: %%2147942402 7/15/2010 10:00:05 PM, error: Schedule [7901] - The At47.job command failed to start due to the following error: %%2147942402 7/14/2010 2:00:00 AM, error: Schedule [7901] - The At27.job command failed to start due to the following error: %%2147942402 7/14/2010 12:25:00 AM, error: Schedule [7901] - The At1.job command failed to start due to the following error: %%2147942402 7/14/2010 12:22:00 AM, error: Schedule [7901] - The At25.job command failed to start due to the following error: %%2147942402 7/14/2010 1:25:00 AM, error: Schedule [7901] - The At2.job command failed to start due to the following error: %%2147942402 7/14/2010 1:00:00 AM, error: Schedule [7901] - The At26.job command failed to start due to the following error: %%2147942402 ==== End Of File =========================== |
#7
|
|||
|
|||
DDS (Ver_10-03-17.01) - NTFSx86
Run by admin at 14:06:13.68 on Wed 07/21/2010 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.446.24 [GMT -7:00] AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe C:\WINDOWS\system32\Ati2evxx.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\acs.exe svchost.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\system32\DVDRAMSV.exe c:\TOSHIBA\IVP\swupdate\swupdtmr.exe C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe C:\toshiba\ivp\ism\pinger.exe C:\WINDOWS\RTHDCPL.EXE C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe C:\Program Files\Toshiba\Tvs\TvsTray.exe C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5\HEG8HQ64\dds[1].scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.yahoo.com/ uSearch Bar = hxxp://www.toshiba.com/search mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html uInternet Connection Wizard,ShellNext = iexplore BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_06\bin\ssv.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll BHO: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - No File TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [THotkey] c:\program files\toshiba\toshiba applet\thotkey.exe mRun: [PadTouch] c:\program files\toshiba\touch and launch\PadExe.exe mRun: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run mRun: [RTHDCPL] RTHDCPL.EXE mRun: [CFSServ.exe] CFSServ.exe -NoClient mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui mRun: [Tvs] c:\program files\toshiba\tvs\TvsTray.exe mRun: [TFncKy] TFncKy.exe mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [AGRSMMSG] AGRSMMSG.exe mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe " -t IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html IE: E&xport to Microsoft Excel IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html IE: Translate into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll Hosts: 127.0.0.1 www.spywareinfo.com ============= SERVICES / DRIVERS =============== R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-7-13 165456] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswF sBlk.sys [2010-7-13 17744] S3 msdemgr;msdemgr;c:\windows\system32\msdemgr.sys [2010-6-17 2304] =============== Created Last 30 ================ 2010-07-17 17:23:41 0 d-----w- c:\program files\Spyware Doctor 2010-07-14 00:43:49 0 d-----w- c:\program files\PConPoint 2010-07-13 20:53:33 38848 ----a-w- c:\windows\avastSS.scr 2010-07-13 20:53:22 0 d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software 2010-07-13 20:04:57 0 d-----w- c:\program files\VS Revo Group 2010-07-13 01:00:04 393216 ----a-w- c:\windows\system32\AscConTest.dll 2010-07-13 01:00:04 36864 ----a-w- c:\windows\system32\ascbalon.dll 2010-07-13 01:00:04 307200 ----a-w- c:\windows\system32\AscSQLite.dll 2010-07-13 01:00:04 20480 ----a-w- c:\windows\system32\SysRestore.dll 2010-07-13 00:59:41 0 d-----w- c:\program files\Ascentive 2010-07-12 22:59:26 0 d-----w- c:\docume~1\alluse~1\applic~1\The Game Equation 2010-07-02 04:48:17 0 d-----w- c:\docume~1\admin\applic~1\Freezetag 2010-07-01 18:23:13 0 d-----w- c:\docume~1\admin\applic~1\WildTangentv1000 2010-07-01 18:08:17 53248 ----a-w- c:\windows\system32\Iasv32.dll 2010-06-28 03:14:07 0 d-----w- c:\windows\system32\wbem\Repository 2010-06-27 20:08:14 0 d-----w- c:\documents and settings\admin\GameHouse 2010-06-22 17:08:58 0 d-----w- c:\docume~1\alluse~1\applic~1\RegCure 2010-06-22 16:46:28 112 ----a-w- c:\docume~1\alluse~1\applic~1\ErxxGM.dat 2010-06-22 16:37:59 0 d-sh--w- c:\documents and settings\admin\IECompatCache 2010-06-22 16:36:40 0 d-sh--w- c:\documents and settings\admin\PrivacIE 2010-06-22 16:31:26 0 d-sh--w- c:\documents and settings\admin\IETldCache 2010-06-22 16:25:22 0 dc-h--w- c:\windows\ie8 ==================== Find3M ==================== 2010-07-01 17:40:21 536 ----a-w- c:\docume~1\admin\applic~1\wklnhst.dat 2010-06-17 18:01:41 53248 ----a-w- c:\windows\system32\6to4v32.dll 2010-06-17 18:01:39 2304 ----a-w- c:\windows\system32\msdemgr.sys 2010-06-17 07:06:47 1698 ----a-w- c:\windows\Qjuhoganis.dat 2010-06-12 03:29:24 4096 ----a-w- c:\windows\d3dx.dat 2010-05-21 21:14:28 221568 ------w- c:\windows\system32\MpSigStub.exe 2010-05-04 17:20:39 832512 ----a-w- c:\windows\system32\wininet(2)(3).dll 2010-05-04 17:20:39 1168384 ----a-w- c:\windows\system32\urlmon(2)(3).dll 2010-05-04 17:20:39 105984 ----a-w- c:\windows\system32\url(2)(3).dll 2010-05-04 17:20:38 3600384 ----a-w- c:\windows\system32\mshtml(2)(3).dll 2010-05-04 17:20:36 268288 ----a-w- c:\windows\system32\iertutil(2)(3).dll 2010-05-04 17:20:35 6067200 ----a-w- c:\windows\system32\ieframe(2)(3).dll 2010-05-02 05:22:50 1851264 ----a-w- c:\windows\system32\win32k.sys 2009-01-10 05:51:05 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009010920090 110\index.dat ============= FINISH: 14:08:49.14 =============== |
#8
|
||||
|
||||
Please also post the other logs I asked for.
|
Bookmarks |
«
Previous Topic
|
Next Topic
»
|
|
Similar Topics | ||||
Topic | Topic Starter | Forum | Replies | Last Post |
Windows 7 - Running Slow | GymWrecker | Windows 7 | 2 | December 10th, 2010 11:27 PM |
Windows XP SP2 Pro Running Slow | f14jag | Windows XP | 8 | August 18th, 2006 02:22 PM |
Please Help! Windows is running slow. | Dub!tch | Malware Removal | 1 | September 22nd, 2005 03:26 AM |
windows xp running much too slow | thedman | Malware Removal | 1 | December 2nd, 2004 06:22 PM |
WIndows XP running unusually slow.... Like REALLY REALLY slow. Any ideas?? | FrankieBonez | Windows XP | 8 | July 24th, 2004 06:59 AM |
All times are GMT +1. The time now is 03:16 AM.