Tech Support Forum - View Single Post - Computer running slow and pop-ups all the time

echris · 08-06-2007, 05:24 AM

Hi!

From time to time my computer just freezes up and nothing works. I'm also having problems with pop-ups coming up constanntly.
Thanks for any help!

Here is my deckard scan:

Deckard's System Scanner v20070804.61
Run by Espen on 2007-08-06 at 12:10:52
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
56: 2007-08-06 10:11:38 UTC - RP433 - Deckard's System Scanner Restore Point
55: 2007-08-05 22:07:05 UTC - RP432 - Removed Ad-Aware 2007
54: 2007-08-05 21:52:00 UTC - RP431 - Removed BitDefender Antivirus Plus v10
53: 2007-08-05 21:41:44 UTC - RP430 - Removed BitDefender Antivirus Plus v10
52: 2007-08-05 21:38:13 UTC - RP429 - Removed BitDefender Antivirus Plus v10

-- First Restore Point --
1: 2007-05-12 15:59:50 UTC - RP378 - Fjernet OpenOffice.org 2.1

Backed up registry hives.
Performed disk cleanup.

-- HijackThis (run as Espen.exe) -----------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 12:14:51, on 06.08.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\ORiNOCO\WirelessClient\Utility\orinoco.exe
C:\WINDOWS\mgrs.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Espen\Desktop\dss.exe
C:\WINDOWS\system32\dumprep.exe
C:\WINDOWS\system32\dwwin.exe
C:\DOCUME~1\Espen\Desktop\Espen.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.no/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {78709947-C51B-4CA7-919E-7D49B5577777} - C:\WINDOWS\system32\pmnlm.dll
O2 - BHO: (no name) - {86C510E9-97EF-4749-914F-0280247BE3A6} - (no file)
O2 - BHO: (no name) - {930D35D2-094D-41B9-8E89-D1B76F2C6E97} - C:\WINDOWS\system32\ssqqnom.dll
O2 - BHO: (no name) - {C6039E6C-BDE9-4de5-BB40-768CAA584FDC} - C:\WINDOWS\system32\uvacoqph.dll
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [proxim_orinoco_11abg] C:\Program Files\ORiNOCO\WirelessClient\Utility\orinoco.exe
O4 - HKLM\..\Run: [smgr] mgrs.exe
O4 - HKLM\..\Run: [SystemOptimizer] rundll32.exe "C:\WINDOWS\system32\voduxaqj.dll",forkonce
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: E&xport to Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemp...ogin-devel.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O20 - Winlogon Notify: pmnlm - C:\WINDOWS\system32\pmnlm.dll
O20 - Winlogon Notify: ssqqnom - C:\WINDOWS\SYSTEM32\ssqqnom.dll
O20 - Winlogon Notify: winwil32 - C:\WINDOWS\SYSTEM32\winwil32.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe (file missing)
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\cfesqtcr.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

-- File Associations -----------------------------------------------------------

All associations okay.

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R2 ANIO (ANIO Service) - c:\windows\system32\anio.sys <Not Verified; Alpha Networks Inc.; ANIO (NT5) Driver>
R2 MDC8021X (AEGIS Protocol (IEEE 802.1x) v2.3.1.9) - c:\windows\system32\drivers\mdc8021x.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1.9>
R3 emupia (E-mu Plug-in Architecture Driver) - c:\windows\system32\drivers\emupia2k.sys <Not Verified; Creative Technology Ltd; E-mu Plug-In Architecture>

S1 bdpredir - c:\program files\softwin\bitdefender10\bdpredir.sys (file missing)
S2 BDRSDRV - c:\program files\softwin\bitdefender10\bdrsdrv.sys (file missing)
S3 bdfdll - c:\program files\softwin\bitdefender10\bdfdll.sys (file missing)
S3 BDFSDRV - c:\program files\softwin\bitdefender10\bdfsdrv.sys (file missing)

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S2 ATI Smart - c:\windows\system32\ati2sgag.exe (file missing)
S2 bdss (BitDefender Scan Server) - "c:\program files\common files\softwin\bitdefender scan server\bdss.exe" /service (file missing)
S2 DomainService - c:\windows\system32\cfesqtcr.exe /service (file missing)
S2 VSSERV (BitDefender Virus Shield) - "c:\program files\softwin\bitdefender10\vsserv.exe" /service (file missing)
S3 IDriverT (InstallDriver Table Manager) - "c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe" (file missing)

-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Ethernet Controller
Device ID: PCI\VEN_10DE&DEV_0066&SUBSYS_570C1462&REV_A1\3&13C0B0C5&0&20
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_10DE&DEV_0066&SUBSYS_570C1462&REV_A1\3&13C0B0C5&0&20
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: RAID Controller
Device ID: PCI\VEN_105A&DEV_3376&SUBSYS_6620105A&REV_02\4&3B1D9AB8&0&5840
Manufacturer:
Name: RAID Controller
PNP Device ID: PCI\VEN_105A&DEV_3376&SUBSYS_6620105A&REV_02\4&3B1D9AB8&0&5840
Service:

-- Files created between 2007-07-06 and 2007-08-06 -----------------------------

2007-08-06 12:04:22 0 d-------- C:\Program Files\Ultimate Cleaner
2007-08-06 12:02:59 125504 --a------ C:\WINDOWS\system32\voduxaqj.dll
2007-08-06 12:01:22 66112 --a------ C:\WINDOWS\system32\dusgtxvb.exe
2007-08-06 12:01:05 70252 --a------ C:\Program Files\setup.exe
2007-08-06 00:17:17 0 d-------- C:\Program Files\SpywareBlaster
2007-08-06 00:14:30 21312 --a------ C:\WINDOWS\choice.exe
2007-08-06 00:01:32 0 d-------- C:\WINDOWS\system32\ActiveScan
2007-08-05 16:00:56 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-08-05 15:32:15 125504 -----n--- C:\WINDOWS\system32\mofllxie.dll
2007-08-05 15:29:14 66112 --a------ C:\WINDOWS\system32\nlpaxvjg.exe
2007-08-05 15:14:20 66112 --a------ C:\WINDOWS\system32\ffsdkjff.exe
2007-08-05 01:35:19 0 d-------- C:\Program Files\Lavasoft
2007-08-05 00:28:09 69184 --a------ C:\WINDOWS\system32\uvacoqph.dll
2007-08-05 00:22:08 66112 --a------ C:\WINDOWS\system32\ddycyuno.exe
2007-08-04 17:04:26 716244 ---hs---- C:\WINDOWS\system32\mlnmp.ini2
2007-08-04 15:31:42 0 dr-h----- C:\Documents and Settings\Espen\Recent
2007-07-23 23:37:05 10240 --a------ C:\WINDOWS\system32\hlpsrv.exe <Not Verified; NoName Corp.; NNC module>
2007-07-20 01:24:31 81920 --a------ C:\WINDOWS\system32\DirectShowSource.dll
2007-07-20 01:24:31 719872 --a------ C:\WINDOWS\system32\devil.dll <Not Verified; Abysmal Software; Developer's Image Library (DevIL)>
2007-07-20 01:24:31 286720 --a------ C:\WINDOWS\system32\avisynth.dll <Not Verified; The Public; Avisynth 2.5>
2007-07-19 23:27:49 0 d-------- C:\Documents and Settings\Espen\Application Data\Key Metric Software
2007-07-18 23:37:40 66112 --a------ C:\WINDOWS\system32\wfsuyccp.exe
2007-07-18 23:37:23 10240 --a------ C:\WINDOWS\system32\syswin.exe <Not Verified; NoName Corp.; NNC module>
2007-07-18 23:36:58 12288 --a------ C:\WINDOWS\mgrs.exe

-- Find3M Report ---------------------------------------------------------------

2007-08-06 12:00:58 733932 ---hs---- C:\WINDOWS\system32\mlnmp.bak2
2007-08-06 01:49:29 384 --a------ C:\WINDOWS\system32\DVCStateBkp-{00000001-00000000-0000000A-00001102-00000004-40021102}.dat
2007-08-06 01:49:29 384 --a------ C:\WINDOWS\system32\DVCState-{00000001-00000000-0000000A-00001102-00000004-40021102}.dat
2007-08-06 00:55:59 0 d-a------ C:\Program Files\Common Files
2007-08-04 17:27:46 81984 --a------ C:\WINDOWS\system32\bdod.bin
2007-07-20 01:08:22 540 --a------ C:\Documents and Settings\Espen\Application Data\AutoGK.ini
2007-07-18 22:55:04 0 d-------- C:\Documents and Settings\Espen\Application Data\Creative
2007-07-10 08:24:31 933791 ---hs---- C:\WINDOWS\system32\mlnmp.bak1
2007-07-04 21:55:18 0 d-------- C:\Documents and Settings\Espen\Application Data\EmuPatchMixDSP
2007-07-04 21:12:19 0 d-------- C:\Documents and Settings\Espen\Application Data\Steinberg
2007-07-04 01:53:41 0 d-------- C:\Documents and Settings\Espen\Application Data\Bitdefender
2007-07-04 01:35:57 0 d-------- C:\Documents and Settings\Espen\Application Data\vlc
2007-07-04 00:57:11 0 d-------- C:\Documents and Settings\Espen\Application Data\Lavasoft
2007-07-03 18:27:56 0 d-------- C:\Documents and Settings\Espen\Application Data\AdobeUM
2007-07-03 18:26:52 0 d-------- C:\Documents and Settings\Espen\Application Data\Adobe
2007-07-03 16:39:58 0 d-------- C:\Documents and Settings\Espen\Application Data\Propellerhead Software
2007-07-03 16:39:07 0 d-------- C:\Documents and Settings\Espen\Application Data\Macromedia
2007-07-01 20:05:26 266336 --a------ C:\WINDOWS\system32\pmnlm.dll
2007-07-01 20:00:03 20480 --a------ C:\WINDOWS\system32\winwil32.dll
2007-07-01 20:00:02 31254 --a------ C:\WINDOWS\system32\ssqqnom.dll
2007-06-28 16:20:01 233472 --a------ C:\WINDOWS\system32\REX Shared Library.dll <Not Verified; Propellerhead Software AB; n/a>
2007-06-08 15:02:37 0 d-------- C:\Program Files\ORiNOCO

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{78709947-C51B-4CA7-919E-7D49B5577777}]
01.07.2007 20:05 266336 --a------ C:\WINDOWS\system32\pmnlm.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{86C510E9-97EF-4749-914F-0280247BE3A6}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{930D35D2-094D-41B9-8E89-D1B76F2C6E97}]
01.07.2007 20:00 31254 --a------ C:\WINDOWS\system32\ssqqnom.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C6039E6C-BDE9-4de5-BB40-768CAA584FDC}]
05.08.2007 00:28 69184 --a------ C:\WINDOWS\system32\uvacoqph.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ANIWZCS2Service"="C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [14.04.2004 12:54]
"proxim_orinoco_11abg"="C:\Program Files\ORiNOCO\WirelessClient\Utility\orinoco.exe" [24.03.2004 15:54]
"smgr"="mgrs.exe" [18.07.2007 23:36 C:\WINDOWS\mgrs.exe]
"SystemOptimizer"="C:\WINDOWS\system32\voduxaqj.dll" [06.08.2007 12:03]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [13.10.2004 12:21]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsHistory"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{930D35D2-094D-41B9-8E89-D1B76F2C6E97}"= C:\WINDOWS\system32\ssqqnom.dll [01.07.2007 20:00 31254]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pmnlm]
C:\WINDOWS\system32\pmnlm.dll 01.07.2007 20:05 266336 C:\WINDOWS\system32\pmnlm.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqqnom]
ssqqnom.dll 01.07.2007 20:00 31254 C:\WINDOWS\system32\ssqqnom.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winwil32]
winwil32.dll 01.07.2007 20:00 20480 C:\WINDOWS\system32\winwil32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=sockspy.dll

-- Hosts -----------------------------------------------------------------------

127.0.0.1 serial.alcohol-soft.com

-- End of Deckard's System Scanner: finished at 2007-08-06 at 12:15:41 ---------