Thread: Computer deadly slow
View Single Post
Old 12-30-2007, 11:13 PM   #8 (permalink)
sUBs
Asst Manager Security, Expert Analyst, Moderator, Security Team; Rangemaster, Moderator, TSF Academy
 
sUBs's Avatar
 
Join Date: May 2005
Posts: 22,256
OS: XP


Re: Computer deadly slow
Open notepad and copy/paste the text in the quotebox below into it:

Code:
----a-w            57,344 2007-12-23 19:37:27  C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy .exe
----a-w         1,838,592 2007-12-23 19:37:57  C:\Program Files\Google\Google Desktop Search\GoogleDesktop .exe
----a-w            68,856 2007-12-30 21:59:13  C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier .exe
----a-w            49,152 2007-12-23 19:37:40  C:\Program Files\HP\HP Software Update\HPWuSchd2 .exe
----a-w            36,975 2007-12-23 19:37:13  C:\Program Files\Java\jre1.5.0_06\bin\jusched .exe
----a-w           600,896 2007-12-23 19:37:39  C:\Program Files\Microsoft IntelliPoint\ipoint .exe
----a-w           576,320 2007-12-23 19:37:31  C:\Program Files\Microsoft IntelliType Pro\itype .exe
----a-w            53,248 2007-12-23 19:37:14  C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmtask .exe
----a-w            49,152 2007-12-23 19:37:11  C:\Program Files\ScanSoft\OmniPageSE\opware32 .exe
----a-w           707,376 2007-12-23 19:37:30  C:\WINDOWS\vVX3000 .exe
----a-w            15,360 2007-12-30 21:59:16  C:\WINDOWS\system32\ctfmon .exe
----a-w           155,648 2007-12-23 19:37:12  C:\WINDOWS\system32\NeroCheck .exe
Save this as "Log.txt"

Please download this tool :> http://download.bleepingcomputer.com/sUBs/Beta/RenV.exe
Place the tool next to Log.txt




Refering to the picture above, drag Log.txt into RenV.exe

When finished, it shall produce a log for you. Post that log before proceeding to the next step


-----------


Open notepad again & copy/paste the text in the quotebox below into it:

Code:
http://www.techsupportforum.com/security-center/hijackthis-log-help/204938-computer-deadly-slow.html
Suspect::
C:\WINDOWS\SYSTEM\Rename.exe
File::
C:\WINDOWS\system32\RCX4B.tmp
C:\WINDOWS\mrofinu72.exe.tmp
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QdrModule11"=-
"QdrPack11"=-
Save this as "CFScript"




Referring to the picture above, drag CFScript.txt into ComboFix.exe

When finished, it shall produce a log for you, C:\ComboFix.txt. Post that log in your next reply.

Additonally, ComboFix will generate a zipped file on your Desktop, called [4]Submit@Date_Time.zip
Before proceeding to the next step, please submit this file to http://www.bleepingcomputer.com/subm....php?channel=4


---------------


ESET Online Scanner
  • Please go to the following link ESET Online Scanner Link
  • Tick the box YES, I accept the Terms Of Use
  • Click the Start button
  • Now click the Install button
  • Click Start

    The scanner engine will initialise and update
  • Do Not tick the box Remove found threats
  • Click the Scan button

    The scan will now run, please be patient
  • When the scan finishes click the Details tab
  • Copy and paste the contents of the C:\Program Files\EsetOnlineScanner\log.txt back here.
* Turn off the real time scanner of any existing antivirus program while performing the online scan


---------------


In your next post, please include fresh logs from:
  1. Fresh Hijackthis log taken just before replying
  2. Online scan
  3. ComboFix's log
Please provide details of any problems you encountered whilst performing the above steps & update us on how the computer behaves now
__________________
اذا كان الجبل لن يأتي لمحمد ، ومحمد سيتوجه الى الجبل
sUBs is offline