|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Virus/Trojan/Spyware Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help. |
 |
|
|
LinkBack | Thread Tools |
10-14-2009, 09:55 PM
|
#1 (permalink) |
|
Registered User
Join Date: Sep 2009
Posts: 27
OS: Win XP Pro
|
Computer Running Slowly Virus Check
A while back i had a problem with some viruses that got into my computer and pretty much rendered it useless for a little while. I recieved help on this website and it was then deemed clean. But now im noticing a new problem and believe i have more viruses. It boots up slower, when windows loads it takes a lot longer for all the startup programs to load, and when i try and start a program like firefox or microsoft powerpoint it takes a long time to load (we are talking like 15 seconds or less but before the virus issues it took like 2 seconds to open things like powerpoint and firefox)
Here is what you requested DDS (Ver_09-10-13.01) - NTFSx86 Run by Danny Everett at 20:27:50.64 on Wed 10/14/2009 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_15 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2036.1316 [GMT -7:00] AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\system32\spoolsv.exe c:\drivers\audio\r213367\stacsv.exe C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe svchost.exe C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe C:\WINDOWS\Explorer.EXE C:\Program Files\DellTPad\Apoint.exe C:\WINDOWS\system32\AESTFltr.exe C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\iTunes\iTunesHelper.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\DellTPad\Apntex.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Intel\ASF Agent\ASFAgent.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\WINDOWS\system32\nvsvc32.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\msiexec.exe C:\Documents and Settings\Danny Everett\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.com uInternet Settings,ProxyOverride = <local> uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll uURLSearchHooks: H - No File BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [Steam] "c:\program files\steam\Steam.exe" -silent uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun mRun: [Apoint] c:\program files\delltpad\Apoint.exe mRun: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg mRun: [DellControlPoint] "c:\program files\dell\dell controlpoint\Dell.ControlPoint.exe" mRun: [USCService] c:\program files\dell\dell controlpoint\security manager\BcmDeviceAndTaskStatusService.exe mRun: [DellConnectionManager] "c:\program files\dell\dell controlpoint\connection manager\Dell.UCM.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [WavXMgr] c:\program files\wave systems corp\services manager\docmgr\bin\WavXDocMgr.exe mRun: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [SecureUpgrade] "c:\program files\wave systems corp\SecureUpgrade.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe" mRun: [nwiz] nwiz.exe /installquiet mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit mRun: [NVHotkey] rundll32.exe nvHotkey.dll,Start mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe mRun: [EmbassySecurityCheck] "c:\program files\wave systems corp\embassy security setup\EMBASSYSecurityCheck.exe" mRun: [ChangeTPMAuth] c:\program files\wave systems corp\common\ChangeTPMAuth.exe /T:NTRU12 mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\dellco~1.lnk - c:\program files\dell\dell controlpoint\system manager\DCPSysMgr.exe uPolicies-explorer: ForceClassicControlPanel = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000 IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mi1933~1\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Notify: avgrsstarter - avgrsstx.dll LSA: Authentication Packages = msv1_0 wvauth ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\dannye~1\applic~1\mozilla\firefox\profiles\4kii7g6s.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo! Search FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll FF - plugin: c:\documents and settings\all users\application data\id software\quakelive\npquakezero.dll FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} ============= SERVICES / DRIVERS =============== R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-9-8 335240] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-9-8 108552] R2 ASFAgent;ASF Agent;c:\program files\intel\asf agent\ASFAgent.exe [2007-4-19 133968] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-9-8 908056] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-9-8 297752] R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\dell\dell controlpoint\DCPButtonSvc.exe [2008-12-29 320800] R2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostControlService.exe [2009-1-22 808296] R2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostStorageService.exe [2009-1-22 20840] R2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\dell\dell controlpoint\system manager\DCPSysMgrSvc.exe [2009-2-6 443168] R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2008-12-4 226640] R2 SMManager;Smith Micro Connection Manager Service;c:\program files\dell\dell controlpoint\connection manager\SMManager.exe [2009-3-1 77824] R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [2009-6-11 112512] R3 cvusbdrv;Broadcom USH CV;c:\windows\system32\drivers\cvusbdrv.sys [2009-6-11 32808] R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [2009-6-11 239760] R3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\SRS_PremiumSound_i386.sys [2009-6-11 232744] S2 gupdate1ca268228fa8f56;Google Update Service (gupdate1ca268228fa8f56);c:\program files\google\update\GoogleUpdate.exe [2009-8-26 133104] S3 AsfAlrt;AsfAlrt Service;c:\windows\system32\drivers\Asfalrt.sys [2007-4-19 42832] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-9-11 38224] S3 NvtSp50;NvtSp50 NDIS Protocol Driver;c:\windows\system32\drivers\nvtsp50.sys --> c:\windows\system32\drivers\NvtSp50.sys [?] =============== Created Last 30 ================ 2009-10-14 20:23 <DIR> --d----- c:\windows\system32\appmgmt 2009-10-14 20:18 <DIR> --ds---- C:\ComboFix 2009-10-14 19:30 <DIR> --d----- c:\program files\Trend Micro 2009-10-14 18:39 <DIR> --d----- c:\windows\pss 2009-10-14 14:25 905,216 a------- c:\windows\system32\MyDefragScreenSaver.exe 2009-10-14 14:25 93,184 a------- c:\windows\system32\MyDefragScreenSaver.scr 2009-10-14 14:25 <DIR> --d----- c:\program files\MyDefrag v4.2.3 2009-10-14 12:46 <DIR> --d----- c:\program files\Spybot - Search & Destroy 2009-10-14 12:46 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy 2009-10-12 20:17 <DIR> --d----- c:\program files\Steam 2009-10-06 21:23 <DIR> --dsh--- c:\documents and settings\danny everett\PrivacIE 2009-10-06 21:23 <DIR> --d----- c:\program files\uTorrent 2009-10-06 21:23 <DIR> --d----- c:\docume~1\dannye~1\applic~1\uTorrent 2009-10-02 13:51 <DIR> --d----- c:\program files\CCleaner 2009-09-29 18:50 <DIR> --d----- c:\docume~1\alluse~1\applic~1\id Software 2009-09-22 00:26 189,784 a------- c:\windows\system32\PnkBstrB.xtr 2009-09-22 00:11 <DIR> --d----- c:\docume~1\dannye~1\applic~1\id Software 2009-09-22 00:10 2,373,712 a------- c:\windows\system32\pbsvc.exe 2009-09-21 22:00 <DIR> --d----- c:\windows\ie8updates 2009-09-21 11:18 594,432 -c------ c:\windows\system32\dllcache\msfeeds.dll 2009-09-21 11:18 246,272 -c------ c:\windows\system32\dllcache\ieproxy.dll 2009-09-21 11:18 55,296 -c------ c:\windows\system32\dllcache\msfeedsbs.dll 2009-09-21 11:18 12,800 -c------ c:\windows\system32\dllcache\xpshims.dll 2009-09-21 11:18 1,985,536 -c------ c:\windows\system32\dllcache\iertutil.dll 2009-09-21 09:15 <DIR> --d----- C:\951b20d01bf712d62a88fdda7d4a 2009-09-20 20:38 <DIR> --dsh--- c:\documents and settings\danny everett\IETldCache 2009-09-20 20:31 <DIR> -cd-h--- c:\windows\ie8 2009-09-20 14:36 <DIR> --d----- c:\docume~1\alluse~1\applic~1\McAfee Security Scan 2009-09-19 18:01 <DIR> --d----- c:\docume~1\dannye~1\applic~1\The Creative Assembly 2009-09-19 17:38 <DIR> --d----- c:\windows\Empire - Total War ==================== Find3M ==================== 2009-10-14 17:57 109,135 a------- c:\windows\system32\nvModes.dat 2009-09-13 13:04 721,904 a------- c:\windows\system32\drivers\sptd.sys 2009-09-11 07:18 136,192 a------- c:\windows\system32\msv1_0.dll 2009-09-10 14:54 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-10 14:53 19,160 a------- c:\windows\system32\drivers\mbam.sys 2009-09-08 19:58 108,552 a------- c:\windows\system32\drivers\avgtdix.sys 2009-09-08 19:58 11,952 a------- c:\windows\system32\avgrsstx.dll 2009-09-08 19:58 335,240 a------- c:\windows\system32\drivers\avgldx86.sys 2009-09-04 14:03 58,880 a------- c:\windows\system32\msasn1.dll 2009-08-29 01:08 916,480 a------- c:\windows\system32\wininet.dll 2009-08-26 01:00 247,326 a------- c:\windows\system32\strmdll.dll 2009-08-05 02:01 204,800 a------- c:\windows\system32\mswebdvd.dll 2009-08-04 08:13 2,145,280 -------- c:\windows\system32\ntoskrnl.exe 2009-08-04 07:20 2,023,936 -------- c:\windows\system32\ntkrnlpa.exe 2009-07-28 21:37 119,808 a------- c:\windows\system32\t2embed.dll 2009-07-28 21:37 81,920 a------- c:\windows\system32\fontsub.dll 2009-07-25 05:23 411,368 a------- c:\windows\system32\deploytk.dll 2009-07-17 12:01 58,880 a------- c:\windows\system32\SET52.tmp 2009-07-17 12:01 58,880 a------- c:\windows\system32\atl.dll 2009-07-17 09:22 1,435,648 a------- c:\windows\system32\query.dll ============= FINISH: 20:28:02.20 =============== |
|
     
|
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
| Thread Tools | |
|
|
