[Closed] Computer running extremely slow

Home Forums Contact

Welcome! Register for a free account (or login) > How does it work?

Quickly register. It will only take 60 seconds.
Start a new topic. Ask your question. Wait for an email reply.
Is your system infected? Begin reading the malware removal guide.

register button

What the Tech > Spyware / Malware / Virus Removal > Infections Removal

Closed Topic

Start new topic

[Closed] Computer running extremely slow, any help is welcome

papac View Member Profile	Jun 20 2009, 08:59 AM Post #1
New Member Group: Authentic Member Posts: 6 Joined: 20-June 09 Member No.: 86,344 Operating System: Vista	My computer is running very slow. Here is the logfile, I hope someone can halp. Thanks! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:45:38, on 20.6.2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18248) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe C:\Program Files\Toshiba\ConfigFree\NDSTray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe C:\Program Files\Toshiba\Toshiba Online Product Information\TOPI.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe C:\Program Files\Toshiba\Power Saver\TPwrMain.exe C:\Program Files\Toshiba\SmoothView\SmoothView.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Toshiba\FlashCards\TCrdMain.exe C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSUI.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Apoint2K\HidFind.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\RelevantKnowledge\rlvknlg.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSMonitor.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\conime.exe C:\Program Files\AVG\AVG8\avgui.exe C:\Program Files\AVG\AVG8\avgcfgex.exe C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\Program Files\AVG\AVG8\avgscanx.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.hr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Windows Live Pomoc za prijavu - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll (file missing) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AVGIDS] "C:\Program Files\AVG\AVG8\Identity Protection\agent\bin\AVGIDSUI.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user') O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/710-44557-9400-3/4 (file missing) O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redire...1&site=home (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL,avgrsstx.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe O23 - Service: AVGIDSAgent - AVG - C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSAgent.exe O23 - Service: AVGIDSWatcher - AVG - C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSWatcher.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Usluga Google ažuriranje (gupdate1c9ef77a2ecdae0) (gupdate1c9ef77a2ecdae0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe O23 - Service: RelevantKnowledge - RelevantKnowledge - C:\Program Files\RelevantKnowledge\rlservice.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 12303 bytes

2 Pages

1 2 >

Start new topic

Replies (1 - 14)

Tomk View Member Profile	Jun 23 2009, 03:35 PM Post #2
Forum God / Classroom Admin Assistant Group: Classroom Teacher Posts: 12,279 Joined: 27-December 07 From: Sisters, OR Member No.: 75,503 Operating System: xp	Hi papac, My name is Tomk. I would be glad to take a look at your log and help you with solving any malware problems. HijackThis logs can take a while to research, so please be patient and I'd be grateful if you would note the following: I will be working on your Malware issues, this may or may not, solve other issues you have with your machine. The fixes are specific to your problem and should only be used for the issues on this machine. Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear. It's often worth reading through these instructions and printing them for ease of reference. If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry. Please reply to this thread. Do not start a new topic. Download TFC to your desktop Close any open windows. Double click the TFC icon to run the program TFC will close all open programs itself in order to run, Click the Start button to begin the process. Allow TFC to run uninterrupted. The program should not take long to finish it's job Once its finished it should automatically reboot your machine, if it doesn't, manually reboot to ensure a complete clean Then Please download Malwarebytes' Anti-Malware to your desktop. Double-click mbam-setup.exe and follow the prompts to install the program. At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. If an update is found, it will download and install the latest version. Once the program has loaded, select Perform quick scan, then click Scan. When the scan is complete, click OK, then Show Results to view the results. Be sure that everything is checked, and click Remove Selected. When completed, a log will open in Notepad. Please save it to a convenient location and post the results. Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot (shut down your computer then restart it). Also "copy/paste" a new HijackThis log file into this thread. Also please describe how your computer behaves at the moment.

papac View Member Profile	Jun 24 2009, 10:41 AM Post #3
New Member Group: Authentic Member Posts: 6 Joined: 20-June 09 Member No.: 86,344 Operating System: Vista	Hi, I scaned computer with Malwarebytes' Anti-Malware and removed 12 Malwares. It was few days ago so I can't post the results. Computer is now working little faster, but there is no big changes. There is 90 processes curently working so maybe this is also slowing computer. Here is new HijackThis logfile: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:24:09, on 24.6.2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe C:\Program Files\Toshiba\ConfigFree\NDSTray.exe C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe C:\Program Files\Toshiba\Toshiba Online Product Information\TOPI.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Toshiba\Power Saver\TPwrMain.exe C:\Program Files\Toshiba\FlashCards\TCrdMain.exe C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSUI.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Apoint2K\HidFind.exe C:\Program Files\Apoint2K\Apntex.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSMonitor.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.hr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Windows Live Pomoc za prijavu - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: (no name) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - (no file) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AVGIDS] "C:\Program Files\AVG\AVG8\Identity Protection\agent\bin\AVGIDSUI.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/710-44557-9400-3/4 (file missing) O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redire...1&site=home (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL,avgrsstx.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe O23 - Service: AVGIDSAgent - AVG - C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSAgent.exe O23 - Service: AVGIDSWatcher - AVG - C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSWatcher.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe O23 - Service: RelevantKnowledge - Unknown owner - C:\Program Files\RelevantKnowledge\rlservice.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 10381 bytes

Tomk View Member Profile	Jun 24 2009, 10:59 AM Post #4
Forum God / Classroom Admin Assistant Group: Classroom Teacher Posts: 12,279 Joined: 27-December 07 From: Sisters, OR Member No.: 75,503 Operating System: xp	papac, Please start Malwarebytes. Click on the Logs tab. Double click on the .txt file which will open it in notepad. Copy/paste that information here.

papac View Member Profile	Jun 25 2009, 09:19 AM Post #5
New Member Group: Authentic Member Posts: 6 Joined: 20-June 09 Member No.: 86,344 Operating System: Vista	Here it is! Malwarebytes' Anti-Malware 1.38 Database version: 2315 Windows 6.0.6001 Service Pack 1 22.6.2009 16:31:29 mbam-log-2009-06-22 (16-31-29).txt Scan type: Quick Scan Objects scanned: 77150 Time elapsed: 10 minute(s), 14 second(s) Memory Processes Infected: 2 Memory Modules Infected: 1 Registry Keys Infected: 2 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 2 Files Infected: 8 Memory Processes Infected: C:\Program Files\RelevantKnowledge\rlservice.exe (Spyware.Marketscore) -> Quarantined and deleted successfully. C:\Program Files\RelevantKnowledge\rlvknlg.exe (Spyware.Marketscore) -> Quarantined and deleted successfully. Memory Modules Infected: C:\Program Files\RelevantKnowledge\rlls.dll (Spyware.Marketscore) -> Quarantined and deleted successfully. Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (Adware.RelevantKnowledge) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge (Spyware.Marketscore) -> Quarantined and deleted successfully. C:\Program Files\RelevantKnowledge (Spyware.Marketscore) -> Delete on reboot. Files Infected: c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\About RelevantKnowledge.lnk (Spyware.Marketscore) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\Privacy Policy and User License Agreement.lnk (Spyware.Marketscore) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\Support.lnk (Spyware.Marketscore) -> Quarantined and deleted successfully. c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\Uninstall Instructions.lnk (Spyware.Marketscore) -> Quarantined and deleted successfully. c:\program files\relevantknowledge\rlls.dll (Spyware.Marketscore) -> Delete on reboot. c:\program files\relevantknowledge\rloci.bin (Spyware.Marketscore) -> Quarantined and deleted successfully. c:\program files\relevantknowledge\rlservice.exe (Spyware.Marketscore) -> Delete on reboot. c:\program files\relevantknowledge\rlvknlg.exe (Spyware.Marketscore) -> Delete on reboot.

Tomk View Member Profile	Jun 25 2009, 09:41 AM Post #6
Forum God / Classroom Admin Assistant Group: Classroom Teacher Posts: 12,279 Joined: 27-December 07 From: Sisters, OR Member No.: 75,503 Operating System: xp	papac, While TeaTimer is an excellent tool for the prevention of spyware, it can sometimes prevent HijackThis from fixing certain things. Please disable TeaTimer for now until you are clean. TeaTimer can be re-activated once your HijackThis log is clean. Open Spybot Search & Destroy. In the Mode menu click Advanced mode if not already selected. Choose Yes at the Warning prompt. Expand the Tools menu. Click Resident. Uncheck the Resident "TeaTimer" (Protection of overall system settings) active. box. In the File menu click Exit to exit Spybot Search & Destroy. Please open HijackThis and run Do a system scan only Check the boxes next to ONLY the entries listed below(if present): R3 - URLSearchHook: (no name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file) O3 - Toolbar: (no name) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - (no file) O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O23 - Service: RelevantKnowledge - Unknown owner - C:\Program Files\RelevantKnowledge\rlservice.exe (file missing) Close all programs except for HijackThis. Click on Fix checked A box will pop up asking you if you wish to fix the selected items. Please choose YES. Once it has fixed them, please exit/close HijackThis. Please go to Kaspersky website and perform an online antivirus scan. Read through the requirements and privacy statement and click on Accept button. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run. When the downloads have finished, click on Settings. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button: Spyware, Adware, Dialers, and other potentially dangerous programs Archives Mail databases Click on My Computer under Scan. Once the scan is complete, it will display the results. Click on View Scan Report. You will see a list of infected items there. Click on Save Report As.... Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Please post this log in your next reply. Also please give me a new HijackThis log.

papac View Member Profile	Jun 25 2009, 01:52 PM Post #7
New Member Group: Authentic Member Posts: 6 Joined: 20-June 09 Member No.: 86,344 Operating System: Vista	-------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7.0 REPORT Thursday, June 25, 2009 Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 1 (build 6001) Kaspersky Online Scanner version: 7.0.26.13 Program database last update: Thursday, June 25, 2009 18:44:24 Records in database: 2389128 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: C:\ E:\ F:\ Scan statistics: Files scanned: 99743 Threat name: 1 Infected objects: 1 Suspicious objects: 0 Duration of the scan: 02:34:11 File name / Threat name / Threats count C:\Users\Ivan\Desktop\Incomplete\T-3926616-dajte vina hocu lom haris [160k quality].mp3 Infected: Trojan-Downloader.WMA.GetCodec.u 1 The selected area was scanned. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:49:48, on 25.6.2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe C:\Program Files\Toshiba\ConfigFree\NDSTray.exe C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Toshiba\Power Saver\TPwrMain.exe C:\Program Files\Toshiba\FlashCards\TCrdMain.exe C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSUI.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe C:\Program Files\Apoint2K\HidFind.exe C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSMonitor.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\Java\jre6\bin\jp2launcher.exe C:\Program Files\Java\jre6\bin\java.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.hr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Windows Live Pomoc za prijavu - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AVGIDS] "C:\Program Files\AVG\AVG8\Identity Protection\agent\bin\AVGIDSUI.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/710-44557-9400-3/4 (file missing) O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redire...1&site=home (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL,avgrsstx.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe O23 - Service: AVGIDSAgent - AVG - C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSAgent.exe O23 - Service: AVGIDSWatcher - AVG - C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSWatcher.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 9817 bytes

Tomk View Member Profile	Jun 25 2009, 01:59 PM Post #8
Forum God / Classroom Admin Assistant Group: Classroom Teacher Posts: 12,279 Joined: 27-December 07 From: Sisters, OR Member No.: 75,503 Operating System: xp	papac, Do you have a folder on your desktop called Incomplete? If so, please delete it. Then let me know.

papac View Member Profile	Jun 25 2009, 03:43 PM Post #9
New Member Group: Authentic Member Posts: 6 Joined: 20-June 09 Member No.: 86,344 Operating System: Vista	Yes, I have. I deleted it as you sad. What to do next?

Tomk View Member Profile	Jun 25 2009, 03:57 PM Post #10
Forum God / Classroom Admin Assistant Group: Classroom Teacher Posts: 12,279 Joined: 27-December 07 From: Sisters, OR Member No.: 75,503 Operating System: xp	papac, That's everything I see but it sounds like your still pretty slow. I'd like for you to get me another log just in case I can find something that might be causing the slowdown. Please download DDS by sUBs from one of the following links and save it to your desktop. DDS.scr DDS.pif Disable any script blocking protection (How to Disable your Security Programs) Double click DDS icon to run the tool (may take up to 3 minutes to run) When done, DDS.txt will open. After a few moments, attach.txt will open in a second window. Save both reports to your desktop. --------------------------------------------------- Post the contents of the DDS.txt report in your next reply *Attach* the Attach.txt report to your post by scroling down to the Attachments area and then clicking Browse. Browse to where you saved the file, and click Open and the click UPLOAD.

papac View Member Profile	Jun 27 2009, 07:48 AM Post #11
New Member Group: Authentic Member Posts: 6 Joined: 20-June 09 Member No.: 86,344 Operating System: Vista	Sorry it took me 2 days to reply. Yes, computer is still running pretty slow, I don't know what could be reason. Here it is all you asked. DDS (Ver_09-06-26.01) - NTFSx86 Run by Ivan at 15:39:08.24 on sub 27.06.2009 Internet Explorer: 8.0.6001.18783 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.385.1033.18.3293.1917 [GMT 2:00] AV: AVG Internet Security On-access scanning enabled (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} SP: AVG Internet Security enabled (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} SP: Spybot - Search and Destroy enabled (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9} SP: Windows Defender enabled (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} FW: AVG Firewall disabled {8decf618-9569-4340-b34a-d78d28969b66} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Ati2evxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSAgent.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\PROGRA~1\AVG\AVG8\avgfws8.exe C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSWatcher.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\PROGRA~1\AVG\AVG8\avgam.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Toshiba TEMPRO\TempoSVC.exe C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe C:\Windows\system32\TODDSrv.exe C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe C:\Program Files\Toshiba\ConfigFree\NDSTray.exe C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Toshiba\Power Saver\TPwrMain.exe C:\Program Files\Toshiba\FlashCards\TCrdMain.exe C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSUI.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Apoint2K\HidFind.exe C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSMonitor.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\Ivan\Desktop\dds.scr C:\Windows\system32\conime.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uSearch Page = uStart Page = hxxp://www.google.hr/ uDefault_Page_URL = hxxp://www.google.co.uk uSearch Bar = mStart Page = hxxp://home.sweetim.com mDefault_Page_URL = hxxp://www.google.co.uk uInternet Settings,ProxyOverride = *.local BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll BHO: Windows Live Pomoc za prijavu: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File TB: {2C688203-7EB3-4327-9995-1CB417BA23F9} - No File uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide mRun: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START mRun: [NDSTray.exe] NDSTray.exe mRun: [cfFncEnabler.exe] cfFncEnabler.exe mRun: [Toshiba TEMPO] c:\program files\toshiba tempro\Toshiba.Tempo.UI.TrayApplication.exe mRun: [Apoint] c:\program files\apoint2k\Apoint.exe mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe mRun: [HDMICtrlMan] c:\program files\toshiba\hdmictrlman\HDMICtrlMan.exe mRun: [Toshiba Registration] c:\program files\toshiba\registration\ToshibaRegistration.exe mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [AVGIDS] "c:\program files\avg\avg8\identity protection\agent\bin\AVGIDSUI.exe" mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/710-44557-9400-3/4 IE: {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redire...1&site=home IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL AppInit_DLLs: c:\progra~1\google\google~3\GOEC62~1.DLL,avgrsstx.dll ============= SERVICES / DRIVERS =============== R0 AVGIDSErHr;AVGIDSErHr;c:\windows\system32\drivers\AVGIDSErHr.sys [2009-2-26 25608] R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2009-3-4 12552] R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2009-3-4 23832] R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-3-4 327688] R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-3-4 108552] R1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\drivers\jswpslwf.sys [2009-3-3 20352] R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-4-30 906520] R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-3-4 298776] R2 avgfws8;AVG8 Firewall;c:\progra~1\avg\avg8\avgfws8.exe [2009-4-30 1368952] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg8\identity protection\agent\bin\AVGIDSAgent.exe [2009-2-26 5576712] R2 AVGIDSWatcher;AVGIDSWatcher;c:\program files\avg\avg8\identity protection\agent\bin\AVGIDSWatcher.exe [2009-2-26 563720] R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2008-4-17 40960] R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-3-6 1153368] R2 TempoMonitoringService;Notebook Performance Tuning Service ;c:\program files\toshiba tempro\TempoSVC.exe [2008-4-24 99720] R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976] R3 AVGIDSDriver;AVGIDSDriver;c:\program files\avg\avg8\identity protection\agent\driver\platform_vista\AVGIDSDriver.sys [2009-2-26 121352] R3 AVGIDSFilter;AVGIDSFilter;c:\program files\avg\avg8\identity protection\agent\driver\platform_vista\AVGIDSFilter.sys [2009-2-26 30216] R3 AVGIDSShim;AVGIDSShim;c:\program files\avg\avg8\identity protection\agent\driver\platform_vista\AVGIDSShim.sys [2009-2-26 29136] R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2008-4-15 51160] R3 QIOMem;Generic IO & Memory Access;c:\windows\system32\drivers\QIOMem.sys [2007-4-9 8192] R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\toshiba\smartfacev\SmartFaceVWatchSrv.exe [2008-4-24 73728] S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\jumpstart\jswpsapi.exe [2009-3-3 937984] S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\drivers\s3017bus.sys [2009-3-9 83880] S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\drivers\s3017mdfl.sys [2009-3-9 15016] S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\drivers\s3017mdm.sys [2009-3-9 110632] S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\drivers\s3017obex.sys [2009-3-9 100648] S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\drivers\s3017unic.sys [2009-3-9 110120] S4 RelevantKnowledge;RelevantKnowledge;c:\program files\relevantknowledge\rlservice.exe /service --> c:\program files\relevantknowledge\rlservice.exe [?] =============== Created Last 30 ================ 2009-06-26 18:58 <DIR> --d----- c:\users\ivan\appdata\roaming\Kutchka 2009-06-26 18:58 <DIR> --d----- c:\program files\Kutchka 2009-06-24 17:35 72,704 a------- c:\windows\system32\admparse.dll 2009-06-22 16:17 <DIR> --d----- c:\windows\pss 2009-06-20 17:33 <DIR> --d----- c:\users\ivan\appdata\roaming\Malwarebytes 2009-06-20 17:33 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-20 17:33 19,096 a------- c:\windows\system32\drivers\mbam.sys 2009-06-20 17:33 <DIR> --d----- c:\programdata\Malwarebytes 2009-06-20 17:33 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware 2009-06-20 17:33 <DIR> --d----- c:\progra~2\Malwarebytes 2009-06-20 16:44 <DIR> --d----- c:\program files\Trend Micro 2009-06-20 16:04 7,680 a------- c:\windows\system32\ff_vfw.dll 2009-06-20 16:04 547 a------- c:\windows\system32\ff_vfw.dll.manifest 2009-06-20 16:04 60,273 a------- c:\windows\system32\pthreadGC2.dll 2009-06-20 16:04 <DIR> --d----- c:\program files\ffdshow 2009-06-20 15:49 <DIR> --d----- c:\programdata\IsolatedStorage 2009-06-20 15:49 <DIR> --d----- c:\progra~2\IsolatedStorage 2009-06-19 19:54 40 a------- c:\windows\system32\d3d9prs.dat 2009-06-19 19:53 <DIR> --d----- c:\program files\GrandBilliards 2009-06-18 16:56 <DIR> --d----- c:\users\ivan\appdata\roaming\Ableton 2009-06-18 16:55 368,640 a------- c:\windows\system32\ReWire.dll 2009-06-18 16:54 <DIR> --d----- c:\program files\Ableton 2009-06-17 20:15 <DIR> --d--r-- c:\program files\Skype 2009-06-15 22:19 <DIR> --d----- c:\users\ivan\appdata\roaming\BSplayer Pro 2009-06-15 22:19 <DIR> --d----- c:\users\ivan\appdata\roaming\BSplayer 2009-06-15 22:19 <DIR> --d----- c:\program files\Webteh 2009-06-14 12:13 428,544 a------- c:\windows\system32\EncDec.dll 2009-06-14 12:13 293,376 a------- c:\windows\system32\psisdecd.dll 2009-06-14 12:13 217,088 a------- c:\windows\system32\psisrndr.ax 2009-06-14 12:13 177,664 a------- c:\windows\system32\mpg2splt.ax 2009-06-14 12:13 80,896 a------- c:\windows\system32\MSNP.ax 2009-06-11 12:03 2,033,152 a------- c:\windows\system32\win32k.sys 2009-06-11 12:03 636,928 a------- c:\windows\system32\localspl.dll 2009-06-11 12:03 784,896 a------- c:\windows\system32\rpcrt4.dll 2009-05-31 22:53 410,984 a------- c:\windows\system32\deploytk.dll ==================== Find3M ==================== 2009-06-11 21:31 327,688 a------- c:\windows\system32\drivers\avgldx86.sys 2009-05-09 07:50 915,456 a------- c:\windows\system32\wininet.dll 2009-05-09 07:34 71,680 a------- c:\windows\system32\iesetup.dll 2009-04-30 10:02 11,952 a------- c:\windows\system32\avgrsstx.dll 2009-04-30 10:02 23,832 a------- c:\windows\system32\drivers\avgfwd6x.sys 2009-04-30 10:02 12,552 a------- c:\windows\system32\drivers\avgrkx86.sys 2009-04-30 10:01 108,552 a------- c:\windows\system32\drivers\avgtdix.sys 2009-04-15 14:44 143,360 a------- c:\windows\inf\infstrng.dat 2009-04-15 14:44 51,200 a------- c:\windows\inf\infpub.dat 2009-04-15 14:44 86,016 a------- c:\windows\inf\infstor.dat 2009-03-29 22:19 171,520 a------- c:\windows\system32\cncs32.dll 2009-03-05 02:14 56 a---h--- c:\programdata\ezsidmv.dat 2009-03-05 02:14 56 a---h--- c:\progra~2\ezsidmv.dat 2009-03-05 02:10 23,516,968 a------- c:\users\ivan\SkypeSetupFull.exe 2009-03-03 18:01 665,600 a------- c:\windows\inf\drvindex.dat 2008-01-21 04:43 174 a--sh--- c:\program files\desktop.ini 2006-11-02 14:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat 2006-11-02 14:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat 2006-11-02 14:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat 2006-11-02 14:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat 2006-11-02 11:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat 2006-11-02 11:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat 2006-11-02 11:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat 2006-11-02 11:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat ============= FINISH: 15:39:39.65 ===============

papac View Member Profile	Jun 27 2009, 07:49 AM Post #12
New Member Group: Authentic Member Posts: 6 Joined: 20-June 09 Member No.: 86,344 Operating System: Vista	Sorry it took me 2 days to reply. Yes, computer is still running pretty slow, I don't know what could be reason. Here it is all you asked. DDS (Ver_09-06-26.01) - NTFSx86 Run by Ivan at 15:39:08.24 on sub 27.06.2009 Internet Explorer: 8.0.6001.18783 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.385.1033.18.3293.1917 [GMT 2:00] AV: AVG Internet Security On-access scanning enabled (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} SP: AVG Internet Security enabled (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} SP: Spybot - Search and Destroy enabled (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9} SP: Windows Defender enabled (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} FW: AVG Firewall disabled {8decf618-9569-4340-b34a-d78d28969b66} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Ati2evxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSAgent.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\PROGRA~1\AVG\AVG8\avgfws8.exe C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSWatcher.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\PROGRA~1\AVG\AVG8\avgam.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Toshiba TEMPRO\TempoSVC.exe C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe C:\Windows\system32\TODDSrv.exe C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe C:\Program Files\Toshiba\ConfigFree\NDSTray.exe C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Toshiba\Power Saver\TPwrMain.exe C:\Program Files\Toshiba\FlashCards\TCrdMain.exe C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSUI.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Apoint2K\HidFind.exe C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSMonitor.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\Ivan\Desktop\dds.scr C:\Windows\system32\conime.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uSearch Page = uStart Page = hxxp://www.google.hr/ uDefault_Page_URL = hxxp://www.google.co.uk uSearch Bar = mStart Page = hxxp://home.sweetim.com mDefault_Page_URL = hxxp://www.google.co.uk uInternet Settings,ProxyOverride = *.local BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll BHO: Windows Live Pomoc za prijavu: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File TB: {2C688203-7EB3-4327-9995-1CB417BA23F9} - No File uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide mRun: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START mRun: [NDSTray.exe] NDSTray.exe mRun: [cfFncEnabler.exe] cfFncEnabler.exe mRun: [Toshiba TEMPO] c:\program files\toshiba tempro\Toshiba.Tempo.UI.TrayApplication.exe mRun: [Apoint] c:\program files\apoint2k\Apoint.exe mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe mRun: [HDMICtrlMan] c:\program files\toshiba\hdmictrlman\HDMICtrlMan.exe mRun: [Toshiba Registration] c:\program files\toshiba\registration\ToshibaRegistration.exe mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [AVGIDS] "c:\program files\avg\avg8\identity protection\agent\bin\AVGIDSUI.exe" mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/710-44557-9400-3/4 IE: {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redire...1&site=home IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL AppInit_DLLs: c:\progra~1\google\google~3\GOEC62~1.DLL,avgrsstx.dll ============= SERVICES / DRIVERS =============== R0 AVGIDSErHr;AVGIDSErHr;c:\windows\system32\drivers\AVGIDSErHr.sys [2009-2-26 25608] R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2009-3-4 12552] R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2009-3-4 23832] R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-3-4 327688] R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-3-4 108552] R1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\drivers\jswpslwf.sys [2009-3-3 20352] R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-4-30 906520] R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-3-4 298776] R2 avgfws8;AVG8 Firewall;c:\progra~1\avg\avg8\avgfws8.exe [2009-4-30 1368952] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg8\identity protection\agent\bin\AVGIDSAgent.exe [2009-2-26 5576712] R2 AVGIDSWatcher;AVGIDSWatcher;c:\program files\avg\avg8\identity protection\agent\bin\AVGIDSWatcher.exe [2009-2-26 563720] R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2008-4-17 40960] R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-3-6 1153368] R2 TempoMonitoringService;Notebook Performance Tuning Service ;c:\program files\toshiba tempro\TempoSVC.exe [2008-4-24 99720] R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976] R3 AVGIDSDriver;AVGIDSDriver;c:\program files\avg\avg8\identity protection\agent\driver\platform_vista\AVGIDSDriver.sys [2009-2-26 121352] R3 AVGIDSFilter;AVGIDSFilter;c:\program files\avg\avg8\identity protection\agent\driver\platform_vista\AVGIDSFilter.sys [2009-2-26 30216] R3 AVGIDSShim;AVGIDSShim;c:\program files\avg\avg8\identity protection\agent\driver\platform_vista\AVGIDSShim.sys [2009-2-26 29136] R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2008-4-15 51160] R3 QIOMem;Generic IO & Memory Access;c:\windows\system32\drivers\QIOMem.sys [2007-4-9 8192] R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\toshiba\smartfacev\SmartFaceVWatchSrv.exe [2008-4-24 73728] S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\jumpstart\jswpsapi.exe [2009-3-3 937984] S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\drivers\s3017bus.sys [2009-3-9 83880] S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\drivers\s3017mdfl.sys [2009-3-9 15016] S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\drivers\s3017mdm.sys [2009-3-9 110632] S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\drivers\s3017obex.sys [2009-3-9 100648] S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\drivers\s3017unic.sys [2009-3-9 110120] S4 RelevantKnowledge;RelevantKnowledge;c:\program files\relevantknowledge\rlservice.exe /service --> c:\program files\relevantknowledge\rlservice.exe [?] =============== Created Last 30 ================ 2009-06-26 18:58 <DIR> --d----- c:\users\ivan\appdata\roaming\Kutchka 2009-06-26 18:58 <DIR> --d----- c:\program files\Kutchka 2009-06-24 17:35 72,704 a------- c:\windows\system32\admparse.dll 2009-06-22 16:17 <DIR> --d----- c:\windows\pss 2009-06-20 17:33 <DIR> --d----- c:\users\ivan\appdata\roaming\Malwarebytes 2009-06-20 17:33 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-20 17:33 19,096 a------- c:\windows\system32\drivers\mbam.sys 2009-06-20 17:33 <DIR> --d----- c:\programdata\Malwarebytes 2009-06-20 17:33 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware 2009-06-20 17:33 <DIR> --d----- c:\progra~2\Malwarebytes 2009-06-20 16:44 <DIR> --d----- c:\program files\Trend Micro 2009-06-20 16:04 7,680 a------- c:\windows\system32\ff_vfw.dll 2009-06-20 16:04 547 a------- c:\windows\system32\ff_vfw.dll.manifest 2009-06-20 16:04 60,273 a------- c:\windows\system32\pthreadGC2.dll 2009-06-20 16:04 <DIR> --d----- c:\program files\ffdshow 2009-06-20 15:49 <DIR> --d----- c:\programdata\IsolatedStorage 2009-06-20 15:49 <DIR> --d----- c:\progra~2\IsolatedStorage 2009-06-19 19:54 40 a------- c:\windows\system32\d3d9prs.dat 2009-06-19 19:53 <DIR> --d----- c:\program files\GrandBilliards 2009-06-18 16:56 <DIR> --d----- c:\users\ivan\appdata\roaming\Ableton 2009-06-18 16:55 368,640 a------- c:\windows\system32\ReWire.dll 2009-06-18 16:54 <DIR> --d----- c:\program files\Ableton 2009-06-17 20:15 <DIR> --d--r-- c:\program files\Skype 2009-06-15 22:19 <DIR> --d----- c:\users\ivan\appdata\roaming\BSplayer Pro 2009-06-15 22:19 <DIR> --d----- c:\users\ivan\appdata\roaming\BSplayer 2009-06-15 22:19 <DIR> --d----- c:\program files\Webteh 2009-06-14 12:13 428,544 a------- c:\windows\system32\EncDec.dll 2009-06-14 12:13 293,376 a------- c:\windows\system32\psisdecd.dll 2009-06-14 12:13 217,088 a------- c:\windows\system32\psisrndr.ax 2009-06-14 12:13 177,664 a------- c:\windows\system32\mpg2splt.ax 2009-06-14 12:13 80,896 a------- c:\windows\system32\MSNP.ax 2009-06-11 12:03 2,033,152 a------- c:\windows\system32\win32k.sys 2009-06-11 12:03 636,928 a------- c:\windows\system32\localspl.dll 2009-06-11 12:03 784,896 a------- c:\windows\system32\rpcrt4.dll 2009-05-31 22:53 410,984 a------- c:\windows\system32\deploytk.dll ==================== Find3M ==================== 2009-06-11 21:31 327,688 a------- c:\windows\system32\drivers\avgldx86.sys 2009-05-09 07:50 915,456 a------- c:\windows\system32\wininet.dll 2009-05-09 07:34 71,680 a------- c:\windows\system32\iesetup.dll 2009-04-30 10:02 11,952 a------- c:\windows\system32\avgrsstx.dll 2009-04-30 10:02 23,832 a------- c:\windows\system32\drivers\avgfwd6x.sys 2009-04-30 10:02 12,552 a------- c:\windows\system32\drivers\avgrkx86.sys 2009-04-30 10:01 108,552 a------- c:\windows\system32\drivers\avgtdix.sys 2009-04-15 14:44 143,360 a------- c:\windows\inf\infstrng.dat 2009-04-15 14:44 51,200 a------- c:\windows\inf\infpub.dat 2009-04-15 14:44 86,016 a------- c:\windows\inf\infstor.dat 2009-03-29 22:19 171,520 a------- c:\windows\system32\cncs32.dll 2009-03-05 02:14 56 a---h--- c:\programdata\ezsidmv.dat 2009-03-05 02:14 56 a---h--- c:\progra~2\ezsidmv.dat 2009-03-05 02:10 23,516,968 a------- c:\users\ivan\SkypeSetupFull.exe 2009-03-03 18:01 665,600 a------- c:\windows\inf\drvindex.dat 2008-01-21 04:43 174 a--sh--- c:\program files\desktop.ini 2006-11-02 14:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat 2006-11-02 14:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat 2006-11-02 14:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat 2006-11-02 14:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat 2006-11-02 11:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat 2006-11-02 11:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat 2006-11-02 11:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat 2006-11-02 11:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat ============= FINISH: 15:39:39.65 ===============

papac View Member Profile	Jun 27 2009, 07:49 AM Post #13
New Member Group: Authentic Member Posts: 6 Joined: 20-June 09 Member No.: 86,344 Operating System: Vista	Sorry it took me 2 days to reply. Yes, computer is still running pretty slow, I don't know what could be reason. Here it is all you asked. DDS (Ver_09-06-26.01) - NTFSx86 Run by Ivan at 15:39:08.24 on sub 27.06.2009 Internet Explorer: 8.0.6001.18783 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.385.1033.18.3293.1917 [GMT 2:00] AV: AVG Internet Security On-access scanning enabled (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} SP: AVG Internet Security enabled (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} SP: Spybot - Search and Destroy enabled (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9} SP: Windows Defender enabled (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} FW: AVG Firewall disabled {8decf618-9569-4340-b34a-d78d28969b66} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Ati2evxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSAgent.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\PROGRA~1\AVG\AVG8\avgfws8.exe C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSWatcher.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\PROGRA~1\AVG\AVG8\avgam.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Toshiba TEMPRO\TempoSVC.exe C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe C:\Windows\system32\TODDSrv.exe C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe C:\Program Files\Toshiba\ConfigFree\NDSTray.exe C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Toshiba\Power Saver\TPwrMain.exe C:\Program Files\Toshiba\FlashCards\TCrdMain.exe C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSUI.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Apoint2K\HidFind.exe C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe C:\Program Files\AVG\AVG8\Identity Protection\agent\Bin\AVGIDSMonitor.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\Ivan\Desktop\dds.scr C:\Windows\system32\conime.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uSearch Page = uStart Page = hxxp://www.google.hr/ uDefault_Page_URL = hxxp://www.google.co.uk uSearch Bar = mStart Page = hxxp://home.sweetim.com mDefault_Page_URL = hxxp://www.google.co.uk uInternet Settings,ProxyOverride = .local BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll BHO: Windows Live Pomoc za prijavu: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File TB: {2C688203-7EB3-4327-9995-1CB417BA23F9} - No File uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide mRun: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START mRun: [NDSTray.exe] NDSTray.exe mRun: [cfFncEnabler.exe] cfFncEnabler.exe mRun: [Toshiba TEMPO] c:\program files\toshiba tempro\Toshiba.Tempo.UI.TrayApplication.exe mRun: [Apoint] c:\program files\apoint2k\Apoint.exe mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe mRun: [HDMICtrlMan] c:\program files\toshiba\hdmictrlman\HDMICtrlMan.exe mRun: [Toshiba Registration] c:\program files\toshiba\registration\ToshibaRegistration.exe mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [AVGIDS] "c:\program files\avg\avg8\identity protection\agent\bin\AVGIDSUI.exe" mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/710-44557-9400-3/4 IE: {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redire...1&site=home IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL AppInit_DLLs: c:\progra~1\google\google~3\GOEC62~1.DLL,avgrsstx.dll ============= SERVICES / DRIVERS =============== R0 AVGIDSErHr;AVGIDSErHr;c:\windows\system32\drivers\AVGIDSErHr.sys [2009-2-26 25608] R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2009-3-4 12552] R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2009-3-4 23832] R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-3-4 327688] R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-3-4 108552] R1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\drivers\jswpslwf.sys [2009-3-3 20352] R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-4-30 906520] R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-3-4 298776] R2 avgfws8;AVG8 Firewall;c:\progra~1\avg\avg8\avgfws8.exe [2009-4-30 1368952] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg8\identity protection\agent\bin\AVGIDSAgent.exe [2009-2-26 5576712] R2 AVGIDSWatcher;AVGIDSWatcher;c:\program files\avg\avg8\identity protection\agent\bin\AVGIDSWatcher.exe [2009-2-26 563720] R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2008-4-17 40960] R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-3-6 1153368] R2 TempoMonitoringService;Notebook Performance Tuning Service ;c:\program files\toshiba tempro\TempoSVC.exe [2008-4-24 99720] R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976] R3 AVGIDSDriver;AVGIDSDriver;c:\program files\avg\avg8\identity protection\agent\driver\platform_vista\AVGIDSDriver.sys [2009-2-26 121352] R3 AVGIDSFilter;AVGIDSFilter;c:\program files\avg\avg8\identity protection\agent\driver\platform_vista\AVGIDSFilter.sys [2009-2-26 30216] R3 AVGIDSShim;AVGIDSShim;c:\program files\avg\avg8\identity protection\agent\driver\platform_vista\AVGIDSShim.sys [2009-2-26 29136] R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2008-4-15 51160] R3 QIOMem;Generic IO & Memory Access;c:\windows\system32\drivers\QIOMem.sys [2007-4-9 8192] R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\toshiba\smartfacev\SmartFaceVWatchSrv.exe [2008-4-24 73728] S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\jumpstart\jswpsapi.exe [2009-3-3 937984] S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\drivers\s3017bus.sys [2009-3-9 83880] S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\drivers\s3017mdfl.sys [2009-3-9 15016] S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\drivers\s3017mdm.sys [2009-3-9 110632] S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\drivers\s3017obex.sys [2009-3-9 100648] S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\drivers\s3017unic.sys [2009-3-9 110120] S4 RelevantKnowledge;RelevantKnowledge;c:\program files\relevantknowledge\rlservice.exe /service --> c:\program files\relevantknowledge\rlservice.exe [?] =============== Created Last 30 ================ 2009-06-26 18:58 <DIR> --d----- c:\users\ivan\appdata\roaming\Kutchka 2009-06-26 18:58 <DIR> --d----- c:\program files\Kutchka 2009-06-24 17:35 72,704 a------- c:\windows\system32\admparse.dll 2009-06-22 16:17 <DIR> --d----- c:\windows\pss 2009-06-20 17:33 <DIR> --d----- c:\users\ivan\appdata\roaming\Malwarebytes 2009-06-20 17:33 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-20 17:33 19,096 a------- c:\windows\system32\drivers\mbam.sys 2009-06-20 17:33 <DIR> --d----- c:\programdata\Malwarebytes 2009-06-20 17:33 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware 2009-06-20 17:33 <DIR> --d----- c:\progra~2\Malwarebytes 2009-06-20 16:44 <DIR> --d----- c:\program files\Trend Micro 2009-06-20 16:04 7,680 a------- c:\windows\system32\ff_vfw.dll 2009-06-20 16:04 547 a------- c:\windows\system32\ff_vfw.dll.manifest 2009-06-20 16:04 60,273 a------- c:\windows\system32\pthreadGC2.dll 2009-06-20 16:04 <DIR> --d----- c:\program files\ffdshow 2009-06-20 15:49 <DIR> --d----- c:\programdata\IsolatedStorage 2009-06-20 15:49 <DIR> --d----- c:\progra~2\IsolatedStorage 2009-06-19 19:54 40 a------- c:\windows\system32\d3d9prs.dat 2009-06-19 19:53 <DIR> --d----- c:\program files\GrandBilliards 2009-06-18 16:56 <DIR> --d----- c:\users\ivan\appdata\roaming\Ableton 2009-06-18 16:55 368,640 a------- c:\windows\system32\ReWire.dll 2009-06-18 16:54 <DIR> --d----- c:\program files\Ableton 2009-06-17 20:15 <DIR> --d--r-- c:\program files\Skype 2009-06-15 22:19 <DIR> --d----- c:\users\ivan\appdata\roaming\BSplayer Pro 2009-06-15 22:19 <DIR> --d----- c:\users\ivan\appdata\roaming\BSplayer 2009-06-15 22:19 <DIR> --d----- c:\program files\Webteh 2009-06-14 12:13 428,544 a------- c:\windows\system32\EncDec.dll 2009-06-14 12:13 293,376 a------- c:\windows\system32\psisdecd.dll 2009-06-14 12:13 217,088 a------- c:\windows\system32\psisrndr.ax 2009-06-14 12:13 177,664 a------- c:\windows\system32\mpg2splt.ax 2009-06-14 12:13 80,896 a------- c:\windows\system32\MSNP.ax 2009-06-11 12:03 2,033,152 a------- c:\windows\system32\win32k.sys 2009-06-11 12:03 636,928 a------- c:\windows\system32\localspl.dll 2009-06-11 12:03 784,896 a------- c:\windows\system32\rpcrt4.dll 2009-05-31 22:53 410,984 a------- c:\windows\system32\deploytk.dll ==================== Find3M ==================== 2009-06-11 21:31 327,688 a------- c:\windows\system32\drivers\avgldx86.sys 2009-05-09 07:50 915,456 a------- c:\windows\system32\wininet.dll 2009-05-09 07:34 71,680 a------- c:\windows\system32\iesetup.dll 2009-04-30 10:02 11,952 a------- c:\windows\system32\avgrsstx.dll 2009-04-30 10:02 23,832 a------- c:\windows\system32\drivers\avgfwd6x.sys 2009-04-30 10:02 12,552 a------- c:\windows\system32\drivers\avgrkx86.sys 2009-04-30 10:01 108,552 a------- c:\windows\system32\drivers\avgtdix.sys 2009-04-15 14:44 143,360 a------- c:\windows\inf\infstrng.dat 2009-04-15 14:44 51,200 a------- c:\windows\inf\infpub.dat 2009-04-15 14:44 86,016 a------- c:\windows\inf\infstor.dat 2009-03-29 22:19 171,520 a------- c:\windows\system32\cncs32.dll 2009-03-05 02:14 56 a---h--- c:\programdata\ezsidmv.dat 2009-03-05 02:14 56 a---h--- c:\progra~2\ezsidmv.dat 2009-03-05 02:10 23,516,968 a------- c:\users\ivan\SkypeSetupFull.exe 2009-03-03 18:01 665,600 a------- c:\windows\inf\drvindex.dat 2008-01-21 04:43 174 a--sh--- c:\program files\desktop.ini 2006-11-02 14:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat 2006-11-02 14:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat 2006-11-02 14:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat 2006-11-02 14:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat 2006-11-02 11:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat 2006-11-02 11:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat 2006-11-02 11:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat 2006-11-02 11:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat ============= FINISH: 15:39:39.65 =============== This post has been edited by papac: Jun 27 2009, 07:54 AM Attached File(s)* Attach.txt ( 10.03K ) Number of downloads: 14 Attach.txt ( 10.03K ) Number of downloads: 83

Tomk View Member Profile	Jun 27 2009, 08:20 AM Post #14
Forum God / Classroom Admin Assistant Group: Classroom Teacher Posts: 12,279 Joined: 27-December 07 From: Sisters, OR Member No.: 75,503 Operating System: xp	papac, Download ComboFix from one of these locations: Link 1 Link 2 Link 3 * IMPORTANT !!! Save ComboFix.exe to your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link --> http://forums.whatthetech.com/How_Disable_...ams_t96260.html Double click on ComboFix.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware. Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console. Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message: Click on Yes, to continue scanning for malware. When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply. Notes: 1. Do not mouse-click Combofix's window while it is running. That may cause it to stall. 2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions. 3. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser. 4. Combofix prevents autorun of ALL** CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper. 5. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

papac View Member Profile	Jun 27 2009, 09:28 AM Post #15
New Member Group: Authentic Member Posts: 6 Joined: 20-June 09 Member No.: 86,344 Operating System: Vista	I have avg 8.5 and I looked at link you have posted and just can't find how to disable avg anti-virus and avg anti-spyware. There are some explanations for older versions of avg I think, but avg 8.5 is little diferent. Can you help?

« Next Oldest · Infections Removal · Next Newest »

2 Pages

1 2 >

Closed Topic

Start new topic

Similar Topics

Similar Topics

Similar Topics

		Topic Title	Replies	Topic Starter	Views	Last Action
		Infections Removal Internet Slow and/or unresponsive	8	Amebeo	115	52 minutes ago Last post by: Amebeo
		Infections Removal PC is running extremely slow	1	improv	24	Yesterday, 07:44 PM Last post by: LDTate
		Microsoft Windows™ Windows XP Home SP3 booting slow, but runs fast once booted 123» 7	104	Don't Spam Me	3,378	Yesterday, 03:40 PM Last post by: arTech
		Infections Removal [Resolved] PC running slowly	11	Omideyi	145	Yesterday, 02:54 PM Last post by: LDTate

Display Mode: Switch to: Standard · Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Time is now: 16th March 2010 - 06:22 AM

Advertisements do not imply our endorsement of that product or service. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk.
Member site: Alliance of Security Analysis Professionals | UNITE Against Malware
Memory Forums | Auto Repair Forum
© Geeks to Go, Inc. | All Rights Reserved | Privacy Policy

Powered By IP.Board © 2010 IPS, Inc.