Hello there,
My problem is this,
After being online for say 10 minues my browser becomes really slow and non responsive and the only way can resolve it is too switch the laptop off completely and restart it but then the same happens again (10 mins or so usage then really slow) i have two desktops in the house that run off the same wireless router and they dont get the same prolem they tend to work ok, im not computer literat but im sure its not a router problem as my 2 desktops work ok.
Any ideas
Regards In Advance
Stuart
DDS (Ver_09-06-26.01) - NTFSx86
Run by Stuart at 14:35:10.35 on 26/10/2009
Internet Explorer: 8.0.6001.18828
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.1013.264 [GMT 0:00]
AV: avast! antivirus 4.8.1229 [VPS 081228-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: ZoneAlarm Anti-Spyware *enabled* (Outdated) {F245A209-1085-48B4-B927-35D56015EC60}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: avast! antivirus 4.8.1229 [VPS 081228-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\dlcccoms.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Stuart\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Stuart\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com/
uSEARCH PAGE = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/sp/*http://uk.yahoo.com
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://en.uk.acer.yahoo.com
mDefault_Page_URL = hxxp://en.uk.acer.yahoo.com
uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.3.4501.1418\swg.dll
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No File
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -startup
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [eRecoveryService]
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [LManager] c:\progra~1\launch~1\LManager.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab
DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - hxxp://dl.tvunetworks.com/TVUAx.cab
DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
DPF: {5D80A6D1-B500-47DA-82B8-EB9875F85B4D} - hxxp://dl.google.com/dl/desktop/nv/GoogleGadgetPluginIEWin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {D821DC4A-0814-435E-9820-661C543A4679} - hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} - hxxps://sldc-ive.southlakeland.gov.uk/dana-cached/setup/JuniperSetupSP1.cab
Notify: igfxcui - igfxdev.dll
============= SERVICES / DRIVERS ===============
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-9-21 130936]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-6-20 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-6-20 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2007-11-20 51792]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2008-3-13 348752]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2006-11-2 167936]
S3 SMSCIRDA;SMSC Infrared Device Driver;c:\windows\system32\drivers\smscirda.sys [2006-12-2 31232]
=============== Created Last 30 ================
2009-10-24 20:04 <DIR> --d----- c:\windows\system32\eu-ES
2009-10-24 20:04 <DIR> --d----- c:\windows\system32\ca-ES
2009-10-24 20:04 <DIR> --d----- c:\program files\Microsoft Games
2009-10-24 20:04 <DIR> --d----- c:\windows\system32\vi-VN
2009-10-24 19:08 <DIR> --d----- c:\windows\system32\EventProviders
2009-10-21 15:51 3,217,408 a------- c:\windows\system32\WinSAT.exe
2009-10-21 15:50 1,502,720 a------- c:\windows\system32\certmgr.dll
2009-10-21 15:49 125,952 a------- c:\windows\system32\tintlgnt.ime
2009-10-21 15:48 247,808 a------- c:\windows\system32\drvstore.dll
2009-10-19 18:52 218,624 a------- c:\windows\system32\msv1_0.dll
2009-10-19 18:51 3,600,456 a------- c:\windows\system32\ntkrnlpa.exe
2009-10-19 18:51 3,548,216 a------- c:\windows\system32\ntoskrnl.exe
2009-10-19 18:44 60,928 a------- c:\windows\system32\msasn1.dll
2009-10-19 18:43 144,896 a------- c:\windows\system32\drivers\srv2.sys
2009-10-19 18:43 604,672 a------- c:\windows\system32\WMSPDMOD.DLL
2009-10-18 10:08 268 a---h--- C:\sqmdata01.sqm
2009-10-18 10:08 244 a---h--- C:\sqmnoopt01.sqm
2009-10-08 22:08 244 a---h--- C:\sqmnoopt00.sqm
2009-10-08 22:08 232 a---h--- C:\sqmdata00.sqm
2009-10-08 21:11 195,440 -------- c:\windows\system32\MpSigStub.exe
==================== Find3M ====================
2009-10-26 14:17 350,193 a---h--- c:\windows\system32\drivers\vsconfig.xml
2009-10-24 20:13 143,360 a------- c:\windows\inf\infstrng.dat
2009-10-24 20:13 143,360 a------- c:\windows\inf\infstor.dat
2009-10-24 20:13 51,200 a------- c:\windows\inf\infpub.dat
2009-10-24 20:04 665,600 a------- c:\windows\inf\drvindex.dat
2009-08-29 02:30 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
2009-08-29 02:30 458,752 a------- c:\windows\apppatch\AcSpecfc.dll
2009-08-29 02:30 2,159,616 a------- c:\windows\apppatch\AcGenral.dll
2009-08-29 02:30 542,720 a------- c:\windows\apppatch\AcLayers.dll
2009-08-29 00:27 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-29 00:14 28,672 a------- c:\windows\system32\Apphlpdm.dll
2009-08-27 05:22 916,480 a------- c:\windows\system32\wininet.dll
2009-08-27 05:17 109,056 a------- c:\windows\system32\iesysprep.dll
2009-08-27 05:17 71,680 a------- c:\windows\system32\iesetup.dll
2009-08-27 03:42 133,632 a------- c:\windows\system32\ieUnatt.exe
2009-08-14 15:53 17,920 a------- c:\windows\system32\netevent.dll
2009-08-14 13:49 9,728 a------- c:\windows\system32\TCPSVCS.EXE
2009-08-14 13:49 17,920 a------- c:\windows\system32\ROUTE.EXE
2009-08-14 13:49 11,264 a------- c:\windows\system32\MRINFO.EXE
2009-08-14 13:49 27,136 a------- c:\windows\system32\NETSTAT.EXE
2009-08-14 13:49 19,968 a------- c:\windows\system32\ARP.EXE
2009-08-14 13:49 8,704 a------- c:\windows\system32\HOSTNAME.EXE
2009-08-14 13:49 10,240 a------- c:\windows\system32\finger.exe
2009-08-14 13:48 105,984 a------- c:\windows\system32\netiohlp.dll
2009-08-03 14:07 403,816 a------- c:\windows\system32\OGACheckControl.dll
2009-08-03 14:07 322,928 a------- c:\windows\system32\OGAAddin.dll
2009-08-03 14:07 230,768 a------- c:\windows\system32\OGAEXEC.exe
2008-06-11 00:58 174 a--sh--- c:\program files\desktop.ini
2008-03-30 14:49 54,152 a------- c:\users\stuart\appdata\roaming\GDIPFONTCACHEV1.DAT
2006-11-02 12:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 12:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 09:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2008-12-31 17:11 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2008-12-31 17:11 32,768 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2008-12-31 17:11 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat
2008-09-05 16:03 16,384 a--sh--- c:\windows\temp\cookies\index.dat
2008-09-05 16:03 16,384 a--sh--- c:\windows\temp\history\history.ie5\index.dat
2008-09-05 16:03 32,768 a--sh--- c:\windows\temp\temporary internet files\content.ie5\index.dat
============= FINISH: 14:39:17.91 ===============
ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/10/26 14:41
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================
Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\Windows\System32\Drivers\dump_atapi.sys
Address: 0x8BD39000 Size: 32768 File Visible: No Signed: -
Status: -
Name: dump_dumpata.sys
Image Path: C:\Windows\System32\Drivers\dump_dumpata.sys
Address: 0x8BD2E000 Size: 45056 File Visible: No Signed: -
Status: -
Name: mchInjDrv.sys
Image Path: C:\Windows\system32\Drivers\mchInjDrv.sys
Address: 0xA8797000 Size: 2560 File Visible: No Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\Windows\system32\drivers\rootrepeal.sys
Address: 0xA87AE000 Size: 49152 File Visible: No Signed: -
Status: -
Processes
-------------------
Path: System
PID: 4 Status: Locked to the Windows API!
Path: C:\Windows\System32\audiodg.exe
PID: 1228 Status: Locked to the Windows API!
SSDT
-------------------
#: 021 Function Name: NtAlpcConnectPort
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc24880
#: 054 Function Name: NtConnectPort
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc244e0
#: 060 Function Name: NtCreateFile
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc21828
#: 064 Function Name: NtCreateKey
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc37d9c
#: 071 Function Name: NtCreatePort
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc24c36
#: 072 Function Name: NtCreateProcess
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc35af8
#: 073 Function Name: NtCreateProcessEx
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc35d12
#: 075 Function Name: NtCreateSection
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc39780
#: 115 Function Name: NtCreateWaitablePort
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc24cde
#: 122 Function Name: NtDeleteFile
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc21d0a
#: 123 Function Name: NtDeleteKey
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc38698
#: 126 Function Name: NtDeleteValueKey
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc38414
#: 129 Function Name: NtDuplicateObject
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc354f8
#: 166 Function Name: NtLoadKey
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc38bc6
#: 167 Function Name: NtLoadKey2
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc38c3e
#: 168 Function Name: NtLoadKeyEx
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc38d2e
#: 186 Function Name: NtOpenFile
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc21ba2
#: 194 Function Name: NtOpenProcess
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc36f18
#: 267 Function Name: NtRenameKey
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc39370
#: 268 Function Name: NtReplaceKey
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc38da6
#: 276 Function Name: NtRequestWaitReplyPort
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc2416a
#: 280 Function Name: NtRestoreKey
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc391b0
#: 286 Function Name: NtSecureConnectPort
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc24680
#: 301 Function Name: NtSetInformationFile
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc21ef8
#: 324 Function Name: NtSetValueKey
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc3811a
#: 332 Function Name: NtSystemDebugControl
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc36486
#: 334 Function Name: NtTerminateProcess
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc36362
#: 358 Function Name: NtWriteVirtualMemory
Status: Hooked by "C:\Windows\system32\drivers\iksysflt.sys" at address 0x8b6c4384
#: 383 Function Name: NtCreateUserProcess
Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc35f30
==EOF==