Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91680 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

[Resolved] Slow laptop but not desktop (browser)


  • This topic is locked This topic is locked
8 replies to this topic

#1 stuart1976

stuart1976

    Authentic Member

  • Authentic Member
  • PipPip
  • 64 posts

Posted 26 October 2009 - 08:47 AM

Hello there, My problem is this, After being online for say 10 minues my browser becomes really slow and non responsive and the only way can resolve it is too switch the laptop off completely and restart it but then the same happens again (10 mins or so usage then really slow) i have two desktops in the house that run off the same wireless router and they dont get the same prolem they tend to work ok, im not computer literat but im sure its not a router problem as my 2 desktops work ok. Any ideas Regards In Advance Stuart DDS (Ver_09-06-26.01) - NTFSx86 Run by Stuart at 14:35:10.35 on 26/10/2009 Internet Explorer: 8.0.6001.18828 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.1013.264 [GMT 0:00] AV: avast! antivirus 4.8.1229 [VPS 081228-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} SP: ZoneAlarm Anti-Spyware *enabled* (Outdated) {F245A209-1085-48B4-B927-35D56015EC60} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} SP: avast! antivirus 4.8.1229 [VPS 081228-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\ZoneLabs\vsmon.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\dlcccoms.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Users\Stuart\AppData\Local\Temp\RtkBtMnt.exe C:\Windows\system32\igfxext.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\taskeng.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Stuart\Desktop\dds.scr C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.com/ uSEARCH PAGE = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/sp/*http://uk.yahoo.com uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 mStart Page = hxxp://en.uk.acer.yahoo.com mDefault_Page_URL = hxxp://en.uk.acer.yahoo.com uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File BHO: {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - No File BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.3.4501.1418\swg.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No File uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -startup uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" mRun: [eRecoveryService] mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe" mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [LManager] c:\progra~1\launch~1\LManager.exe mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe" mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000 DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} - hxxp://dl.tvunetworks.com/TVUAx.cab DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab DPF: {5D80A6D1-B500-47DA-82B8-EB9875F85B4D} - hxxp://dl.google.com/dl/desktop/nv/GoogleGadgetPluginIEWin.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {D821DC4A-0814-435E-9820-661C543A4679} - hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} - hxxps://sldc-ive.southlakeland.gov.uk/dana-cached/setup/JuniperSetupSP1.cab Notify: igfxcui - igfxdev.dll ============= SERVICES / DRIVERS =============== R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-9-21 130936] R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-6-20 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-6-20 20560] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2007-11-20 51792] R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2008-3-13 348752] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2006-11-2 167936] S3 SMSCIRDA;SMSC Infrared Device Driver;c:\windows\system32\drivers\smscirda.sys [2006-12-2 31232] =============== Created Last 30 ================ 2009-10-24 20:04 <DIR> --d----- c:\windows\system32\eu-ES 2009-10-24 20:04 <DIR> --d----- c:\windows\system32\ca-ES 2009-10-24 20:04 <DIR> --d----- c:\program files\Microsoft Games 2009-10-24 20:04 <DIR> --d----- c:\windows\system32\vi-VN 2009-10-24 19:08 <DIR> --d----- c:\windows\system32\EventProviders 2009-10-21 15:51 3,217,408 a------- c:\windows\system32\WinSAT.exe 2009-10-21 15:50 1,502,720 a------- c:\windows\system32\certmgr.dll 2009-10-21 15:49 125,952 a------- c:\windows\system32\tintlgnt.ime 2009-10-21 15:48 247,808 a------- c:\windows\system32\drvstore.dll 2009-10-19 18:52 218,624 a------- c:\windows\system32\msv1_0.dll 2009-10-19 18:51 3,600,456 a------- c:\windows\system32\ntkrnlpa.exe 2009-10-19 18:51 3,548,216 a------- c:\windows\system32\ntoskrnl.exe 2009-10-19 18:44 60,928 a------- c:\windows\system32\msasn1.dll 2009-10-19 18:43 144,896 a------- c:\windows\system32\drivers\srv2.sys 2009-10-19 18:43 604,672 a------- c:\windows\system32\WMSPDMOD.DLL 2009-10-18 10:08 268 a---h--- C:\sqmdata01.sqm 2009-10-18 10:08 244 a---h--- C:\sqmnoopt01.sqm 2009-10-08 22:08 244 a---h--- C:\sqmnoopt00.sqm 2009-10-08 22:08 232 a---h--- C:\sqmdata00.sqm 2009-10-08 21:11 195,440 -------- c:\windows\system32\MpSigStub.exe ==================== Find3M ==================== 2009-10-26 14:17 350,193 a---h--- c:\windows\system32\drivers\vsconfig.xml 2009-10-24 20:13 143,360 a------- c:\windows\inf\infstrng.dat 2009-10-24 20:13 143,360 a------- c:\windows\inf\infstor.dat 2009-10-24 20:13 51,200 a------- c:\windows\inf\infpub.dat 2009-10-24 20:04 665,600 a------- c:\windows\inf\drvindex.dat 2009-08-29 02:30 173,056 a------- c:\windows\apppatch\AcXtrnal.dll 2009-08-29 02:30 458,752 a------- c:\windows\apppatch\AcSpecfc.dll 2009-08-29 02:30 2,159,616 a------- c:\windows\apppatch\AcGenral.dll 2009-08-29 02:30 542,720 a------- c:\windows\apppatch\AcLayers.dll 2009-08-29 00:27 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll 2009-08-29 00:14 28,672 a------- c:\windows\system32\Apphlpdm.dll 2009-08-27 05:22 916,480 a------- c:\windows\system32\wininet.dll 2009-08-27 05:17 109,056 a------- c:\windows\system32\iesysprep.dll 2009-08-27 05:17 71,680 a------- c:\windows\system32\iesetup.dll 2009-08-27 03:42 133,632 a------- c:\windows\system32\ieUnatt.exe 2009-08-14 15:53 17,920 a------- c:\windows\system32\netevent.dll 2009-08-14 13:49 9,728 a------- c:\windows\system32\TCPSVCS.EXE 2009-08-14 13:49 17,920 a------- c:\windows\system32\ROUTE.EXE 2009-08-14 13:49 11,264 a------- c:\windows\system32\MRINFO.EXE 2009-08-14 13:49 27,136 a------- c:\windows\system32\NETSTAT.EXE 2009-08-14 13:49 19,968 a------- c:\windows\system32\ARP.EXE 2009-08-14 13:49 8,704 a------- c:\windows\system32\HOSTNAME.EXE 2009-08-14 13:49 10,240 a------- c:\windows\system32\finger.exe 2009-08-14 13:48 105,984 a------- c:\windows\system32\netiohlp.dll 2009-08-03 14:07 403,816 a------- c:\windows\system32\OGACheckControl.dll 2009-08-03 14:07 322,928 a------- c:\windows\system32\OGAAddin.dll 2009-08-03 14:07 230,768 a------- c:\windows\system32\OGAEXEC.exe 2008-06-11 00:58 174 a--sh--- c:\program files\desktop.ini 2008-03-30 14:49 54,152 a------- c:\users\stuart\appdata\roaming\GDIPFONTCACHEV1.DAT 2006-11-02 12:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat 2006-11-02 12:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat 2006-11-02 12:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat 2006-11-02 12:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat 2006-11-02 09:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat 2006-11-02 09:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat 2006-11-02 09:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat 2006-11-02 09:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat 2008-12-31 17:11 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat 2008-12-31 17:11 32,768 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat 2008-12-31 17:11 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat 2008-09-05 16:03 16,384 a--sh--- c:\windows\temp\cookies\index.dat 2008-09-05 16:03 16,384 a--sh--- c:\windows\temp\history\history.ie5\index.dat 2008-09-05 16:03 32,768 a--sh--- c:\windows\temp\temporary internet files\content.ie5\index.dat ============= FINISH: 14:39:17.91 =============== ROOTREPEAL © AD, 2007-2009 ================================================== Scan Start Time: 2009/10/26 14:41 Program Version: Version 1.3.5.0 Windows Version: Windows Vista SP2 ================================================== Drivers ------------------- Name: dump_atapi.sys Image Path: C:\Windows\System32\Drivers\dump_atapi.sys Address: 0x8BD39000 Size: 32768 File Visible: No Signed: - Status: - Name: dump_dumpata.sys Image Path: C:\Windows\System32\Drivers\dump_dumpata.sys Address: 0x8BD2E000 Size: 45056 File Visible: No Signed: - Status: - Name: mchInjDrv.sys Image Path: C:\Windows\system32\Drivers\mchInjDrv.sys Address: 0xA8797000 Size: 2560 File Visible: No Signed: - Status: - Name: rootrepeal.sys Image Path: C:\Windows\system32\drivers\rootrepeal.sys Address: 0xA87AE000 Size: 49152 File Visible: No Signed: - Status: - Processes ------------------- Path: System PID: 4 Status: Locked to the Windows API! Path: C:\Windows\System32\audiodg.exe PID: 1228 Status: Locked to the Windows API! SSDT ------------------- #: 021 Function Name: NtAlpcConnectPort Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc24880 #: 054 Function Name: NtConnectPort Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc244e0 #: 060 Function Name: NtCreateFile Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc21828 #: 064 Function Name: NtCreateKey Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc37d9c #: 071 Function Name: NtCreatePort Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc24c36 #: 072 Function Name: NtCreateProcess Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc35af8 #: 073 Function Name: NtCreateProcessEx Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc35d12 #: 075 Function Name: NtCreateSection Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc39780 #: 115 Function Name: NtCreateWaitablePort Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc24cde #: 122 Function Name: NtDeleteFile Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc21d0a #: 123 Function Name: NtDeleteKey Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc38698 #: 126 Function Name: NtDeleteValueKey Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc38414 #: 129 Function Name: NtDuplicateObject Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc354f8 #: 166 Function Name: NtLoadKey Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc38bc6 #: 167 Function Name: NtLoadKey2 Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc38c3e #: 168 Function Name: NtLoadKeyEx Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc38d2e #: 186 Function Name: NtOpenFile Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc21ba2 #: 194 Function Name: NtOpenProcess Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc36f18 #: 267 Function Name: NtRenameKey Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc39370 #: 268 Function Name: NtReplaceKey Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc38da6 #: 276 Function Name: NtRequestWaitReplyPort Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc2416a #: 280 Function Name: NtRestoreKey Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc391b0 #: 286 Function Name: NtSecureConnectPort Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc24680 #: 301 Function Name: NtSetInformationFile Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc21ef8 #: 324 Function Name: NtSetValueKey Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc3811a #: 332 Function Name: NtSystemDebugControl Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc36486 #: 334 Function Name: NtTerminateProcess Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc36362 #: 358 Function Name: NtWriteVirtualMemory Status: Hooked by "C:\Windows\system32\drivers\iksysflt.sys" at address 0x8b6c4384 #: 383 Function Name: NtCreateUserProcess Status: Hooked by "C:\Windows\system32\DRIVERS\vsdatant.sys" at address 0x8bc35f30 ==EOF==

Attached Files


    Advertisements

Register to Remove


#2 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,136 posts

Posted 29 October 2009 - 11:47 AM

Hi stuart1976,

:welcome:

My name is Tomk. I would be glad to take a look at your log and help you with solving any malware problems. Logs can take a while to research, so please be patient and I'd be grateful if you would note the following:

  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for the issues on this machine.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

I don't see much going on there. Let's try this:

Download TFC to your desktop
  • Close any open windows.
  • Double click the TFC icon to run the program
  • TFC will close all open programs itself in order to run,
  • Click the Start button to begin the process.
  • Allow TFC to run uninterrupted.
  • The program should not take long to finish it's job
  • Once its finished it should automatically reboot your machine,
  • if it doesn't, manually reboot to ensure a complete clean

Then

Please download Malwarebytes' Anti-Malware to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
  • Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot (shut down your computer then restart it).

Also please describe how your computer behaves at the moment.

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png


#3 stuart1976

stuart1976

    Authentic Member

  • Authentic Member
  • PipPip
  • 64 posts

Posted 01 November 2009 - 12:46 PM

Hello Tomk, Thanks for getting back to me and sorry i was late replying. heres the report from Mbam Malwarebytes' Anti-Malware 1.41 Database version: 3079 Windows 6.0.6002 Service Pack 2 01/11/2009 18:30:06 mbam-log-2009-11-01 (18-30-06).txt Scan type: Quick Scan Objects scanned: 89685 Time elapsed: 6 minute(s), 27 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)

#4 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,136 posts

Posted 01 November 2009 - 11:42 PM

stuart1976,


Please go to Kaspersky website and perform an online antivirus scan.

  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
    • Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
      Mail databases
  • Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  • Please post this log in your next reply.

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png


#5 stuart1976

stuart1976

    Authentic Member

  • Authentic Member
  • PipPip
  • 64 posts

Posted 02 November 2009 - 07:25 AM

Hi tomk i rang on virus checker and nothing was found so i dont have the report, but things seem to be doing ok now i have been on the net a lot longer than 10 minutes now and browsers seems to be ok regards Stuart

#6 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,136 posts

Posted 02 November 2009 - 08:22 AM

Log looks good :D


You need to create a new Clean restore point:

  • Download SysRestorePoint to your desktop and unzip it to it's own folder.
  • Double click SysRestorePoint.exe so that we can make a new system restore point.
  • A box will pop up after it has made a new point, usually after a few seconds. Close that window and exit the program.
Remove all previous Restore Points
Click Start Menu > Run > copy and paste

cleanmgr

You may be asked to choose drive. Choose C: At top, click on More Options tab. Click Clean up... button in the System Restore box. Click on Yes button. When finished, click on Cancel button to exit.

Double-click My Computer.
Click the Tools menu, and then click Folder Options.
Click the View tab.
Check "Hide file extensions for known file types."
Under the "Hidden files" folder, Uncheck "Show hidden files and folders."
Check "Hide protected operating system files."
Click Apply, and then click OK.


The following is my standard advice for the future. Use what you can and pat yourself on the back for what you're already doing.

Please take time to read Preventing Malware - Tools and Practices for Safe Computing. Very important information for your consideration is contained therein.

I would also suggest you read this:
So how did I get infected in the first place?
by Tony Klein


Also: "How to prevent malware"
by miekiemoes

Please respond back that you understand the above and let me know if you have any questions. Otherwise, this thread will be closed Resolved. :thumbup:

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png


#7 stuart1976

stuart1976

    Authentic Member

  • Authentic Member
  • PipPip
  • 64 posts

Posted 02 November 2009 - 11:08 AM

Thanks for help tomk all the best Stuart

#8 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,136 posts

Posted 02 November 2009 - 11:09 AM

stuart1976, You are very welcome. Good luck and be well. :thumbup:

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png


#9 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,136 posts

Posted 02 November 2009 - 11:09 AM

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic.

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users