WE'RE SURE THAT YOU'LL LOVE US!
Hey there! 
Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.
Try What the Tech -- It's free!
[Closed] Slow, unresponsive computer
Started by
nanadeg
, Nov 14 2009 09:02 AM
-
This topic is locked
10 replies to this topic
#1
nanadeg
-
- Authentic Member
-
- 5 posts
New Member
Posted 14 November 2009 - 09:02 AM
Register to Remove
#2
Tomk
-
- Global Moderator
-
- 20,451 posts
Beguilement Monitor
Posted 16 November 2009 - 11:44 PM
Hi nanadeg,
My name is Tomk. I would be glad to take a look at your log and help you with solving any malware problems. Logs can take a while to research, so please be patient and I'd be grateful if you would note the following:
Please download the OTM by OldTimer.
ESET Online Scanner:
Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
Vista users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
My name is Tomk. I would be glad to take a look at your log and help you with solving any malware problems. Logs can take a while to research, so please be patient and I'd be grateful if you would note the following:
- I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
- The fixes are specific to your problem and should only be used for the issues on this machine.
- Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
- It's often worth reading through these instructions and printing them for ease of reference.
- If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
- Please reply to this thread. Do not start a new topic.
Please download the OTM by OldTimer.
- Save it to your desktop.
- Please double-click OTM.exe to run it.
(Note: If you are running on Vista, right-click on the file and choose Run As Administrator). - Copy the lines inside the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
:Processes :Services bdfm Arrakis3 :Reg [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BDAgent"=- "BitDefender Antiphishing Helper"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "381ffde8-2394-4f90-b10d-fc6124a40f8c"=- :Files c:\windows\system32\drivers\bdfm.sys c:\program files\common files\bitdefender c:\program files\pcsecurityshield :Commands [purity] [emptytemp] [start explorer] [Reboot]
- Return to OTM, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
- Click the red Moveit! button.
- Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
- Close OTM
ESET Online Scanner:
Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
Vista users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
- Please go here then click on:
Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox. - Select the option YES, I accept the Terms of Use then click on:
- When prompted allow the Add-On/Active X to install.
- Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
- Now click on Advanced Settings and select the following:
- Scan for potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth Technology
- Now click on:
- The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
- When completed the Online Scan will begin automatically.
- Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
- When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
- Now click on:
- Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
- Copy and paste that log as a reply to this topic.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
------------------------------------------------------------
Microsoft MVP 2010-2014
#3
nanadeg
-
- Authentic Member
-
- 5 posts
New Member
Posted 17 November 2009 - 09:51 PM
OTM Results:
All processes killed
========== PROCESSES ==========
========== SERVICES/DRIVERS ==========
Service bdfm stopped successfully!
Service bdfm deleted successfully!
Service Arrakis3 stopped successfully!
Service Arrakis3 deleted successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\BDAgent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\BitDefender Antiphishing Helper deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\381ffde8-2394-4f90-b10d-fc6124a40f8c not found.
========== FILES ==========
File/Folder c:\windows\system32\drivers\bdfm.sys not found.
File/Folder c:\program files\common files\bitdefender not found.
File/Folder c:\program files\pcsecurityshield not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 24679539 bytes
->Temporary Internet Files folder emptied: 26092369 bytes
User: All Users
User: All Users.WINDOWS
User: COLLIN
->Apple Safari cache emptied: 103738 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Guest
->Temp folder emptied: 89834 bytes
->Temporary Internet Files folder emptied: 39582913 bytes
->Java cache emptied: 2236855 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33237 bytes
User: Whitney Degering
->Temp folder emptied: 15023468 bytes
->Temporary Internet Files folder emptied: 47150508 bytes
->Google Chrome cache emptied: 253943735 bytes
%systemdrive% .tmp files removed: 393220 bytes
%systemroot% .tmp files removed: 2176856 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
Windows Temp folder emptied: 542016 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 96202 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 393.24 mb
OTM by OldTimer - Version 3.1.2.0 log created on 11172009_195745
Files moved on Reboot...
File move failed. C:\Documents and Settings\COLLIN\Local Settings\Application Data\Apple Computer\Safari\FontsList.plist scheduled to be moved on reboot.
C:\WINDOWS\temp\FIL480.tmp moved successfully.
C:\WINDOWS\temp\FIL498.tmp moved successfully.
C:\WINDOWS\temp\FIL49A.tmp moved successfully.
C:\WINDOWS\temp\FIL49C.tmp moved successfully.
C:\WINDOWS\temp\FIL49E.tmp moved successfully.
C:\WINDOWS\temp\REG481.tmp moved successfully.
C:\WINDOWS\temp\REG499.tmp moved successfully.
C:\WINDOWS\temp\REG49B.tmp moved successfully.
C:\WINDOWS\temp\REG49D.tmp moved successfully.
C:\WINDOWS\temp\REG49F.tmp moved successfully.
C:\WINDOWS\temp\~DF392.tmp moved successfully.
C:\WINDOWS\temp\~DFA0C1.tmp moved successfully.
C:\WINDOWS\temp\~DFF5E5.tmp moved successfully.
C:\WINDOWS\temp\~DFF992.tmp moved successfully.
C:\WINDOWS\temp\~DFFCE1.tmp moved successfully.
Registry entries deleted on Reboot...
ESET Results:
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=548e6834638acb4f85eb2104947f4256
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2009-11-18 03:42:38
# local_time=2009-11-17 09:42:38 (-0600, Central Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=3073 16777189 80 89 0 1838005 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=41665
# found=0
# cleaned=0
# scan_time=4254
#4
Tomk
-
- Global Moderator
-
- 20,451 posts
Beguilement Monitor
Posted 17 November 2009 - 11:21 PM
nanadeg,
Do you notice any difference?
Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
------------------------------------------------------------
Microsoft MVP 2010-2014
#5
nanadeg
-
- Authentic Member
-
- 5 posts
New Member
Posted 18 November 2009 - 08:26 PM
Seems to come and go.... Will work almost perfect and in the same browsing sessions bog down again. Not sure what is going on..
#6
Tomk
-
- Global Moderator
-
- 20,451 posts
Beguilement Monitor
Posted 18 November 2009 - 08:39 PM
nanadeg,
Please post me a new DDS log and I'll see if I can find anything else.
Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
------------------------------------------------------------
Microsoft MVP 2010-2014
#7
nanadeg
-
- Authentic Member
-
- 5 posts
New Member
Posted 18 November 2009 - 08:53 PM
DDS (Ver_09-06-26.01) - NTFSx86
Run by Whitney Degering at 20:47:05.31 on Wed 11/18/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.382.103 [GMT -6:00]
AV: COMODO Antivirus *On-access scanning enabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2G1.EXE
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NETGEAR\MA111v2 USB Adapter\MA111v2.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Whitney Degering\Local Settings\Temporary Internet Files\Content.IE5\XR32J9KM\dds[1].scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://www.msn.com
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
TB: The Shield Deluxe 2009 Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\pcsecurityshield\bitdefender 2009\IEToolbar.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [EPSON Stylus CX5400] c:\windows\system32\spool\drivers\w32x86\3\E_S4I2G1.EXE /P19 "EPSON Stylus CX5400" /O6 "USB001" /M "Stylus CX5400"
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\ma111c~1.lnk - c:\program files\netgear\ma111v2 usb adapter\MA111v2.exe
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
Notify: igfxcui - igfxsrvc.dll
AppInit_DLLs: c:\windows\system32\guard32.dll
============= SERVICES / DRIVERS ===============
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [2009-5-6 132808]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2009-5-6 25160]
R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2009-5-6 723632]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-9-24 1179232]
R3 SISNPF;SIS Netgroup Packet Filter;c:\windows\system32\drivers\SISNPF.SYS [2004-5-3 74112]
S2 gupdate1ca6255ddc45cfa;Google Update Service (gupdate1ca6255ddc45cfa);c:\program files\google\update\GoogleUpdate.exe [2009-11-10 133104]
=============== Created Last 30 ================
2009-11-17 19:57 <DIR> --d----- C:\_OTM
2009-11-10 19:28 15,880 a------- c:\windows\system32\lsdelete.exe
2009-11-10 16:43 93,360 a------- c:\windows\system32\drivers\SBREDrv.sys
2009-11-10 16:33 <DIR> -cd-h--- c:\docume~1\alluse~1.win\applic~1\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-11-10 16:32 <DIR> --d----- c:\program files\Lavasoft
2009-11-08 13:51 <DIR> --d----- c:\docume~1\whitne~1\applic~1\Malwarebytes
2009-11-08 13:37 <DIR> --dsh--- c:\documents and settings\whitney degering\PrivacIE
2009-11-08 13:33 <DIR> --dsh--- c:\documents and settings\whitney degering\IETldCache
2009-11-08 13:32 <DIR> --d----- c:\documents and settings\Whitney Degering
2009-11-08 10:20 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-08 10:19 <DIR> --d----- c:\docume~1\alluse~1.win\applic~1\Malwarebytes
2009-11-08 10:19 19,160 a------- c:\windows\system32\drivers\mbam.sys
2009-11-06 23:44 <DIR> --d----- c:\program files\EPSON
==================== Find3M ====================
2009-11-18 20:43 131,408 a------- c:\windows\system32\drivers\sfi.dat
2009-11-17 21:54 171,552 a------- c:\windows\system32\guard32.dll
2009-11-17 21:54 132,808 a------- c:\windows\system32\drivers\cmdguard.sys
2009-11-17 21:54 25,160 a------- c:\windows\system32\drivers\cmdhlp.sys
2009-09-11 08:18 136,192 a------- c:\windows\system32\msv1_0.dll
2009-09-04 15:03 58,880 a------- c:\windows\system32\msasn1.dll
2009-08-29 02:08 916,480 a------- c:\windows\system32\wininet.dll
2009-08-26 02:00 247,326 a------- c:\windows\system32\strmdll.dll
2006-01-18 12:24 774,144 ac------ c:\program files\RngInterstitial.dll
2004-05-28 15:48 154,112 a------- c:\windows\inf\ma111v2\MA111v2.sys
2004-03-12 14:33 212,992 a------- c:\windows\inf\ma111v2\CopyWHQLDriver.exe
2004-03-08 13:51 237,568 a------- c:\windows\inf\ma111v2\SiSWPars.dll
2004-03-08 13:51 155,648 a------- c:\windows\inf\ma111v2\SiSWInst.dll
2004-03-08 13:51 49,152 a------- c:\windows\inf\ma111v2\SiSWBase.dll
2001-10-05 12:53 21,866 ac------ c:\program files\common files\tppupd2k.dll
2009-04-14 21:01 16,384 ac-sh--- c:\windows\system32\config\systemprofile\cookies\index.dat
2009-04-14 21:01 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\index.dat
2009-03-15 12:12 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009031520090316\index.dat
============= FINISH: 20:49:12.76 ===============
#8
Tomk
-
- Global Moderator
-
- 20,451 posts
Beguilement Monitor
Posted 18 November 2009 - 09:38 PM
nanadeg,
DDS produces two logs. The second one is attach.txt. Would you please re-run DDS and past me attach.txt?
Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
------------------------------------------------------------
Microsoft MVP 2010-2014
#9
nanadeg
-
- Authentic Member
-
- 5 posts
New Member
Posted 23 November 2009 - 05:06 PM
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-06-26.01)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 3/14/2009 6:54:37 PM
System Uptime: 11/17/2009 10:12:59 PM (22 hours ago)
Motherboard: Dell Computer Corp. | | 0F5949
Processor: Intel® Celeron® CPU 2.40GHz | Microprocessor | 2392/400mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 34 GiB total, 23.443 GiB free.
D: is CDROM ()
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP162: 10/11/2009 2:49:42 PM - Installed NETGEAR MA111v2 802.11b Wireless USB Adapter
RP163: 10/11/2009 2:52:49 PM - Unsigned driver install
RP164: 10/12/2009 3:00:34 AM - Software Distribution Service 3.0
RP165: 10/12/2009 7:51:19 AM - Software Distribution Service 3.0
RP166: 10/12/2009 8:07:05 AM - Software Distribution Service 3.0
RP167: 10/13/2009 9:06:50 AM - System Checkpoint
RP168: 10/14/2009 9:21:53 AM - System Checkpoint
RP169: 10/14/2009 5:01:56 PM - Software Distribution Service 3.0
RP170: 10/15/2009 5:10:11 PM - System Checkpoint
RP171: 10/16/2009 3:00:22 AM - Software Distribution Service 3.0
RP172: 10/16/2009 12:21:05 PM - Software Distribution Service 3.0
RP173: 10/17/2009 12:37:52 PM - System Checkpoint
RP174: 10/18/2009 1:07:14 PM - System Checkpoint
RP175: 10/19/2009 1:10:28 PM - System Checkpoint
RP176: 10/20/2009 1:17:01 PM - System Checkpoint
RP177: 10/21/2009 1:17:28 PM - System Checkpoint
RP178: 10/22/2009 1:37:59 PM - System Checkpoint
RP179: 10/23/2009 2:38:00 PM - System Checkpoint
RP180: 10/24/2009 3:37:58 PM - System Checkpoint
RP181: 10/25/2009 3:38:07 PM - System Checkpoint
RP182: 10/26/2009 4:38:11 PM - System Checkpoint
RP183: 10/27/2009 5:38:13 PM - System Checkpoint
RP184: 10/28/2009 7:17:30 PM - System Checkpoint
RP185: 10/29/2009 8:12:02 PM - System Checkpoint
RP186: 10/30/2009 9:12:03 PM - System Checkpoint
RP187: 10/31/2009 10:12:22 PM - System Checkpoint
RP188: 11/1/2009 10:31:49 PM - System Checkpoint
RP189: 11/2/2009 11:07:13 PM - System Checkpoint
RP190: 11/4/2009 12:07:28 AM - System Checkpoint
RP191: 11/4/2009 10:37:50 AM - Software Distribution Service 3.0
RP192: 11/5/2009 10:56:31 AM - System Checkpoint
RP193: 11/6/2009 10:47:56 AM - Advanced Registry Optimizer - Before One Click
RP194: 11/7/2009 11:18:08 AM - System Checkpoint
RP195: 11/8/2009 12:00:45 PM - System Checkpoint
RP196: 11/9/2009 12:07:50 PM - System Checkpoint
RP197: 11/10/2009 1:17:39 PM - System Checkpoint
RP198: 11/10/2009 10:59:53 PM - Software Distribution Service 3.0
RP199: 11/11/2009 11:07:40 PM - System Checkpoint
RP200: 11/13/2009 12:07:39 AM - System Checkpoint
RP201: 11/14/2009 12:22:18 AM - System Checkpoint
RP202: 11/15/2009 1:07:40 AM - System Checkpoint
RP203: 11/16/2009 2:07:45 AM - System Checkpoint
RP204: 11/17/2009 3:07:46 AM - System Checkpoint
RP205: 11/18/2009 3:27:45 AM - System Checkpoint
==== Installed Programs ======================
ABBYY FineReader 5.0 Sprint Plus
Acrobat.com
Ad-Aware
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Reader 9.2
Advanced Registry Optimizer
ArcSoft Software Suite
Broadcom 440x 10/100 Integrated Controller
COMODO Internet Security
EPSON Copy Utility
EPSON EIC CX5400
EPSON Photo Print
EPSON Printer Software
EPSON Scan
ERUNT 1.1j
Google Chrome
Google Update Helper
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Intel® 537EP V9x DF PCI Modem
Intel® Extreme Graphics Driver
Malwarebytes' Anti-Malware
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office XP Small Business
Microsoft Silverlight
Modem Helper
NETGEAR MA111v2 802.11b Wireless USB Adapter
OGA Notifier 2.0.0048.0
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Update for Windows Internet Explorer 8 (KB968220)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973815)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 8
Windows XP Service Pack 3
==== Event Viewer Messages From Past Week ========
11/17/2009 7:57:51 PM, error: Service Control Manager [7034] - The Machine Debug Manager service terminated unexpectedly. It has done this 1 time(s).
11/11/2009 1:04:03 PM, error: Service Control Manager [7000] - The BitDefender Desktop Update Service service failed to start due to the following error: The system cannot find the path specified.
==== End Of File ===========================
#10
Tomk
-
- Global Moderator
-
- 20,451 posts
Beguilement Monitor
Posted 23 November 2009 - 06:37 PM
nanadeg,
I'm not finding anything. Let's give this tool a run.
Download ComboFix from one of these locations:
Link 1
Link 2
* IMPORTANT !!! Save ComboFix.exe to your Desktop
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
4. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
5. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
I'm not finding anything. Let's give this tool a run.
Download ComboFix from one of these locations:
Link 1
Link 2
* IMPORTANT !!! Save ComboFix.exe to your Desktop
- Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link --> http://forums.whatth...ams_t96260.html
- Double click on ComboFix.exe & follow the prompts.
- As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
- Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
4. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
5. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
------------------------------------------------------------
Microsoft MVP 2010-2014
#11
Tomk
-
- Global Moderator
-
- 20,451 posts
Beguilement Monitor
Posted 29 November 2009 - 10:21 AM
Due to inactivity this topic will be closed.
If you need help please start a new thread.
Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014
------------------------------------------------------------
Microsoft MVP 2010-2014
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
