1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Solved Slow computer, random pauses & sound staticky

Discussion in 'Malware and Virus Removal Archive' started by barqshasbite, 2009/04/14.

  1. 2009/04/14
    barqshasbite

    barqshasbite Inactive Thread Starter

    Joined:
    2009/03/26
    Messages:
    16
    Likes Received:
    0
    [Resolved] Slow computer, random pauses & sound staticky

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:22:15 PM, on 4/14/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16791)
    Boot mode: Normal

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\svchost.exe
    D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    D:\WINDOWS\system32\svchost.exe
    D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    D:\Program Files\Alwil Software\Avast4\ashServ.exe
    D:\WINDOWS\system32\svchost.exe
    D:\WINDOWS\ExplorerFranco.exe
    D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    D:\Program Files\Razer\Diamondback 3G\razerhid.exe
    D:\Program Files\Microsoft IntelliType Pro\itype.exe
    D:\Program Files\D-Link\D-Link Wireless N DWA-130\AirNCFG.exe
    D:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    D:\Program Files\COMODO\COMODO Internet Security\cfp.exe
    D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    D:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\OpenOffice.org 3\program\swriter.exe
    D:\Program Files\OpenOffice.org 3\program\soffice.exe
    D:\Program Files\Razer\Diamondback 3G\razertra.exe
    D:\Program Files\OpenOffice.org 3\program\soffice.bin
    D:\Program Files\Razer\Diamondback 3G\razerofa.exe
    D:\Program Files\Winamp\winamp.exe
    D:\Program Files\Windows Live\Messenger\msnmsgr.exe
    D:\Program Files\Windows Live\Contacts\wlcomm.exe
    D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    D:\Program Files\Mozilla Firefox\firefox.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    F2 - REG:system.ini: Shell=ExplorerFranco.exe
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O4 - HKLM\..\Run: [Diamondback] D:\Program Files\Razer\Diamondback 3G\razerhid.exe
    O4 - HKLM\..\Run: [itype] "d:\Program Files\Microsoft IntelliType Pro\itype.exe "
    O4 - HKLM\..\Run: [D-Link D-Link Wireless N DWA-130] D:\Program Files\D-Link\D-Link Wireless N DWA-130\AirNCFG.exe
    O4 - HKLM\..\Run: [ANIWZCS2Service] D:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    O4 - HKLM\..\Run: [COMODO Internet Security] "D:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
    O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?3763248109531
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1238792678593
    O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - D:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

    --
    End of file - 5060 bytes


    DDS (Ver_09-03-16.01) - NTFSx86
    Run by Owner at 22:23:49.51 on Tue 04/14/2009
    Internet Explorer: 7.0.5730.13
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.491 [GMT -4:00]

    AV: avast! antivirus 4.8.1335 [VPS 090414-0] *On-access scanning enabled* (Updated)
    FW: COMODO Firewall *enabled*

    ============== Running Processes ===============

    D:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    D:\WINDOWS\system32\svchost.exe -k netsvcs
    D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    D:\Program Files\Alwil Software\Avast4\ashServ.exe
    D:\WINDOWS\system32\svchost.exe -k imgsvc
    D:\WINDOWS\ExplorerFranco.exe
    D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    svchost.exe
    D:\Program Files\Razer\Diamondback 3G\razerhid.exe
    D:\Program Files\Microsoft IntelliType Pro\itype.exe
    D:\Program Files\D-Link\D-Link Wireless N DWA-130\AirNCFG.exe
    D:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    D:\Program Files\COMODO\COMODO Internet Security\cfp.exe
    D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    D:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\OpenOffice.org 3\program\swriter.exe
    D:\Program Files\OpenOffice.org 3\program\soffice.exe
    D:\Program Files\Razer\Diamondback 3G\razertra.exe
    D:\Program Files\OpenOffice.org 3\program\soffice.bin
    D:\Program Files\Razer\Diamondback 3G\razerofa.exe
    D:\Program Files\Winamp\winamp.exe
    D:\Program Files\Windows Live\Messenger\msnmsgr.exe
    D:\Program Files\Windows Live\Contacts\wlcomm.exe
    D:\Program Files\Mozilla Firefox\firefox.exe
    D:\Documents and Settings\Owner\Desktop\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.ca/
    mWinlogon: Shell=ExplorerFranco.exe
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - d:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - d:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    uRun: [ctfmon.exe] d:\windows\system32\ctfmon.exe
    mRun: [Diamondback] d:\program files\razer\diamondback 3g\razerhid.exe
    mRun: [itype] "d:\program files\microsoft intellitype pro\itype.exe "
    mRun: [D-Link D-Link Wireless N DWA-130] d:\program files\d-link\d-link wireless n dwa-130\AirNCFG.exe
    mRun: [ANIWZCS2Service] d:\program files\ani\aniwzcs2 service\WZCSLDR2.exe
    mRun: [COMODO Internet Security] "d:\program files\comodo\comodo internet security\cfp.exe" -h
    mRun: [avast!] d:\progra~1\alwils~1\avast4\ashDisp.exe
    uPolicies-explorer: NoSMHelp = 01000000
    uPolicies-explorer: NoSMMyDocs = 00000000
    uPolicies-explorer: NoNetworkConnections = 01000000
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - d:\program files\messenger\msmsgs.exe
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?3763248109531
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1238792678593
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
    DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
    Notify: !SASWinLogon - d:\program files\superantispyware\SASWINLO.dll
    Notify: AtiExtEvent - Ati2evxx.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - d:\windows\system32\WPDShServiceObj.dll
    SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - d:\program files\superantispyware\SASSEH.DLL

    ================= FIREFOX ===================

    FF - ProfilePath - d:\docume~1\owner\applic~1\mozilla\firefox\profiles\pkw1cy5y.default\

    ============= SERVICES / DRIVERS ===============

    R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [2009-4-3 114768]
    R1 cmdGuard;COMODO Internet Security Sandbox Driver;d:\windows\system32\drivers\cmdguard.sys [2009-4-3 110992]
    R1 cmdHlp;COMODO Internet Security Helper Driver;d:\windows\system32\drivers\cmdhlp.sys [2009-4-3 24336]
    R1 SASDIFSV;SASDIFSV;d:\program files\superantispyware\sasdifsv.sys [2009-3-23 9968]
    R1 SASKUTIL;SASKUTIL;d:\program files\superantispyware\SASKUTIL.SYS [2009-3-23 72944]
    R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [2009-4-3 20560]
    R2 avast! Antivirus;avast! Antivirus;d:\program files\alwil software\avast4\ashServ.exe [2009-4-3 138680]
    R2 cmdAgent;COMODO Internet Security Helper Service;d:\program files\comodo\comodo internet security\cmdagent.exe [2009-4-3 700152]
    R3 avast! Mail Scanner;avast! Mail Scanner;d:\program files\alwil software\avast4\ashMaiSv.exe [2009-4-3 254040]
    R3 avast! Web Scanner;avast! Web Scanner;d:\program files\alwil software\avast4\ashWebSv.exe [2009-4-3 352920]
    R3 Razerlow;Diamondback 3G USB Filter Driver;d:\windows\system32\drivers\DB3G.sys [2089-4-1 13225]
    R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;d:\windows\system32\drivers\rt2870.sys [2089-4-1 560896]
    S0 TfFsMon;TfFsMon;d:\windows\system32\drivers\tffsmon.sys --> d:\windows\system32\drivers\TfFsMon.sys [?]
    S0 TfSysMon;TfSysMon;d:\windows\system32\drivers\tfsysmon.sys --> d:\windows\system32\drivers\TfSysMon.sys [?]
    S3 FXDRV;FXDRV;\??\e:\fxdrv.sys --> e:\Fxdrv.sys [?]
    S3 MEMSWEEP2;MEMSWEEP2;\??\d:\windows\system32\101.tmp --> d:\windows\system32\101.tmp [?]
    S3 SASENUM;SASENUM;d:\program files\superantispyware\SASENUM.SYS [2009-3-23 7408]
    S3 spupdsvc;Windows Service Pack Installer update service;d:\windows\system32\spupdsvc.exe [2089-4-1 26488]
    S3 TfNetMon;TfNetMon;\??\d:\windows\system32\drivers\tfnetmon.sys --> d:\windows\system32\drivers\TfNetMon.sys [?]

    =============== Created Last 30 ================

    2009-04-14 21:53 448,512 a------- d:\windows\system32\avformat-50.dll
    2009-04-14 21:53 19,968 a------- d:\windows\system32\avutil-49.dll
    2009-04-14 21:53 3,345,408 a------- d:\windows\system32\avcodec-51.dll
    2009-04-14 21:53 40,960 a------- d:\windows\wavdest.ax
    2009-04-14 21:53 <DIR> --d----- d:\program files\common files\Eltima Shared
    2009-04-14 21:53 <DIR> --d----- d:\program files\Eltima Software
    2009-04-14 15:56 <DIR> --d----- d:\program files\Lame for Audacity
    2009-04-14 15:56 <DIR> --d----- d:\program files\Audacity
    2009-04-06 18:38 1,089,593 -c------ d:\windows\system32\dllcache\ntprint.cat
    2009-04-05 20:12 <DIR> --d----- d:\docume~1\owner\applic~1\MyPhoneExplorer
    2009-04-05 14:02 <DIR> --d----- d:\windows\system32\XPSViewer
    2009-04-05 14:01 1,676,288 -c------ d:\windows\system32\dllcache\xpssvcs.dll
    2009-04-05 14:01 597,504 -c------ d:\windows\system32\dllcache\printfilterpipelinesvc.exe
    2009-04-05 14:01 575,488 -c------ d:\windows\system32\dllcache\xpsshhdr.dll
    2009-04-05 14:01 89,088 -c------ d:\windows\system32\dllcache\filterpipelineprintproc.dll
    2009-04-05 14:01 <DIR> --d-h--- D:\9a90adbaf941caf78f1ae5
    2009-04-05 14:01 1,676,288 -------- d:\windows\system32\xpssvcs.dll
    2009-04-05 14:01 575,488 -------- d:\windows\system32\xpsshhdr.dll
    2009-04-05 14:01 117,760 -------- d:\windows\system32\prntvpt.dll
    2009-04-05 13:57 <DIR> --d----- d:\program files\Windows Media Connect 2
    2009-04-05 13:53 <DIR> --d----- d:\windows\system32\URTTemp
    2009-04-05 12:29 <DIR> --d----- d:\docume~1\owner\applic~1\OpenOffice.org
    2009-04-04 17:30 <DIR> --d----- d:\docume~1\owner\applic~1\LimeWire
    2009-04-04 17:05 12,560 a------- d:\windows\system32\drivers\TfKbMon.sys
    2009-04-04 17:05 <DIR> --d----- d:\docume~1\alluse~1\applic~1\PC Tools
    2009-04-04 17:04 <DIR> --d----- d:\program files\Sophos
    2009-04-04 16:44 991,232 -c------ d:\windows\system32\dllcache\ieframe.dll.mui
    2009-04-04 16:44 459,264 -c------ d:\windows\system32\dllcache\msfeeds.dll
    2009-04-04 16:44 267,776 -c------ d:\windows\system32\dllcache\iertutil.dll
    2009-04-04 16:44 52,224 -c------ d:\windows\system32\dllcache\msfeedsbs.dll
    2009-04-04 16:44 13,824 -c------ d:\windows\system32\dllcache\ieudinit.exe
    2009-04-04 16:44 6,066,688 -c------ d:\windows\system32\dllcache\ieframe.dll
    2009-04-04 16:44 2,455,488 -c------ d:\windows\system32\dllcache\ieapfltr.dat
    2009-04-04 16:44 383,488 -c------ d:\windows\system32\dllcache\ieapfltr.dll
    2009-04-04 16:44 63,488 -c------ d:\windows\system32\dllcache\icardie.dll
    2009-04-04 16:24 <DIR> --d----- d:\program files\MSXML 4.0
    2009-04-04 12:25 826,368 -c------ d:\windows\system32\dllcache\wininet.dll
    2009-04-04 12:25 1,499,136 -c------ d:\windows\system32\dllcache\shdocvw.dll
    2009-04-04 12:25 1,160,192 -c------ d:\windows\system32\dllcache\urlmon.dll
    2009-04-04 12:15 2,145,280 -c------ d:\windows\system32\dllcache\ntkrnlmp.exe
    2009-04-04 12:15 2,189,184 -c------ d:\windows\system32\dllcache\ntoskrnl.exe
    2009-04-04 12:15 2,023,936 -c------ d:\windows\system32\dllcache\ntkrpamp.exe
    2009-04-04 12:15 2,066,048 -c------ d:\windows\system32\dllcache\ntkrnlpa.exe
    2009-04-04 12:08 272,128 -c------ d:\windows\system32\dllcache\bthport.sys
    2009-04-04 12:08 74,240 -c------ d:\windows\system32\dllcache\mscms.dll
    2009-04-04 01:52 28,288 ac------ d:\windows\system32\dllcache\xjis.nls
    2009-04-04 01:52 156,672 ac------ d:\windows\system32\dllcache\winzm.ime
    2009-04-04 01:52 156,672 ac------ d:\windows\system32\dllcache\winsp.ime
    2009-04-04 01:52 156,672 ac------ d:\windows\system32\dllcache\winpy.ime
    2009-04-04 01:52 65,536 ac------ d:\windows\system32\dllcache\winime.ime
    2009-04-04 01:52 79,360 ac------ d:\windows\system32\dllcache\winar30.ime
    2009-04-04 01:52 72,704 ac------ d:\windows\system32\dllcache\wingb.ime
    2009-04-04 01:50 1,875,968 ac------ d:\windows\system32\dllcache\msir3jp.lex
    2009-04-04 01:49 45,056 ac------ d:\windows\system32\dllcache\esunid.dll
    2009-04-04 01:46 488 a---hr-- d:\windows\system32\logonui.exe.manifest
    2009-04-04 01:46 749 a---hr-- d:\windows\WindowsShell.Manifest
    2009-04-04 01:46 749 a---hr-- d:\windows\system32\wuaucpl.cpl.manifest
    2009-04-04 01:46 749 a---hr-- d:\windows\system32\sapi.cpl.manifest
    2009-04-04 01:46 749 a---hr-- d:\windows\system32\ncpa.cpl.manifest
    2009-04-04 01:45 16,384 ac------ d:\windows\system32\dllcache\isignup.exe
    2009-04-04 01:32 24,661 ac------ d:\windows\system32\dllcache\spxcoins.dll
    2009-04-04 01:32 13,312 ac------ d:\windows\system32\dllcache\irclass.dll
    2009-04-04 01:32 24,661 a------- d:\windows\system32\spxcoins.dll
    2009-04-04 01:32 13,312 a------- d:\windows\system32\irclass.dll
    2009-04-04 01:31 14,573 a----r-- d:\windows\SET10C.tmp
    2009-04-04 01:31 37,484 ac------ d:\windows\system32\dllcache\MW770.CAT
    2009-04-04 01:31 13,472 ac------ d:\windows\system32\dllcache\HPCRDP.CAT
    2009-04-04 01:31 8,574 ac------ d:\windows\system32\dllcache\IASNT4.CAT
    2009-04-04 01:31 7,382 ac------ d:\windows\system32\dllcache\OEMBIOS.CAT
    2009-04-04 01:31 797,189 ac------ d:\windows\system32\dllcache\NT5IIS.CAT
    2009-04-04 01:31 399,645 ac------ d:\windows\system32\dllcache\MAPIMIG.CAT
    2009-04-04 01:31 13,753 a----r-- d:\windows\SETD9.tmp
    2009-04-04 01:31 1,086,058 a----r-- d:\windows\SETCD.tmp
    2009-04-04 01:31 1,042,903 a----r-- d:\windows\SETCA.tmp
    2009-04-04 01:08 17,489 -c------ d:\windows\system32\dllcache\videobg.gif
    2009-04-04 01:07 290,816 -c------ d:\windows\system32\dllcache\l3codeca.acm
    2009-04-03 19:14 <DIR> --d----- d:\program files\Gpedit
    2009-04-03 19:13 566,784 a------- d:\windows\system32\gpedit.dll
    2009-04-03 19:13 295,936 a------- d:\windows\system32\appmgr.dll
    2009-04-03 19:13 199,680 a------- d:\windows\system32\gptext.dll
    2009-04-03 19:13 167,936 a------- d:\windows\system32\appmgmts.dll
    2009-04-03 19:13 124,928 a------- d:\windows\system32\fde.dll
    2009-04-03 19:13 73,728 a------- d:\windows\system32\fdeploy.dll
    2009-04-03 19:13 34,871 a------- d:\windows\system32\gpedit.msc
    2009-04-03 19:13 <DIR> --d-h--- d:\windows\system32\GroupPolicy
    2009-04-03 19:04 16,927 a------- d:\windows\system32\spupdsvc.inf
    2009-04-03 19:00 <DIR> --d----- d:\windows\system32\scripting
    2009-04-03 19:00 <DIR> --d----- d:\windows\l2schemas
    2009-04-03 19:00 <DIR> --d----- d:\windows\system32\en
    2009-04-03 19:00 <DIR> --d----- d:\windows\system32\bits
    2009-04-03 18:56 <DIR> --d----- d:\windows\ServicePackFiles
    2009-04-03 18:53 <DIR> --d----- d:\windows\network diagnostic
    2009-04-03 18:47 <DIR> --d----- d:\windows\EHome
    2009-04-03 18:34 685,056 a------- d:\windows\system32\drivers\hsfcxts2.sys
    2009-04-03 18:34 220,032 a------- d:\windows\system32\drivers\hsfbs2s2.sys
    2009-04-03 18:34 129,045 a------- d:\windows\system32\drivers\cxthsfs2.cty
    2009-04-03 18:32 <DIR> --d----- d:\program files\JRE
    2009-04-03 18:32 <DIR> --d----- d:\program files\OpenOffice.org 3
    2009-04-03 17:25 <DIR> --d----- d:\docume~1\owner\applic~1\codeblocks
    2009-04-03 17:25 <DIR> --d----- d:\program files\CodeBlocks
    2009-04-03 17:05 268,648 a------- d:\windows\system32\mucltui.dll
    2009-04-03 17:05 27,496 a------- d:\windows\system32\mucltui.dll.mui
    2009-04-03 17:04 39,441 a------- d:\windows\setupapi.old
    2009-04-03 02:30 <DIR> --d----- d:\windows\system32\LogFiles
    2009-04-03 01:38 <DIR> --d----- d:\program files\Spybot - Search & Destroy
    2009-04-03 01:38 <DIR> --d----- d:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
    2009-04-03 01:36 <DIR> --d----- d:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
    2009-04-03 01:36 <DIR> --d----- d:\program files\SUPERAntiSpyware
    2009-04-03 01:36 <DIR> --d----- d:\docume~1\owner\applic~1\SUPERAntiSpyware.com
    2009-04-03 01:36 <DIR> --d----- d:\program files\common files\Wise Installation Wizard
    2009-04-03 01:34 118,784 a------- d:\windows\system32\MSSTDFMT.DLL
    2009-04-03 01:34 <DIR> --d----- d:\program files\SpywareBlaster
    2009-04-03 01:27 <DIR> --d----- d:\docume~1\owner\applic~1\AD ON Multimedia
    2009-04-03 01:27 0 a------- d:\windows\control.ini
    2009-04-03 01:27 <DIR> --d----- d:\program files\MyPhoneExplorer
    2009-04-03 01:26 <DIR> --d----- d:\program files\DVDVideoSoft
    2009-04-03 01:26 <DIR> --d----- d:\program files\common files\DVDVideoSoft
    2009-04-03 01:25 <DIR> --d----- d:\program files\LimeWire
    2009-04-03 01:25 <DIR> --d----- d:\program files\Trend Micro
    2009-04-03 01:17 <DIR> --d----- d:\program files\Foxit Software
    2009-04-03 01:17 <DIR> --d----- d:\docume~1\owner\applic~1\Foxit
    2009-04-03 01:16 <DIR> --d----- d:\documents and settings\owner\Tracing
    2009-04-03 01:15 <DIR> --d----- d:\program files\Microsoft
    2009-04-03 01:15 <DIR> --d----- d:\program files\Windows Live SkyDrive
    2009-04-03 01:14 <DIR> --d----- d:\program files\Real Alternative
    2009-04-03 01:14 90,112 a------- d:\windows\system32\QuickTimeVR.qtx
    2009-04-03 01:14 57,344 a------- d:\windows\system32\QuickTime.qts
    2009-04-03 01:13 <DIR> --d----- d:\program files\QuickTime Alternative
    2009-04-03 01:09 168,448 a------- d:\windows\system32\unrar.dll
    2009-04-03 01:09 <DIR> --d----- d:\program files\K-Lite Codec Pack
    2009-04-03 01:03 266,360 a------- d:\windows\system32\TweakUI.exe
    2009-04-03 01:03 160,217 a------- d:\windows\system32\PowerToysLicense.rtf
    2009-04-03 00:58 <DIR> --d----- d:\program files\uTorrent
    2009-04-03 00:58 <DIR> --d----- d:\docume~1\owner\applic~1\uTorrent
    2009-04-03 00:52 <DIR> --d----- d:\program files\CCleaner
    2009-04-03 00:51 <DIR> --d----- d:\program files\common files\Windows Live
    2009-04-03 00:42 <DIR> --d----- d:\program files\ResourceHacker
    2009-04-03 00:39 <DIR> --d----- d:\docume~1\owner\applic~1\Malwarebytes
    2009-04-03 00:39 15,504 a------- d:\windows\system32\drivers\mbam.sys
    2009-04-03 00:39 38,496 a------- d:\windows\system32\drivers\mbamswissarmy.sys
    2009-04-03 00:39 <DIR> --d----- d:\program files\Malwarebytes' Anti-Malware
    2009-04-03 00:39 <DIR> --d----- d:\docume~1\alluse~1\applic~1\Malwarebytes
    2009-04-03 00:22 155,384 a------- d:\windows\system32\guard32.dll
    2009-04-03 00:22 110,992 a------- d:\windows\system32\drivers\cmdguard.sys
    2009-04-03 00:22 24,336 a------- d:\windows\system32\drivers\cmdhlp.sys
    2009-04-02 00:31 <DIR> --d----- d:\docume~1\alluse~1\applic~1\Comodo
    2009-04-02 00:31 <DIR> --d----- d:\program files\COMODO
    2009-04-02 00:30 <DIR> --d----- d:\docume~1\owner\applic~1\Teleca
    2009-04-02 00:30 <DIR> --d----- d:\docume~1\alluse~1\applic~1\Sony Ericsson
    2009-04-02 00:30 <DIR> --d----- d:\program files\common files\Teleca Shared
    2009-04-02 00:30 <DIR> --d----- d:\program files\Sony Ericsson
    2009-04-02 00:30 <DIR> --d----- d:\docume~1\alluse~1\applic~1\Teleca
    2009-04-02 00:28 6,176 a------- d:\windows\system32\drivers\w810cm.sys
    2009-04-02 00:28 5,808 a------- d:\windows\system32\drivers\w810wh.sys
    2009-04-02 00:28 <DIR> --d----- d:\windows\Downloaded Installations
    2009-04-01 23:40 7 a------- d:\windows\system32\ANIWZCSUSERNAME
    2009-04-01 23:40 0 a------- d:\windows\ativpsrm.bin
    2009-04-01 23:21 221,184 a------- d:\windows\system32\wmpns.dll
    2009-04-01 23:20 <DIR> --d----- d:\program files\DirectX
    2009-04-01 23:19 88,960 a------- d:\windows\system32\drivers\MidiSyn.sys
    2009-04-01 23:19 65,536 a------- d:\windows\system32\a3d.dll
    2009-04-01 23:19 392,704 a------- d:\windows\system32\drivers\senfilt.sys
    2009-04-01 23:19 127,872 a------- d:\windows\system32\drivers\aeaudio.sys
    2009-04-01 23:19 1,285,632 a------- d:\windows\system32\SMMedia.dll
    2009-04-01 23:19 30,208 a------- d:\windows\system32\wdmioctl.dll
    2009-04-01 23:18 765,952 a------- d:\windows\system\crlds3d.dll
    2009-04-01 23:18 991,232 a------- d:\windows\system32\virtear.dll
    2009-04-01 23:18 65,536 a------- d:\windows\system32\Audio3d.dll
    2009-04-01 23:18 <DIR> --d----- d:\windows\VirtualEar
    2009-04-01 23:18 220,992 a------- d:\windows\system32\drivers\smwdm.sys
    2009-04-01 23:18 49,152 a------- d:\windows\system32\DSndUp.exe
    2009-04-01 23:18 <DIR> --d----- d:\program files\Analog Devices
    2009-04-01 23:18 45,056 a------- d:\windows\system32\CleanUp.exe
    2009-04-01 23:03 <DIR> --d----- d:\windows\pss
    2009-04-01 23:01 <DIR> --d----- d:\windows\system32\PreInstall
    2009-04-01 22:58 13,770 a------- d:\windows\system32\wpa.bak
    2009-04-01 22:52 410,984 a------- d:\windows\system32\deploytk.dll
    2009-04-01 22:52 73,728 a------- d:\windows\system32\javacpl.cpl
    2009-04-01 22:42 5,504 a------- d:\windows\system32\drivers\mstee.sys
    2009-04-01 22:42 6,272 a------- d:\windows\system32\drivers\splitter.sys
    2009-04-01 22:42 52,864 a------- d:\windows\system32\drivers\dmusic.sys
    2009-04-01 22:42 19,200 a------- d:\windows\system32\drivers\wstcodec.sys
    2009-04-01 22:42 85,248 a------- d:\windows\system32\drivers\nabtsfec.sys
    2009-04-01 22:42 17,024 a------- d:\windows\system32\drivers\ccdecode.sys
    2009-04-01 22:41 60,032 a------- d:\windows\system32\drivers\usbaudio.sys
    2009-04-01 22:41 91,136 a------- d:\windows\system32\kswdmcap.ax
    2009-04-01 22:41 61,952 a------- d:\windows\system32\kstvtune.ax
    2009-04-01 22:41 53,760 a------- d:\windows\system32\vfwwdm32.dll
    2009-04-01 22:41 28,672 a------- d:\windows\system32\vidcap.ax
    2009-04-01 22:41 129,536 a------- d:\windows\system32\ksproxy.ax
    2009-04-01 22:41 43,008 a------- d:\windows\system32\ksxbar.ax
    2009-04-01 22:41 4,096 a------- d:\windows\system32\ksuser.dll

    ==================== Find3M ====================

    2009-04-04 01:44 22,720 a------- d:\windows\system32\emptyregdb.dat
    2009-02-25 18:58 3,565,568 a------- d:\windows\system32\drivers\ati2mtag.sys
    2009-02-25 17:42 442,368 a------- d:\windows\system32\ATIDEMGX.dll
    2009-02-25 17:41 325,120 a------- d:\windows\system32\ati2dvag.dll
    2009-02-25 17:30 11,841,536 a------- d:\windows\system32\atioglxx.dll
    2009-02-25 17:30 204,800 a------- d:\windows\system32\atipdlxx.dll
    2009-02-25 17:29 155,648 a------- d:\windows\system32\Oemdspif.dll
    2009-02-25 17:29 26,112 a------- d:\windows\system32\Ati2mdxx.exe
    2009-02-25 17:29 43,520 a------- d:\windows\system32\ati2edxx.dll
    2009-02-25 17:29 155,648 a------- d:\windows\system32\ati2evxx.dll
    2009-02-25 17:27 602,112 a------- d:\windows\system32\ati2evxx.exe
    2009-02-25 17:26 53,248 a------- d:\windows\system32\ATIDDC.DLL
    2009-02-25 17:16 3,817,984 a------- d:\windows\system32\ati3duag.dll
    2009-02-25 17:09 307,200 a------- d:\windows\system32\atiiiexx.dll
    2009-02-25 16:59 2,670,080 a------- d:\windows\system32\ativvaxx.dll
    2009-02-25 16:58 3,107,788 a------- d:\windows\system32\ativva5x.dat
    2009-02-25 16:58 887,724 a------- d:\windows\system32\ativva6x.dat
    2009-02-25 16:44 49,664 a------- d:\windows\system32\amdpcom32.dll
    2009-02-25 16:40 475,136 a------- d:\windows\system32\atikvmag.dll
    2009-02-25 16:38 126,976 a------- d:\windows\system32\atiadlxx.dll
    2009-02-25 16:38 17,408 a------- d:\windows\system32\atitvo32.dll
    2009-02-25 16:37 53,248 a------- d:\windows\system32\drivers\ati2erec.dll
    2009-02-25 16:35 290,816 a------- d:\windows\system32\atiok3x2.dll
    2009-02-25 16:32 45,056 a------- d:\windows\system32\aticalrt.dll
    2009-02-25 16:32 45,056 a------- d:\windows\system32\aticalcl.dll
    2009-02-25 16:32 626,688 a------- d:\windows\system32\ati2cqag.dll
    2009-02-25 16:30 3,227,648 a------- d:\windows\system32\aticaldd.dll
    2009-02-25 16:15 593,920 a------- d:\windows\system32\ati2sgag.exe
    2009-02-09 07:13 1,846,784 a------- d:\windows\system32\win32k.sys
    2009-02-06 19:52 49,504 a------- d:\windows\system32\sirenacm.dll
    2009-01-26 13:55 182,995 a------- d:\windows\system32\atiicdxx.dat

    ============= FINISH: 22:25:06.20 ===============


    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_09-03-16.01)

    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume1
    Install Date: 4/4/2009 1:52:10 AM
    System Uptime: 4/14/2009 9:55:44 PM (1 hours ago)

    Motherboard: WinFast | | 760GXK8MC
    Processor: AMD Sempron(tm) Processor 3000+ | Socket 940 | 1799/200mhz

    ==== Disk Partitions =========================

    A: is Removable
    C: is FIXED (NTFS) - 75 GiB total, 74.45 GiB free.
    D: is FIXED (NTFS) - 298 GiB total, 253.665 GiB free.
    E: is CDROM ()
    F: is Removable

    ==== Disabled Device Manager Items =============

    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: SiS 900-Based PCI Fast Ethernet Adapter
    Device ID: PCI\VEN_1039&DEV_0900&SUBSYS_0C92105B&REV_91\3&61AAA01&0&20
    Manufacturer: SiS
    Name: SiS 900-Based PCI Fast Ethernet Adapter
    PNP Device ID: PCI\VEN_1039&DEV_0900&SUBSYS_0C92105B&REV_91\3&61AAA01&0&20
    Service: SISNIC

    ==== System Restore Points ===================

    No restore point in system.

    ==== Installed Programs ======================

    µTorrent
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    ANIO Service
    ANIWZCS2 Service
    ATI Display Driver
    Audacity 1.2.6
    avast! Antivirus
    CCleaner (remove only)
    Choice Guard
    ClearType Tuning Control Panel Applet
    CodeBlocks
    COMODO Internet Security
    Critical Update for Windows Media Player 11 (KB959772)
    D-Link Wireless N DWA-130
    Foxit Reader
    Free YouTube to Mp3 Converter version 3.1
    HijackThis 2.0.2
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Java(TM) 6 Update 13
    K-Lite Codec Pack 4.7.5 (Standard)
    LADSPA_plugins-win-0.4.15
    LAME v3.98.2 for Audacity
    LimeWire 5.1.2
    Logitech® Camera Driver
    Malwarebytes' Anti-Malware
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Application Error Reporting
    Microsoft Base Smart Card Cryptographic Service Provider Package
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft IntelliType Pro 6.3
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft National Language Support Downlevel APIs
    Microsoft Silverlight
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Mozilla Firefox (3.0.8)
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 6.0 Parser (KB933579)
    MyPhoneExplorer
    Notepad++
    OpenOffice.org 3.0
    QuickTime Alternative 2.8.0
    Razer Diamondback 3G
    Real Alternative 1.9.0
    Security Update for Windows Internet Explorer 7 (KB938127-v2)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows XP (KB941569)
    Segoe UI
    Sony Ericsson PC Suite 1.20.173
    Sophos Anti-Rootkit 1.3.1
    SoundMAX
    Spybot - Search & Destroy
    SpywareBlaster 4.1
    SUPERAntiSpyware Free Edition
    SWF & FLV Toolbox 3.5 (build 3.5.20.286)
    Tweak UI
    Uninstall 1.0.0.1
    VST Bridge 1.1
    WebFldrs XP
    Winamp
    Windows Driver Package - Razer (Razerlow) HIDClass (03/07/2007 1.0.0.2)
    Windows Internet Explorer 7
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Messenger
    Windows Live Sign-in Assistant
    Windows Live Upload Tool
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows XP Service Pack 3
    WinRAR archiver

    ==== End Of File ===========================
     
    barqshasbite,
    #1
  2. 2009/04/21
    Geri Lifetime Subscription

    Geri Inactive Alumni

    Joined:
    2003/03/02
    Messages:
    4,580
    Likes Received:
    7
    Hi barqshasbite
    Ok you are running 2 Anti Virus programs. One needs to be removed.

    COMODO Internet Security
    Avast4

    I see you have P2P software ( Limewire, BitTorrent uTorrent etc… ) installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It may be contributing to your current situation. This page will give you further information.

    Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares and their infections.

    References for the risk of these programs are here, and here.

    I would strongly recommend that you uninstall them,

    Note: Please be advised that continued use of these programs after being warned of the danger of infections from them, may result in the discontinued help of future cleaning of your system here at WindowsBBS Malware and Virus removal.

    Let me know if removing 1 AV helped.

    Do you know what this is?
    ExplorerFranco.exe

    Geri
     
    Geri,
    #2


  3. to hide this advert.

  4. 2009/04/21
    barqshasbite

    barqshasbite Inactive Thread Starter

    Joined:
    2009/03/26
    Messages:
    16
    Likes Received:
    0
    Okay, I disabled Comodo anti-virus, and got rid of avast, for Avira. Which helped my PC perform faster. Also, I did a test at PC Pitstop and apparently my hard drive was transferring at only 3MB/s. Turns out, it had switched over to PIO mode, and I had to switch it back to Ultra DMA 6. My computer is running fine now. Hopefully it won't act up again. ExplorerFranco is my edited version of explorer.exe. I changed a couple things about the toolbar and the start menu.

    Thanks for the help Geri!
     
    barqshasbite,
    #3
  5. 2009/04/21
    Geri Lifetime Subscription

    Geri Inactive Alumni

    Joined:
    2003/03/02
    Messages:
    4,580
    Likes Received:
    7
    Hi
    Glad I could help, you're welcome.

    Please look at this link for some preventive recommendations, It could keep you from ending up back here to the Malware and Virus Removal Forums.
    http://www.windowsbbs.com/showthread.php?t=67958

    I'll mark this one resolved.

    Surf Safely
    Geri
     
    Geri,
    #4

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...