1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Active Very slow desktop

Discussion in 'Malware and Virus Removal Archive' started by caf325, 2010/03/18.

  1. 2010/03/18
    caf325

    caf325 Inactive Thread Starter

    Joined:
    2010/03/18
    Messages:
    2
    Likes Received:
    0
    [Active] Very slow desktop

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-03-17.01)

    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume2
    Install Date: 7/13/2008 4:58:37 PM
    System Uptime: 3/17/2010 9:06:37 PM (1 hours ago)

    Motherboard: ASUSTek Computer INC. | | Kamet2
    Processor: AMD Athlon(tm) XP 2800+ | Socket A | 2075/166mhz

    ==== Disk Partitions =========================

    A: is Removable
    C: is FIXED (NTFS) - 69 GiB total, 58.118 GiB free.
    D: is FIXED (FAT32) - 5 GiB total, 0.975 GiB free.
    E: is CDROM ()
    F: is CDROM ()

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    RP443: 12/19/2009 11:55:44 AM - System Checkpoint
    RP444: 12/19/2009 1:58:04 PM - Software Distribution Service 3.0
    RP445: 12/20/2009 10:13:48 AM - Software Distribution Service 3.0
    RP446: 12/20/2009 10:43:49 AM - Software Distribution Service 3.0
    RP447: 12/20/2009 2:05:16 PM - Installed Linksys Wireless-G Print Server
    RP448: 12/20/2009 2:52:56 PM - Installed Linksys Wireless-G Print Server
    RP449: 12/20/2009 3:36:04 PM - Installed Linksys Wireless-G Print Server
    RP450: 12/20/2009 4:28:31 PM - Installed Linksys Wireless-G Print Server
    RP451: 12/20/2009 6:14:03 PM - Installed Linksys Wireless-G Print Server
    RP452: 12/20/2009 6:45:03 PM - Installed Linksys Wireless-G Print Server
    RP453: 12/20/2009 6:57:25 PM - Removed Linksys Wireless-G Print Server
    RP454: 12/22/2009 7:49:50 PM - System Checkpoint
    RP455: 12/24/2009 5:58:14 PM - System Checkpoint
    RP456: 12/26/2009 9:26:46 PM - System Checkpoint
    RP457: 12/28/2009 12:04:21 PM - System Checkpoint
    RP458: 12/29/2009 12:33:05 PM - System Checkpoint
    RP459: 12/30/2009 1:33:06 PM - System Checkpoint
    RP460: 12/31/2009 2:01:37 PM - System Checkpoint
    RP461: 1/1/2010 2:33:08 PM - System Checkpoint
    RP462: 1/2/2010 3:33:14 PM - System Checkpoint
    RP463: 1/3/2010 4:33:01 PM - System Checkpoint
    RP464: 1/4/2010 5:33:01 PM - System Checkpoint
    RP465: 1/7/2010 6:18:35 PM - System Checkpoint
    RP466: 1/8/2010 7:05:03 PM - System Checkpoint
    RP467: 1/10/2010 9:39:45 AM - System Checkpoint
    RP468: 1/11/2010 10:24:26 AM - System Checkpoint
    RP469: 1/12/2010 11:25:33 AM - System Checkpoint
    RP470: 1/13/2010 3:00:42 AM - Software Distribution Service 3.0
    RP471: 1/14/2010 3:24:24 AM - System Checkpoint
    RP472: 1/15/2010 9:51:37 AM - System Checkpoint
    RP473: 1/16/2010 7:31:45 PM - System Checkpoint
    RP474: 1/18/2010 8:19:34 PM - System Checkpoint
    RP475: 1/19/2010 9:57:29 PM - System Checkpoint
    RP476: 1/21/2010 4:41:34 PM - System Checkpoint
    RP477: 1/23/2010 2:47:16 PM - Software Distribution Service 3.0
    RP478: 1/24/2010 5:36:30 PM - System Checkpoint
    RP479: 1/25/2010 7:03:28 PM - System Checkpoint
    RP480: 1/26/2010 8:54:14 PM - System Checkpoint
    RP481: 1/26/2010 10:08:10 PM - Installed Java(TM) 6 Update 18
    RP482: 1/28/2010 11:08:44 AM - System Checkpoint
    RP483: 1/29/2010 11:54:16 AM - System Checkpoint
    RP484: 1/30/2010 12:12:30 PM - System Checkpoint
    RP485: 1/31/2010 2:08:06 PM - System Checkpoint
    RP486: 2/1/2010 3:10:22 PM - System Checkpoint
    RP487: 2/2/2010 6:04:47 PM - System Checkpoint
    RP488: 2/3/2010 6:17:12 PM - System Checkpoint
    RP489: 2/4/2010 7:07:55 PM - System Checkpoint
    RP490: 2/5/2010 8:07:54 PM - System Checkpoint
    RP491: 2/6/2010 9:07:55 PM - System Checkpoint
    RP492: 2/8/2010 3:58:37 PM - System Checkpoint
    RP493: 2/9/2010 7:19:04 PM - System Checkpoint
    RP494: 2/10/2010 7:56:45 PM - System Checkpoint
    RP495: 2/11/2010 3:00:35 AM - Software Distribution Service 3.0
    RP496: 2/12/2010 3:42:12 AM - System Checkpoint
    RP497: 2/13/2010 4:01:00 AM - System Checkpoint
    RP498: 2/14/2010 5:00:54 AM - System Checkpoint
    RP499: 2/15/2010 5:18:15 AM - System Checkpoint
    RP500: 2/16/2010 6:18:22 AM - System Checkpoint
    RP501: 2/17/2010 4:35:37 PM - System Checkpoint
    RP502: 2/18/2010 4:41:11 PM - System Checkpoint
    RP503: 2/19/2010 5:38:06 PM - System Checkpoint
    RP504: 2/20/2010 6:39:44 PM - System Checkpoint
    RP505: 2/21/2010 7:02:41 PM - System Checkpoint
    RP506: 2/22/2010 7:35:22 PM - System Checkpoint
    RP507: 2/23/2010 7:56:24 AM - Software Distribution Service 3.0
    RP508: 2/24/2010 9:07:35 AM - Software Distribution Service 3.0
    RP509: 2/25/2010 3:00:45 AM - Software Distribution Service 3.0
    RP510: 2/25/2010 12:12:29 PM - Software Distribution Service 3.0
    RP511: 2/26/2010 4:58:35 PM - Software Distribution Service 3.0
    RP512: 2/27/2010 5:12:30 PM - System Checkpoint
    RP513: 2/28/2010 8:26:17 AM - Software Distribution Service 3.0
    RP514: 3/2/2010 4:21:45 PM - Software Distribution Service 3.0
    RP515: 3/4/2010 12:27:59 PM - Software Distribution Service 3.0
    RP516: 3/6/2010 8:04:54 AM - Software Distribution Service 3.0
    RP517: 3/7/2010 10:33:30 AM - Software Distribution Service 3.0
    RP518: 3/8/2010 3:24:03 PM - Software Distribution Service 3.0
    RP519: 3/9/2010 8:43:00 AM - Software Distribution Service 3.0
    RP520: 3/11/2010 3:30:25 PM - System Checkpoint
    RP521: 3/11/2010 3:40:34 PM - Software Distribution Service 3.0
    RP522: 3/12/2010 3:00:49 AM - Software Distribution Service 3.0
    RP523: 3/13/2010 3:13:14 AM - System Checkpoint
    RP524: 3/13/2010 8:37:50 AM - Software Distribution Service 3.0
    RP525: 3/14/2010 3:00:12 AM - Software Distribution Service 3.0
    RP526: 3/15/2010 3:21:01 AM - System Checkpoint
    RP527: 3/15/2010 8:38:08 AM - Software Distribution Service 3.0
    RP528: 3/16/2010 8:43:37 AM - Software Distribution Service 3.0
    RP529: 3/17/2010 6:43:28 PM - System Checkpoint
    RP530: 3/17/2010 6:49:06 PM - Software Distribution Service 3.0

    ==== Installed Programs ======================

    ABBYY FineReader 5.0 Sprint Plus
    Acrobat.com
    Adobe Acrobat Reader for Pocket PC 1.0
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Reader 9.1.3
    ArcSoft Panorama Maker 3
    Axim WLAN Update
    BufferChm
    Compatibility Pack for the 2007 Office system
    Coupon Printer for Windows
    Critical Update for Windows Media Player 11 (KB959772)
    CustomerResearchQFolder
    DeepBurner v1.9.0.228
    Destinations
    DeviceFunctionQFolder
    DeviceManagementQFolder
    eSupportQFolder
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    HP Deskjet 3900 series
    HP Extended Capabilities 5.0
    HP Image Zone Express
    HP Imaging Device Functions 5.0
    HP Software Update
    HP Solution Center & Imaging Support Tools 5.0
    HPDeskjet3900Series
    HPProductAssistant
    Java Auto Updater
    Java(TM) 6 Update 18
    Lexmark 4200 Series
    Lexmark 4200 Series Fax Solutions
    Lexmark Fax Solutions
    MarketResearch
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB953297)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft ActiveSync
    Microsoft Antimalware
    Microsoft Application Error Reporting
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft National Language Support Downlevel APIs
    Microsoft Office Professional Edition 2003
    Microsoft Security Essentials
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    OpenOffice.org Installer 1.0
    PictureProject In Touch Downloader 1.0
    QuickTime
    S3 S3Display
    S3 S3Gamma2
    S3 S3Info2
    S3 S3Overlay
    Security Update for CAPICOM (KB931906)
    Security Update for Windows Internet Explorer 7 (KB938127-v2)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 7 (KB972260)
    Security Update for Windows Internet Explorer 7 (KB974455)
    Security Update for Windows Internet Explorer 7 (KB976325)
    Security Update for Windows Internet Explorer 7 (KB978207)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950759)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978706)
    SolutionCenter
    Status
    TrayApp
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 7 (KB976749)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB942763)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    VIA Rhine-Family Fast Ethernet Adapter
    VIA/S3G Display Driver
    Watchtower Library 2008 - English
    WebFldrs XP
    WebReg
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Internet Explorer 7
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows Mobile Feb. 2008 DST Updates
    Windows XP Service Pack 3

    ==== Event Viewer Messages From Past Week ========

    3/17/2010 6:19:01 PM, error: Service Control Manager [7000] - The Security Services Driver (x86) service failed to start due to the following error: The system cannot find the file specified.
    3/17/2010 5:54:00 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the ShellHWDetection service.
    3/11/2010 3:03:40 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Netman service.
    3/11/2010 3:03:34 PM, error: i8042prt [40] - An error occurred while trying to acquire the device ID of the mouse
    3/11/2010 3:03:34 PM, error: i8042prt [22] - Could not set the mouse sample rate.
    3/11/2010 3:03:33 PM, error: i8042prt [34] - An error occurred while trying to determine the number of mouse buttons.

    ==== End Of File ===========================
     
    caf325,
    #1
  2. 2010/03/18
    caf325

    caf325 Inactive Thread Starter

    Joined:
    2010/03/18
    Messages:
    2
    Likes Received:
    0
    DDS (Ver_10-03-17.01) - NTFSx86
    Run by craig faucette at 22:22:32.84 on Wed 03/17/2010
    Internet Explorer: 7.0.5730.13
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.191.25 [GMT -4:00]

    AV: Microsoft Security Essentials *On-access scanning enabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Common Files\Motive\McciCMService.exe
    C:\WINDOWS\System32\svchost.exe -k imgsvc
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Microsoft Security Essentials\msseces.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\PROGRA~1\MICROS~3\rapimgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\craig faucette\Desktop\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = about:blank
    uSearch Bar = hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60446
    mSearchAssistant = hxxp://www.crawler.com/search/ie.aspx?tb_id=60446
    mCustomizeSearch = hxxp://dnl.crawler.com/support/sa_customize.aspx?TbId=60446
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
    EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
    uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
    uRun: [cdloader] "c:\documents and settings\craig faucette\application data\mjusbsp\cdloader2.exe" MAGICJACK
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe "
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe "
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe "
    mRun: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkey
    StartupFolder: c:\documents and settings\all users\start menu\programs\startup\setup.exe
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~3\INetRepl.dll
    IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\micros~3\INetRepl.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
    DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxp://echat.bellsouth.net/sdccommon/download/tgctlcm.cab
    DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
    DPF: {049A470D-F818-4E34-B14D-E4E237DADCF8} - hxxp://games.bigfishgames.com/en_fashion-dash/online/fashiondashweb.1.0.0.21.cab
    DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {195B4BBF-E1E4-4020-9773-0A8C6F65EA35} - hxxp://games.bigfishgames.com/en_cooking-dash/online/CookingDashWeb.1.0.0.9.cab
    DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} - hxxp://www.shockwave.com/content/dinerdash2/sis/DinerDash2.1.0.0.67.cab
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1216129527343
    DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
    DPF: {74EF5274-F439-2168-B543-14745B625C72} - hxxp://www.shockwave.com/content/weddingdash2/sis/WeddingDash2Web.1.0.0.11.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
    DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} - hxxp://www.shockwave.com/content/burgershop/sis/GoBitGamesPlayer_v5.cab
    DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
    DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
    DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} - hxxp://games.bigfishgames.com/en_wedding-dash/online/WeddingDash.1.0.0.47.cab
    DPF: {F135A813-7152-4532-AC8D-28AC2136DFC7} - hxxp://games.bigfishgames.com/en_parking-dash/online/parkingdash.1.0.0.10.cab
    DPF: {F91AB7B8-EE67-42AF-A5AA-8E232C396A04} - hxxp://www.complytraq.com/cabs/htmlprint.cab
    AppInit_DLLs:
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    ============= SERVICES / DRIVERS ===============


    =============== Created Last 30 ================

    2010-03-11 20:47:03 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
    2010-03-08 20:24:27 0 dc----w- C:\7083a5c03b73f4a9e6
    2010-02-23 12:38:38 0 d-----w- c:\program files\Microsoft Security Essentials

    ==================== Find3M ====================

    2010-02-24 14:16:06 181632 ------w- c:\windows\system32\MpSigStub.exe
    2010-01-05 10:00:29 832512 ----a-w- c:\windows\system32\wininet.dll
    2010-01-05 10:00:21 78336 ------w- c:\windows\system32\ieencode.dll
    2010-01-05 10:00:20 17408 ----a-w- c:\windows\system32\corpol.dll
    2008-12-11 23:13:58 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008112420081201\index.dat
    2008-12-11 23:13:58 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008121120081212\index.dat
    2008-12-14 19:47:15 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008121420081215\index.dat

    ============= FINISH: 22:23:33.51 ===============
     
    caf325,
    #2


  3. to hide this advert.

  4. 2010/03/18
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Print these instructions out.

    NOTE. If any of the programs listed below refuse to run, try renaming executive file to something else; for instance, rename hijackthis.exe to scanner.exe

    ***VERY IMPORTANT! Make sure, you update Malwarebytes before running the scans.***


    STEP 1. Download Malwarebytes' Anti-Malware: http://www.malwarebytes.org/mbam.php to your desktop.
    (Malwarebytes is free to use as a manual scanner. Payment is only required if you wish to have it run and update automatically which is not necessary for our purposes)

    * Double-click mbam-setup.exe and follow the prompts to install the program.
    * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    * If an update is found, it will download and install the latest version.
    * Once the program has loaded, select Perform Quick Scan, then click Scan.
    * When the scan is complete, click OK, then Show Results to view the results.
    * Be sure that everything is checked, and click Remove Selected.
    * When completed, a log will open in Notepad.
    * Post the log back here.

    The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
    Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

    RESTART COMPUTER!

    STEP 2. Download GMER: http://www.gmer.net/files.php, by clicking on Download EXE button.
    Alternative downloads:
    - http://majorgeeks.com/GMER_d5198.html
    - http://www.softpedia.com/get/Interne...ers/GMER.shtml
    Double click on downloaded .exe file, select Rootkit tab and click the Scan button.
    When scan is completed, click Save button, and save the results as gmer.log
    Warning ! Please, do not select the "Show all" checkbox during the scan.
    Post the log to your next reply.

    RESTART COMPUTER

    STEP 3. Download HijackThis:
    http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
    by clicking on Installer under Version 2.0.2
    [DO NOT download version 2.0.3 (beta)]
    Install, and run it.
    Post HijackThis log.
    NOTE. If you're using Vista, or 7, right click on HijackThis, and click Run as Administrator
    Do NOT attempt to "fix" anything!


    DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
     
    broni,
    #3

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...