1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Solved Sluggish Computer, Blame on Duel Boot?

Discussion in 'Malware and Virus Removal Archive' started by megamouth, 2009/05/05.

  1. 2009/05/05
    megamouth

    megamouth Inactive Thread Starter

    Joined:
    2009/04/14
    Messages:
    11
    Likes Received:
    0
    [Resolved]Sluggish Computer, Blame on Duel Boot?

    Yesterday I was installing Ubuntu, and faced some difficulties. When I chose the size, I mistakenly OVERLAPPED the Vista partition.

    Now, when I uninstalled it, using a program called Bootit. I successfully removed the Ubuntu partition. The problem now is that I am unable to resize the vista partition. I have about 22gb of free space after uninstalling Ubuntu, but the maximum I can resize Vista to is the current size, 261gb. (The previous size before Ubuntu was 283gb)

    This little problem has droven me NUTS! The only main symptom I can find is that when I open ubuntu.forums.com, about:blank comes up, and I can probably blame that on malware.

    Logs:
    DDS (Ver_09-03-16.01) - NTFSx86
    Run by minshi at 17:20:25.42 on Tue 05/05/2009
    Internet Explorer: 7.0.6001.18000
    Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6001.1.1252.1.1033.18.2942.1701 [GMT -7:00]

    FW: COMODO Firewall *enabled*

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\rundll32.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\ejsfw\atisvc_voxbjjdyu.exe
    C:\Program Files\Microsoft LifeCam\MSCamS32.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\ejsfw\atisvc_voxbjjdyu.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\vVX3000.exe
    C:\Program Files\PowerISO\PWRISOVM.EXE
    C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    c:\users\lele\My Completed Downloads\HiJackThis.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\explorer.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\lele\Downloads\dds.pif
    C:\Windows\system32\wbem\wmiprvse.exe

    ============== Pseudo HJT Report ===============

    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
    uRun: [EPSON Stylus CX3800 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatiaca.exe /fu "c:\windows\temp\E_S8B4E.tmp" /EF "HKCU "
    uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
    mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe "
    mRun: [VX3000] c:\windows\vVX3000.exe
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe "
    mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE
    mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
    mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

    ================= FIREFOX ===================

    FF - ProfilePath - c:\users\minshi\appdata\roaming\mozilla\firefox\profiles\s3nn2tpn.default\
    FF - component: c:\program files\mozilla firefox\components\1300721.dll

    ============= SERVICES / DRIVERS ===============

    R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [2009-5-3 108560]
    R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2009-5-3 28688]
    R2 atisvc_voxbjjdyu;atisvc_voxbjjdyu;c:\windows\system32\ejsfw\atisvc_voxbjjdyu.exe [2009-5-2 431289]

    =============== Created Last 30 ================

    2009-05-04 17:01 <DIR> a-d----- c:\programdata\TEMP
    2009-05-04 16:59 <DIR> --d----- c:\program files\Active Data Recovery Software
    2009-05-03 21:02 <DIR> --d----- c:\program files\common files\Macrovision Shared
    2009-05-03 10:57 <DIR> --d----- c:\windows\CheckSur
    2009-05-03 10:40 152,576 a------- c:\windows\system32\SPWizUI.dll
    2009-05-03 10:40 47,560 a------- c:\windows\system32\SPReview.exe
    2009-05-03 10:28 193,024 a------- c:\windows\system32\recdisc.exe
    2009-05-03 10:28 6,656 a------- c:\windows\system32\sdspres.dll
    2009-05-03 10:28 599,552 a------- c:\windows\system32\vsp1cln.exe
    2009-05-03 10:28 28,160 a------- c:\windows\system32\sxproxy.dll
    2009-05-03 10:28 142,336 a------- c:\windows\system32\spp.dll
    2009-05-03 10:26 626,688 a------- c:\windows\system32\sethc.exe
    2009-05-03 10:23 44,032 a------- c:\windows\system32\cbsra.exe
    2009-05-03 10:21 327,680 a------- c:\windows\SPInstall.etl
    2009-05-03 09:46 155,384 a------- c:\windows\system32\guard32.dll
    2009-05-03 09:46 108,560 a------- c:\windows\system32\drivers\cmdguard.sys
    2009-05-03 09:46 28,688 a------- c:\windows\system32\drivers\cmdhlp.sys
    2009-05-03 09:46 <DIR> --d----- c:\programdata\Comodo
    2009-05-03 09:46 <DIR> --d----- c:\progra~2\Comodo
    2009-05-03 09:46 <DIR> --d----- c:\program files\COMODO
    2009-05-03 09:36 717,296 a------- c:\windows\system32\drivers\sptd.sys
    2009-05-03 09:36 <DIR> --d----- c:\users\minshi\appdata\roaming\DAEMON Tools Lite
    2009-05-03 09:35 <DIR> --d----- c:\program files\PowerISO
    2009-05-03 09:26 269,312 a------- c:\windows\system32\es.dll
    2009-05-03 09:24 <DIR> --d----- c:\program files\MSXML 4.0
    2009-05-02 20:54 <DIR> --d----- c:\programdata\Adobe
    2009-05-02 18:54 82,432 a------- c:\windows\system32\msxml4r.dll
    2009-05-02 18:54 44,544 a------- c:\windows\system32\msxml4a.dll
    2009-05-02 18:54 402 a------- c:\windows\system32\msxml4.inf
    2009-05-02 18:46 <DIR> --d----- c:\users\minshi\Tracing
    2009-05-02 18:46 <DIR> --d----- c:\program files\Microsoft LifeCam
    2009-05-02 18:46 2,414,360 a------- c:\windows\system32\d3dx9_31.dll
    2009-05-02 18:46 237,848 a------- c:\windows\system32\xactengine2_4.dll
    2009-05-02 18:46 68,888 a------- c:\windows\system32\xinput1_3.dll
    2009-05-02 18:46 15,128 a------- c:\windows\system32\x3daudio1_1.dll
    2009-05-02 18:46 236,824 a------- c:\windows\system32\xactengine2_3.dll
    2009-05-02 18:46 62,744 a------- c:\windows\system32\xinput1_2.dll
    2009-05-02 18:45 2,297,552 a------- c:\windows\system32\d3dx9_26.dll
    2009-05-02 18:44 <DIR> --d----- c:\program files\Microsoft
    2009-05-02 18:44 <DIR> --d----- c:\program files\Windows Live SkyDrive
    2009-05-02 18:41 <DIR> --d----- c:\program files\common files\Windows Live
    2009-04-30 21:47 <DIR> --d----- c:\programdata\EPSON
    2009-04-30 21:47 <DIR> --d----- c:\progra~2\EPSON
    2009-04-30 21:46 76,800 a------- c:\windows\system32\E_FLBACA.DLL
    2009-04-30 21:46 62,976 a------- c:\windows\system32\E_FD4BACA.DLL
    2009-04-30 21:39 <DIR> --d----- c:\program files\EPSON
    2009-04-29 13:09 <DIR> --d----- c:\programdata\NVIDIA
    2009-04-29 12:56 361,984 a------- c:\windows\system32\IPSECSVC.DLL
    2009-04-29 12:56 272,896 a------- c:\windows\system32\polstore.dll
    2009-04-29 12:56 61,440 a------- c:\windows\system32\winipsec.dll
    2009-04-29 12:56 28,672 a------- c:\windows\system32\FwRemoteSvr.dll
    2009-04-29 12:51 376,832 a------- c:\windows\system32\winhttp.dll
    2009-04-29 12:51 296,960 a------- c:\windows\system32\gdi32.dll
    2009-04-29 12:50 212,480 a------- c:\windows\system32\drivers\mrxsmb10.sys
    2009-04-29 12:49 562,176 a------- c:\windows\system32\msdtcprx.dll
    2009-04-29 12:49 38,912 a------- c:\windows\system32\xolehlp.dll
    2009-04-29 12:48 28,672 a------- c:\windows\system32\Apphlpdm.dll
    2009-04-29 12:48 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
    2009-04-29 12:48 1,695,744 a------- c:\windows\system32\gameux.dll
    2009-04-29 12:47 303,616 a------- c:\windows\system32\wmpeffects.dll
    2009-04-29 12:46 1,191,936 a------- c:\windows\system32\msxml3.dll
    2009-04-29 12:46 2,048 a------- c:\windows\system32\msxml3r.dll
    2009-04-29 12:46 1,079,840 a------- c:\windows\system32\nvcpluir.dll
    2009-04-29 12:46 768,544 a------- c:\windows\system32\nvcplui.exe
    2009-04-29 12:46 446,464 a------- c:\windows\system32\nvuninst.exe
    2009-04-29 12:46 420,384 a------- c:\windows\system32\nvcpl.cpl
    2009-04-29 12:46 313,888 a------- c:\windows\system32\nvexpbar.dll
    2009-04-29 12:42 2,048 a------- c:\windows\system32\tzres.dll
    2009-04-29 12:41 8,147,456 a------- c:\windows\system32\wmploc.DLL
    2009-04-29 12:41 7,680 a------- c:\windows\system32\spwmp.dll
    2009-04-29 12:41 4,096 a------- c:\windows\system32\msdxm.ocx
    2009-04-29 12:41 4,096 a------- c:\windows\system32\dxmasf.dll
    2009-04-29 12:37 2,927,104 a------- c:\windows\explorer.exe
    2009-04-29 12:34 1,808,896 a------- c:\windows\system32\NlsLexicons0046.dll
    2009-04-29 12:34 1,793,536 a------- c:\windows\system32\NlsLexicons0045.dll
    2009-04-29 12:34 1,558,016 a------- c:\windows\system32\NlsLexicons0049.dll
    2009-04-29 12:34 1,411,072 a------- c:\windows\system32\NlsLexicons0047.dll
    2009-04-29 12:34 5,499,904 a------- c:\windows\system32\NlsLexicons0022.dll
    2009-04-29 12:34 2,136,064 a------- c:\windows\system32\NlsLexicons0021.dll
    2009-04-29 12:34 1,782,272 a------- c:\windows\system32\NlsLexicons0039.dll
    2009-04-29 12:34 1,236,992 a------- c:\windows\system32\NlsLexicons0020.dll
    2009-04-29 12:34 7,964,672 a------- c:\windows\system32\NlsLexicons0024.dll
    2009-04-29 12:34 5,791,232 a------- c:\windows\system32\NlsLexicons0026.dll
    2009-04-29 12:30 6,656 a------- c:\windows\system32\kbd106n.dll
    2009-04-29 12:30 988,216 a------- c:\windows\system32\winload.exe
    2009-04-29 12:30 927,288 a------- c:\windows\system32\winresume.exe
    2009-04-29 12:30 318,464 a------- c:\windows\system32\rstrui.exe
    2009-04-29 12:30 40,960 a------- c:\windows\system32\srclient.dll
    2009-04-29 12:30 615,992 a------- c:\windows\system32\ci.dll
    2009-04-29 12:30 378,368 a------- c:\windows\system32\srcore.dll
    2009-04-29 12:30 46,592 a------- c:\windows\system32\setbcdlocale.dll
    2009-04-29 12:30 19,000 a------- c:\windows\system32\kd1394.dll
    2009-04-29 12:30 14,848 a------- c:\windows\system32\srdelayed.exe
    2009-04-29 12:29 3,599,328 a------- c:\windows\system32\ntkrnlpa.exe
    2009-04-29 12:29 3,547,632 a------- c:\windows\system32\ntoskrnl.exe
    2009-04-29 12:29 551,424 a------- c:\windows\system32\rpcss.dll
    2009-04-29 12:29 666,624 a------- c:\windows\system32\printfilterpipelinesvc.exe
    2009-04-29 12:29 26,112 a------- c:\windows\system32\printfilterpipelineprxy.dll
    2009-04-29 12:29 183,296 a------- c:\windows\system32\sdohlp.dll
    2009-04-29 12:29 98,304 a------- c:\windows\system32\iasrecst.dll
    2009-04-29 12:29 54,784 a------- c:\windows\system32\iasads.dll
    2009-04-29 12:29 44,032 a------- c:\windows\system32\iasdatastore.dll
    2009-04-29 12:29 17,408 a------- c:\windows\system32\iashost.exe
    2009-04-29 12:27 1,255,936 a------- c:\windows\system32\lsasrv.dll
    2009-04-29 12:27 441,400 a------- c:\windows\system32\drivers\ksecdd.sys
    2009-04-29 12:27 72,704 a------- c:\windows\system32\secur32.dll
    2009-04-29 12:27 9,728 a------- c:\windows\system32\lsass.exe
    2009-04-29 12:27 24,064 a------- c:\windows\system32\amxread.dll
    2009-04-29 12:27 13,824 a------- c:\windows\system32\apilogen.dll
    2009-04-29 12:26 443,392 a------- c:\windows\system32\win32spl.dll
    2009-04-29 12:26 37,888 a------- c:\windows\system32\printcom.dll
    2009-04-29 12:25 113,664 a------- c:\windows\system32\drivers\rmcast.sys
    2009-04-29 12:25 14,848 a------- c:\windows\system32\wshrm.dll
    2009-04-29 12:23 288,768 a------- c:\windows\system32\drivers\srv.sys
    2009-04-29 12:22 268,288 a------- c:\windows\system32\schannel.dll
    2009-04-29 12:19 622,080 a------- c:\windows\system32\icardagt.exe
    2009-04-29 12:19 97,800 a------- c:\windows\system32\infocardapi.dll
    2009-04-29 12:19 37,384 a------- c:\windows\system32\infocardcpl.cpl
    2009-04-29 12:19 11,264 a------- c:\windows\system32\icardres.dll
    2009-04-29 12:19 105,016 a------- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2009-04-29 12:19 781,344 a------- c:\windows\system32\PresentationNative_v0300.dll
    2009-04-29 12:19 326,160 a------- c:\windows\system32\PresentationHost.exe
    2009-04-29 12:19 43,544 a------- c:\windows\system32\PresentationHostProxy.dll
    2009-04-29 12:06 16,121,856 a------- c:\windows\ocsetup_install_NetFx3.etl
    2009-04-29 12:06 196,608 a------- c:\windows\ocsetup_cbs_install_NetFx3.perf
    2009-04-29 12:06 65,536 a------- c:\windows\ocsetup_cbs_install_NetFx3.dpx
    2009-04-29 12:04 96,760 a------- c:\windows\system32\dfshim.dll
    2009-04-29 12:04 41,984 a------- c:\windows\system32\netfxperf.dll
    2009-04-29 12:04 282,112 a------- c:\windows\system32\mscoree.dll
    2009-04-29 12:04 158,720 a------- c:\windows\system32\mscorier.dll
    2009-04-29 12:04 83,968 a------- c:\windows\system32\mscories.dll
    2009-04-29 11:48 2,868,736 a------- c:\windows\system32\mf.dll
    2009-04-29 11:48 98,816 a------- c:\windows\system32\mfps.dll
    2009-04-29 11:48 94,720 a------- c:\windows\system32\logagent.exe
    2009-04-29 11:48 53,248 a------- c:\windows\system32\rrinstaller.exe
    2009-04-29 11:48 24,576 a------- c:\windows\system32\mfpmp.exe
    2009-04-29 11:48 2,048 a------- c:\windows\system32\mferror.dll
    2009-04-29 11:48 996,352 a------- c:\windows\system32\WMNetMgr.dll
    2009-04-29 11:47 738,304 a------- c:\windows\system32\inetcomm.dll
    2009-04-29 11:47 84,480 a------- c:\windows\system32\INETRES.dll
    2009-04-29 11:47 1,314,816 a------- c:\windows\system32\quartz.dll
    2009-04-29 11:46 2,033,152 a------- c:\windows\system32\win32k.sys
    2009-04-29 11:46 1,334,272 a------- c:\windows\system32\msxml6.dll
    2009-04-29 11:46 2,048 a------- c:\windows\system32\msxml6r.dll
    2009-04-29 11:03 1,524,736 a------- c:\windows\system32\wucltux.dll
    2009-04-29 11:02 32,656 a------- c:\windows\system32\msonpmon.dll
    2009-04-29 11:02 83,456 a------- c:\windows\system32\wudriver.dll
    2009-04-29 11:02 162,064 a------- c:\windows\system32\wuwebv.dll
    2009-04-29 11:02 31,232 a------- c:\windows\system32\wuapp.exe
    2009-04-29 11:00 <DIR> --d----- c:\windows\PCHEALTH
    2009-04-29 10:58 <DIR> --d----- c:\programdata\Microsoft Help
    2009-04-29 10:58 <DIR> --dsh--- c:\windows\Installer
    2009-04-28 18:53 <DIR> --d----- c:\users\minshi
    2009-04-27 20:39 <DIR> --d----- c:\windows\Panther
    2009-04-27 20:39 <DIR> --d----- c:\windows\system32\OEM
    2009-04-27 20:39 330,752 a----r-- c:\windows\system32\drivers\NETBIOS.PDB
    2009-04-27 20:15 <DIR> --d----- C:\Windows.old
    2009-04-15 21:22 <DIR> --d----- C:\00000082
    2009-04-14 16:43 <DIR> --d----- C:\lob
    2009-04-14 16:15 <DIR> --d----- C:\ComboFix
    2009-04-10 15:33 <DIR> --dsh--- C:\found.000
    2009-04-08 18:42 287,232 a------- c:\windows\system32\sqlceca30.dll
    2009-04-08 18:42 129,536 a------- c:\windows\system32\sqlceer30EN.dll
    2009-04-08 18:42 52,736 a------- c:\windows\system32\sqlcecompact30.dll
    2009-04-08 18:42 44,544 a------- c:\windows\system32\sqlceme30.dll

    ==================== Find3M ====================

    2009-05-03 20:56 174 a--sh--- c:\program files\desktop.ini
    2009-05-03 20:54 86,016 a------- c:\windows\inf\infstrng.dat
    2009-05-03 20:54 86,016 a------- c:\windows\inf\infstor.dat
    2009-05-03 20:54 51,200 a------- c:\windows\inf\infpub.dat
    2009-05-03 20:48 665,600 a------- c:\windows\inf\drvindex.dat
    2009-05-03 20:34 101,888 a------- c:\windows\system32\ifxcardm.dll
    2009-05-03 20:34 82,432 a------- c:\windows\system32\axaltocm.dll
    2009-04-29 12:48 2,154,496 a------- c:\windows\apppatch\AcGenral.dll
    2009-04-29 12:48 2,560 a------- c:\windows\apppatch\AcRes.dll
    2009-04-29 12:48 541,696 a------- c:\windows\apppatch\AcLayers.dll
    2009-04-29 12:48 460,288 a------- c:\windows\apppatch\AcSpecfc.dll
    2009-04-29 12:48 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
    2009-04-29 12:48 52,736 a------- c:\windows\apppatch\iebrshim.dll
    2009-04-29 12:34 6,224,896 a------- c:\windows\system32\NlsLexicons0027.dll
    2009-04-29 12:27 40,960 a------- c:\windows\apppatch\apihex86.dll
    2009-04-29 11:45 827,392 a------- c:\windows\system32\wininet.dll
    2009-04-29 11:45 72,704 a------- c:\windows\system32\admparse.dll
    2009-04-29 11:45 78,336 a------- c:\windows\system32\ieencode.dll
    2009-04-29 11:45 48,128 a------- c:\windows\system32\mshtmler.dll
    2009-04-29 11:45 26,624 a------- c:\windows\system32\ieUnatt.exe
    2009-03-15 03:25 56,268 a------- c:\windows\system32\drivers\scdemu.sys
    2009-02-06 18:52 49,504 a------- c:\windows\system32\sirenacm.dll
    2006-11-02 05:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
    2006-11-02 05:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
    2006-11-02 05:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
    2006-11-02 05:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
    2006-11-02 02:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
    2006-11-02 02:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
    2006-11-02 02:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
    2006-11-02 02:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

    ============= FINISH: 17:21:03.66 ===============
     
    megamouth,
    #1
  2. 2009/05/05
    megamouth

    megamouth Inactive Thread Starter

    Joined:
    2009/04/14
    Messages:
    11
    Likes Received:
    0
    The text that you have entered is too long (332486 characters). Please shorten it to 55000 characters long.

    I can not post my second attach.txt log?


    An update. I have found out I can resize my partition just by going to Control Panel\Disk Management. The partition now can be resized. That problem is now fixed :)

    However, upon going to the Ubuntu Forums, it still shows up as about:blank on Firefox (still a blank page)
     
    Last edited: 2009/05/05
    megamouth,
    #2


  3. to hide this advert.

  4. 2009/05/15
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Print these instructions out.

    NOTE. If any of the programs listed below refuse to run, try renaming executive file to something else; for instance, rename hijackthis.exe to scanner.exe

    STEP 1. Download SUPERAntiSpyware Free for Home Users:
    http://www.superantispyware.com/

    * Double-click SUPERAntiSpyware.exe and use the default settings for installation.
    * An icon will be created on your desktop. Double-click that icon to launch the program.
    * If asked to update the program definitions, click "Yes ". If not, update the definitions before scanning by selecting "Check for Updates ". (If you encounter any problems while downloading the updates, manually download and unzip them from here: http://www.superantispyware.com/definitions.html.)
    * Close SUPERAntiSpyware.

    PHYSICALLY DISCONNECT FROM THE INTERNET

    Restart computer in Safe Mode.
    To enter Safe Mode, restart computer, and keep tapping F8 key, until menu appears; select Safe Mode; you'll see "Safe Mode" in all four corners of your screen

    * Open SUPERAntiSpyware.
    * Under Configuration and Preferences, click the Preferences button.
    * Under General and Startup tab, make sure, Start SUPERAntiSpyware when Windows starts option is UN-checked.
    * Click the Scanning Control tab.
    * Under Scanner Options make sure the following are checked (leave all others unchecked):
    - Close browsers before scanning.
    - Scan for tracking cookies.
    - Terminate memory threats before quarantining.
    * Click the Close button to leave the control center screen.
    * Back on the main screen, under Scan for Harmful Software click Scan your computer.
    * On the left, make sure you check C:\Fixed Drive.
    * On the right, under Complete Scan, choose Perform Complete Scan.
    * Click Next to start the scan. Please be patient while it scans your computer.
    * After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click OK.
    * Make sure everything has a checkmark next to it and click Next.
    * A notification will appear that Quarantine and Removal is Complete. Click OK and then click the Finish button to return to the main menu.
    * If asked if you want to reboot, click Yes.
    * To retrieve the removal information after reboot, launch SUPERAntispyware again.
    - Click Preferences, then click the Statistics/Logs tab.
    - Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    - If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    - Please copy and paste the Scan Log results in your next reply.
    * Click Close to exit the program.
    Post SUPERAntiSpyware log.
    NOTE: Tracking cookies may be omitted from the log.

    RECONNECT TO THE INTERNET

    RESTART COMPUTER!

    STEP 2. Download Malwarebytes' Anti-Malware: http://www.malwarebytes.org/mbam.php to your desktop.
    (Malwarebytes is free to use as a manual scanner. Payment is only required if you wish to have it run and update automatically which is not necessary for our purposes)

    * Double-click mbam-setup.exe and follow the prompts to install the program.
    * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    * If an update is found, it will download and install the latest version.
    * Once the program has loaded, select Perform full scan, then click Scan.
    * When the scan is complete, click OK, then Show Results to view the results.
    * Be sure that everything is checked, and click Remove Selected.
    * When completed, a log will open in Notepad.
    * Post the log back here.

    The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
    Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

    RESTART COMPUTER!

    STEP 3. Download GMER: http://www.gmer.net/files.php, by clicking on Download EXE button.
    Alternative downloads:
    - http://majorgeeks.com/GMER_d5198.html
    - http://www.softpedia.com/get/Interne...ers/GMER.shtml
    Double click on downloaded .exe file, select Rootkit tab and click the Scan button.
    When scan is completed, click Save button, and save the results as gmer.log
    Warning ! Please, do not select the "Show all" checkbox during the scan.
    Post the log to your next reply.

    RESTART COMPUTER

    STEP 4. Download HijackThis:
    http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
    by clicking on Download HijackThis Installer
    Install, and run it.
    Post HijackThis log.
    Do NOT attempt to "fix" anything!


    DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
     
    broni,
    #3
  5. 2009/05/16
    megamouth

    megamouth Inactive Thread Starter

    Joined:
    2009/04/14
    Messages:
    11
    Likes Received:
    0
    Dear Broni,

    I have decided to switch to Linux, and avoid further Windows problems.

    Thanks for your help!
     
    megamouth,
    #4
  6. 2009/05/16
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Thank you for posting back :)
     
    broni,
    #5

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...