Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Computer still very slow

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Computer still very slow

Unread postby mike73 » January 11th, 2010, 7:35 pm

Hello,

Due to inactivity, the following topic is closed. I still need help. Here is the link to the issue. I was late by 24 hours and it got closed. Please help.....

viewtopic.php?f=11&t=48379&p=498539&e=498539

Here is the combofix log requested by my original helper.....

ComboFix 10-01-11.01 - Shiva 01/11/2010 17:54:06.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.511.265 [GMT -5:00]
Running from: D:\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
ADS - WINDOWS: deleted 24 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\Thumbs.db
c:\windows\MailSwitch.ocx
c:\windows\run.log
c:\windows\system32\_002620_.tmp.dll
c:\windows\system32\_002626_.tmp.dll
c:\windows\system32\_002632_.tmp.dll
c:\windows\system32\_002805_.tmp.dll
c:\windows\system32\_002806_.tmp.dll
c:\windows\system32\_002809_.tmp.dll
c:\windows\system32\_002810_.tmp.dll
c:\windows\system32\_002811_.tmp.dll
c:\windows\system32\_002812_.tmp.dll
c:\windows\system32\_002819_.tmp.dll
c:\windows\system32\_002820_.tmp.dll
c:\windows\system32\_002821_.tmp.dll
c:\windows\system32\_002823_.tmp.dll
c:\windows\system32\_002824_.tmp.dll
c:\windows\system32\_002827_.tmp.dll
c:\windows\system32\_002828_.tmp.dll
c:\windows\system32\_002830_.tmp.dll
c:\windows\system32\_002831_.tmp.dll
c:\windows\system32\_002832_.tmp.dll
c:\windows\system32\_002834_.tmp.dll
c:\windows\system32\_002835_.tmp.dll
c:\windows\system32\_002836_.tmp.dll
c:\windows\system32\_002837_.tmp.dll
c:\windows\system32\_002841_.tmp.dll
c:\windows\system32\_002842_.tmp.dll
c:\windows\system32\_002844_.tmp.dll
c:\windows\system32\_002847_.tmp.dll
c:\windows\system32\_002849_.tmp.dll
c:\windows\system32\_002850_.tmp.dll
c:\windows\system32\_002851_.tmp.dll
c:\windows\system32\_002852_.tmp.dll
c:\windows\system32\_002855_.tmp.dll
c:\windows\system32\_002857_.tmp.dll
c:\windows\system32\_002858_.tmp.dll
c:\windows\system32\_002859_.tmp.dll
c:\windows\system32\_002863_.tmp.dll
c:\windows\system32\_002865_.tmp.dll
c:\windows\system32\_002882_.tmp.dll
c:\windows\system32\_002883_.tmp.dll
c:\windows\system32\_002884_.tmp.dll
c:\windows\system32\_002885_.tmp.dll
c:\windows\system32\_002888_.tmp.dll
c:\windows\system32\_002889_.tmp.dll
c:\windows\system32\_002890_.tmp.dll
c:\windows\system32\_002891_.tmp.dll
c:\windows\system32\_002898_.tmp.dll
c:\windows\system32\_002899_.tmp.dll
c:\windows\system32\_002900_.tmp.dll
c:\windows\system32\_002902_.tmp.dll
c:\windows\system32\_002903_.tmp.dll
c:\windows\system32\_002906_.tmp.dll
c:\windows\system32\_002907_.tmp.dll
c:\windows\system32\_002909_.tmp.dll
c:\windows\system32\_002910_.tmp.dll
c:\windows\system32\_002911_.tmp.dll
c:\windows\system32\_002913_.tmp.dll
c:\windows\system32\_002914_.tmp.dll
c:\windows\system32\_002916_.tmp.dll
c:\windows\system32\_002920_.tmp.dll
c:\windows\system32\_002921_.tmp.dll
c:\windows\system32\_002923_.tmp.dll
c:\windows\system32\_002925_.tmp.dll
c:\windows\system32\_002926_.tmp.dll
c:\windows\system32\_002928_.tmp.dll
c:\windows\system32\_002929_.tmp.dll
c:\windows\system32\_002930_.tmp.dll
c:\windows\system32\_002931_.tmp.dll
c:\windows\system32\_002934_.tmp.dll
c:\windows\system32\_002936_.tmp.dll
c:\windows\system32\_002937_.tmp.dll
c:\windows\system32\_002938_.tmp.dll
c:\windows\system32\_002942_.tmp.dll
c:\windows\system32\_002944_.tmp.dll
c:\windows\system32\_004643_.tmp.dll
c:\windows\system32\_004644_.tmp.dll
c:\windows\system32\_004645_.tmp.dll
c:\windows\system32\_004646_.tmp.dll
c:\windows\system32\_004653_.tmp.dll
c:\windows\system32\_004654_.tmp.dll
c:\windows\system32\_004655_.tmp.dll
c:\windows\system32\_004656_.tmp.dll
c:\windows\system32\_004658_.tmp.dll
c:\windows\system32\_004659_.tmp.dll
c:\windows\system32\_004662_.tmp.dll
c:\windows\system32\_004663_.tmp.dll
c:\windows\system32\_004665_.tmp.dll
c:\windows\system32\_004666_.tmp.dll
c:\windows\system32\_004667_.tmp.dll
c:\windows\system32\_004669_.tmp.dll
c:\windows\system32\_004672_.tmp.dll
c:\windows\system32\_004673_.tmp.dll
c:\windows\system32\_004677_.tmp.dll
c:\windows\system32\_004678_.tmp.dll
c:\windows\system32\_004680_.tmp.dll
c:\windows\system32\_004682_.tmp.dll
c:\windows\system32\_004683_.tmp.dll
c:\windows\system32\_004685_.tmp.dll
c:\windows\system32\_004686_.tmp.dll
c:\windows\system32\_004687_.tmp.dll
c:\windows\system32\_004688_.tmp.dll
c:\windows\system32\_004689_.tmp.dll
c:\windows\system32\_004692_.tmp.dll
c:\windows\system32\_004693_.tmp.dll
c:\windows\system32\_004694_.tmp.dll
c:\windows\system32\_004695_.tmp.dll
c:\windows\system32\_004696_.tmp.dll
c:\windows\system32\_004701_.tmp.dll
c:\windows\system32\_004703_.tmp.dll
c:\windows\system32\_004704_.tmp.dll
c:\windows\system32\BSTIEPrintCtl1.dll
c:\windows\system32\Data

----- BITS: Possible infected sites -----

hxxp://armmf.adobe.com
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_POOF


((((((((((((((((((((((((( Files Created from 2009-12-11 to 2010-01-11 )))))))))))))))))))))))))))))))
.

2010-01-06 00:55 . 2010-01-06 00:54 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-05 01:23 . 2009-12-30 19:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-05 01:22 . 2010-01-05 01:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-05 01:22 . 2009-12-30 19:54 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-05 01:13 . 2010-01-05 01:13 -------- d-----w- C:\_OTM
2010-01-05 01:08 . 2010-01-05 01:08 -------- d-----w- c:\program files\ERUNT
2010-01-04 00:19 . 2010-01-04 00:20 -------- d-----w- C:\rsit
2010-01-03 01:31 . 2010-01-03 01:31 -------- d-----w- c:\documents and settings\Shiva\Application Data\Malwarebytes
2010-01-03 01:31 . 2010-01-03 01:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-01 06:31 . 2010-01-01 06:31 20 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\Updater\Temporary Files\temporaryFolder\bases\apu\ForDiff\apu0001.dat.drv
2009-12-20 12:38 . 2009-12-20 12:38 -------- d-----w- c:\program files\Trend Micro
2009-12-19 22:52 . 2009-12-19 23:26 -------- d-----w- c:\windows\system32\scripting
2009-12-19 22:52 . 2009-12-19 23:25 -------- d-----w- c:\windows\l2schemas
2009-12-19 22:52 . 2009-12-19 23:26 -------- d-----w- c:\windows\system32\en
2009-12-19 22:20 . 2004-08-12 13:55 21504 ----a-w- c:\windows\system32\dllcache\agt040c.dll
2009-12-19 22:19 . 2007-06-13 10:23 1033216 ----a-w- c:\windows\system32\dllcache\explorer.exe
2009-12-19 22:18 . 2004-08-12 13:56 82432 ----a-w- c:\windows\system32\dllcache\dmscript.dll
2009-12-19 22:17 . 2009-04-15 15:11 584192 ----a-w- c:\windows\system32\dllcache\rpcrt4.dll
2009-12-19 22:16 . 2004-08-12 14:04 48384 ----a-w- c:\windows\system32\drivers\raspptp.sys
2009-12-19 21:56 . 2009-12-19 21:56 -------- d-sh--w- c:\documents and settings\Shiva\IECompatCache
2009-12-19 21:55 . 2009-12-19 21:55 -------- d-sh--w- c:\documents and settings\Shiva\PrivacIE
2009-12-19 21:48 . 2009-12-19 21:48 -------- d-sh--w- c:\documents and settings\Shiva\IETldCache
2009-12-19 21:41 . 2009-10-29 07:45 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-12-19 21:41 . 2009-10-29 07:45 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-12-19 21:41 . 2009-10-29 07:45 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-12-19 21:41 . 2009-10-29 07:45 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-12-19 21:41 . 2009-10-29 07:45 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-12-19 21:41 . 2009-10-29 07:45 11069952 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-12-19 21:41 . 2009-12-19 21:41 -------- d-----w- c:\windows\ie8updates
2009-12-19 21:39 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-12-19 21:37 . 2009-12-19 21:39 -------- dc-h--w- c:\windows\ie8
2009-12-15 23:29 . 2009-12-15 23:29 932368 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\profiles-1-6.dll
2009-12-15 23:29 . 2009-12-15 23:29 678416 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\content_interpreter-1-1.dll
2009-12-15 23:29 . 2009-12-15 23:29 604688 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\gsg-3-9.dll
2009-12-15 23:29 . 2009-12-15 23:29 1096208 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\filtration-4-6.dll
2009-12-15 23:29 . 2009-12-15 23:29 522768 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP9\Data\KasFlt\Plugins\database-1-5.dll
2009-12-15 23:14 . 2010-01-11 23:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-12-15 23:14 . 2009-12-15 23:14 -------- d-----w- c:\program files\Kaspersky Lab
2009-12-15 22:58 . 2009-12-15 22:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-06 00:53 . 2006-09-10 15:28 -------- d-----w- c:\program files\Java
2010-01-06 00:48 . 2003-08-19 23:08 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-20 20:13 . 2003-07-16 07:15 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-20 15:45 . 2002-09-03 13:58 79707 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2009-12-15 23:20 . 2009-12-15 23:20 604140 --sha-w- c:\windows\system32\drivers\ISwift3.dat
2009-12-11 22:05 . 2007-01-14 13:45 -------- d-----w- c:\program files\TomTom HOME
2009-12-11 22:01 . 2009-05-10 11:46 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-12-11 22:01 . 2009-05-10 11:46 -------- d-----w- c:\program files\NOS
2009-12-10 23:28 . 2009-12-10 23:28 -------- d-----w- c:\program files\Common Files\SupportSoft
2009-12-10 23:28 . 2009-12-10 23:28 -------- d-----w- c:\program files\ComcastUI
2009-10-29 07:45 . 2004-08-12 14:09 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-21 06:00 . 2004-08-12 14:06 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 06:00 . 2004-08-12 13:57 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 14:58 . 2009-12-19 22:21 263552 ----a-w- c:\windows\system32\drivers\http.sys
2003-08-20 00:01 . 2003-08-19 23:08 16251072 -c--a-w- c:\program files\AdbeRdr60_enu_full.exe
2001-07-07 04:47 . 2001-07-07 04:47 3149 -c--a-w- c:\program files\ReadMe.txt
2001-07-06 21:59 . 2001-07-06 21:59 372736 -c--a-w- c:\program files\Dragnifier.exe
2004-10-26 22:48 . 2004-10-19 00:05 56 -csha-r- c:\windows\SYSTEM32\C996166E60.sys
2004-10-26 22:48 . 2004-10-19 00:05 1890 -csha-w- c:\windows\SYSTEM32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"pdfSaver3"="c:\cadviewer4\PDF-XChange\pdfSaver\pdfSaver3.exe" [2004-09-05 380928]
"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2005-10-11 1961984]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-26 68856]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 443968]
"Desktop Software"="c:\program files\Common Files\SupportSoft\bin\bcont.exe" [2009-04-24 1025320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"BCMSMMSG"="BCMSMMSG.exe" [2003-08-29 122880]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2003-07-16 151597]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-06-21 172032]
"diagent"="c:\program files\Creative\SBLive\Diagnostics\diagent.exe" [2002-04-03 135264]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Microsoft Works Update Detection"="c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2002-07-16 28672]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2002-08-29 208953]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2002-08-29 44032]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-01-14 282624]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-05-25 303376]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-06 149280]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2006-10-04 53760]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-04 44544]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HotSync Manager.lnk - c:\program files\Palm\Hotsync.exe [2004-6-9 471040]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\SYSTEM32\DRIVERS\klbg.sys [12/15/2008 8:41 PM 33808]
R0 sptd;sptd;c:\windows\SYSTEM32\DRIVERS\sptd.sys [11/4/2006 11:18 AM 611064]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\SYSTEM32\DRIVERS\klim5.sys [5/13/2009 5:46 PM 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\SYSTEM32\DRIVERS\klmouflt.sys [5/16/2009 8:59 PM 19472]
S2 UGNX License Server;UGNX License Server;c:\program files\UGS\NX 3.0\UGFLEXLM\lmgrd.exe --> c:\program files\UGS\NX 3.0\UGFLEXLM\lmgrd.exe [?]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = localhost
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
- - - - ORPHANS REMOVED - - - -

Toolbar-Locked - (no file)
HKCU-Run-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
HKLM-Run-pdfSaver3 - (no file)
HKLM-Run-tgcmd - c:\program files\support.com\bin\tgcmd.exe
HKLM-Run-LogitechVideoRepair - c:\program files\Logitech\Video\ISStart.exe
AddRemove-BTLINK_DLL - c:\progra~1\COMMON~1\BTLINK\btlink.dll
AddRemove-NMIX!UninstallKey - c:\windows\UNNMIX.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-11 18:09
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
tgcmd = "c:\program files\support.com\bin\tgcmd.exe" /server?cmd.exe" /server

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x83B711D8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf87fdfc3
\Driver\ACPI -> ACPI.sys @ 0xf8670cb8
\Driver\atapi -> 0x83b711d8
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0084
ParseProcedure -> ntoskrnl.exe @ 0x8056f07e
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0084
ParseProcedure -> ntoskrnl.exe @ 0x8056f07e
NDIS: Intel(R) PRO/100 VE Network Connection -> SendCompleteHandler -> NDIS.sys @ 0xf8535ba0
PacketIndicateHandler -> NDIS.sys @ 0xf8542b21
SendHandler -> NDIS.sys @ 0xf852087b
Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\.application\bootstrap]
@DACL=(02 0000)
@="bootstrap.application.1"

[HKEY_LOCAL_MACHINE\software\Classes\.xaml\bootstrap]
@DACL=(02 0000)
@="bootstrap.xaml.1"

[HKEY_LOCAL_MACHINE\software\Classes\.xbap\bootstrap]
@DACL=(02 0000)
@="bootstrap.xbap.1"

[HKEY_LOCAL_MACHINE\software\Classes\.xps\bootstrap]
@DACL=(02 0000)
@="bootstrap.xps.1"

[HKEY_LOCAL_MACHINE\software\Classes\htafile\CLSID]
@DACL=(02 0000)
@="{3050f4d8-98B5-11CF-BB82-00AA00BDCE0B}"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1516)
c:\windows\System32\NavLogon.dll

- - - - - - - > 'explorer.exe'(3588)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\CTsvcCDA.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wscntfy.exe
c:\windows\BCMSMMSG.exe
c:\windows\system32\RUNDLL32.EXE
.
**************************************************************************
.
Completion time: 2010-01-11 18:18:35 - machine was rebooted
ComboFix-quarantined-files.txt 2010-01-11 23:18

Pre-Run: 39,456,038,912 bytes free
Post-Run: 39,734,669,312 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

Current=4 Default=4 Failed=3 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - 58F9C062D65FA78FBAB93B3290B15AC3
mike73
Regular Member
 
Posts: 21
Joined: December 20th, 2009, 8:19 am
Advertisement
Register to Remove

Re: Computer still very slow

Unread postby NonSuch » January 11th, 2010, 8:49 pm

Please follow the instructions that were given to you in the closing post in your previous topic, e.g., start a new topic and include a fresh HijackThis log, and wait for a new helper. Also include your ComboFix log.

This topic is now closed.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27302
Joined: February 23rd, 2005, 7:08 am
Location: California


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 14 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware