Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

computer running slow

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: computer running slow

Unread postby Airscape » March 7th, 2011, 4:01 pm

Ok
User avatar
Airscape
Regular Member
 
Posts: 1858
Joined: November 1st, 2008, 11:06 pm
Advertisement
Register to Remove

Re: computer running slow

Unread postby paddy79 » March 7th, 2011, 4:27 pm

i have all the logs you asked for..


ComboFix 11-03-06.01 - Carl 06/03/2011 23:40:20.3.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.353.1033.18.892.382 [GMT 0:00]
Running from: c:\users\Carl\Desktop\ComboFix.exe
Command switches used :: c:\users\Carl\Desktop\CFScript.txt
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\A27C56FD.exe"
.
.
((((((((((((((((((((((((( Files Created from 2011-02-06 to 2011-03-06 )))))))))))))))))))))))))))))))
.
.
2011-03-06 23:51 . 2011-03-06 23:51 -------- d-----w- c:\users\Carl\AppData\Local\temp
2011-03-06 23:51 . 2011-03-06 23:51 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-03-06 23:51 . 2011-03-06 23:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-06 23:34 . 2011-03-06 23:34 -------- d-----w- c:\users\Carl\AppData\Roaming\Avira
2011-03-04 10:35 . 2011-02-23 09:35 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{39087762-DC60-499D-8EFC-C295D2817D40}\mpengine.dll
2011-03-03 20:34 . 2011-01-10 14:23 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-03-03 20:34 . 2011-01-10 14:23 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-03-03 20:34 . 2011-03-03 20:34 -------- d-----w- c:\programdata\Avira
2011-03-03 20:34 . 2011-03-03 20:34 -------- d-----w- c:\program files\Avira
2011-03-01 22:07 . 2009-12-14 12:44 88632 ----a-w- c:\windows\system32\drivers\CSCrySec.sys
2011-03-01 22:07 . 2009-12-14 12:44 39352 ----a-w- c:\windows\system32\drivers\CSVirtualDiskDrv.sys
2011-03-01 22:04 . 2011-03-01 22:04 -------- d-----w- c:\program files\Common Files\InfoWatch
2011-03-01 22:04 . 2011-03-02 04:02 -------- d-----w- c:\programdata\Kaspersky Lab
2011-03-01 22:04 . 2011-03-01 22:04 -------- d-----w- c:\program files\Kaspersky Lab
2011-03-01 21:46 . 2011-03-01 21:46 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2011-03-01 21:12 . 2011-03-06 23:23 1404 ----a-w- C:\FixitRegBackup.reg
2011-02-28 09:34 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6AEA88E0-FF70-44C2-BF7B-31618E6DB91D}\mpengine.dll
2011-02-27 13:20 . 2011-02-27 13:20 86016 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\LocalCopy\{23C67337-EDFC-4FB6-8C35-176303AE6E34}-TaskManager.exe
2011-02-26 20:58 . 2011-02-26 20:58 86016 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\LocalCopy\{5D143D63-2893-415B-8EA5-B5103DB99102}-TaskManager.exe
2011-02-24 23:10 . 2011-02-24 23:10 -------- d-----w- C:\_OTM
2011-02-24 08:12 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll
2011-02-24 08:11 . 2009-10-09 21:56 12800 ----a-w- c:\windows\system32\wsmprovhost.exe
2011-02-24 08:11 . 2009-10-09 21:56 20480 ----a-w- c:\windows\system32\winrshost.exe
2011-02-24 08:11 . 2009-10-09 21:56 40448 ----a-w- c:\windows\system32\winrs.exe
2011-02-24 08:11 . 2009-10-09 21:56 10240 ----a-w- c:\windows\system32\wsmplpxy.dll
2011-02-24 08:11 . 2009-10-09 21:56 10240 ----a-w- c:\windows\system32\winrssrv.dll
2011-02-20 22:32 . 2011-03-01 20:06 -------- d-----w- c:\users\Carl\AppData\Roaming\dvdcss
2011-02-20 22:13 . 2011-02-20 22:14 -------- d-----w- C:\Downloads
2011-02-18 18:02 . 2011-02-19 11:45 -------- d-----w- C:\MGADiagToolOutput
2011-02-13 19:52 . 2011-01-06 10:51 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-02-13 19:51 . 2010-12-20 15:42 634648 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2011-02-13 19:49 . 2010-10-15 13:48 1205080 ----a-w- c:\windows\system32\ntdll.dll
2011-02-13 19:49 . 2010-10-15 14:08 3548048 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-02-13 19:49 . 2010-10-15 14:08 3600272 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-02-13 19:49 . 2010-12-31 13:25 2038784 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-11 06:54 . 2010-11-25 12:17 5943120 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-02-02 17:11 . 2009-10-02 20:09 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-12-28 14:57 . 2011-01-12 22:59 409600 ----a-w- c:\windows\system32\odbc32.dll
2010-12-20 18:09 . 2010-08-23 05:50 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-20 18:08 . 2010-08-23 05:50 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-14 15:49 . 2011-01-12 22:59 1169408 ----a-w- c:\windows\system32\sdclt.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"RtHDVCpl"="RtHDVCpl.exe" [2008-05-28 6144000]
"Skytel"="Skytel.exe" [2007-11-20 1826816]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-01-10 281768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 MpKsl043931fe;MpKsl043931fe;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5CB4BF60-28F3-41A1-A58C-63A2077BE244}\MpKsl043931fe.sys [x]
R1 MpKsl05486dce;MpKsl05486dce;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1E1D7671-4664-4645-AEBC-2BF1A979B19B}\MpKsl05486dce.sys [x]
R1 MpKsl087a8610;MpKsl087a8610;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E621BE0B-EF0C-4ADB-8596-75893F29FC33}\MpKsl087a8610.sys [x]
R1 MpKsl116acfbe;MpKsl116acfbe;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C8BFA235-30F0-4037-B6EB-9677CD30F6D1}\MpKsl116acfbe.sys [x]
R1 MpKsl1e9872b0;MpKsl1e9872b0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F6CCE084-4291-4375-85C7-736BF8407A3D}\MpKsl1e9872b0.sys [x]
R1 MpKsl1fe1034e;MpKsl1fe1034e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{42250DC0-17CF-460A-B83C-455966143A25}\MpKsl1fe1034e.sys [x]
R1 MpKsl232af958;MpKsl232af958;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A096048B-606A-48B4-A622-7388325B9F0A}\MpKsl232af958.sys [x]
R1 MpKsl2630b016;MpKsl2630b016;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E621BE0B-EF0C-4ADB-8596-75893F29FC33}\MpKsl2630b016.sys [x]
R1 MpKsl2cdcd736;MpKsl2cdcd736;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A096048B-606A-48B4-A622-7388325B9F0A}\MpKsl2cdcd736.sys [x]
R1 MpKsl2d2d137d;MpKsl2d2d137d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5CB4BF60-28F3-41A1-A58C-63A2077BE244}\MpKsl2d2d137d.sys [x]
R1 MpKsl2e4f2bad;MpKsl2e4f2bad;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E621BE0B-EF0C-4ADB-8596-75893F29FC33}\MpKsl2e4f2bad.sys [x]
R1 MpKsl31f93767;MpKsl31f93767;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6AEA88E0-FF70-44C2-BF7B-31618E6DB91D}\MpKsl31f93767.sys [x]
R1 MpKsl387f365a;MpKsl387f365a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5CB4BF60-28F3-41A1-A58C-63A2077BE244}\MpKsl387f365a.sys [x]
R1 MpKsl3d26ea74;MpKsl3d26ea74;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E621BE0B-EF0C-4ADB-8596-75893F29FC33}\MpKsl3d26ea74.sys [x]
R1 MpKsl47fb5354;MpKsl47fb5354;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1E1D7671-4664-4645-AEBC-2BF1A979B19B}\MpKsl47fb5354.sys [x]
R1 MpKsl4f398684;MpKsl4f398684;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1E1D7671-4664-4645-AEBC-2BF1A979B19B}\MpKsl4f398684.sys [x]
R1 MpKsl5f56ec47;MpKsl5f56ec47;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AB828177-EE3E-48F9-8EF7-5A737C7BBED6}\MpKsl5f56ec47.sys [x]
R1 MpKsl62c2b9f4;MpKsl62c2b9f4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5763317D-C956-4B29-A671-07280BF29BA9}\MpKsl62c2b9f4.sys [x]
R1 MpKsl74ef32c8;MpKsl74ef32c8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F6CCE084-4291-4375-85C7-736BF8407A3D}\MpKsl74ef32c8.sys [x]
R1 MpKsl797dbb70;MpKsl797dbb70;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E621BE0B-EF0C-4ADB-8596-75893F29FC33}\MpKsl797dbb70.sys [x]
R1 MpKsl85775efb;MpKsl85775efb;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A096048B-606A-48B4-A622-7388325B9F0A}\MpKsl85775efb.sys [x]
R1 MpKsl910e235a;MpKsl910e235a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{76007F20-AA1C-4659-88C1-2B2543E8FB43}\MpKsl910e235a.sys [x]
R1 MpKsl91d5f318;MpKsl91d5f318;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A096048B-606A-48B4-A622-7388325B9F0A}\MpKsl91d5f318.sys [x]
R1 MpKsl92fd6e49;MpKsl92fd6e49;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A096048B-606A-48B4-A622-7388325B9F0A}\MpKsl92fd6e49.sys [x]
R1 MpKsl9469d47c;MpKsl9469d47c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E621BE0B-EF0C-4ADB-8596-75893F29FC33}\MpKsl9469d47c.sys [x]
R1 MpKsla317d795;MpKsla317d795;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F6CCE084-4291-4375-85C7-736BF8407A3D}\MpKsla317d795.sys [x]
R1 MpKslc40f8d23;MpKslc40f8d23;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AB828177-EE3E-48F9-8EF7-5A737C7BBED6}\MpKslc40f8d23.sys [x]
R1 MpKslc79eec1d;MpKslc79eec1d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1E1D7671-4664-4645-AEBC-2BF1A979B19B}\MpKslc79eec1d.sys [x]
R1 MpKslc9b60dc3;MpKslc9b60dc3;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A096048B-606A-48B4-A622-7388325B9F0A}\MpKslc9b60dc3.sys [x]
R1 MpKsld507f2a2;MpKsld507f2a2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{76007F20-AA1C-4659-88C1-2B2543E8FB43}\MpKsld507f2a2.sys [x]
R1 MpKsld6967b9f;MpKsld6967b9f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F6CCE084-4291-4375-85C7-736BF8407A3D}\MpKsld6967b9f.sys [x]
R1 MpKsle6275802;MpKsle6275802;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C8BFA235-30F0-4037-B6EB-9677CD30F6D1}\MpKsle6275802.sys [x]
R1 MpKsledf75447;MpKsledf75447;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C8BFA235-30F0-4037-B6EB-9677CD30F6D1}\MpKsledf75447.sys [x]
R1 MpKslf881d9c6;MpKslf881d9c6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0EF1AE9F-7347-40F4-A502-D69C8EE273BC}\MpKslf881d9c6.sys [x]
R1 MpKslfa308138;MpKslfa308138;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A096048B-606A-48B4-A622-7388325B9F0A}\MpKslfa308138.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-12-20 38224]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 Normandy;Normandy SR2; [x]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2007-08-07 283136]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 CEBFilter;CEBFilter;c:\program files\C&E\OSD\OsdService\cebuffer.sys [x]
R4 CEIO;CEIO;c:\program files\C&E\OSD\OsdService\ceio.sys [x]
R4 cKBFilter;cKBFilter;c:\program files\C&E\OSD\OsdService\kbfiltr.sys [x]
R4 gupdate1c9f9105aaf10c5;Google Update Service (gupdate1c9f9105aaf10c5);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-29 133104]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-01-10 135336]
S3 SiS6350;SiS6350;c:\windows\system32\DRIVERS\SISGRKMD.sys [2008-05-23 458752]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSGB6.sys [2007-11-15 48128]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
Contents of the 'Scheduled Tasks' folder
.
2010-08-26 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-09-02 23:46]
.
2010-08-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-29 23:21]
.
2010-08-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-29 23:21]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: Copy to Semagic - c:\program files\Semagic\copy.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: Save YouTube Video as MP3 - c:\program files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
IE: Semagic - c:\program files\Semagic\link.htm
FF - ProfilePath - c:\users\Carl\AppData\Roaming\Mozilla\Firefox\Profiles\no7badff.default\
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-06 23:51
Windows 6.0.6001 Service Pack 1 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2011-03-06 23:55:18
ComboFix-quarantined-files.txt 2011-03-06 23:55
ComboFix2.txt 2011-03-03 20:23
.
Pre-Run: 8,493,113,344 bytes free
Post-Run: 8,259,104,768 bytes free
.
- - End Of File - - ACAC7B7FD0BE789053F7BB8E6B5E384D




Results of screen317's Security Check version 0.99.9
Windows Vista Service Pack 1 (UAC is enabled)
Out of date service pack!!
Internet Explorer 7 Out of date!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
Avira AntiVir Personal - Free Antivirus
WMI entry may not exist for antivirus; attempting automatic update.
Avira successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware
Adobe Flash Player 10.2.152.32
````````````````````````````````
Process Check:
objlist.exe by Laurent

Avira Antivir avgnt.exe
Avira Antivir avguard.exe
``````````End of Log````````````






Avira AntiVir Personal
Report file date: 07 March 2011 18:49

Scanning for 2456063 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows Vista
Windows version : (Service Pack 1) [6.0.6001]
Boot mode : Normally booted
Username : SYSTEM
Computer name : CARL-PC

Version information:
BUILD.DAT : 10.0.0.611 31824 Bytes 14/01/2011 13:42:00
AVSCAN.EXE : 10.0.3.5 435368 Bytes 10/01/2011 14:23:31
AVSCAN.DLL : 10.0.3.0 46440 Bytes 01/04/2010 12:57:04
LUKE.DLL : 10.0.3.2 104296 Bytes 10/01/2011 14:23:40
LUKERES.DLL : 10.0.0.1 12648 Bytes 10/02/2010 23:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06/11/2009 09:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14/12/2010 14:23:50
VBASE002.VDF : 7.11.3.0 1950720 Bytes 09/02/2011 20:36:11
VBASE003.VDF : 7.11.3.1 2048 Bytes 09/02/2011 20:36:11
VBASE004.VDF : 7.11.3.2 2048 Bytes 09/02/2011 20:36:12
VBASE005.VDF : 7.11.3.3 2048 Bytes 09/02/2011 20:36:12
VBASE006.VDF : 7.11.3.4 2048 Bytes 09/02/2011 20:36:12
VBASE007.VDF : 7.11.3.5 2048 Bytes 09/02/2011 20:36:12
VBASE008.VDF : 7.11.3.6 2048 Bytes 09/02/2011 20:36:12
VBASE009.VDF : 7.11.3.7 2048 Bytes 09/02/2011 20:36:12
VBASE010.VDF : 7.11.3.8 2048 Bytes 09/02/2011 20:36:12
VBASE011.VDF : 7.11.3.9 2048 Bytes 09/02/2011 20:36:12
VBASE012.VDF : 7.11.3.10 2048 Bytes 09/02/2011 20:36:12
VBASE013.VDF : 7.11.3.59 157184 Bytes 14/02/2011 20:36:14
VBASE014.VDF : 7.11.3.97 120320 Bytes 16/02/2011 20:36:14
VBASE015.VDF : 7.11.3.148 128000 Bytes 19/02/2011 20:36:14
VBASE016.VDF : 7.11.3.183 140288 Bytes 22/02/2011 20:36:14
VBASE017.VDF : 7.11.3.216 124416 Bytes 24/02/2011 20:36:15
VBASE018.VDF : 7.11.3.251 159232 Bytes 28/02/2011 20:36:15
VBASE019.VDF : 7.11.4.33 148992 Bytes 02/03/2011 20:36:16
VBASE020.VDF : 7.11.4.34 2048 Bytes 02/03/2011 20:36:16
VBASE021.VDF : 7.11.4.35 2048 Bytes 02/03/2011 20:36:16
VBASE022.VDF : 7.11.4.36 2048 Bytes 02/03/2011 20:36:16
VBASE023.VDF : 7.11.4.37 2048 Bytes 02/03/2011 20:36:16
VBASE024.VDF : 7.11.4.38 2048 Bytes 02/03/2011 20:36:16
VBASE025.VDF : 7.11.4.39 2048 Bytes 02/03/2011 20:36:16
VBASE026.VDF : 7.11.4.40 2048 Bytes 02/03/2011 20:36:16
VBASE027.VDF : 7.11.4.41 2048 Bytes 02/03/2011 20:36:16
VBASE028.VDF : 7.11.4.42 2048 Bytes 02/03/2011 20:36:16
VBASE029.VDF : 7.11.4.43 2048 Bytes 02/03/2011 20:36:16
VBASE030.VDF : 7.11.4.44 2048 Bytes 02/03/2011 20:36:16
VBASE031.VDF : 7.11.4.56 52736 Bytes 03/03/2011 20:36:17
Engineversion : 8.2.4.178
AEVDF.DLL : 8.1.2.1 106868 Bytes 10/01/2011 14:23:26
AESCRIPT.DLL : 8.1.3.55 1282426 Bytes 03/03/2011 20:36:22
AESCN.DLL : 8.1.7.2 127349 Bytes 10/01/2011 14:23:26
AESBX.DLL : 8.1.3.2 254324 Bytes 10/01/2011 14:23:26
AERDL.DLL : 8.1.9.2 635252 Bytes 10/01/2011 14:23:25
AEPACK.DLL : 8.2.4.11 520566 Bytes 03/03/2011 20:36:22
AEOFFICE.DLL : 8.1.1.16 205179 Bytes 03/03/2011 20:36:21
AEHEUR.DLL : 8.1.2.81 3314038 Bytes 03/03/2011 20:36:21
AEHELP.DLL : 8.1.16.1 246134 Bytes 03/03/2011 20:36:19
AEGEN.DLL : 8.1.5.2 397683 Bytes 03/03/2011 20:36:18
AEEMU.DLL : 8.1.3.0 393589 Bytes 10/01/2011 14:23:18
AECORE.DLL : 8.1.19.2 196983 Bytes 03/03/2011 20:36:17
AEBB.DLL : 8.1.1.0 53618 Bytes 10/01/2011 14:23:18
AVWINLL.DLL : 10.0.0.0 19304 Bytes 10/01/2011 14:23:32
AVPREF.DLL : 10.0.0.0 44904 Bytes 10/01/2011 14:23:30
AVREP.DLL : 10.0.0.8 62209 Bytes 17/06/2010 14:27:13
AVREG.DLL : 10.0.3.2 53096 Bytes 10/01/2011 14:23:31
AVSCPLR.DLL : 10.0.3.2 84328 Bytes 10/01/2011 14:23:31
AVARKT.DLL : 10.0.22.6 231784 Bytes 10/01/2011 14:23:27
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 10/01/2011 14:23:28
SQLITE3.DLL : 3.6.19.0 355688 Bytes 17/06/2010 14:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 10/01/2011 14:23:31
NETNT.DLL : 10.0.0.0 11624 Bytes 17/06/2010 14:27:21
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28/01/2010 13:10:20
RCTEXT.DLL : 10.0.58.0 97128 Bytes 10/01/2011 14:23:52

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, S:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: 07 March 2011 18:49

Starting search for hidden objects.
c:\windows\system32\sndvol.exe
c:\windows\system32\sndvol.exe
[NOTE] The process is not visible.

The scan of running processes will be started
Scan process 'svchost.exe' - '30' Module(s) have been scanned
Scan process 'vssvc.exe' - '49' Module(s) have been scanned
Scan process 'avscan.exe' - '79' Module(s) have been scanned
Scan process 'avscan.exe' - '29' Module(s) have been scanned
Scan process 'avcenter.exe' - '64' Module(s) have been scanned
Scan process 'plugin-container.exe' - '91' Module(s) have been scanned
Scan process 'firefox.exe' - '108' Module(s) have been scanned
Scan process 'explorer.exe' - '65' Module(s) have been scanned
Scan process 'utorrent.exe' - '55' Module(s) have been scanned
Scan process 'wuauclt.exe' - '34' Module(s) have been scanned
Scan process 'SynTPHelper.exe' - '14' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '33' Module(s) have been scanned
Scan process 'unsecapp.exe' - '28' Module(s) have been scanned
Scan process 'wmpnscfg.exe' - '29' Module(s) have been scanned
Scan process 'avgnt.exe' - '49' Module(s) have been scanned
Scan process 'RtHDVCpl.exe' - '47' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '34' Module(s) have been scanned
Scan process 'Explorer.EXE' - '133' Module(s) have been scanned
Scan process 'taskeng.exe' - '48' Module(s) have been scanned
Scan process 'Dwm.exe' - '38' Module(s) have been scanned
Scan process 'taskeng.exe' - '80' Module(s) have been scanned
Scan process 'avshadow.exe' - '33' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '62' Module(s) have been scanned
Scan process 'svchost.exe' - '9' Module(s) have been scanned
Scan process 'svchost.exe' - '44' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '33' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '32' Module(s) have been scanned
Scan process 'avguard.exe' - '65' Module(s) have been scanned
Scan process 'svchost.exe' - '59' Module(s) have been scanned
Scan process 'sched.exe' - '56' Module(s) have been scanned
Scan process 'spoolsv.exe' - '84' Module(s) have been scanned
Scan process 'svchost.exe' - '93' Module(s) have been scanned
Scan process 'svchost.exe' - '82' Module(s) have been scanned
Scan process 'SLsvc.exe' - '23' Module(s) have been scanned
Scan process 'svchost.exe' - '149' Module(s) have been scanned
Scan process 'svchost.exe' - '118' Module(s) have been scanned
Scan process 'svchost.exe' - '67' Module(s) have been scanned
Scan process 'svchost.exe' - '47' Module(s) have been scanned
Scan process 'svchost.exe' - '35' Module(s) have been scanned
Scan process 'svchost.exe' - '40' Module(s) have been scanned
Scan process 'lsm.exe' - '22' Module(s) have been scanned
Scan process 'lsass.exe' - '60' Module(s) have been scanned
Scan process 'winlogon.exe' - '30' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'S:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '979' files ).


Starting the file scan:

Begin scan in 'C:\' <Vista>
C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{23C67337-EDFC-4FB6-8C35-176303AE6E34}-TaskManager.exe
[DETECTION] Is the TR/Dldr.Genome.baov.7 Trojan
C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{5D143D63-2893-415B-8EA5-B5103DB99102}-TaskManager.exe
[DETECTION] Is the TR/Dldr.Genome.baov.7 Trojan
C:\Qoobox\Quarantine\C\Users\Carl\wuaucldt.exe.vir
[DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
C:\Qoobox\Quarantine\C\Users\Carl\AppData\Roaming\baoezuh.exe.vir
[DETECTION] Contains a recognition pattern of the (harmful) BDS/MSIL.Agent.and back-door program
C:\Qoobox\Quarantine\C\Users\Carl\AppData\Roaming\locagxa.exe.vir
[DETECTION] Contains a recognition pattern of the (harmful) BDS/MSIL.Agent.and back-door program
C:\Qoobox\Quarantine\C\Users\Carl\AppData\Roaming\nksklwr.exe.vir
[DETECTION] Is the TR/Dldr.Genome.baov.7 Trojan
C:\Qoobox\Quarantine\C\Users\Carl\AppData\Roaming\ohydy.exe.vir
[DETECTION] Is the TR/Dropper.Gen Trojan
C:\Qoobox\Quarantine\C\Users\Carl\AppData\Roaming\sdra64.exe.vir
[DETECTION] Is the TR/Spy.ZBot.IAT.5 Trojan
C:\Qoobox\Quarantine\C\Users\Carl\AppData\Roaming\DD42632F63BE5ED71A228945E1AA97EE\fixcore70700bin.exe.vir
[DETECTION] Is the TR/Dropper.Gen Trojan
C:\Qoobox\Quarantine\C\Users\Carl\AppData\Roaming\DD42632F63BE5ED71A228945E1AA97EE\libcore707en0setup.exe.vir
[DETECTION] Is the TR/Dropper.Gen Trojan
C:\Qoobox\Quarantine\C\Users\Carl\AppData\Roaming\DD42632F63BE5ED71A228945E1AA97EE\smartcore70700bin.exe.vir
[DETECTION] Is the TR/Dropper.Gen Trojan
C:\Qoobox\Quarantine\C\Users\Carl\AppData\Roaming\Microsoft\TaskManager.exe.vir
[DETECTION] Is the TR/Dldr.Genome.baov.7 Trojan
C:\Qoobox\Quarantine\C\Users\Carl\AppData\Roaming\Microsoft\Windows\Templates\memory.tmp.vir
[DETECTION] Is the TR/Dropper.Gen Trojan
C:\_OTM\MovedFiles\02242011_231059\C_Users\Carl\AppData\Roaming\euxhhov.exe
[DETECTION] Is the TR/Spy.ZBot.IAT.5 Trojan
C:\_OTM\MovedFiles\02242011_231059\C_Users\Carl\AppData\Roaming\ywtidsv.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
Begin scan in 'S:\' <System>

Beginning disinfection:
C:\_OTM\MovedFiles\02242011_231059\C_Users\Carl\AppData\Roaming\ywtidsv.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '486b99e2.qua'.
C:\_OTM\MovedFiles\02242011_231059\C_Users\Carl\AppData\Roaming\euxhhov.exe
[DETECTION] Is the TR/Spy.ZBot.IAT.5 Trojan
[NOTE] The file was moved to the quarantine directory under the name '50f8b64b.qua'.
C:\Qoobox\Quarantine\C\Users\Carl\AppData\Roaming\Microsoft\Windows\Templates\memory.tmp.vir
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '02a8ecd3.qua'.
C:\Qoobox\Quarantine\C\Users\Carl\AppData\Roaming\Microsoft\TaskManager.exe.vir
[DETECTION] Is the TR/Dldr.Genome.baov.7 Trojan
[NOTE] The file was moved to the quarantine directory under the name '6495a315.qua'.
C:\Qoobox\Quarantine\C\Users\Carl\AppData\Roaming\DD42632F63BE5ED71A228945E1AA97EE\smartcore70700bin.exe.vir
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '212f8e27.qua'.
C:\Qoobox\Quarantine\C\Users\Carl\AppData\Roaming\DD42632F63BE5ED71A228945E1AA97EE\libcore707en0setup.exe.vir
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '5e35bc42.qua'.
C:\Qoobox\Quarantine\C\Users\Carl\AppData\Roaming\DD42632F63BE5ED71A228945E1AA97EE\fixcore70700bin.exe.vir
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '12b79008.qua'.
C:\Qoobox\Quarantine\C\Users\Carl\AppData\Roaming\sdra64.exe.vir
[DETECTION] Is the TR/Spy.ZBot.IAT.5 Trojan
[NOTE] The file was moved to the quarantine directory under the name '6ea5d054.qua'.
C:\Qoobox\Quarantine\C\Users\Carl\AppData\Roaming\ohydy.exe.vir
[DETECTION] Is the TR/Dropper.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '43f6ff15.qua'.
C:\Qoobox\Quarantine\C\Users\Carl\AppData\Roaming\nksklwr.exe.vir
[DETECTION] Is the TR/Dldr.Genome.baov.7 Trojan
[NOTE] The file was moved to the quarantine directory under the name '5a98c48a.qua'.
C:\Qoobox\Quarantine\C\Users\Carl\AppData\Roaming\locagxa.exe.vir
[DETECTION] Contains a recognition pattern of the (harmful) BDS/MSIL.Agent.and back-door program
[NOTE] The file was moved to the quarantine directory under the name '36f4e8c6.qua'.
C:\Qoobox\Quarantine\C\Users\Carl\AppData\Roaming\baoezuh.exe.vir
[DETECTION] Contains a recognition pattern of the (harmful) BDS/MSIL.Agent.and back-door program
[NOTE] The file was moved to the quarantine directory under the name '4771d125.qua'.
C:\Qoobox\Quarantine\C\Users\Carl\wuaucldt.exe.vir
[DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '4959e19e.qua'.
C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{5D143D63-2893-415B-8EA5-B5103DB99102}-TaskManager.exe
[DETECTION] Is the TR/Dldr.Genome.baov.7 Trojan
[NOTE] The file was moved to the quarantine directory under the name '0c1f989c.qua'.
C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{23C67337-EDFC-4FB6-8C35-176303AE6E34}-TaskManager.exe
[DETECTION] Is the TR/Dldr.Genome.baov.7 Trojan
[NOTE] The file was moved to the quarantine directory under the name '05059c3a.qua'.


End of the scan: 07 March 2011 20:15
Used time: 1:25:25 Hour(s)

The scan has been done completely.

23225 Scanned directories
293804 Files were scanned
15 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
15 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
293789 Files not concerned
1488 Archives were scanned
0 Warnings
15 Notes
512953 Objects were scanned with rootkit scan
1 Hidden objects were found




Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:24:50, on 07/03/2011
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18565)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Carl\Downloads\utorrent.exe
C:\Windows\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\conime.exe
C:\Users\Carl\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: Copy to Semagic - C:\Program Files\Semagic\copy.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Save YouTube Video as MP3 - res://C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm
O8 - Extra context menu item: Semagic - C:\Program Files\Semagic\link.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 4231 bytes
paddy79
Regular Member
 
Posts: 16
Joined: February 13th, 2011, 3:54 pm

Re: computer running slow

Unread postby Airscape » March 8th, 2011, 11:06 am

Your pc now seems to be malware free. Let me know if you have any other problems.

Fix HijackThis lines
Right-click HijackThis.exe and select Run as Admin then click scan
Place a tick next to the following lines (if still present)
Please Note: Only check those items listed below!

    O2 - BHO: (no name) - AutorunsDisabled - (no file)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)

    O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)

Close all open windows except Hijackthis and click Fix Checked
Click Yes when prompted and Close HJT.
----------------------------------------------------
Uninstall ComboFix
Click on Start > All Programs > Accessories > Run...
Copy/paste in ComboFix /Uninstall and click OK.
(if you type it out note the space in the middle)
If you get a "can't find file" message. Right click combofix.exe and rename it to Uninstall.exe
Disable Avira antivirus, then double click Uninstall.exe and ComboFix should uninstall.
The above will implement some cleanup procedures as well as reset System Restore points.
----------------------------------------------------------------
Clean up with OTM
Right click OTM and select Run as Admin > click CleanUp! > then Reboot if needed.
It should delete itself when complete. If not delete it yourself along with any other tools/logs created.
You will need to manually remove Rootkit Unhooker via Programs and Features
-------------------------------------------------------------------------------
Finally please follow these steps to prevent reinfection and keep your pc safe and secure for the future.

Make sure that you keep your antivirus updated
New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software.

Security Updates for Windows, Internet Explorer & Microsoft Office
Whenever a security problem in its software is found, Microsoft will usually create a patch so that after the patch is installed, attackers can't use the vulnerability to install malicious software on your PC. Keeping up with these patches will help to prevent malicious software being installed on your PC.

It's very important you let Windows download and install Service Pack 2 and Internet Explorer 8

First go here if not done so already: http://www.update.microsoft.com/windows ... ankspage=5
Click Start > All Programs > Windows Update > Change Settings
Under Important updates choose Install updates automatically (recommended)
Choose a day/time when you know the pc will be on and connected to the internet, to automatically download then install the new updates
Under Recommended updates Check Give me recommended updates the same way I recieve important updates
Under Microsoft Update Check Give me updates for Microsoft products and check for new optional Microsoft software when I update Windows
Under Who can install updates Check Allow all users to install updates on this computer
Click OK
Click Check for updates at the main Windows Update screen and let it download then install them... reboot if required.

If you use broadband or have problems after the above you can download them from the links below.

SP2: http://www.microsoft.com/downloads/en/d ... laylang=en
IE8: http://www.microsoft.com/windows/intern ... sites.aspx

Update other Programs
Microsoft isn't the only company whose products can contain security vulnerabilities. To check whether other programs running on your PC are in need of an update, you can use the Secunia Software Inspector or F-secure Health Check. I suggest that you run one of them at least once a month.

Further reading:

Finally I am trying to make one point very clear. It is ABSOLUTELY ESSENTIAL to keep all of your security programs up to date.

I'd be grateful if you could reply to this post so that I know you have read it and, if you've no other questions, the thread can be closed.

Happy surfing and stay clean!
User avatar
Airscape
Regular Member
 
Posts: 1858
Joined: November 1st, 2008, 11:06 pm

Re: computer running slow

Unread postby Cypher » March 9th, 2011, 12:48 pm

As this issue appears to be resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 127 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware