Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Slow System Plus Multiple Program and System Crashes

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Slow System Plus Multiple Program and System Crashes

Unread postby Scolabar » May 14th, 2011, 11:09 pm

Hi Randal'Thor,

Thank you again for your feedback. :)

Randal'Thor wrote:ESET didn't find any threats so no log file to post here.
Please Note: It is important to post all the logs requested even if they appear to be clean.

I would like to you to run DDS again to check whether or not the fixes you just applied have been retained despite the "reboot via Last Known Good Configuration".

As before, please read the following instructions carefully before executing and perform the steps, in the order given and make sure any open programs are closed. ;)
lf, you have any questions about or problems with, executing these instructions, <STOP> do not proceed, post back with the question or problem before going any further.

Step 1:
Re-Run DDS

Please re-run DDS. Then Copy and Paste the contents of both the DDS.txt and Attach.txt logs into your next reply.

Step 2:
Include in Next Post

  1. Did you have any problems carrying out the instructions?
  2. DDS.txt.
  3. Attach.txt.
  4. How is your computer now running?

Scolabar
---------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed
User avatar
Scolabar
MRU Honors Grad Emeritus
 
Posts: 1172
Joined: April 22nd, 2009, 3:10 pm
Advertisement
Register to Remove

Re: Slow System Plus Multiple Program and System Crashes

Unread postby Randal'Thor » May 14th, 2011, 11:24 pm

Hi Scholabar. :)

Please Note: It is important to post all the logs requested even if they appear to be clean.

As with the avast scan, when they come up clean no log is produced and no option to save a log either. I would have posted them otherwise. ;)

No problems with the instructions and my computer is running fine at the moment although when it shutsdown it has been taking a while lately.

Here is the DDS log:

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Liam at 13:16:09.87 on Sun 15/05/2011
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_24
Microsoft Windows 7 Professional 6.1.7601.1.1252.61.1033.18.2022.967 [GMT 10:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Intel\AMT\atchksrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\StikyNot.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
D:\Computer Security\Handy Tools\DDS\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
uRun: [RESTART_STICKY_NOTES] c:\windows\system32\StikyNot.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-be ... canner.cab
Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\liam\appdata\roaming\mozilla\firefox\profiles\bo6hgl0j.default\
FF - prefs.js: browser.search.defaulturl -
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-4-12 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-6-7 307928]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-6-7 19544]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-6-7 53592]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-5-11 42184]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IPROSetMonitor.exe [2006-1-1 109728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-6-7 136176]
S3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\drivers\lgandbus.sys [2011-5-5 14336]
S3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\drivers\lganddiag.sys [2011-5-5 20736]
S3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\drivers\lgandgps.sys [2011-5-5 20096]
S3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\drivers\lgandmodem.sys [2011-5-5 25088]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 C00D35D9;C00D35D9;c:\windows\system32\c00d35d9.exe --> c:\windows\system32\C00D35D9.exe [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-6-7 136176]
S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [2010-7-29 25112]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [2010-8-24 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [2010-8-24 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [2010-8-24 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [2010-8-24 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [2010-8-24 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [2010-8-24 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [2010-8-24 109864]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-2-28 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-6-7 1343400]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
.
=============== Created Last 30 ================
.
2011-05-10 22:05:46 123904 ----a-w- c:\windows\system32\poqexec.exe
2011-05-10 21:38:47 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-10 21:38:47 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-10 21:38:47 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-10 21:38:47 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-10 21:38:47 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-10 21:38:47 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-10 21:38:45 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-05-10 21:38:45 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-05 06:32:10 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2011-05-05 06:32:09 733184 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iKernel.dll
2011-05-05 06:32:09 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\ctor.dll
2011-05-05 06:32:09 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\DotNetInstaller.exe
2011-05-05 06:32:09 303236 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\setup.dll
2011-05-05 06:32:09 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iscript.dll
2011-05-05 06:32:09 180356 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iGdi.dll
2011-05-05 06:32:09 172032 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iuser.dll
2011-05-05 06:31:11 25088 ----a-w- c:\windows\system32\drivers\lgandmodem.sys
2011-05-05 06:31:11 20736 ----a-w- c:\windows\system32\drivers\lganddiag.sys
2011-05-05 06:31:11 20096 ----a-w- c:\windows\system32\drivers\lgandgps.sys
2011-05-05 06:31:11 14336 ----a-w- c:\windows\system32\drivers\lgandbus.sys
2011-05-05 06:31:09 -------- d-----w- c:\program files\LG Electronics
2011-05-05 06:30:07 -------- d-----w- C:\GT540F
2011-05-05 06:28:38 53248 ----a-w- c:\windows\system32\CommonDL.dll
2011-05-05 06:28:38 44544 ----a-w- c:\windows\system32\msxml4a.dll
2011-05-05 06:28:33 -------- d-----w- c:\progra~2\LGMOBILEAX
2011-05-04 12:46:42 89088 ----a-w- c:\windows\MBR.exe
2011-05-04 12:46:42 256512 ----a-w- c:\windows\PEV.exe
2011-05-04 12:46:42 161792 ----a-w- c:\windows\SWREG.exe
2011-04-27 02:12:12 -------- d-----w- c:\program files\ESET
2011-04-26 08:21:07 -------- d-----w- c:\windows\system32\appmgmt
2011-04-22 00:07:34 -------- d-----w- c:\program files\Microsoft IntelliPoint
2011-04-21 06:54:07 -------- d-----w- c:\program files\Unlocker
2011-04-21 06:43:49 -------- d-----w- c:\program files\iTunes
2011-04-21 06:43:49 -------- d-----w- c:\program files\iPod
2011-04-21 06:42:13 -------- d-----w- c:\program files\Bonjour
2011-04-20 12:33:42 -------- d-----w- c:\program files\PowerISO
2011-04-17 01:44:06 -------- d-----w- c:\users\liam\appdata\local\Apps
2011-04-15 11:40:44 -------- d-----w- c:\users\liam\Pokemon Online
.
==================== Find3M ====================
.
2011-05-10 12:10:59 40112 ----a-w- c:\windows\avastSS.scr
2011-04-08 13:02:04 390656 ----a-w- c:\windows\system32\ipcoin815.dll
2011-04-06 06:20:16 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 06:20:16 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-04-01 02:06:02 185856 ----a-w- c:\windows\system32\Ncs2Setp.dll
2011-04-01 01:56:18 665720 ----a-w- c:\windows\system32\ncs2dmix.dll
2011-04-01 01:56:06 513144 ----a-w- c:\windows\system32\accesor.dll
2011-04-01 01:31:54 135800 ----a-w- c:\windows\system32\ncs2instutility.dll
2011-04-01 01:14:54 1966200 ----a-w- c:\windows\system32\ncscolib.dll
2011-03-18 00:20:32 266440 ----a-w- c:\windows\system32\PROUnstl.exe
2011-03-12 11:23:45 870912 ----a-w- c:\windows\system32\XpsPrint.dll
2011-03-11 05:33:59 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 05:33:59 1137664 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 05:33:09 1699328 ----a-w- c:\windows\system32\esent.dll
2011-03-11 05:31:07 74240 ----a-w- c:\windows\system32\fsutil.exe
2011-03-08 05:28:29 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-03 05:38:01 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 05:36:16 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 03:42:34 2333184 ----a-w- c:\windows\system32\win32k.sys
2011-02-28 06:05:51 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-02-28 03:19:34 109728 ----a-w- c:\windows\system32\IPROSetMonitor.exe
2011-02-27 21:09:40 53248 ----a-w- c:\windows\system32\CSVer.dll
2011-02-25 05:30:54 2616320 ----a-w- c:\windows\explorer.exe
2011-02-24 05:38:54 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-22 22:27:00 941160 ----a-w- c:\windows\system32\nvdispco322090.dll
2011-02-22 22:27:00 837736 ----a-w- c:\windows\system32\nvgenco322040.dll
2011-02-19 06:30:54 805376 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 06:30:51 1076736 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 06:30:50 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-02-19 06:30:46 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-02-19 04:34:54 294912 ----a-w- c:\windows\system32\atmfd.dll
2011-02-18 05:39:44 31232 ----a-w- c:\windows\system32\prevhost.exe
.
============= FINISH: 13:18:13.52 ===============

Here is the Attach Log:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 7/06/2010 2:29:48 PM
System Uptime: 15/05/2011 9:04:17 AM (4 hours ago)
.
Motherboard: Acer | | FQ965M
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz | Socket 775 | 2394/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 80.062 GiB free.
D: is FIXED (FAT32) - 141 GiB total, 85.464 GiB free.
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Atheros AR5005GS Wireless Network Adapter
Device ID: PCI\VEN_168C&DEV_0013&SUBSYS_2051168C&REV_01\4&25C8C425&0&10F0
Manufacturer: Atheros Communications Inc.
Name: Atheros AR5005GS Wireless Network Adapter #2
PNP Device ID: PCI\VEN_168C&DEV_0013&SUBSYS_2051168C&REV_01\4&25C8C425&0&10F0
Service: athr
.
Class GUID:
Description: PCI Simple Communications Controller
Device ID: PCI\VEN_8086&DEV_2994&SUBSYS_0CEE105B&REV_02\3&2411E6FE&1&18
Manufacturer:
Name: PCI Simple Communications Controller
PNP Device ID: PCI\VEN_8086&DEV_2994&SUBSYS_0CEE105B&REV_02\3&2411E6FE&1&18
Service:
.
==== System Restore Points ===================
.
RP99: 5/05/2011 4:30:49 PM - Installed LG United Mobile Driver
RP101: 5/05/2011 4:32:15 PM - Installed LG USB WML Modem Driver
RP103: 5/05/2011 4:32:57 PM - Installed LG SP USB Driver
RP104: 10/05/2011 7:57:20 AM - ComboFix created restore point
RP105: 11/05/2011 8:05:52 AM - Windows Update
RP106: 11/05/2011 8:31:14 PM - Windows Update
RP107: 13/05/2011 8:26:33 AM - Installed Microsoft Office Outlook Connector
RP108: 14/05/2011 8:19:31 AM - ComboFix created restore point
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Élysée 3.71
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.0.1)
Age of Mythology
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Auslogics Disk Defrag
Auto Gordian Knot 2.55
avast! Free Antivirus
AviSynth 2.5
Bonjour
D3DX10
Data Lifeguard Diagnostic for Windows 1.21
DVD Decrypter (Remove Only)
EndNote X4
ERUNT 1.1j
ESET Online Scanner v3
Google Update Helper
Intel(R) Active Management Technology Device Software
Intel(R) Graphics Media Accelerator Driver
Intel(R) Network Connections 16.2.49.0
iTunes
Java Auto Updater
Java(TM) 6 Update 24
LG SP USB Driver
LG United Mobile Driver
LG USB WML Modem Driver
Malwarebytes' Anti-Malware
Metal Slug Series with Enabled MAME 0.78
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft IntelliPoint 8.1
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox 4.0.1 (x86 en-US)
MSVCRT
MSXML4 Parser
OGA Notifier 2.0.0048.0
Opera 11.01
PeerGuardian 2.0
Pokemon Online 1.0.21
Polipo 1.0.4.1
PowerISO
PVSonyDll
QuickTime
ResearchSoft Direct Export Helper
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2466156)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2464583)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
SpywareBlaster 4.4
System Requirements Lab
System Requirements Lab for Intel
The Battle for Middle-earth (tm) II
Tor 0.2.1.30
Trillian
Uninstall 1.0.0.1
Unlocker 1.9.1
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2536413)
Vidalia 0.2.12
VobSub v2.23 (Remove Only)
Windows Essentials Media Codec Pack 3.0
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinDS PRO 2010.10 (Liam)
WinZip 14.5
Xfire (remove only)
XviD MPEG4 Video Codec (remove only)
.
==== Event Viewer Messages From Past Week ========
.
9/05/2011 8:44:55 AM, Error: Service Control Manager [7000] - The C00D35D9 service failed to start due to the following error: The system cannot find the file specified.
14/05/2011 8:28:08 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
12/05/2011 6:48:01 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avast! Antivirus service.
11/05/2011 8:06:50 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80080005: Update for Windows 7 (KB2534366).
.
==== End Of File ===========================
Randal'Thor
Active Member
 
Posts: 14
Joined: September 13th, 2008, 7:21 am

Re: Slow System Plus Multiple Program and System Crashes

Unread postby Scolabar » May 17th, 2011, 1:41 am

Hi Randal'Thor,

That's good. It looks like the last changes we made have been retained. :thumbright:

As before, please read the following instructions carefully before executing and perform the steps, in the order given and make sure any open programs are closed. ;)

Step 1:
Re-Run ERUNT

Please backup the registry with ERUNT again.

Step 2:
Show Hidden Files & Folders

Please Enable the Show Hidden Files and Folders option, as follows:

  1. Close all open program windows so that you are returned to your desktop.
  2. Click on Image > Computer.
  3. From the Organise menu select Folder and search options.
  4. Click on the View tab.
  5. Under the Hidden files and folders heading select the Show hidden files, folders and drives option.
  6. Uncheck the Hide extensions for known file types. option.
  7. Uncheck the Hide protected operating system files (Recommended) option.
  8. Click on the Apply button to confirm the settings.
  9. Then click on the OK button to close the window.

Your system is now configured to show all hidden files, folders and drives.

Step 3:
Stop, Disable & Delete Services

  1. Click on Start > Run.
  2. type in Notepad
  3. Then click on the OK button.
    This will open an empty Notepad file.
  4. Copy and Paste the contents of the Code Box into the Notepad window:
      Code: Select all
      sc stop C00D35D9
      sc config C00D35D9 start=disabled
      sc delete C00D35D9
      copy /y "c:\windows\system32\c00d35d9.exe" "c:\c00d35d9.old.bkp"
      del /f /q "c:\windows\system32\c00d35d9.exe"
      del %0
      exit
  5. Name the file as FixServices.bat.
  6. Change the Save as Type to All Files. <<-- Important! Otherwise the fix won't work.
  7. Save the file to your Desktop.
  8. Double-click on the file FixServices.bat to run the fix.
    Vista - W7 users: Right-click on FixServices.bat and select "Run As Administrator" to run the fix. If you receive a UAC prompt, please allow it.
    A window will open and close. This is normal.
  9. Restart the computer.

Step 3:
Re-Run DDS

Please re-run DDS. Then Copy and Paste the contents of both the DDS.txt and Attach.txt logs into your next reply.

Step 4:
Include in Next Post

  1. Did you have any problems carrying out the instructions?
  2. DDS.txt.
  3. Attach.txt.
  4. Has there been any change in how your computer is now running?

Scolabar
---------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed
User avatar
Scolabar
MRU Honors Grad Emeritus
 
Posts: 1172
Joined: April 22nd, 2009, 3:10 pm

Re: Slow System Plus Multiple Program and System Crashes

Unread postby Randal'Thor » May 17th, 2011, 4:45 am

Hi Scholabar. :)

No problems with the instructions. Only issue is shutdown time is around 3-4 minutes now, as opposed to the old 30 seconds.

DDS log:


DDS (Ver_10-12-12.02) - NTFSx86
Run by Liam at 18:31:00.60 on Tue 17/05/2011
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_24
Microsoft Windows 7 Professional 6.1.7601.1.1252.61.1033.18.2022.1263 [GMT 10:00]

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Intel\AMT\atchksrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\StikyNot.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Liam\Desktop\dds.com
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
uRun: [RESTART_STICKY_NOTES] c:\windows\system32\StikyNot.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-be ... canner.cab
Notify: igfxcui - igfxdev.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\liam\appdata\roaming\mozilla\firefox\profiles\bo6hgl0j.default\
FF - prefs.js: browser.search.defaulturl -
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

============= SERVICES / DRIVERS ===============

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-4-12 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-6-7 307928]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-6-7 19544]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-6-7 53592]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-5-11 42184]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IPROSetMonitor.exe [2006-1-1 109728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-6-7 136176]
S3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\drivers\lgandbus.sys [2011-5-5 14336]
S3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\drivers\lganddiag.sys [2011-5-5 20736]
S3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\drivers\lgandgps.sys [2011-5-5 20096]
S3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\drivers\lgandmodem.sys [2011-5-5 25088]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-6-7 136176]
S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys [2010-7-29 25112]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [2010-8-24 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [2010-8-24 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [2010-8-24 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [2010-8-24 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [2010-8-24 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [2010-8-24 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [2010-8-24 109864]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-2-28 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-6-7 1343400]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]

=============== Created Last 30 ================

2011-05-17 08:30:19 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-10 22:05:46 123904 ----a-w- c:\windows\system32\poqexec.exe
2011-05-10 21:38:47 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-10 21:38:47 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-10 21:38:47 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-10 21:38:47 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-10 21:38:47 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-10 21:38:47 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-10 21:38:45 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-05-10 21:38:45 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-05 06:32:10 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2011-05-05 06:32:09 733184 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iKernel.dll
2011-05-05 06:32:09 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\ctor.dll
2011-05-05 06:32:09 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\DotNetInstaller.exe
2011-05-05 06:32:09 303236 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\setup.dll
2011-05-05 06:32:09 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iscript.dll
2011-05-05 06:32:09 180356 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iGdi.dll
2011-05-05 06:32:09 172032 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iuser.dll
2011-05-05 06:31:11 25088 ----a-w- c:\windows\system32\drivers\lgandmodem.sys
2011-05-05 06:31:11 20736 ----a-w- c:\windows\system32\drivers\lganddiag.sys
2011-05-05 06:31:11 20096 ----a-w- c:\windows\system32\drivers\lgandgps.sys
2011-05-05 06:31:11 14336 ----a-w- c:\windows\system32\drivers\lgandbus.sys
2011-05-05 06:31:09 -------- d-----w- c:\program files\LG Electronics
2011-05-05 06:30:07 -------- d-----w- C:\GT540F
2011-05-05 06:28:38 53248 ----a-w- c:\windows\system32\CommonDL.dll
2011-05-05 06:28:38 44544 ----a-w- c:\windows\system32\msxml4a.dll
2011-05-05 06:28:33 -------- d-----w- c:\progra~2\LGMOBILEAX
2011-05-04 12:46:42 89088 ----a-w- c:\windows\MBR.exe
2011-05-04 12:46:42 256512 ----a-w- c:\windows\PEV.exe
2011-05-04 12:46:42 161792 ----a-w- c:\windows\SWREG.exe
2011-04-27 02:12:12 -------- d-----w- c:\program files\ESET
2011-04-26 08:21:07 -------- d-----w- c:\windows\system32\appmgmt
2011-04-22 00:07:34 -------- d-----w- c:\program files\Microsoft IntelliPoint
2011-04-21 06:54:07 -------- d-----w- c:\program files\Unlocker
2011-04-21 06:43:49 -------- d-----w- c:\program files\iTunes
2011-04-21 06:43:49 -------- d-----w- c:\program files\iPod
2011-04-21 06:42:13 -------- d-----w- c:\program files\Bonjour
2011-04-20 12:33:42 -------- d-----w- c:\program files\PowerISO

==================== Find3M ====================

2011-05-10 12:10:59 40112 ----a-w- c:\windows\avastSS.scr
2011-04-08 13:02:04 390656 ----a-w- c:\windows\system32\ipcoin815.dll
2011-04-06 06:20:16 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 06:20:16 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-04-01 02:06:02 185856 ----a-w- c:\windows\system32\Ncs2Setp.dll
2011-04-01 01:56:18 665720 ----a-w- c:\windows\system32\ncs2dmix.dll
2011-04-01 01:56:06 513144 ----a-w- c:\windows\system32\accesor.dll
2011-04-01 01:31:54 135800 ----a-w- c:\windows\system32\ncs2instutility.dll
2011-04-01 01:14:54 1966200 ----a-w- c:\windows\system32\ncscolib.dll
2011-03-18 00:20:32 266440 ----a-w- c:\windows\system32\PROUnstl.exe
2011-03-12 11:23:45 870912 ----a-w- c:\windows\system32\XpsPrint.dll
2011-03-11 05:33:59 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 05:33:59 1137664 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 05:33:09 1699328 ----a-w- c:\windows\system32\esent.dll
2011-03-11 05:31:07 74240 ----a-w- c:\windows\system32\fsutil.exe
2011-03-08 05:28:29 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-03 05:38:01 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 05:36:16 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 03:42:34 2333184 ----a-w- c:\windows\system32\win32k.sys
2011-02-28 06:05:51 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-02-28 03:19:34 109728 ----a-w- c:\windows\system32\IPROSetMonitor.exe
2011-02-27 21:09:40 53248 ----a-w- c:\windows\system32\CSVer.dll
2011-02-25 05:30:54 2616320 ----a-w- c:\windows\explorer.exe
2011-02-24 05:38:54 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-22 22:27:00 941160 ----a-w- c:\windows\system32\nvdispco322090.dll
2011-02-22 22:27:00 837736 ----a-w- c:\windows\system32\nvgenco322040.dll
2011-02-19 06:30:54 805376 ----a-w- c:\windows\system32\FntCache.dll
2011-02-19 06:30:51 1076736 ----a-w- c:\windows\system32\DWrite.dll
2011-02-19 06:30:50 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-02-19 06:30:46 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-02-19 04:34:54 294912 ----a-w- c:\windows\system32\atmfd.dll
2011-02-18 05:39:44 31232 ----a-w- c:\windows\system32\prevhost.exe

============= FINISH: 18:32:57.42 ===============


Attach log:


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 7/06/2010 2:29:48 PM
System Uptime: 17/05/2011 4:50:04 PM (2 hours ago)

Motherboard: Acer | | FQ965M
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz | Socket 775 | 2394/266mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 149 GiB total, 83.406 GiB free.
D: is FIXED (FAT32) - 141 GiB total, 85.425 GiB free.
E: is CDROM ()
F: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Atheros AR5005GS Wireless Network Adapter
Device ID: PCI\VEN_168C&DEV_0013&SUBSYS_2051168C&REV_01\4&25C8C425&0&10F0
Manufacturer: Atheros Communications Inc.
Name: Atheros AR5005GS Wireless Network Adapter #2
PNP Device ID: PCI\VEN_168C&DEV_0013&SUBSYS_2051168C&REV_01\4&25C8C425&0&10F0
Service: athr

Class GUID:
Description: PCI Simple Communications Controller
Device ID: PCI\VEN_8086&DEV_2994&SUBSYS_0CEE105B&REV_02\3&2411E6FE&1&18
Manufacturer:
Name: PCI Simple Communications Controller
PNP Device ID: PCI\VEN_8086&DEV_2994&SUBSYS_0CEE105B&REV_02\3&2411E6FE&1&18
Service:

==== System Restore Points ===================

RP99: 5/05/2011 4:30:49 PM - Installed LG United Mobile Driver
RP101: 5/05/2011 4:32:15 PM - Installed LG USB WML Modem Driver
RP103: 5/05/2011 4:32:57 PM - Installed LG SP USB Driver
RP104: 10/05/2011 7:57:20 AM - ComboFix created restore point
RP105: 11/05/2011 8:05:52 AM - Windows Update
RP106: 11/05/2011 8:31:14 PM - Windows Update
RP107: 13/05/2011 8:26:33 AM - Installed Microsoft Office Outlook Connector
RP108: 14/05/2011 8:19:31 AM - ComboFix created restore point

==== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958)
Élysée 3.71
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.0.1)
Age of Mythology
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Auslogics Disk Defrag
Auto Gordian Knot 2.55
avast! Free Antivirus
AviSynth 2.5
Bonjour
D3DX10
Data Lifeguard Diagnostic for Windows 1.21
DVD Decrypter (Remove Only)
EndNote X4
ERUNT 1.1j
ESET Online Scanner v3
Google Update Helper
Intel(R) Active Management Technology Device Software
Intel(R) Graphics Media Accelerator Driver
Intel(R) Network Connections 16.2.49.0
iTunes
Java Auto Updater
Java(TM) 6 Update 24
LG SP USB Driver
LG United Mobile Driver
LG USB WML Modem Driver
Malwarebytes' Anti-Malware
Metal Slug Series with Enabled MAME 0.78
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft IntelliPoint 8.1
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox 4.0.1 (x86 en-US)
MSVCRT
MSXML4 Parser
OGA Notifier 2.0.0048.0
Opera 11.01
PeerGuardian 2.0
Pokemon Online 1.0.21
Polipo 1.0.4.1
PowerISO
PVSonyDll
QuickTime
ResearchSoft Direct Export Helper
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2466156)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2464583)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
SpywareBlaster 4.4
System Requirements Lab
System Requirements Lab for Intel
The Battle for Middle-earth (tm) II
Tor 0.2.1.30
Trillian
Uninstall 1.0.0.1
Unlocker 1.9.1
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2509470)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2536413)
Vidalia 0.2.12
VobSub v2.23 (Remove Only)
Windows Essentials Media Codec Pack 3.0
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinDS PRO 2010.10 (Liam)
WinZip 14.5
Xfire (remove only)
XviD MPEG4 Video Codec (remove only)

==== Event Viewer Messages From Past Week ========

14/05/2011 8:28:08 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
12/05/2011 6:48:01 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avast! Antivirus service.
11/05/2011 8:06:50 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80080005: Update for Windows 7 (KB2534366).

==== End Of File ===========================
Randal'Thor
Active Member
 
Posts: 14
Joined: September 13th, 2008, 7:21 am

Re: Slow System Plus Multiple Program and System Crashes

Unread postby Scolabar » May 18th, 2011, 9:48 am

Hi Randal'Thor,

Thank you for the log and feedback. :thumbright:

As before, please read the following instructions carefully before executing and perform the steps, in the order given. ;)
Please also make sure you have printed all the necessary instructions before you disconnect from the Internet. For a significant proportion of the instructions provided below you will have no Internet access.

Step 1:
Download Up-To-Date Avast! Installer

  1. Please download a fresh copy of the installer for your Avast! Anti-Virus software from the manufacturer's website, and Save it to your Desktop.
    Note: Please DO NOT run the installer until I instruct you to do so.
  2. Disconnect from the Internet by physically disconnecting the cable to your router or modem.
  3. Then close all running programs.

Step 2:
Re-Run Rkill

Please Re-run Rkill as before and post the contents of rkill.log in your next reply.

Step 3:
Re-Run ERUNT

Please backup the registry with ERUNT again.

Step 4:
Reinstall Anti-Virus Software

Now let's uninstall and reinstall your Avast! Anti-Virus software:

Uninstall Existing Anti-Virus Software:
  1. Select Start > Control Panel > Add/Remove Programs.
  2. Scroll down the list of installed programs and Select the entry for the Avast! Anti-Virus program.
  3. Click on the Remove button to uninstall the program.
  4. Click on the Yes button at the prompt.
  5. Close the Add/Remove Programs control panel when the removals have been completed.
  6. Restart the computer to complete the removal process.
Reinstall Anti-Virus Software:
  1. Double-click on the Avast! Anti-Virus installer you downloaded to the Desktop earlier.
    Vista - W7 users: Right-click on the Avast! Antivirus installer and select "Run As Administrator" to launch the program. If you receive a UAC prompt, please allow it.
  2. Follow the prompts to reinstall the software.
  3. Restart the computer to complete the installation.
  4. Upon restart, reconnect to the Internet and allow Avast! to Update its Virus Definitions Database.
    This should happen automatically after you login. A pop-up message will alert you once the update has been completed.
  5. Then Disconnect from the Internet and close all running programs again.

Step 5:
Re-Run Avast! - Full System Scan

  1. Re-Run an Avast! Anti-Virus Full System Scan as before.
  2. When the scan is complete Copy and Paste the entire contents of Full System Scan Report into your next reply.

Step 6:
Include in Next Post

  1. Did you have any problems carrying out the instructions?
  2. rkill.log.
  3. Avast! Full System Scan Report.
  4. Has there been any improvement in how your computer is now running?

Scolabar
---------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed
User avatar
Scolabar
MRU Honors Grad Emeritus
 
Posts: 1172
Joined: April 22nd, 2009, 3:10 pm

Re: Slow System Plus Multiple Program and System Crashes

Unread postby Randal'Thor » May 18th, 2011, 7:23 pm

Hi Scholabar. :)

avast reinstallation went well.

Computer is running the same as the last few days.

Here is the rkill log:

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 19/05/2011 at 8:12:27.
Operating System: Windows 7 Professional


Processes terminated by Rkill or while it was running:

C:\Program Files\Alwil Software\Avast5\defs\11051800\Sf.bin


Rkill completed on 19/05/2011 at 8:12:50.


Like before, there is no log to be saved with avast as no threats were found. Here is the information it does provide but there is no option to actually save this information:

Run time: 0:48:22
Tested files : 202349
Tested folders : 23596
Amount of data tested : 134.8GB
Infected files : 0
Randal'Thor
Active Member
 
Posts: 14
Joined: September 13th, 2008, 7:21 am

Re: Slow System Plus Multiple Program and System Crashes

Unread postby Scolabar » May 19th, 2011, 12:53 pm

Hi Randal'Thor,

Thanks again for the feedback. :thumbright:

Randal'Thor wrote:Like before, there is no log to be saved with avast as no threats were found. Here is the information it does provide but there is no option to actually save this information:

Run time: 0:48:22
Tested files : 202349
Tested folders : 23596
Amount of data tested : 134.8GB
Infected files : 0
Can you confirm the date and time of this scan log, please?

Please read the following instructions carefully before executing and perform the steps, in the order given and make sure any open programs are closed. ;)

Step 1:
Re-Run ERUNT

Please backup the registry with ERUNT again.

Step 2:
Delete File

  1. Click on Start > Run.
  2. Type in Notepad.
  3. Then click on the OK button.
    This will open an empty Notepad file.
  4. Copy and Paste the contents of the Code Box into the Notepad window:
      Code: Select all
      @echo off
      del /f /q "C:\c00d35d9.old.bkp" > "%userprofile%\Desktop\DelFile.txt"
      Notepad.exe "%userprofile%\Desktop\DelFile.txt"
      del %0
      exit
  5. Name the file as DelFile.bat.
  6. Change the Save as Type to All Files. <<-- Important! Otherwise the fix won't work.
  7. Save the file to your Desktop.
  8. Double-click on the file DelFile.bat to run the script.
    Vista - W7 users: Right-click on FixServices.bat and select "Run As Administrator" to run the fix. If you receive a UAC prompt, please allow it.
    A command window will briefly open and close. This is normal.
  9. Please Copy and Paste the contents of the file DelFile.txt into your next reply.
    The log file DelFile.txt can be found on your Desktop.
    Note: The file DelFile.txt can be deleted when you have finished.

Step 3:
Java Runtime Environment Update Needed!

Your Java Runtime Environment is out of date.
Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.
Please follow these steps to remove older versions of Java components and update:

Attention: Print these instructions or copy them. You will be closing your browser!!

DOWNLOAD UPDATED VERSION:
  1. Get the latest version of Java Runtime Environment (JRE) © Sun Microsystems, Inc.
  2. Look for "Java Runtime Environment (JRE)" JRE 6 Update 25.
  3. Click the "Download" button to the right.
  4. Select your Platform: "Windows", then check "I agree to the (current update version) License Agreement.".
  5. Click Continue and the page will refresh.
  6. Locate the entry for Windows Offline Installation and click on the file name, save the file to your desktop.
    Dial-up users: You may want to check the "Windows Offline Installation" box and opt to use...
    "Download Selected with Sun Download Manager". The download can be restarted, in case it's interrupted.
<STOP> Do not install the new version of Java yet. We need to do some cleanup first!

REMOVE OLD JAVA VERSIONS:
  1. Close any programs you may have running - especially your web browser.
  2. Go to Start > Settings > Control Panel.
  3. Double-click on Add/Remove Programs and remove all older versions of Java.
  4. Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  5. Click on the Remove or Change/Remove button and then follow any onscreen instructions for the Java uninstaller.
  6. Repeat steps 4-5, for each version of Java listed.
  7. When all Java components are removed, Exit Add/remove Programs and Control Panel.
    Delete old Java Folder
    • Right click on the Start button.
    • Select Explore from the menu.
    • Navigate to and find the following folder: if found, delete it.
      It's possible it may have been removed by the uninstall steps
      C:\Program Files\Java\ <==== delete this entire folder
    • When finished, close and exit Explorer.

INSTALL UPDATED VERSION:
  1. Close all open applications (standard), especially your browser.
  2. From the desktop double-click on jre-6u25-windows-i586.exe to install the newest version.
  3. Follow the on-screen directions. When the installation is completed successfully, reboot your computer normally.
  4. Once the computer has been restarted, you can delete the "downloaded" installation file from your desktop.
OPTIONAL:
To prevent some unnecessary JAVA components from running when you boot your computer each time:
  1. Go to Control Panel and click on the JAVA icon.
  2. Click on the Update tab and UNCHECK "Check for Updates Automatically". (You can check for updates manually.)
      Reply "Never Check" to the warning prompt.
  3. Now press the Advanced tab. Click on the [+] to expand the "Miscellaneous" options.
  4. UNCHECK "Java Quick Starter".
  5. Click Apply and OK and then close the Java Control Panel. Close and exit Control Panel.
If you choose to update via the Java applet in Control Panel, uncheck the option to install the Google Toolbar unless you want it.

Step 4:
Include in Next Post

  1. Did you have any problems carrying out the instructions?
  2. DelFile.txt.
  3. Has there been any improvement in how your computer is now running since the reinstallation of the Avast! Anti-Virus software?

Scolabar
---------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed
User avatar
Scolabar
MRU Honors Grad Emeritus
 
Posts: 1172
Joined: April 22nd, 2009, 3:10 pm

Re: Slow System Plus Multiple Program and System Crashes

Unread postby Randal'Thor » May 19th, 2011, 5:47 pm

Hi Scholabar. :)

Can you confirm the date and time of this scan log, please?

Date was the 19th May and the time was approximately 11:30am that morning.

The bat file couldn't find this file: C:\c00d35d9.old.bkp. As a result, the text file that opened was blank.

The Java update went fine.

My computer has not changed since reinstalling avast other than the fact it now starts up with Windows. Nothing else has changed.
Randal'Thor
Active Member
 
Posts: 14
Joined: September 13th, 2008, 7:21 am

Re: Slow System Plus Multiple Program and System Crashes

Unread postby Scolabar » May 21st, 2011, 1:42 am

Hi Randal'Thor,

Congratulations your computer now appears to be malware free! :)

I can confirm that the slow shutdown issue you have been experiencing is not malware related.

Not A Malware Issue

If you are still experiencing slow shutdown times you could read this Microsoft Answers Topic and follow the Accepted Answer at the top of the page to determine which service is causing the problem.

If that does not work, I recommend you try a good System/Hardware Help Forum. Some suggested links are provided below. ;)
These sites have a variety of experts, that are better equipped to investigate and resolve these kinds of issues.

Good System/Hardware Help Forums

Free registration may be required in order to post at these forums and will only take a few minutes. :)


Now that your computer appears to clear of malware infection we need to tidy a few things up and deal with a few remaining items:

Step 1:
Disable Show Hidden Files & Folders

Please disable the Show Hidden Files and Folders option as follows:

  1. Click on Start > My Computer.
  2. Click on the Tools menu and select Folder Options.
  3. Click on the View tab.
  4. Under the Hidden files and folders heading select Do not show hidden files and folders.
  5. Check the Hide extensions for known file types option.
  6. Check the Hide protected operating system files (recommended) option.
  7. Click on the Apply button to save the changes.
  8. Click on the OK button to close the window.

Step 2:
DeFogger - Enable

We need to re-enable the CD Emulation drivers that were previously temporarily disabled.

  1. Please download DeFogger by jpshortstuff and save it to your Desktop.
  2. Double click on DeFogger.exe to run the tool.
  3. When the application window appears click on the Re-enable button to re-enable your CD Emulation drivers.
  4. Click on the Yes button to continue.
  5. When the Finished! message appears click on the OK button.
  6. Then click on the OK button when DeFogger asks to reboot the machine.

Your CD Emulation drivers will be re-enabled after your computer has rebooted.
IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_enable which will appear on your desktop.

Step 3:
ComboFix - Cleanup

Now it's time for some housekeeping.

  1. Click on Start > Run.
  2. Copy and Paste the contents of the following codebox into the open text entry box:
    Code: Select all
    Combofix /Uninstall
    See image below for reference.

    Image

  3. Click on the OK button or press Enter to process the command.

Step 4:
Remove Tools Used

You can now safely delete the tools used in cleaning up the infection. Please remove the following tools from your system along with any related .zip files.
Please Note: These tools are updated on a regular basis and so, if required in future, should be downloaded afresh under supervision.

    CKScanner
    DDS
    DeFogger
    GMER
    MBRCheck
    MGA Diagnostics
    Rootkit UnHooker
    SecurityCheck
    TDSSKiller

Note: It is worth keeping MalwareBytes' AntiMalware on your system. Updating the program and running a scan once every couple of weeks will help you to keep malware free.

Step 5:
Create System Restore Point

Now that your computer appears to be clear of any malware infection we need to make sure we have a back up of the Registry to return to if needed:

  1. Select Start > Control Panel then double-click on the System icon in the Control Panel.
  2. In the left-hand pane click on the System Protection option.
  3. When the Dialog comes up, click on the System Protection tab.
  4. Check that the drive letter where Windows is located (usually C:) indicates System protection ON.
    (This indicates System restore is turned ON for the Windows drive).
  5. Click on the Create button to create a new restore point. In the Name dialog, type a descriptive name and then click on the Create button.
  6. You will get a message that the Restore Point was created successfully. Click on the Close button.
  7. Click on the OK button and close the System window in the Control Panel.

< STOP > If you did not successfully complete this step. < STOP > Do not continue with any other steps, post back and let me know!

Step 6:
Further Guidelines

Please follow these simple guidelines in order to help keep your computer more secure:

Update your Antivirus programs and other programs regularly.
Online Secunia Software Inspector - Copyright © Secunia.
Refer to F-secure Health Check - Copyright © F-Secure Corporation.

Visit Microsoft often
Keep on top of critical updates, as well as other updates for your computer.
How to configure and use Automatic Updates in Windows XP
Using Windows Update for Windows XP
Microsoft Update Home

Additional (free) programs, that can help improve security.
Many feel that having a "layered" protection scheme is beneficial, you'll have to decide what works best for your situation.
Here are a few you may like to look into, if you wish. :)

Install SiteAdvisor
SiteAdvisor is a toolbar for Microsoft Internet Explorer and Mozilla Firefox which alerts you if you're about to enter a potentially dangerous website.
You can find more information and download it from here .

WinPatrol
Download it from Copyright © BillP Studios.
Information about how WinPatrol works, is available here.
(The free version of WinPatrol provides limited real-time protection.)

MVPS Hosts
For added protection you may also like to add a hosts file. A simple explanation of what a Hosts file does is provided here.
Install MVPS Hosts File from here.
The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
You can read the Tutorial here.

Read, stay informed.
To help minimize the chances of becoming re-infected, please read:
Computer Security - a short guide to staying safer online

If your computer is running slowly after your clean up, please read:
What to do if your Computer is running slowly

Please confirm that you have completed the cleanup steps and reviewed the rest of the post.
Once your reply has been received, unless there are other malware questions or concerns, this topic will be closed as resolved.


Stay Safe! :cheers:
Scolabar
---------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed
User avatar
Scolabar
MRU Honors Grad Emeritus
 
Posts: 1172
Joined: April 22nd, 2009, 3:10 pm

Re: Slow System Plus Multiple Program and System Crashes

Unread postby Randal'Thor » May 21st, 2011, 11:13 pm

Hi Scholabar. :)

I have followed the cleanup steps and already have most of the other things you have suggested.

Thanks for the hardware links; I will look into those shortly.

Thanks for your help. :cheers:
Randal'Thor
Active Member
 
Posts: 14
Joined: September 13th, 2008, 7:21 am

Re: Slow System Plus Multiple Program and System Crashes

Unread postby Scolabar » May 22nd, 2011, 6:45 am

Hi Randl'Thor,

You are very welcome and thank you for the update.

Good luck :)

Scolabar
User avatar
Scolabar
MRU Honors Grad Emeritus
 
Posts: 1172
Joined: April 22nd, 2009, 3:10 pm

Re: Slow System Plus Multiple Program and System Crashes

Unread postby Wingman » May 22nd, 2011, 8:20 am

As your problems appear to have been resolved, this topic is now closed.
We are pleased we could help you resolve your computer's malware issues.

If you are satisfied with our assistance and wish to donate to help with the costs of this volunteer site, please read :
Donations For Malware Removal
User avatar
Wingman
Admin/Teacher
Admin/Teacher
 
Posts: 14347
Joined: July 1st, 2008, 1:34 pm
Location: East Coast, USA
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 288 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware