Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Please Help! Windows running slow and/or not responding.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Please Help! Windows running slow and/or not responding.

Unread postby brewers1986 » October 20th, 2011, 4:00 pm

For the past few days my computer has been really slow. Windows has automatically downloaded an update and when i restart Windows, I am not able to open any programs at all. I have tried system restore, that works for a little until Windows automatically downloads the update again. And now System Restore will not even take me back to before I downloaded the update. It stops and says that system restore has been disabled by the administrator. I can now only run my computer in Safe Mode.
brewers1986
Active Member
 
Posts: 5
Joined: October 20th, 2011, 3:57 pm
Advertisement
Register to Remove

Re: Please Help! Windows running slow and/or not responding.

Unread postby brewers1986 » October 20th, 2011, 4:01 pm

.
DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_21
Run by Andrew at 14:53:55 on 2011-10-20
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3999.2764 [GMT -5:00]
.
AV: Kaspersky Internet Security *Disabled/Outdated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Kaspersky Internet Security *Disabled/Outdated* {AE1D740B-8F0F-D137-211D-873D44B3F4AE}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Kaspersky Internet Security *Disabled/Updated* {157C95EF-A935-DEB9-1BAD-BC4F3F34BE13}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky Internet Security *Disabled/Outdated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
FW: Kaspersky Internet Security *Disabled* {9626F52E-C560-D06F-0A42-2E08BA60B3D5}
FW: Kaspersky Internet Security *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Users\Andrew\AppData\Roaming\6168E\24714.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files (x86)\LP\1476\004.exe
C:\Program Files (x86)\8EC9E\lvvm.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\DbgOut.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\explorer.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.globasearch.com/
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
uWindow Title = Microsoft Internet Explorer provided by CenturyLink
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = http=127.0.0.1:58889
mURLSearchHooks: FroggyBoss Class: {539f76fd-084e-4858-86d5-62f02f54ae86} - C:\Program Files (x86)\Minibar\Froggy.dll
mWinlogon: Userinit=userinit.exe
uWinlogon: Shell=explorer.exe,C:\Users\Andrew\AppData\Roaming\6168E\24714.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: MinibarBHO: {aa74d58f-acd0-450d-a85e-6c04b171c044} - C:\Program Files (x86)\Minibar\Kango.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: C:\Windows\SysWow64\m45xwacq.dll: {d3a152c1-a201-90bd-b821-04b53a2c8952} - C:\Windows\SysWow64\m45xwacq.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Alive Text to Speech: {954f618b-0dec-4d1a-9317-e0fc96f87865} - C:\PROGRA~2\ALIVEM~1\TEXTTO~1\IETOOL~1.DLL
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h
uRun: [pipolka] C:\Program Files (x86)\NetNucleous\ActiveCollector\ACRecover.exe
uRun: [ActiveCollector] C:\Program Files\NetNucleous\ActiveCollector\ActiveCollector.exe
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"
mRun: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Mobile Connectivity Suite] "C:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [cftmon] C:\Windows\system32\wrjy.exe
mRun: [Windows Auto Config] C:\Windows\TEMP\winsett.exe
mRun: [MqmPea] C:\Windows\TEMP\r5pcin.exe
mRun: [004.exe] C:\Program Files (x86)\LP\1476\004.exe
dRun: [BFwoCYFrNlwR.exe] C:\ProgramData\BFwoCYFrNlwR.exe
dRun: [4Y3Y0C3AVF7W0HWDXLKID] C:\Recycle.Bin\B6232F3AEAC.exe /q
dRun: [Windows Auto Config] C:\Windows\TEMP\winsett.exe
dRun: [MqmPea] C:\Windows\TEMP\r5pcin.exe
StartupFolder: C:\Users\Andrew\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CLEANA~1.LNK - C:\Program Files (x86)\Cisco Systems\Clean Access Agent\CCAAgentLauncher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
uPolicies-system: WallpaperStyle = 2
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: HideSCAHealth = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: DisableTaskMgr = 1 (0x1)
dPolicies-explorer: NoFolderOptions = 1 (0x1)
dPolicies-system: WallpaperStyle = 2
dPolicies-system: DisableTaskMgr = 1 (0x1)
dPolicies-system: DisableRegistryTools = 1 (0x1)
IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files (x86)\Bodog Poker\BPGame.exe
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
IE: {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - C:\Program Files (x86)\Minibar\MinibarButton.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{ACE8A8EE-C406-4A53-A6B9-76296EF7B611} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{ACE8A8EE-C406-4A53-A6B9-76296EF7B611}\14E646275677 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{ACE8A8EE-C406-4A53-A6B9-76296EF7B611}\249727E65637 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{ACE8A8EE-C406-4A53-A6B9-76296EF7B611}\25F6E637 : DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{ACE8A8EE-C406-4A53-A6B9-76296EF7B611}\348647271323237316 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{ACE8A8EE-C406-4A53-A6B9-76296EF7B611}\430383E413134786 : DhcpNameServer = 24.196.64.53 68.113.206.10 24.178.162.3
TCP: Interfaces\{ACE8A8EE-C406-4A53-A6B9-76296EF7B611}\E45445745414257373 : DhcpNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: MinibarBHO: {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files (x86)\Minibar\Kango.dll
BHO-X64: Minibar BHO - No File
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: C:\Windows\SysWow64\m45xwacq.dll: {D3A152C1-A201-90BD-B821-04B53A2C8952} - C:\Windows\SysWow64\m45xwacq.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Alive Text to Speech: {954F618B-0DEC-4D1A-9317-E0FC96F87865} - C:\PROGRA~2\ALIVEM~1\TEXTTO~1\IETOOL~1.DLL
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [QPService] "C:\Program Files (x86)\HP\QuickPlay\QPService.exe"
mRun-x64: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
mRun-x64: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun-x64: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Mobile Connectivity Suite] "C:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions
mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [cftmon] C:\Windows\system32\wrjy.exe
mRun-x64: [Windows Auto Config] C:\Windows\TEMP\winsett.exe
mRun-x64: [MqmPea] C:\Windows\TEMP\r5pcin.exe
mRun-x64: [004.exe] C:\Program Files (x86)\LP\1476\004.exe
IE-X64: {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files (x86)\Bodog Poker\BPGame.exe
AppInit_DLLs-X64: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\kwjxkuqu.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.globasearch.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z206&form ... 0110926&q=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 58889
FF - prefs.js: network.proxy.type - 1
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 KLBG;Kaspersky Lab Boot Guard Driver;C:\Windows\system32\DRIVERS\klbg.sys --> C:\Windows\system32\DRIVERS\klbg.sys [?]
R0 tclondrv;tclondrv;C:\Windows\system32\DRIVERS\tclondrv.sys --> C:\Windows\system32\DRIVERS\tclondrv.sys [?]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-9-25 89600]
S2 AVP;Kaspersky Internet Security;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-18 136176]
S2 LicCtrlService;LicCtrl Service;C:\Windows\Runservice.exe [2009-11-21 2560]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
S3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-8-15 228408]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-18 136176]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?]
S3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys --> C:\Windows\system32\DRIVERS\klmouflt.sys [?]
S3 LTXMD_VAC;Litex Media Virtual Audio Cable (WDM);C:\Windows\system32\drivers\lmvac.sys --> C:\Windows\system32\drivers\lmvac.sys [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 NETw1v64;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\NETw1v64.sys --> C:\Windows\system32\DRIVERS\NETw1v64.sys [?]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TunRAudio;TunRAudio;C:\Windows\system32\drivers\TunRAudio.sys --> C:\Windows\system32\drivers\TunRAudio.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys --> C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys [?]
S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys --> C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys [?]
S3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys --> C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys [?]
S3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys --> C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys [?]
S3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys --> C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
SUnknown aswFsBlk;aswFsBlk; [x]
SUnknown aswSnx;aswSnx; [x]
SUnknown aswSP;aswSP; [x]
.
=============== Created Last 30 ================
.
2011-10-20 14:55:08 -------- d-----w- C:\Program Files (x86)\LP
2011-10-20 14:32:43 176128 ----a-w- C:\Users\Andrew\AppData\Roaming\firefox.exe
2011-10-20 14:24:37 -------- d-----w- C:\Users\Andrew\AppData\Roaming\8EC9E
2011-10-20 14:24:19 -------- d-----w- C:\Users\Andrew\AppData\Local\{F6913D69-4D18-4B49-B1DC-ABCF755F76BD}
2011-10-20 14:23:55 -------- d-----w- C:\Users\Andrew\AppData\Local\{F3E96FDD-5ACE-4D0C-BDDC-460C724CDE1F}
2011-10-20 14:23:07 -------- d-----w- C:\Users\Andrew\AppData\Roaming\6168E
2011-10-19 01:50:13 0 ---ha-w- C:\Users\Andrew\AppData\Local\BITEF3E.tmp
2011-10-19 01:41:20 0 ---ha-w- C:\Users\Andrew\AppData\Local\BITE58D.tmp
2011-10-18 15:01:59 796160 ----a-w- C:\Windows\SysWow64\wobabtxf.dll
2011-10-18 14:50:55 103936 ----a-w- C:\Program Files (x86)\Internet Explorer\1476\E3BA.tmp
2011-10-18 14:50:25 -------- d-----w- C:\Program Files (x86)\8EC9E
2011-10-18 14:50:13 100000 ---h--w- C:\Windows\SysWow64\winsett.exe
2011-10-18 14:50:12 50000 ----a-w- C:\Windows\SysWow64\m45xwacq.dll
2011-10-18 14:50:11 -------- d-----w- C:\ProgramData\WSTB
2011-10-18 14:49:56 176128 ----a-w- C:\Program Files (x86)\Internet Explorer\1476\004.exe
2011-10-18 13:37:41 9049936 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{05F20979-952E-47D3-AD87-AFA0B82CD7D8}\mpengine.dll
2011-10-18 13:22:24 -------- d-----w- C:\Users\Andrew\AppData\Local\{28795538-8359-4425-9C20-1609D28FE7F0}
2011-10-17 20:19:12 -------- d-----w- C:\ProgramData\Recovery
2011-10-17 17:29:25 -------- d-----w- C:\Users\Andrew\AppData\Local\{1D1F166D-B361-4669-9BA7-2B53B6BF1B41}
2011-10-16 17:13:30 -------- d-----w- C:\Users\Andrew\AppData\Local\{C31AD6F2-8F1D-41D4-8E6A-A525432BAFB5}
2011-10-16 17:11:47 -------- d-----w- C:\Users\Andrew\AppData\Local\{BB47B9D5-AEC0-4C7D-B7D9-4497E7B7EAC9}
2011-10-16 16:32:28 0 ----a-w- C:\Users\Andrew\AppData\Local\BIT7DB9.tmp
2011-10-16 16:21:51 -------- d-----w- C:\Users\Andrew\AppData\Local\{C7FDD381-F893-4B5A-BDFE-52ABD72000E6}
2011-10-16 15:59:58 -------- d-----w- C:\Users\Andrew\AppData\Local\{CFA8AD04-25BF-498D-810D-AA037FA4586B}
2011-10-05 14:34:21 -------- d-----w- C:\Users\Andrew\AppData\Local\{887DD179-E441-4E42-BCA3-63F9A7024E8D}
2011-10-04 00:59:24 -------- d-----w- C:\Users\Andrew\AppData\Local\{DD14CD22-58E7-4F75-A888-52EA6F2376A6}
2011-10-04 00:59:13 -------- d-----w- C:\Users\Andrew\AppData\Local\{137D2759-F865-4102-92C4-882A94F5D8F2}
2011-09-29 20:58:01 -------- d-----w- C:\Users\Andrew\AppData\Local\{3D88CAB0-CD53-4F44-8E8D-879094EBA533}
2011-09-29 20:12:46 -------- d-----w- C:\Users\Andrew\AppData\Local\{F02B9432-4442-49FF-BAD8-AE6D22DC289B}
2011-09-29 14:34:47 -------- d-----w- C:\Users\Andrew\AppData\Local\{5F2B037F-9422-4CA5-B25C-E1FD88A02A8E}
2011-09-29 05:28:55 -------- d-----w- C:\Users\Andrew\AppData\Local\{669F261D-AC4D-45FC-AFBD-437FFBA622C2}
2011-09-29 04:44:30 -------- d-----w- C:\Users\Andrew\AppData\Local\{688A4FB4-104A-418B-A9F5-205FC60D2E14}
2011-09-28 16:18:37 -------- d-----w- C:\Users\Andrew\AppData\Local\{A3D27AA0-08BE-44CB-97C4-468DEDC3A0ED}
2011-09-28 16:18:18 -------- d-----w- C:\Users\Andrew\AppData\Local\{52EA8CFE-C13A-4058-AC3D-DE262EB899E6}
2011-09-27 08:29:19 -------- d-----w- C:\Users\Andrew\AppData\Local\{68EAD59D-C558-401F-891D-56CE2C490BF8}
2011-09-27 07:45:48 -------- d-----w- C:\Users\Andrew\AppData\Local\{732C5CD4-4F6D-484C-97EE-BB3CFE728CCC}
2011-09-26 14:41:07 -------- d-----w- C:\Windows\System32\EventProviders
2011-09-26 14:40:56 -------- d-----w- C:\689989a045105e0804
2011-09-26 14:22:42 -------- d-----w- C:\Users\Andrew\AppData\Local\{5AF70C19-6C94-4942-BD82-C959EA5194EF}
2011-09-26 01:35:18 -------- d-----w- C:\Users\Andrew\AppData\Local\{2C524618-8F97-4E2B-8678-47A1F001ACC5}
2011-09-26 00:24:54 -------- d-----w- C:\ProgramData\AVAST Software
2011-09-26 00:24:54 -------- d-----w- C:\Program Files\AVAST Software
2011-09-25 06:48:30 -------- d-----w- C:\Users\Andrew\AppData\Local\{D992F63C-BE20-4512-8C95-BE6C47BDC90F}
2011-09-25 06:47:46 -------- d-----w- C:\Users\Andrew\AppData\Local\{C4A394BF-2203-4777-AA37-A6F71262C98B}
2011-09-24 00:27:59 -------- d-----w- C:\Users\Andrew\AppData\Local\{24E50ED1-8B86-414C-82D2-F1873B9F9602}
2011-09-24 00:27:32 -------- d-----w- C:\Users\Andrew\AppData\Local\{8A753C7E-E491-45C8-B9A6-113D62FC58F0}
2011-09-24 00:05:14 -------- d-----w- C:\Users\Andrew\AppData\Local\{ECCE55BD-54B4-456A-8912-81564270FA14}
2011-09-24 00:04:45 -------- d-----w- C:\Users\Andrew\AppData\Local\{A2E09DD7-D1F4-4D8C-BCAA-ABC26D5E4890}
2011-09-23 23:42:02 -------- d-----w- C:\Users\Andrew\AppData\Local\{B4CB7B60-77DE-4DFE-9F91-0742421D037E}
2011-09-23 23:41:25 -------- d-----w- C:\Users\Andrew\AppData\Local\{EEB4FD5F-D120-4F4F-81CF-B0956BD62307}
2011-09-23 23:20:10 -------- d-----w- C:\Users\Andrew\AppData\Local\{01747D93-709D-438F-AAD3-B454C1B04713}
2011-09-23 23:19:22 -------- d-----w- C:\Users\Andrew\AppData\Local\{5E118304-24A1-445B-9F5F-6048BB3FFA20}
2011-09-23 22:51:39 -------- d-----w- C:\Users\Andrew\AppData\Local\{1CBE95B4-896D-4971-99E6-C8C47CC8B032}
2011-09-23 22:51:07 -------- d-----w- C:\Users\Andrew\AppData\Local\{9F8ED942-8A54-4718-A51C-54964C6B84AD}
2011-09-23 22:29:06 -------- d-----w- C:\Users\Andrew\AppData\Local\{A704FF55-E7B1-4C8E-91CB-451D77E6B5F9}
2011-09-23 22:28:48 -------- d-----w- C:\Users\Andrew\AppData\Local\{2AA2D945-3BF4-4C12-9B25-8BED50B0FDC4}
2011-09-23 22:06:32 -------- d-----w- C:\Users\Andrew\AppData\Local\{4BA64D68-BEA5-4F4C-AF1A-8DEF0C2B67DC}
2011-09-23 22:06:13 -------- d-----w- C:\Users\Andrew\AppData\Local\{CA369F55-E0E2-4F2B-B40E-F3662B0D146E}
2011-09-23 21:44:03 -------- d-----w- C:\Users\Andrew\AppData\Local\{2E92AFCD-A771-4217-AE7B-92512F3938FF}
2011-09-23 21:43:50 -------- d-----w- C:\Users\Andrew\AppData\Local\{ED778039-DF5B-44B4-A2DC-48E41BFE3A23}
2011-09-23 21:35:55 -------- d-----w- C:\Program Files (x86)\Minibar
2011-09-23 21:35:40 -------- d-----w- C:\ProgramData\Babylon
2011-09-23 20:49:10 504320 ----a-w- C:\ProgramData\BFwoCYFrNlwR.exe
2011-09-23 20:39:00 -------- d-----w- C:\Users\Andrew\AppData\Local\{6E7868C0-D206-4685-9FB2-9892A31DB40E}
2011-09-23 20:38:46 -------- d-----w- C:\Users\Andrew\AppData\Local\{76A0EB9D-4086-4313-88DC-D640753758A7}
2011-09-23 20:30:23 -------- d-----we C:\Windows\system64
2011-09-21 07:05:36 -------- d-----w- C:\Users\Andrew\AppData\Local\{8CAF09EC-052B-49D9-853F-3E4D7A0E7F7E}
2011-09-21 07:04:15 -------- d-----w- C:\Users\Andrew\AppData\Local\{C0D1B88C-F880-4351-814C-9741B302EA03}
.
==================== Find3M ====================
.
2011-10-20 14:23:17 1225 --sha-w- C:\Windows\SysWow64\mmf.sys
2011-08-08 20:55:39 423656 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-08-08 20:01:11 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
.
============= FINISH: 14:54:30.35 ===============
brewers1986
Active Member
 
Posts: 5
Joined: October 20th, 2011, 3:57 pm

Re: Please Help! Windows running slow and/or not responding.

Unread postby deltalima » October 20th, 2011, 4:02 pm

You have replied to your own topic, and as a result we must close this topic.

May I draw your attention to THIS topic, which you should have read before posting for help.

THIS is the section that tells you why you should not reply to your own topic.

This topic will now be closed

If you still require help, please open a new thread in the Malware Removal forum, post the logs asked for in the first topic I linked to and wait for assistance.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 43 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware