Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Suddenly exceedingly slow

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Suddenly exceedingly slow

Unread postby redearth » October 30th, 2008, 8:57 am

Hi there

I have a new Dell Quadcore computer (2 weeks old) which was superfast until this morning, and suddenly it went superslow, can't even type without a long delay for every word appearing. I did a couple of system restores but it's not making any difference. I removed unnecessary start up programs and that has no effect either. Here is my hijack this log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:48:40, on 30/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\fxsolutions\fxsgtst.exe
C:\Program Files\FX\FX AccuCharts\professional.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://partnerpage.google.com/smallbiz. ... bd=6081017
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.forextrainers.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O13 - Gopher Prefix:
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 6876 bytes


Please help!

Redearth
redearth
Active Member
 
Posts: 9
Joined: October 30th, 2008, 6:40 am
Advertisement
Register to Remove

Re: Suddenly exceedingly slow

Unread postby Katana » November 1st, 2008, 8:27 am

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.


Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:
  1. Please Read All Instructions Carefully
  2. If you don't understand something, stop and ask! Don't keep going on.
  3. Please do not run any other tools or scans whilst I am helping you
  4. Please continue to respond until I give you the "All Clear"
    (Just because you can't see a problem doesn't mean it isn't there)

If you can do those few things, everything should go smoothly Image

Please Note, your security programs may give warnings for some of the tools I will ask you to use.
Be assured, any links I give are safe


----------------------------------------------------------------------------------------


Download and Run RSIT
  • Please download Random's System Information Tool by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open:
    • log.txt will be opened maximized.
    • info.txt will be opened minimized.
  • Please post the contents of both log.txt and info.txt.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Suddenly exceedingly slow

Unread postby redearth » November 2nd, 2008, 5:53 am

Hi Katana,

Thanks for taking up my problem. Here are the logs:

First log.txt:

Logfile of random's system information tool 1.04 (written by random/random)
Run by k at 2008-11-02 09:51:21
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 173 GB (76%) free of 228 GB
Total RAM: 3069 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:51:27, on 02/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\k\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\k.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://partnerpage.google.com/smallbiz. ... bd=6081017
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.forextrainers.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O13 - Gopher Prefix:
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 7361 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-09-29 1082880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-10-28 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-10-28 2055960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2008-10-28 2549368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [2008-10-17 325048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\Dell\BAE\BAE.dll [2006-11-09 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2008-10-28 2549368]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-10-28 2055960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"ECenter"=C:\Dell\E-Center\EULALauncher.exe [2008-02-29 17920]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-02-01 4706304]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"Adobe Reader Speed Launcher"=c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-10-17 29744]
"dscactivate"=C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2008-03-11 16384]
"LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2008-07-24 63048]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-10-28 1234712]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-17 68856]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-09-29 21755688]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - open - "C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1"

======List of files/folders created in the last 1 months======

2008-11-02 09:51:21 ----D---- C:\rsit
2008-11-01 22:48:21 ----D---- C:\inetpub
2008-11-01 19:42:08 ----N---- C:\Windows\system32\pxsfs.dll
2008-11-01 19:42:08 ----N---- C:\Windows\system32\pxinsa64.exe
2008-11-01 19:42:08 ----N---- C:\Windows\system32\pxhpinst.exe
2008-11-01 19:42:08 ----N---- C:\Windows\system32\pxdrv.dll
2008-11-01 19:42:08 ----N---- C:\Windows\system32\pxcpya64.exe
2008-11-01 19:42:08 ----N---- C:\Windows\system32\pxafs.dll
2008-11-01 19:42:07 ----N---- C:\Windows\system32\vxblock.dll
2008-11-01 19:42:07 ----N---- C:\Windows\system32\pxwave.dll
2008-11-01 19:42:07 ----N---- C:\Windows\system32\pxmas.dll
2008-11-01 19:42:07 ----N---- C:\Windows\system32\px.dll
2008-11-01 19:42:06 ----D---- C:\Program Files\Winamp
2008-11-01 13:59:07 ----D---- C:\All files
2008-11-01 09:05:13 ----D---- C:\ProgramData\Macrovision
2008-11-01 08:58:38 ----D---- C:\Program Files\Common Files\Macromedia Shared
2008-11-01 08:58:37 ----A---- C:\Windows\system32\msvcr70.dll
2008-11-01 08:58:37 ----A---- C:\Windows\system32\msvcp70.dll
2008-11-01 08:58:37 ----A---- C:\Windows\system32\mfc70.dll
2008-11-01 08:58:19 ----D---- C:\Program Files\Common Files\Macromedia
2008-11-01 08:57:27 ----D---- C:\Program Files\Macromedia
2008-10-31 13:30:18 ----D---- C:\Program Files\FxPro MetaTrader
2008-10-31 03:00:37 ----SHD---- C:\Config.Msi
2008-10-30 12:47:51 ----D---- C:\Program Files\Trend Micro
2008-10-30 10:00:43 ----A---- C:\Windows\system32\wersvc.dll
2008-10-30 10:00:43 ----A---- C:\Windows\system32\Faultrep.dll
2008-10-30 10:00:42 ----A---- C:\Windows\system32\win32spl.dll
2008-10-29 07:47:38 ----D---- C:\ProgramData\Yahoo!
2008-10-29 07:47:35 ----D---- C:\Program Files\Yahoo!
2008-10-29 06:56:20 ----D---- C:\Users\k\AppData\Roaming\skypePM
2008-10-29 06:55:24 ----D---- C:\Users\k\AppData\Roaming\Skype
2008-10-29 06:55:00 ----D---- C:\Program Files\Common Files\Skype
2008-10-29 03:03:34 ----A---- C:\Windows\system32\tzres.dll
2008-10-29 03:02:18 ----A---- C:\Windows\system32\SearchFilterHost.exe
2008-10-29 03:02:18 ----A---- C:\Windows\system32\propdefs.dll
2008-10-29 03:02:18 ----A---- C:\Windows\system32\msstrc.dll
2008-10-29 03:02:18 ----A---- C:\Windows\system32\mssitlb.dll
2008-10-29 03:02:18 ----A---- C:\Windows\system32\msshooks.dll
2008-10-29 03:02:18 ----A---- C:\Windows\system32\msscb.dll
2008-10-29 03:02:17 ----A---- C:\Windows\system32\xmlfilter.dll
2008-10-29 03:02:17 ----A---- C:\Windows\system32\wsepno.dll
2008-10-29 03:02:17 ----A---- C:\Windows\system32\thawbrkr.dll
2008-10-29 03:02:17 ----A---- C:\Windows\system32\srchadmin.dll
2008-10-29 03:02:17 ----A---- C:\Windows\system32\rtffilt.dll
2008-10-29 03:02:17 ----A---- C:\Windows\system32\propsys.dll
2008-10-29 03:02:17 ----A---- C:\Windows\system32\offfilt.dll
2008-10-29 03:02:17 ----A---- C:\Windows\system32\nlhtml.dll
2008-10-29 03:02:17 ----A---- C:\Windows\system32\mssprxy.dll
2008-10-29 03:02:17 ----A---- C:\Windows\system32\msshsq.dll
2008-10-29 03:02:17 ----A---- C:\Windows\system32\msscntrs.dll
2008-10-29 03:02:17 ----A---- C:\Windows\system32\mimefilt.dll
2008-10-29 03:02:17 ----A---- C:\Windows\system32\korwbrkr.dll
2008-10-29 03:02:16 ----A---- C:\Windows\system32\tquery.dll
2008-10-29 03:02:16 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2008-10-29 03:02:16 ----A---- C:\Windows\system32\SearchIndexer.exe
2008-10-29 03:02:16 ----A---- C:\Windows\system32\mssvp.dll
2008-10-29 03:02:16 ----A---- C:\Windows\system32\mssrch.dll
2008-10-29 03:02:16 ----A---- C:\Windows\system32\mssphtb.dll
2008-10-29 03:02:16 ----A---- C:\Windows\system32\mssph.dll
2008-10-29 03:02:16 ----A---- C:\Windows\system32\chtbrkr.dll
2008-10-29 03:02:16 ----A---- C:\Windows\system32\chsbrkr.dll
2008-10-28 18:00:30 ----A---- C:\Windows\system32\tsccvid.dll
2008-10-28 18:00:25 ----D---- C:\Windows\system32\QuickTime
2008-10-28 18:00:05 ----D---- C:\ProgramData\TechSmith
2008-10-28 17:59:29 ----D---- C:\Program Files\Common Files\TechSmith Shared
2008-10-28 15:52:11 ----D---- C:\Users\k\AppData\Roaming\Professional
2008-10-28 15:51:14 ----D---- C:\Windows\Downloaded Installations
2008-10-28 15:47:54 ----A---- C:\Windows\system32\avgrsstx.dll
2008-10-28 15:47:37 ----D---- C:\ProgramData\avg8
2008-10-28 15:47:37 ----D---- C:\Program Files\AVG
2008-10-28 15:45:57 ----A---- C:\Windows\myClean.bat
2008-10-28 15:37:57 ----A---- C:\Windows\ODBC.INI
2008-10-28 15:37:21 ----D---- C:\Program Files\Common Files\Designer
2008-10-28 15:36:11 ----D---- C:\Users\k\AppData\Roaming\Microsoft Web Folders
2008-10-28 15:13:03 ----D---- C:\Users\k\AppData\Roaming\Macromedia
2008-10-28 15:10:01 ----A---- C:\Windows\system32\EncDec.dll
2008-10-28 15:09:56 ----A---- C:\Windows\system32\psisdecd.dll
2008-10-28 15:09:48 ----A---- C:\Windows\system32\IPSECSVC.DLL
2008-10-28 15:09:47 ----A---- C:\Windows\system32\es.dll
2008-10-28 15:09:45 ----A---- C:\Windows\system32\wmpeffects.dll
2008-10-28 15:09:36 ----A---- C:\Windows\system32\emdmgmt.dll
2008-10-28 15:09:36 ----A---- C:\Windows\system32\dataclen.dll
2008-10-28 15:09:36 ----A---- C:\Windows\system32\cdd.dll
2008-10-28 15:09:34 ----A---- C:\Windows\system32\netapi32.dll
2008-10-28 15:09:24 ----A---- C:\Windows\system32\Apphlpdm.dll
2008-10-28 15:09:23 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-10-28 15:09:21 ----A---- C:\Windows\system32\inetcomm.dll
2008-10-28 15:07:04 ----A---- C:\Windows\system32\LMIport.dll
2008-10-28 15:07:03 ----A---- C:\Windows\system32\LMIRfsClientNP.dll
2008-10-28 15:06:52 ----A---- C:\Windows\system32\LMIinit.dll
2008-10-28 15:06:19 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-10-28 15:06:19 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-10-28 15:06:14 ----A---- C:\Windows\system32\mshtml.dll
2008-10-28 15:06:13 ----A---- C:\Windows\system32\ieframe.dll
2008-10-28 15:06:11 ----A---- C:\Windows\system32\wininet.dll
2008-10-28 15:06:11 ----A---- C:\Windows\system32\urlmon.dll
2008-10-28 15:06:10 ----A---- C:\Windows\system32\mstime.dll
2008-10-28 15:06:10 ----A---- C:\Windows\system32\iertutil.dll
2008-10-28 15:06:06 ----A---- C:\Windows\system32\jsproxy.dll
2008-10-28 15:02:32 ----D---- C:\Users\k\AppData\Roaming\Adobe
2008-10-28 15:02:20 ----D---- C:\Users\k\AppData\Roaming\Google
2008-10-28 15:01:06 ----D---- C:\Users\k\AppData\Roaming\ATI
2008-10-28 15:01:06 ----D---- C:\ProgramData\ATI
2008-10-28 07:20:10 ----D---- C:\Program Files\ATI
2008-10-28 06:55:46 ----D---- C:\Program Files\Broadcom
2008-10-28 05:48:36 ----D---- C:\ATI
2008-10-28 05:32:26 ----D---- C:\ProgramData\PC Drivers HeadQuarters
2008-10-28 05:32:26 ----D---- C:\Program Files\PC Drivers HeadQuarters
2008-10-28 05:13:48 ----D---- C:\NVIDIA
2008-10-28 05:09:02 ----D---- C:\Downloads
2008-10-28 05:02:49 ----D---- C:\Program Files\FlashGet
2008-10-27 19:51:15 ----D---- C:\Program Files\Microsoft Silverlight
2008-10-27 17:17:27 ----D---- C:\ProgramData\LogMeIn
2008-10-27 17:15:10 ----D---- C:\Program Files\LogMeIn
2008-10-23 06:30:24 ----D---- C:\Program Files\MSXML 4.0
2008-10-22 10:18:33 ----D---- C:\Program Files\Skype
2008-10-22 10:18:30 ----D---- C:\ProgramData\Skype
2008-10-22 10:10:31 ----D---- C:\Program Files\NinjaTrader 6.5
2008-10-22 10:05:04 ----D---- C:\Program Files\Mozilla Firefox
2008-10-22 10:04:46 ----D---- C:\Program Files\Common Files\Real
2008-10-22 10:02:10 ----D---- C:\Program Files\WinSCP
2008-10-22 09:34:09 ----D---- C:\Program Files\fxsolutions
2008-10-22 09:32:17 ----D---- C:\Program Files\FX
2008-10-22 09:32:16 ----D---- C:\Program Files\fxsgts
2008-10-22 08:00:54 ----D---- C:\ProgramData\Dell
2008-10-21 20:17:06 ----D---- C:\Program Files\techsmith
2008-10-21 20:17:06 ----D---- C:\Program Files\real
2008-10-21 20:17:06 ----D---- C:\Program Files\quicktime
2008-10-21 20:17:06 ----D---- C:\Program Files\newtech infosystems
2008-10-21 19:07:42 ----SD---- C:\Users\k\AppData\Roaming\Microsoft
2008-10-21 19:03:38 ----SHD---- C:\ProgramData\Templates
2008-10-21 19:03:38 ----SHD---- C:\ProgramData\Start Menu
2008-10-21 19:03:38 ----SHD---- C:\ProgramData\Favorites
2008-10-21 19:03:38 ----SHD---- C:\ProgramData\Documents
2008-10-21 19:03:38 ----SHD---- C:\ProgramData\Desktop
2008-10-21 19:03:38 ----SHD---- C:\ProgramData\Application Data
2008-10-21 19:03:38 ----SHD---- C:\Documents and Settings
2008-10-17 20:57:18 ----A---- C:\Windows\csup.txt
2008-10-17 20:57:07 ----A---- C:\Windows\system32\Oemdspif.dll
2008-10-17 20:57:07 ----A---- C:\Windows\system32\atiumdva.dll
2008-10-17 20:57:07 ----A---- C:\Windows\system32\atiumdag.dll
2008-10-17 20:57:07 ----A---- C:\Windows\system32\atitmmxx.dll
2008-10-17 20:57:07 ----A---- C:\Windows\system32\atipdlxx.dll
2008-10-17 20:57:07 ----A---- C:\Windows\system32\atioglxx.dll
2008-10-17 20:57:07 ----A---- C:\Windows\system32\ATIODE.exe
2008-10-17 20:57:07 ----A---- C:\Windows\system32\ATIODCLI.exe
2008-10-17 20:57:07 ----A---- C:\Windows\system32\atidxx32.dll
2008-10-17 20:57:07 ----A---- C:\Windows\system32\ATIDEMGX.dll
2008-10-17 20:57:07 ----A---- C:\Windows\system32\Ati2evxx.exe
2008-10-17 20:57:07 ----A---- C:\Windows\system32\Ati2evxx.dll
2008-10-17 20:57:07 ----A---- C:\Windows\system32\ati2edxx.dll
2008-10-17 20:57:07 ----A---- C:\Windows\system32\amdpcom32.dll
2008-10-17 20:56:56 ----A---- C:\Windows\system32\bcmwlcoi.dll
2008-10-17 20:56:56 ----A---- C:\Windows\system32\bcmihvui.dll
2008-10-17 20:56:56 ----A---- C:\Windows\system32\bcmihvsrv.dll
2008-10-17 20:56:54 ----A---- C:\Windows\system32\SRSWOW.dll
2008-10-17 20:56:54 ----A---- C:\Windows\system32\SRSTSXT.dll
2008-10-17 20:56:54 ----A---- C:\Windows\system32\RtkPgExt.dll
2008-10-17 20:56:54 ----A---- C:\Windows\system32\RtkCoInst.dll
2008-10-17 20:56:54 ----A---- C:\Windows\system32\RtkAPO.dll
2008-10-17 20:56:54 ----A---- C:\Windows\system32\ppChain.dll
2008-10-17 20:56:54 ----A---- C:\Windows\system32\DaisyWrp.dll
2008-10-17 20:56:54 ----A---- C:\Windows\system32\CTAPO32.dll
2008-10-17 20:56:54 ----A---- C:\Windows\RtlUpd.exe
2008-10-17 20:56:54 ----A---- C:\Windows\RtHDVCpl.exe
2008-10-17 20:56:43 ----A---- C:\Windows\system32\hcrstco.dll
2008-10-17 20:56:43 ----A---- C:\Windows\system32\hccoin.dll
2008-10-17 20:56:33 ----A---- C:\Windows\system32\hidserv.dll
2008-10-17 20:56:33 ----A---- C:\Windows\system32\hid.dll
2008-10-17 20:56:24 ----A---- C:\Windows\system32\wscript.exe
2008-10-17 20:56:24 ----A---- C:\Windows\system32\scrrun.dll
2008-10-17 20:56:24 ----A---- C:\Windows\system32\scrobj.dll
2008-10-17 20:56:24 ----A---- C:\Windows\system32\cscript.exe
2008-10-17 20:56:23 ----A---- C:\Windows\system32\wshext.dll
2008-10-17 20:56:23 ----A---- C:\Windows\system32\vbscript.dll
2008-10-17 20:56:23 ----A---- C:\Windows\system32\jscript.dll
2008-10-17 20:53:41 ----A---- C:\Windows\system32\gdi32.dll
2008-10-17 20:53:25 ----A---- C:\Windows\system32\RacEngn.dll
2008-10-17 20:53:19 ----A---- C:\Windows\system32\quartz.dll
2008-10-17 20:53:06 ----A---- C:\Windows\system32\shell32.dll
2008-10-17 20:52:47 ----A---- C:\Windows\system32\gameux.dll
2008-10-17 20:52:21 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2008-10-17 20:52:21 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2008-10-17 20:52:21 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2008-10-17 20:51:32 ----A---- C:\Windows\system32\rpcrt4.dll
2008-10-17 20:51:32 ----A---- C:\Windows\system32\pacerprf.dll
2008-10-17 20:51:19 ----A---- C:\Windows\system32\winresume.exe
2008-10-17 20:51:19 ----A---- C:\Windows\system32\winload.exe
2008-10-17 20:51:19 ----A---- C:\Windows\system32\srdelayed.exe
2008-10-17 20:51:19 ----A---- C:\Windows\system32\srcore.dll
2008-10-17 20:51:19 ----A---- C:\Windows\system32\srclient.dll
2008-10-17 20:51:19 ----A---- C:\Windows\system32\rstrui.exe
2008-10-17 20:51:19 ----A---- C:\Windows\system32\kbd106n.dll
2008-10-17 20:51:18 ----A---- C:\Windows\system32\setbcdlocale.dll
2008-10-17 20:51:18 ----A---- C:\Windows\system32\kd1394.dll
2008-10-17 20:51:18 ----A---- C:\Windows\system32\ci.dll
2008-10-17 20:50:20 ----D---- C:\Windows\Users
2008-10-17 20:48:09 ----D---- C:\doctemp
2008-10-17 20:46:25 ----D---- C:\Windows\system32\oem
2008-10-17 20:46:24 ----D---- C:\Drivers
2008-10-17 20:46:24 ----D---- C:\DELL
2008-10-17 13:03:39 ----D---- C:\Windows\SoftwareDistribution
2008-10-17 13:02:40 ----D---- C:\Windows\system32\RTCOM
2008-10-17 13:01:35 ----SHD---- C:\System Volume Information
2008-10-17 12:21:50 ----D---- C:\ProgramData\McAfee
2008-10-17 12:21:42 ----D---- C:\Program Files\McAfee
2008-10-17 12:21:23 ----D---- C:\Program Files\Microsoft Office
2008-10-17 12:20:53 ----D---- C:\Program Files\Microsoft Works
2008-10-17 12:20:14 ----D---- C:\ProgramData\SupportSoft
2008-10-17 12:20:08 ----D---- C:\Program Files\Dell Support Center
2008-10-17 12:19:53 ----D---- C:\Program Files\Common Files\supportsoft
2008-10-17 12:18:45 ----D---- C:\ProgramData\Google
2008-10-17 12:18:43 ----D---- C:\Program Files\Google
2008-10-17 12:18:43 ----D---- C:\Program Files\Dell
2008-10-17 12:18:32 ----D---- C:\Program Files\Sonic
2008-10-17 12:18:25 ----D---- C:\Program Files\Common Files\SureThing Shared
2008-10-17 12:18:22 ----D---- C:\ProgramData\InstallShield
2008-10-17 12:18:21 ----D---- C:\Program Files\Roxio
2008-10-17 12:17:50 ----D---- C:\ProgramData\Sonic
2008-10-17 12:17:44 ----D---- C:\Program Files\Common Files\PX Storage Engine
2008-10-17 12:17:43 ----D---- C:\Program Files\Common Files\Sonic Shared
2008-10-17 12:17:43 ----D---- C:\Program Files\Common Files\Roxio Shared
2008-10-17 12:17:03 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-10-17 12:16:00 ----D---- C:\ProgramData\Adobe
2008-10-17 12:15:56 ----D---- C:\Program Files\Common Files\Adobe
2008-10-17 12:15:56 ----D---- C:\Program Files\Adobe
2008-10-17 12:14:48 ----D---- C:\Program Files\Realtek
2008-10-17 12:14:31 ----D---- C:\Program Files\Intel
2008-10-17 12:13:23 ----D---- C:\Program Files\ATI Technologies
2008-10-17 12:13:03 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-17 12:13:02 ----D---- C:\Program Files\Common Files\InstallShield
2008-10-17 12:13:02 ----A---- C:\Windows\system32\javaws.exe
2008-10-17 12:13:02 ----A---- C:\Windows\system32\javaw.exe
2008-10-17 12:13:02 ----A---- C:\Windows\system32\java.exe
2008-10-17 12:12:42 ----D---- C:\Program Files\Java
2008-10-17 12:12:41 ----D---- C:\Program Files\Common Files\Java
2008-10-17 12:12:39 ----SHD---- C:\Windows\Installer
2008-10-17 12:12:13 ----D---- C:\Windows\system32\Macromed
2008-10-16 20:35:42 ----A---- C:\Windows\system32\lmimirr2.dll
2008-10-16 20:35:40 ----A---- C:\Windows\system32\lmimirr.dll

======List of files/folders modified in the last 1 months======

2008-11-02 09:51:27 ----D---- C:\Windows\Temp
2008-11-02 09:51:27 ----D---- C:\Windows\Prefetch
2008-11-02 09:48:54 ----D---- C:\Windows\Microsoft.NET
2008-11-02 09:48:31 ----D---- C:\Windows\system32\inetsrv
2008-11-02 09:47:02 ----D---- C:\Windows\system32\0409
2008-11-02 09:46:51 ----D---- C:\Windows\rescache
2008-11-02 09:41:30 ----D---- C:\Windows\winsxs
2008-11-02 09:34:24 ----D---- C:\Windows\System32
2008-11-02 09:34:24 ----D---- C:\Windows\inf
2008-11-02 09:34:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-11-01 23:04:05 ----RSD---- C:\Windows\assembly
2008-11-01 22:48:57 ----D---- C:\Windows
2008-11-01 22:48:26 ----D---- C:\Windows\system32\migration
2008-11-01 22:48:23 ----D---- C:\Windows\system32\wbem
2008-11-01 22:48:23 ----D---- C:\Windows\system32\en-US
2008-11-01 20:33:35 ----RD---- C:\Program Files
2008-11-01 20:33:35 ----HD---- C:\ProgramData
2008-11-01 19:45:01 ----D---- C:\Windows\system32\Tasks
2008-11-01 08:58:38 ----D---- C:\Program Files\Common Files
2008-10-31 17:06:27 ----SD---- C:\Windows\Downloaded Program Files
2008-10-31 06:13:11 ----HDC---- C:\$AVG8.VAULT$
2008-10-31 05:51:21 ----D---- C:\Windows\registration
2008-10-30 09:56:02 ----D---- C:\Windows\system32\Msdtc
2008-10-30 09:55:23 ----D---- C:\Windows\system32\config
2008-10-30 09:55:17 ----D---- C:\Windows\Tasks
2008-10-30 09:55:17 ----D---- C:\Windows\system32\spool
2008-10-30 09:55:17 ----D---- C:\Windows\system32\catroot2
2008-10-29 08:40:36 ----D---- C:\Windows\system32\catroot
2008-10-29 03:10:32 ----D---- C:\Windows\AppPatch
2008-10-29 03:10:31 ----D---- C:\Windows\PolicyDefinitions
2008-10-29 03:10:31 ----D---- C:\Windows\ehome
2008-10-29 03:10:31 ----D---- C:\Program Files\Windows Mail
2008-10-29 03:10:29 ----D---- C:\Windows\system32\drivers
2008-10-28 15:47:28 ----D---- C:\Program Files\Common Files\microsoft shared
2008-10-28 15:37:31 ----RSD---- C:\Windows\Fonts
2008-10-28 15:37:16 ----RSD---- C:\Windows\Media
2008-10-28 15:37:07 ----D---- C:\Program Files\Common Files\System
2008-10-28 15:37:05 ----D---- C:\Windows\ShellNew
2008-10-28 15:36:46 ----D---- C:\Windows\MSAgent
2008-10-28 15:36:46 ----D---- C:\Windows\Help
2008-10-28 15:35:54 ----D---- C:\Windows\system
2008-10-28 15:08:14 ----RD---- C:\Users
2008-10-28 13:53:55 ----D---- C:\Windows\system32\CodeIntegrity
2008-10-25 17:00:46 ----SD---- C:\ProgramData\Microsoft
2008-10-25 04:22:48 ----D---- C:\Windows\Debug
2008-10-25 02:05:48 ----D---- C:\Windows\system32\WDI
2008-10-22 10:03:43 ----D---- C:\Program Files\Internet Explorer
2008-10-22 09:07:06 ----DC---- C:\Acer
2008-10-22 08:35:30 ----SHD---- C:\$Recycle.Bin
2008-10-22 07:53:01 ----D---- C:\Windows\system32\NDF
2008-10-21 20:34:53 ----D---- C:\Windows\Logs
2008-10-21 20:14:28 ----D---- C:\DRV
2008-10-21 20:11:01 ----D---- C:\Intel
2008-10-21 20:11:01 ----D---- C:\Book
2008-10-17 20:51:27 ----D---- C:\Windows\system32\Boot
2008-10-17 20:50:23 ----D---- C:\Windows\system32\oobe
2008-10-17 20:47:26 ----A---- C:\Windows\system32\tcpmon.ini
2008-10-17 20:46:28 ----D---- C:\Windows\Setup
2008-10-17 12:27:11 ----D---- C:\Windows\system32\sysprep
2008-10-17 12:27:11 ----D---- C:\Windows\Panther
2008-10-17 12:08:15 ----D---- C:\Windows\system32\restore
2008-10-07 12:19:42 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2008-10-28 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2008-10-28 26824]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [2008-07-24 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2008-07-24 47640]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2008-03-07 27648]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-10-24 3151872]
R3 AvgWfpX;AVG Free8 Firewall Driver x86; C:\Windows\System32\Drivers\avgwfpx.sys [2008-10-28 69128]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-01-03 1044984]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-02-01 2032280]
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2008-07-24 10144]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-02-03 106496]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-10-24 3151872]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2008-02-01 308248]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-10-24 610304]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-10-28 875288]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-10-28 231704]
S3 GoogleDesktopManager-010708-104812;Google Desktop Manager 5.7.801.7324; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-10-17 29744]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-17 138168]
S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2008-11-01 68096]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-07-11 69632]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S4 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2008-10-16 116032]
S4 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2008-07-24 63040]

-----------------EOF-----------------


Now info.txt:

info.txt logfile of random's system information tool 1.04 2008-11-02 09:51:28

======Uninstall list======

Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x9
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Browser Address Error Redirector-->MsiExec.exe /I{62230596-37E5-4618-A329-0D21F529A86F}
Camtasia Studio 5-->MsiExec.exe /I{7BB40A22-8D98-43F9-A08A-E7EFF5AB1324}
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Dell Getting Started Guide-->MsiExec.exe /I{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}
Dell Support Center-->MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}
EDocs-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}\setup.exe"
FX AccuCharts-->MsiExec.exe /I{0952751C-3150-BCC6-DE1A-8BA295C9F0C6}
FxPro MetaTrader 4.00-->"C:\Program Files\FxPro MetaTrader\Uninstall.exe" "C:\Program Files\FxPro MetaTrader\install.log"
Global Trading System Pro-->MsiExec.exe /I{3D241EE2-77D7-448F-8211-8A3961BA8383}
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
LogMeIn-->MsiExec.exe /I{7F831576-6246-42C7-B523-55B3F96509CC}
Macromedia Dreamweaver MX 2004-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}\Setup.exe" -l0x9 mmUninstall
Macromedia Extension Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}\setup.exe" -l0x9 mmUninstall
Microsoft Office 2000 Professional-->MsiExec.exe /I{00010409-78E1-11D2-B60F-006097C998E7}
Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Report Viewer Redistributable 2005-->C:\Windows\Microsoft.NET\Framework\v2.0.50727\Microsoft Report Viewer Redistributable 2005\install.exe
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
Realtek Ethernet Network Card Diagnostic tool for Windows Vista-->C:\Program Files\InstallShield Installation Information\{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}\setup.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Roxio Activation Module-->MsiExec.exe /I{07159635-9DFE-4105-BFC0-2817DB540C68}
Roxio Creator Audio-->MsiExec.exe /I{83FFCFC7-88C6-41C6-8752-958A45325C82}
Roxio Creator BDAV Plugin-->MsiExec.exe /I{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}
Roxio Creator Copy-->MsiExec.exe /I{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}
Roxio Creator Data-->MsiExec.exe /I{0D397393-9B50-4C52-84D5-77E344289F87}
Roxio Creator DE-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Tools-->MsiExec.exe /I{0394CDC8-FABD-4ED8-B104-03393876DFDF}
Roxio Express Labeler 3-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Sonic CinePlayer Decoder Pack-->MsiExec.exe /I{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}
Winamp Toolbar for Firefox-->"\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\uninstall.exe"

======Security center information======

AV: AVG Anti-Virus Free
AS: AVG Anti-Virus Free (disabled)
AS: Windows Defender

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=4
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\

-----------------EOF-----------------
redearth
Active Member
 
Posts: 9
Joined: October 30th, 2008, 6:40 am

Re: Suddenly exceedingly slow

Unread postby Katana » November 2nd, 2008, 6:32 am

Information

There is no obvious sign of malware, but let's get a couple more scans to make sure

----------------------------------------------------------- -----------------------------------------------------------

Step 1


Malwarebytes' Anti-Malware

Please download Malwarebytes' Anti-Malware to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidently close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

----------------------------------------------------------- -----------------------------------------------------------
Step 2


Kaspersky Online Scanner .
Your Antivirus and/or Antispyware may give a warning during the scan. This is perfectly normal
NOTE:- This scan is best done from IE (Internet Explorer)

NOTE:- Vista users should start IE by Start(Vista Orb) >> Internet Explorer >> Right-Click Run As Admin
Go Here http://www.kaspersky.com/kos/eng/partne ... bscan.html

Read the Requirements and limitations before you click Accept.
Once the database has downloaded, click My Computer in the left pane
Now go and put the kettle on !
When the scan has completed, click Save Report As...
Enter a name for the file in the Filename: text box and then click the down arrow to the right of Save as type: and select text file (*.txt)
Click Save - by default the file will be saved to your Desktop, but you can change this if you wish.


**Note**

To optimize scanning time and produce a more sensible report for review:
  • Close any open programs.
  • Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan.
Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.


----------------------------------------------------------- -----------------------------------------------------------
Step 3

Logs/Information to Post in Reply
Please post the following logs/Information in your reply
  • MalwareBytes Log
  • Kaspersky Log
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Suddenly exceedingly slow

Unread postby NonSuch » November 7th, 2008, 5:52 pm

Due to lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 291 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware