Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Laptop Freezing going very slowlu

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Laptop Freezing going very slowlu

Unread postby samkern » February 4th, 2012, 4:12 pm

I currently have malwarebyte and AVG running on my laptop. Few days ago i saw an error mesagge flag by AVG.

Since then now when i run my pc, it goes very slow . Thats all new.

i boot in safemode and run malaware byte and AVG cleanup. Then run the pc again . It works fine . Speed is ok but then when i browse the net , it become slow again. and i have to go through all the steps above and it becomes fine.

So i think that there is malware freezing/slowing my pc. btw speed is fine when i run safe mode.

Operating system
Windows 7

Belows are my logs etc

==========
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_29
Run by sameer at 1:17:41 on 2012-02-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5942.3765 [GMT 8:00]
.
AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\DigitalPersona\Bin\DpHostW.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Windows\system32\lxbkcoms.exe
C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
C:\Windows\SysWOW64\NLSSRV32.EXE
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\AVG\AVG PC Tuneup\BoostSpeed.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\igfxpers.exe
C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Users\sameer\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\sameer\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\DigitalPersona\Bin\DPAgent.exe
C:\Windows\system32\taskeng.exe
C:\Users\sameer\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Windows\splwow64.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Users\sameer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\sameer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\sameer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\sameer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\sameer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\sameer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\sameer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\sameer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Users\sameer\Downloads\malscan\SecurityCheck.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\notepad.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyServer = 208.52.90.244:80
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: jZip Toolbar: {1e48c56f-08cd-43aa-a6ef-c1ec891551ab} - jZip Toolbar
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll
TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: jZip Toolbar: {1e48c56f-08cd-43aa-a6ef-c1ec891551ab} -
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
uRun: [Akamai NetSession Interface] "C:\Users\sameer\AppData\Local\Akamai\netsession_win.exe"
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "C:\Users\sameer\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [Persistence] C:\Windows\system32\igfxpers.exe
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Show RoboForm Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
Trusted Zone: alipay.com
Trusted Zone: alisoft.com
Trusted Zone: taobao.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{11C6CB1B-393C-46F8-9DD2-BBADFA35A304} : DhcpNameServer = 198.142.0.51 61.88.88.88
TCP: Interfaces\{7A0E232F-EE29-459F-A6AD-1B688B30A226} : DhcpNameServer = 192.168.2.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Notification Packages = DPPassFilter scecli
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {1e48c56f-08cd-43aa-a6ef-c1ec891551ab} - jZip Toolbar
BHO-X64: jZip Toolbar - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO-X64: Search Helper - No File
BHO-X64: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO-X64: RoboForm BHO - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll
TB-X64: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB-X64: jZip Toolbar: {1e48c56f-08cd-43aa-a6ef-c1ec891551ab} -
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
Hosts: 174.120.130.173 keywordscout.com
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\sameer\AppData\Roaming\Mozilla\Firefox\Profiles\nu3pqxz3.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ff ... mid=102&q=
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwangwang.dll
FF - plugin: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1438.0\npwinext.dll
FF - plugin: C:\Program Files (x86)\Trademanager\npwangwang.dll
FF - plugin: C:\Program Files (x86)\Virtual Earth 3D\npVE3D.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\sameer\AppData\Local\Alibaba\AliSetup\0.1.0.52\npAliSetupOneClick.dll
FF - plugin: C:\Users\sameer\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2010-12-28 89600]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-6-21 85560]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-19 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-7-5 227384]
R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2011-6-14 26680]
R2 lxbk_device;lxbk_device;C:\Windows\system32\lxbkcoms.exe -service --> C:\Windows\system32\lxbkcoms.exe -service [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-1-26 652872]
R2 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2;C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [2011-11-2 341280]
R2 nlsX86cc;NLS Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2011-11-2 68896]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-2 2804568]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-28 2533400]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2010-2-23 1799472]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 clwvd;HP Webcam Splitter;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-19 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-19 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-27 136176]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys --> C:\Windows\system32\Drivers\ssadadb.sys [?]
S3 dgderdrv;dgderdrv;C:\Windows\system32\drivers\dgderdrv.sys --> C:\Windows\system32\drivers\dgderdrv.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-27 136176]
S3 LeapFrog-USBLAN;LeapFrog-USBLAN;C:\Windows\system32\DRIVERS\btblan.sys --> C:\Windows\system32\DRIVERS\btblan.sys [?]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-6 340240]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\system32\DRIVERS\netaapl64.sys --> C:\Windows\system32\DRIVERS\netaapl64.sys [?]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\system32\DRIVERS\ssadserd.sys --> C:\Windows\system32\DRIVERS\ssadserd.sys [?]
S3 TFsExDisk;TFsExDisk;C:\Windows\System32\drivers\TFsExDisk.Sys [2011-11-17 16392]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
.
=============== Created Last 30 ================
.
2012-02-01 18:18:26 -------- d-----w- C:\Program Files (x86)\trend micro
2012-02-01 11:53:55 -------- d-----w- C:\ProgramData\Leapfrog
2012-02-01 11:53:55 -------- d-----w- C:\Program Files (x86)\LeapFrog
2012-01-28 19:55:58 -------- d-----w- C:\Users\sameer\AppData\Roaming\AVG2012
2012-01-28 19:55:06 -------- d-----w- C:\ProgramData\AVG2012
2012-01-26 12:37:32 -------- d-----w- C:\Program Files (x86)\Keyword Squire
2012-01-26 12:37:31 -------- d-----w- C:\ProgramData\InstallMate
2012-01-25 20:06:20 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-01-25 20:06:20 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-01-25 19:06:58 -------- d-----w- C:\ProgramData\AVG
2012-01-25 18:42:59 -------- d-----w- C:\Users\sameer\AppData\Roaming\AVG
2012-01-24 18:22:03 -------- d-----w- C:\Users\sameer\AppData\Roaming\Malwarebytes
2012-01-24 18:21:39 -------- d-----w- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
2012-01-24 18:21:38 -------- d-----w- C:\ProgramData\Malwarebytes
2012-01-24 08:56:53 -------- d-----w- C:\Users\sameer\AppData\Local\AP6
2012-01-22 14:53:56 -------- d-----w- C:\Windows\System32\SPReview
2012-01-22 14:52:47 -------- d-----w- C:\Windows\System32\EventProviders
2012-01-21 02:49:45 -------- d-----w- C:\Program Files (x86)\Article Marketing Robot
2012-01-19 15:41:08 28960 ----a-w- C:\Windows\System32\nitrolocalmon2.dll
2012-01-19 15:41:08 17184 ----a-w- C:\Windows\System32\nitrolocalui2.dll
2012-01-19 15:40:57 -------- d-----w- C:\Program Files\Common Files\Nitro PDF
2012-01-19 15:40:55 -------- d-----w- C:\Program Files (x86)\Nitro PDF
2012-01-19 15:40:55 -------- d-----w- C:\Program Files (x86)\Common Files\Nitro PDF
2012-01-19 15:39:34 -------- d-----w- C:\Users\sameer\AppData\Roaming\Downloaded Installations
2012-01-19 13:54:20 -------- d-----w- C:\Users\sameer\AppData\Local\Akamai
2012-01-11 12:45:25 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-01-11 12:45:25 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-01-11 12:45:25 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-01-11 12:45:25 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-01-11 12:45:21 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-01-11 12:45:21 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-01-11 12:45:17 77312 ----a-w- C:\Windows\System32\packager.dll
2012-01-11 12:45:17 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-01-09 16:42:28 -------- d-----r- C:\Users\sameer\Dropbox
2012-01-09 16:38:08 -------- d-----w- C:\Users\sameer\AppData\Roaming\Dropbox
2012-01-07 10:32:37 -------- d-----w- C:\Users\sameer\AppData\Roaming\Affilorama
2012-01-03 13:10:44 182672 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2012-01-03 13:10:44 182672 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
.
==================== Find3M ====================
.
2012-01-22 15:02:40 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2012-01-22 15:02:39 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-11-18 02:29:06 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-17 06:49:14 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2011-11-17 06:49:14 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2011-11-17 06:44:43 459232 ----a-w- C:\Windows\System32\drivers\cng.sys
2011-11-17 06:35:28 395776 ----a-w- C:\Windows\System32\webio.dll
2011-11-17 06:35:26 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2011-11-17 06:35:26 136192 ----a-w- C:\Windows\System32\sspicli.dll
2011-11-17 06:35:25 340992 ----a-w- C:\Windows\System32\schannel.dll
2011-11-17 06:35:25 28160 ----a-w- C:\Windows\System32\secur32.dll
2011-11-17 06:35:19 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2011-11-17 06:33:55 31232 ----a-w- C:\Windows\System32\lsass.exe
2011-11-17 05:35:02 314880 ----a-w- C:\Windows\SysWow64\webio.dll
2011-11-17 05:34:52 224768 ----a-w- C:\Windows\SysWow64\schannel.dll
2011-11-17 05:34:52 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2011-11-17 05:28:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2011-11-05 05:41:43 1188864 ----a-w- C:\Windows\System32\wininet.dll
2011-11-05 05:32:50 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-11-05 04:35:00 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-11-05 04:26:03 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-11-05 03:32:47 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-11-05 02:48:51 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 1:18:32.59 ===============
samkern
Active Member
 
Posts: 13
Joined: January 28th, 2012, 2:53 pm
Advertisement
Register to Remove

Re: Laptop Freezing going very slowlu

Unread postby Alander » February 5th, 2012, 10:03 am

Hello, I Am Alander :)

Welcome to the Malware Removal forums.

I would be glad to take a look at your log and help you with solving any malware problems.

DDS logs can take a while to research so please be patient while I work on your log and I will post back here with any recommendations.

As I am still training, everything that I post to you, must be checked by an Admin or Moderator.

Thus, there may be a tiny bit of a delay between posts. While it shouldn't be too long, you can be assured you will get the best possible advice.


  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

Please post attach.txt from DDS, it can be found on your desktop, alternatively you can run DDS again for the file

Thanks
User avatar
Alander
Regular Member
 
Posts: 1603
Joined: September 15th, 2007, 2:04 pm
Location: Singapore

Re: attach.txt file

Unread postby samkern » February 5th, 2012, 12:22 pm

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 5/13/2011 8:54:22 PM
System Uptime: 2/5/2012 11:08:14 AM (13 hours ago)
.
Motherboard: Hewlett-Packard | | 144C
Processor: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz | CPU | 1444/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 575 GiB total, 456.762 GiB free.
D: is FIXED (NTFS) - 21 GiB total, 3.078 GiB free.
E: is CDROM (UDF)
F: is Removable
G: is FIXED (FAT32) - 0 GiB total, 0.087 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP99: 1/28/2012 10:19:26 AM - Windows Update
RP100: 1/29/2012 3:52:50 AM - Installed AVG 2012
RP101: 1/29/2012 3:53:46 AM - Installed AVG 2012
RP102: 2/3/2012 11:00:31 AM - Removed Yellow Pages Scraper AU
RP103: 2/3/2012 11:03:28 AM - Installed Yellow Pages Scraper AU
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
#1 Bulk PageRank Checker Shareware
3WayLinks Rank Checker
7-Zip 9.20
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.2)
Adobe Shockwave Player 11.5
Airport Mania
Akamai NetSession Interface
Ancient Hearts
Any Video Converter 3.2.7
Apple Application Support
Apple Software Update
Article Marketing Robot
aTube Catcher
AVG PC Tuneup
Azteca
Bejeweled 2 Deluxe
Bing Bar
Bing Bar Platform
Bob the Builder Can-Do-Zoo
Bounce Symphony
Build-a-lot
Camtasia Studio 7
CherryPicker
Chuzzle Deluxe
Corel Paint it! touch - IPM
CyberLink DVD Suite
DigiFish Dolphin
Diner Dash 2 Restaurant Rescue
DirectX for Managed Code Update (Summer 2004)
DiskAid 4.72
Dora's Carnival Adventure
Dora's World Adventure
Dropbox
DVD Menu Pack for HP TouchSmart Video
Elite Proxy Switcher 1.14
Energy Star Digital Logo
ESU for Microsoft Windows 7
FATE
FileZilla Client 3.5.1
Gem Shop
Google Chrome
Google Talk (remove only)
Google Toolbar for Internet Explorer
Google Update Helper
Hewlett-Packard ACLM.NET v1.1.1.0
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
HP Advisor
HP Customer Experience Enhancements
HP Documentation
HP DVB-T TV Tuner 8.0.64.43
HP Game Console
HP Games
HP Photo Creations
HP Power Manager
HP Quick Launch
HP Setup
HP Software Framework
HP Support Assistant
HP TouchSmart
HP TouchSmart Browser
HP TouchSmart Canvas
HP TouchSmart DVD
HP TouchSmart Music
HP TouchSmart Notes
HP TouchSmart Paint it! by Corel
HP TouchSmart Paint it! by Corel - Content
HP TouchSmart Paint it! by Corel - Core
HP TouchSmart Paint it! by Corel - ICA
HP TouchSmart Paint it! by Corel - Langauge
HP TouchSmart Photo
HP TouchSmart RecipeBox
HP TouchSmart RSS
HP TouchSmart Video
HP TouchSmart Webcam
IDT Audio
iLivid
Intel(R) Control Center
Intel(R) Graphics Media Accelerator Driver
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Java Auto Updater
Java(TM) 6 Update 29
Jewel Quest Solitaire 2
Junk Mail filter update
jZip
LabelPrint
LeapFrog Connect
LeapFrog LeapPad Explorer Plugin
Magic Article Rewriter
Magic Article Submitter
Magic Tokens Database 2.0
Mah Jong Medley
Malwarebytes Anti-Malware version 1.60.0.1800
Micro Niche Finder 5.0
Microsoft Choice Guard
Microsoft Default Manager
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2010
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Touch Pack for Windows 7
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft XNA Framework Redistributable 3.0
Mobile Mouse Server
Movie Theme Pack for HP TouchSmart Video
Mozilla Firefox 9.0.1 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MWSnap 3
Norton Online Backup
OJOsoft Total Video Converter
Penguins!
PhotoNow!
Picasa 3
Plants vs. Zombies
Polar Bowler
Polar Golfer
Power Leads Pro X
Power2Go
PowerDirector
QuickTime
Rank Tracker
Realtek Ethernet Controller Driver For Windows 7
Realtek USB 2.0 Card Reader
Recovery Manager
RoboForm 7-6-9 (All Users)
Rockstar Power Suite
S3 Ripper 2.0
SamLogic CD-Menu Creator 2010 E
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Groove 2007 (KB2552997)
Security Update for Microsoft Office InfoPath 2007 (KB2510061)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Skip-Bo - Castaway Caper
Skype™ 4.2
Slingo Deluxe
Small Install
SopCast 3.3.2
SWF Components
Times Reader
Tweet FriendAdder
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update or Uninstall SENukeX
Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin)
Video Components
Virtual Villagers - The Secret City
Visual Studio 2008 x64 Redistributables
VLC media player 1.1.11
Where's Waldo The Fantastic Journey
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Yellow Pages Scraper AU
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
2/5/2012 4:22:39 AM, Error: Microsoft-Windows-WLAN-AutoConfig [10003] - WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll
2/5/2012 11:09:39 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SeaPort service to connect.
2/5/2012 11:09:39 AM, Error: Service Control Manager [7000] - The SeaPort service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/4/2012 3:45:48 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running.
2/4/2012 3:45:18 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
2/4/2012 3:45:18 AM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
2/2/2012 10:28:43 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel(R) PROSet/Wireless Event Log service to connect.
2/2/2012 10:28:43 AM, Error: Service Control Manager [7000] - The Intel(R) PROSet/Wireless Event Log service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/1/2012 8:04:12 PM, Error: Service Control Manager [7030] - The LeapFrog Connect Device Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
.
==== End Of File ===========================
samkern
Active Member
 
Posts: 13
Joined: January 28th, 2012, 2:53 pm

Re: Laptop Freezing going very slowlu

Unread postby samkern » February 5th, 2012, 12:26 pm

Thanks for kindly offering to help. please see attach.txt file above.

Btw i think the problem comes up when a run firefox and vising site like soccernet.com
i am getting cookies like adyieldmanager and kyte.tv which i think is not part of the site.

also avg internet security would flag like FF has used 347 mb when i have downloaded anything major
or loading videos

i hope that info helps
samkern
Active Member
 
Posts: 13
Joined: January 28th, 2012, 2:53 pm

Re: Laptop Freezing going very slowlu

Unread postby Alander » February 6th, 2012, 3:06 pm

Hi, is this machine used for any kind of business activities? I need to know to give the appropriate instructions.

Did you configure a proxy for your machine at 208.52.90.244, port 80?

Step 1.
CKScanner
Please download CKScanner ... Save it to your desktop.
This program should only be run once!
Make sure that CKScanner.exe is on the your desktop before running the application!

  1. Right click on CKScanner.exe icon... and Select Run as Administrator to run it
  2. Click the Search For Files button.
  3. When the scan is finished (the cursor hourglass disappears) click the Save List To File button.
    A text file will be created on your desktop named "ckfiles.txt"
  4. Click OK at the file saved message box. Double-click on the ckfiles.txt icon on your desktop.
  5. Please copy/paste the contents of ckfiles.txt in your next reply.


Step 2.
MGA Diagnostics
I need you to run a tool... that will aid in determining what additional steps we'll need to perform.
  • Please download this tool from Microsoft.
  • Right click on MGADiag.exe and select Run As Administrator to run it.
  • Click "Run" again...then Click "Continue".
  • The program will run. It takes a while to finish the diagnosis, please be patient.
  • Once done, click on Copy.
  • Open Notepad and paste the contents in. Save this file and post it in your next reply.


Step 3.
Please include in your next reply:
  1. Any problem executing the instructions?
  2. MGA Diagnostic Log
  3. CK Scanner Log
Thanks
User avatar
Alander
Regular Member
 
Posts: 1603
Joined: September 15th, 2007, 2:04 pm
Location: Singapore

Re:Ckfiles and MGE

Unread postby samkern » February 7th, 2012, 12:21 am

1 >>Hi, is this machine used for any kind of business activities? I need to know to give the appropriate instructions.

This machine is only use for personal use. Occasionally My wife does a bit of internet marketing as a Hobby. She does not make any money
out of it !

2>> Did you configure a proxy for your machine at 208.52.90.244, port 80?

No ! i am not aware of that proxy and am surfing the net without any proxy

3>>Please find the details of ckscanner log and MGe Diagnostic


Ckscanner :

CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.MN.11.DHABNJ
----- EOF -----


MGA Diagnostic :

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0
Cached Online Validation Code: N/A, hr = 0x8007043c
Windows Product Key: *****-*****-73CQT-WMF7J-3Q6C9
Windows Product Key Hash: KaFG+RmurcM3ZxzWyfEP9WtPUJw=
Windows Product ID: 00359-OEM-8992687-00010
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010300.1.0.003
ID: {7D192FF2-285B-4FA7-B456-A25628587A43}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Home Premium
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.110622-1506
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 100 Genuine
Microsoft Office Enterprise 2007 - 100 Genuine
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{7D192FF2-285B-4FA7-B456-A25628587A43}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-3Q6C9</PKey><PID>00359-OEM-8992687-00010</PID><PIDType>2</PIDType><SID>S-1-5-21-526176305-116419449-2920615567</SID><SYSTEM><Manufacturer>Hewlett-Packard</Manufacturer><Model>HP Pavilion dv6 Notebook PC</Model></SYSTEM><BIOS><Manufacturer>Hewlett-Packard</Manufacturer><Version>F.23</Version><SMBIOSVersion major="2" minor="6"/><Date>20101021000000.000000+000</Date></BIOS><HWID>68C93307018400FC</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>W. Australia Standard Time(GMT+08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>HPQOEM</OEMID><OEMTableID>SLIC-MPC</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>50FABE37AB246D4</Val><Hash>KW4fMZlT0fJfJDi/UcIn0TSUN1c=</Hash><Pid>81599-874-6912523-65418</Pid><PidType>1</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>

Spsys.log Content: 0x80070002

Licensing Data-->
On a computer running Microsoft Windows non-core edition, run 'slui.exe 0x2a 0x8007043C' to display the error text.
Error: 0x8007043C

Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: 0x00000000
HealthStatus: 0x0000000000000000
Event Time Stamp: 11:15:2011 14:05
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Not Registered - 0x8007043c
HealthStatus Bitmask Output:


HWID Data-->
HWID Hash Current: KgAAAAEAAQABAAEAAAAAAAAAAgABAAEAonYYbXhAZs6YMCqJlqBaZ1xd

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC HPQOEM SLIC-MPC
FACP HPQOEM SLIC-MPC
HPET HPQOEM SLIC-MPC
BOOT HPQOEM SLIC-MPC
MCFG HPQOEM SLIC-MPC
WDAT HPQOEM SLIC-MPC
ASF! HPQOEM SLIC-MPC
SLIC HPQOEM SLIC-MPC
ASPT HPQOEM SLIC-MPC
SSDT PmRef CpuPm
samkern
Active Member
 
Posts: 13
Joined: January 28th, 2012, 2:53 pm

Re: Laptop Freezing going very slowlu

Unread postby Alander » February 7th, 2012, 2:10 pm

Hi, may I know why is Microsoft office enterprise installed? This is a sign of a computer used for business.. please clarify

Step 1.
GMER
The downloaded file will have a random name... this prevents malware from detecting and blocking it.
Please download GMER... random file name.exe by GMER. An alternate (zip file) download site.
Note: Do not run any programs while Gmer is running.
**Caution** Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries
  1. Double click on the random named.exe to execute. If asked, allow the gmer.sys driver load.
    If using Vista, you must right click random named.exe and choose "Run As Administrator".
  2. If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO <--- Important!
  3. On the right side panel, several boxes have been checked. Please UNCHECK the following: (see image below)
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All <-- don't miss this one

    Image
    Click on image to enlarge

  4. If you don't get a warning then... Click the Rootkit/Malware tab at the top of the GMER window.
  5. Click the Scan button.
  6. Once the scan has finished... click Save. The Save... window will open.
  7. Save the scan results as gmerroot.log, save it to your Desktop.
  8. Double click on the desktop "gmerroot.log" file, to open in Notepad.
  9. Copy and paste the contents of the file gmerroot.log in your next reply.

Step 2.
Online Multi Antivirus file scan
Please go to Virus Total and upload -only one file per scan- the following file(s) for scanning:

C:\Users\sameer\Downloads\malscan\SecurityCheck.exe


Using Virus Total
  1. Press the Browse button and navigate to -one- of the files in the list.
  2. Double click the located file name... The file name should now appear in the online scanner's text entry box.
  3. Click on Send File...button.
  4. The file will be queued, uploaded and scanned by various antivirus scanners..this may take a few minutes.
      If you receive the message: File has already been analysed:
      Please press the Reanalyse file now button, so your file will be scanned.
  5. When all scans have completed... the results page is displayed
  6. Please highlight and copy the page web address link from your browser window.
    Example of web address :
    Image
  7. Please repeat this procedure for each file listed above.
  8. Paste the Web address link(s) for the scan results in your next reply.

Step 3.
Please include in your next reply:
  1. Any problem executing the instructions?
  2. GMER Log
  3. Virustotal results
Thanks
User avatar
Alander
Regular Member
 
Posts: 1603
Joined: September 15th, 2007, 2:04 pm
Location: Singapore

Re: GMER and Virus Scan

Unread postby samkern » February 7th, 2012, 11:10 pm

>>Hi, may I know why is Microsoft office enterprise installed? This is a sign of a computer used for business.. please clarify

I bought a copy of MS office through my brother who purchase it through his work. I actually never realised that it was an enterprise edition.
This laptop is basically use for my studies and as you can see it is running windows home edition

1. GMER log
When it completed it says " No Modification seen on your pc"
I saved the log file but it is empty

2.Virus Total

Please see :
https://www.virustotal.com/file/55801ab ... 328670259/

thanks again for all your help
samkern
Active Member
 
Posts: 13
Joined: January 28th, 2012, 2:53 pm

Re: Laptop Freezing going very slowlu

Unread postby Alander » February 8th, 2012, 9:51 pm

Hi,

Microsoft does not sell nor does it permit the sale of Enterprise versions of Windows or Microsoft Office to individuals. Although you have bought it, what you have bought is illegal, and therefore I cannot provide you with any further assistance unless you uninstall it.

Uninstall programs
  • Click on Start.
  • All programs.
  • Accessories.
  • Run.
  • In the open text box copy/paste appwiz.cpl Then click Ok.
  • Uninstall the following if present.
Microsoft Office Enterprise 2007


Please let me know of your decision.
User avatar
Alander
Regular Member
 
Posts: 1603
Joined: September 15th, 2007, 2:04 pm
Location: Singapore

Re: Laptop Freezing going very slowlu

Unread postby samkern » February 8th, 2012, 11:14 pm

>>Microsoft does not sell nor does it permit the sale of Enterprise versions of Windows or Microsoft Office to individuals. Although you have bought it, what you have bought is illegal, and therefore I cannot provide you with any further assistance unless you uninstall it.

Please have a look at :
http://www.microsoft.com/industry/gover ... tions.aspx

Also see this
http://www.microsofthup.com/hupus/choos ... ture=en-US

I am actually also employed by same employer as my brother but it was him who made me aware of that scheme.
Please note that this is not a free copy as i actually did have to pay for it. Please see image attached as proof.

If my Ms office version is still an issue , please let me know and i will go ahead and uninstall it.

thanks again for all your help
You do not have the required permissions to view the files attached to this post.
samkern
Active Member
 
Posts: 13
Joined: January 28th, 2012, 2:53 pm

Re: Laptop Freezing going very slowlu

Unread postby Alander » February 9th, 2012, 2:32 pm

Hi,

As the software was bought under your company Home usage scheme, is kept in your possession, and may be used at home, that machine would be deemed as a business computer, and not a home computer as per our site policy.

We do not work on business computers, so I am sorry that I am unable to offer you any further assistance
User avatar
Alander
Regular Member
 
Posts: 1603
Joined: September 15th, 2007, 2:04 pm
Location: Singapore

Re: Laptop Freezing going very slowlu

Unread postby Cypher » February 9th, 2012, 2:44 pm

I see you are posting for help for a "Business" computer.

May I draw your attention to THIS topic, which you should have read before posting for help.

The section Posting for help for business machines explains why we do not offer help for such computers.

This topic is now closed
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 308 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware