Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Slow Load Time

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Slow Load Time

Unread postby SnoStorm » February 10th, 2012, 11:08 pm

Here is my problem. I don't have much in performance issues as I do in browsing and general internet speed. I was having problems earlier with what I thought were DNS issuses so I've been trying OpenDNS. The problems I don't think are related to the DNS as some webpages load just fine. I'm having issues with any good site (Any search takes forever, Maps load extremely slow and Youtube videos/video interface isn't showing up until I refresh multiple times). Anyway it's also that time of year to do a deep clean of my computer so lets see what can be done.

Update: Removed all OpenDNS entries just for fun and things seem to have improved but lets still look to see if anything is bugging my machine anyway

Here is my log:
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30
Run by SnoStorm at 22:03:23 on 2012-02-10
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.2046.1280 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Windows\system32\DllHost.exe
C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Steam] "c:\program files\steam\steam.exe" -silent
uRun: [OpenDNS Updater] "c:\program files\opendns updater\OpenDNSUpdater.exe" /autostart
mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [EvtMgr6] c:\program files\logitech\setpointp\SetPoint.exe /launchGaming
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 208.67.222.222 208.67.220.220 208.67.220.222
TCP: Interfaces\{5C704AE0-8D79-4219-88AB-D14320E83E81} : DhcpNameServer = 68.180.44.6 67.152.3.154 68.234.128.70 67.152.3.146
TCP: Interfaces\{E57F8ED7-8D77-4997-B107-86BCBC2DE871} : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{E57F8ED7-8D77-4997-B107-86BCBC2DE871} : DhcpNameServer = 208.67.222.222 208.67.220.220 208.67.220.222
TCP: Interfaces\{E57F8ED7-8D77-4997-B107-86BCBC2DE871}\64249402355727675696C6C616E63656026516E60282F484838392 : DhcpNameServer = 208.67.222.222 208.67.220.220 208.67.220.222
TCP: Interfaces\{E57F8ED7-8D77-4997-B107-86BCBC2DE871}\C696E6B6379737 : DhcpNameServer = 64.233.222.2 64.233.222.7
TCP: Interfaces\{E57F8ED7-8D77-4997-B107-86BCBC2DE871}\D4970214E657370294370224C656564696E676 : DhcpNameServer = 192.168.2.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
Hosts: 127.0.0.1 http://www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\snostorm\appdata\roaming\mozilla\firefox\profiles\ad7s4xp3.default\
FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\snostorm\appdata\local\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\users\snostorm\appdata\roaming\mozilla\firefox\profiles\ad7s4xp3.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll
FF - plugin: c:\users\snostorm\appdata\roaming\mozilla\firefox\profiles\ad7s4xp3.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165648]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\hewlett-packard\hp support framework\HPSA_Service.exe [2011-9-9 86072]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\hewlett-packard\shared\HPDrvMntSvc.exe [2011-3-28 94264]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\PassThruSvr.exe [2011-3-31 80896]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [2008-1-14 21632]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392]
R3 NETwLv32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETwLv32.sys [2011-3-11 6637056]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-6-16 136176]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-5-5 2214504]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\motoandroid.sys [2009-7-10 25856]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2011-9-21 227896]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-6-16 136176]
S3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2009-7-14 1443584]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-10-26 25088]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2010-6-23 23040]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2011-6-27 16896]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2009-5-8 42752]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
S3 PPJoyBus;Parallel Port Joystick Bus device driver;c:\windows\system32\drivers\PPJoyBus.sys [2004-1-23 13952]
S3 PPortJoystick;Parallel Port Joystick device driver;c:\windows\system32\drivers\PPortJoy.sys [2004-1-23 28800]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-3-1 139776]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-3-11 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-3-11 1343400]
.
=============== Created Last 30 ================
.
2012-02-11 01:43:33 713784 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{415ad368-7ffe-4730-a4ff-1d1473303121}\gapaengine.dll
2012-02-11 01:42:42 6557240 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{848a4438-7158-42e9-b701-4a69c4799a6a}\mpengine.dll
2012-02-11 01:29:05 388096 ----a-r- c:\users\snostorm\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-02-11 01:29:02 -------- d-----w- c:\program files\Trend Micro
2012-02-02 21:21:15 -------- d-----w- c:\windows\system32\RTCOM
2012-02-02 21:20:21 345328 ----a-w- c:\windows\system32\SRSTSXT.dll
2012-02-02 21:20:21 140528 ----a-w- c:\windows\system32\SRSWOW.dll
2012-02-02 21:20:12 1497704 ----a-w- c:\windows\system32\RTSndMgr.cpl
2012-02-02 21:20:09 3921448 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2012-02-02 21:20:08 2359400 ----a-w- c:\windows\system32\RtkPgExt.dll
2012-02-02 21:19:57 83560 ----a-w- c:\windows\system32\RtkCoInstII.dll
2012-02-02 21:19:57 13416 ----a-w- c:\windows\system32\RtkCoLDR.dll
2012-02-02 21:19:55 1378920 ----a-w- c:\windows\system32\RtkApoApi.dll
2012-02-02 21:19:52 3319400 ----a-w- c:\windows\system32\RtkAPO.dll
2012-02-02 21:19:36 78680 ----a-w- c:\windows\system32\RTEEL32A.dll
2012-02-02 21:19:36 64856 ----a-w- c:\windows\system32\RTEEG32A.dll
2012-02-02 21:19:36 359768 ----a-w- c:\windows\system32\RTEEP32A.dll
2012-02-02 21:19:35 170840 ----a-w- c:\windows\system32\RTEED32A.dll
2012-02-02 21:19:31 200468 ----a-w- c:\windows\system32\drivers\RTAIODAT.DAT
2012-02-02 21:19:30 295768 ----a-w- c:\windows\system32\RP3DHT32.dll
2012-02-02 21:19:29 295768 ----a-w- c:\windows\system32\RP3DAA32.dll
2012-02-02 21:11:18 -------- d-----w- c:\program files\Realtek
2012-01-30 20:09:31 -------- d-----w- c:\users\snostorm\appdata\roaming\OpenDNS Updater
2012-01-30 20:09:29 -------- d-----w- c:\program files\OpenDNS Updater
2012-01-23 18:37:38 53248 ----a-r- c:\users\snostorm\appdata\roaming\microsoft\installer\{3ee9bcae-e9a9-45e5-9b1c-83a4d357e05c}\ARPPRODUCTICON.exe
2012-01-23 18:37:15 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-01-23 18:33:22 -------- d-----w- c:\users\snostorm\appdata\roaming\Logishrd
2012-01-20 02:52:58 -------- d-----w- c:\program files\Microsoft Games
2012-01-20 02:50:52 -------- d-----w- c:\windows\system32\xlive
2012-01-20 02:50:23 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2012-01-19 01:25:00 -------- d-----w- c:\programdata\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
2012-01-17 23:13:14 369352 ----a-w- c:\windows\system32\drivers\cng.sys
2012-01-17 23:13:14 224768 ----a-w- c:\windows\system32\schannel.dll
2012-01-17 23:13:14 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-01-17 23:13:14 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-17 23:13:13 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-17 23:13:13 314880 ----a-w- c:\windows\system32\webio.dll
2012-01-17 23:13:13 22528 ----a-w- c:\windows\system32\lsass.exe
2012-01-17 23:13:13 22016 ----a-w- c:\windows\system32\secur32.dll
2012-01-17 23:13:13 15872 ----a-w- c:\windows\system32\sspisrv.dll
2012-01-17 23:13:13 100352 ----a-w- c:\windows\system32\sspicli.dll
.
==================== Find3M ====================
.
2012-01-31 12:44:05 237072 ------w- c:\windows\system32\MpSigStub.exe
2011-12-23 01:29:58 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-12-13 16:01:00 1698408 ----a-w- c:\windows\RtlExUpd.dll
2011-11-29 04:18:05 319456 ----a-w- c:\windows\DIFxAPI.dll
2011-11-28 05:34:14 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-24 04:25:27 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-11-19 14:01:00 67072 ----a-w- c:\windows\system32\packager.dll
2011-11-17 05:38:39 1288472 ----a-w- c:\windows\system32\ntdll.dll
.
============= FINISH: 22:04:28.73 ===============
SnoStorm
Active Member
 
Posts: 4
Joined: February 10th, 2012, 10:30 pm
Advertisement
Register to Remove

Re: Slow Load Time

Unread postby maxi » February 12th, 2012, 3:46 pm

Hello SnoStorm,

Welcome to the forum!

My name is maxi and I'll be helping you with any malware problems.

Currently I am working under the guidance of the MRU teachers and everything I post to you, must first be approved by them.
This additional review process can add some extra time to my responses, but I will post back with instructions for you as soon as possible.


Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!"
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your log and will return, as soon as possible, with additional instructions. In the meantime...

Please post the second log (extra's.txt) that appeared when you run DDS

Please read all instructions carefully before executing and perform the steps, in the order given.
lf, you have any questions or problems, executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Regards maxi :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: Slow Load Time

Unread postby SnoStorm » February 13th, 2012, 12:38 am

I had to run it again because I failed to save them both. I will post the extra first followed by the DDS log in red in case you need an updated version with it.

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 3/11/2011 2:42:51 PM
System Uptime: 2/11/2012 4:11:31 PM (31 hours ago)
.
Motherboard: Quanta | | 30CB
Processor: Intel(R) Core(TM)2 Duo CPU T5450 @ 1.66GHz | U2E1 | 1667/667mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 43.277 GiB free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Realtek RTL8168B/8111B Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_30CC103C&REV_01\4&37CDDBA9&0&00E5
Manufacturer: Realtek
Name: Realtek RTL8168B/8111B Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_30CC103C&REV_01\4&37CDDBA9&0&00E5
Service: RTL8167
.
==== System Restore Points ===================
.
RP270: 2/9/2012 5:43:57 AM - Scheduled Checkpoint
RP271: 2/10/2012 1:17:47 PM - Removed Google Earth.
RP272: 2/10/2012 8:28:16 PM - Installed HiJackThis
RP273: 2/10/2012 9:20:31 PM - Removed Ad-Aware
RP274: 2/11/2012 12:52:10 AM - Installed Java 3D 1.5.2
RP275: 2/11/2012 9:32:58 PM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Adobe AIR
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Community Help
Adobe Digital Editions
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS2
Adobe Shockwave Player 11.6
Adobe Stock Photos 1.0
Anki
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Audacity 1.3.13 (Unicode)
Baseball Mogul 2012
Bonjour
CCleaner
D3DX10
Defraggler
Dig-N-Rig version 1.0
Digital Video Repair version 2.2.0.1
Equalify 1.2.0 (RELEASE)
eReg
Facebook Video Calling 1.0.0.8714
Foxit Reader 5.1
GoldWave v5.58
Google Chrome
Google Update Helper
Hewlett-Packard ACLM.NET v1.1.2.0
HiJackThis
HP Customer Experience Enhancements
HP Product Detection
HP Quick Launch Buttons
HP Support Assistant
HTC Driver Installer
iCloud
iTunes
Java 3D 1.5.2
Java Auto Updater
Java(TM) 6 Update 30
JDiskReport
K-Lite Mega Codec Pack 7.1.0
Left 4 Dead 2
Logitech SetPoint 6.32
ManyCam 2.6.55 (remove only)
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Flight
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 4.0
Motorola SM56 Speakerphone Modem
Mozilla Firefox 10.0.1 (x86 en-US)
Mozilla Thunderbird 9.0.1 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Netflix in Windows Media Center
NVIDIA 3D Vision Controller Driver
NVIDIA 3D Vision Controller Driver 275.33
NVIDIA Control Panel 275.33
NVIDIA Graphics Driver 275.33
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.10.0514
NVIDIA Update 1.3.5
NVIDIA Update Components
OpenDNS Updater 2.2.1
Out of the Park Baseball 12
Picasa 3
PlayReady PC Runtime x86
Portal 2
PVSonyDll
QLBCASL
QuickTime
Realtek High Definition Audio Driver
Recuva
Revo Uninstaller 1.92
RollerCoaster Tycoon 3 Platinum
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Skype™ 5.6
Source SDK Base 2007
Spotify
Spybot - Search & Destroy
Steam
swMSM
Synaptics Pointing Device Driver
System Requirements Lab
System Requirements Lab CYRI
Team Fortress 2
Terraria
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player 1.1.11
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Movie Maker 2.6
WinRAR 4.00 (32-bit)
Worms Reloaded
.
==== Event Viewer Messages From Past Week ========
.
2/9/2012 4:35:28 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not

grow due to a user imposed limit.
2/8/2012 4:47:04 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update

signatures. New Signature Version: Previous Signature Version: 1.119.1479.0 Update Source: Microsoft Update

Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update

Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8001.0 Error

code: 0x80240022 Error description: The program can't check for definition updates.
2/8/2012 4:47:04 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update

signatures. New Signature Version: Previous Signature Version: 1.119.1479.0 Update Source: Microsoft Update

Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update

Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8001.0 Error

code: 0x80240022 Error description: The program can't check for definition updates.
2/8/2012 1:37:24 PM, Error: Microsoft-Windows-Application-Experience [205] - The Program Compatibility Assistant service failed

to perform the phase two initialization.
2/10/2012 9:54:55 PM, Error: Service Control Manager [7034] - The NVIDIA Update Service Daemon service terminated unexpectedly.

It has done this 1 time(s).
2/10/2012 9:51:46 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The

bugcheck was: 0x000000be (0x82e4852e, 0x02e48121, 0x8aa5b834, 0x0000000a). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id:

021012-23571-01.
.
==== End Of File ===========================


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30
Run by SnoStorm at 23:34:41 on 2012-02-12
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.2046.1142 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Windows\system32\DllHost.exe
C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Users\SnoStorm\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Steam\Steam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Steam] "c:\program files\steam\steam.exe" -silent
uRun: [OpenDNS Updater] "c:\program files\opendns updater\OpenDNSUpdater.exe" /autostart
mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [EvtMgr6] c:\program files\logitech\setpointp\SetPoint.exe /launchGaming
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 64.233.222.2 64.233.222.7
TCP: Interfaces\{5C704AE0-8D79-4219-88AB-D14320E83E81} : DhcpNameServer = 68.180.44.6 67.152.3.154 68.234.128.70 67.152.3.146
TCP: Interfaces\{E57F8ED7-8D77-4997-B107-86BCBC2DE871} : DhcpNameServer = 64.233.222.2 64.233.222.7
TCP: Interfaces\{E57F8ED7-8D77-4997-B107-86BCBC2DE871}\4586963702E4564777F627B60235072756164637026596275737563712 : DhcpNameServer = 64.233.222.2 64.233.222.7
TCP: Interfaces\{E57F8ED7-8D77-4997-B107-86BCBC2DE871}\64249402355727675696C6C616E63656026516E60282F484838392 : DhcpNameServer = 208.67.222.222 208.67.220.220 208.67.220.222
TCP: Interfaces\{E57F8ED7-8D77-4997-B107-86BCBC2DE871}\D4970214E657370294370224C656564696E676 : DhcpNameServer = 192.168.2.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
Hosts: 127.0.0.1 http://www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\snostorm\appdata\roaming\mozilla\firefox\profiles\ad7s4xp3.default\
FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\snostorm\appdata\local\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\users\snostorm\appdata\roaming\mozilla\firefox\profiles\ad7s4xp3.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll
FF - plugin: c:\users\snostorm\appdata\roaming\mozilla\firefox\profiles\ad7s4xp3.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165648]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\hewlett-packard\hp support framework\HPSA_Service.exe [2011-9-9 86072]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\hewlett-packard\shared\HPDrvMntSvc.exe [2011-3-28 94264]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\PassThruSvr.exe [2011-3-31 80896]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [2008-1-14 21632]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392]
R3 NETwLv32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETwLv32.sys [2011-3-11 6637056]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-6-16 136176]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-5-5 2214504]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\motoandroid.sys [2009-7-10 25856]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2011-9-21 227896]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-6-16 136176]
S3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2009-7-14 1443584]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-10-26 25088]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2010-6-23 23040]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2011-6-27 16896]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2009-5-8 42752]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
S3 PPJoyBus;Parallel Port Joystick Bus device driver;c:\windows\system32\drivers\PPJoyBus.sys [2004-1-23 13952]
S3 PPortJoystick;Parallel Port Joystick device driver;c:\windows\system32\drivers\PPortJoy.sys [2004-1-23 28800]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-3-1 139776]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-3-11 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-3-11 1343400]
.
=============== Created Last 30 ================
.
2012-02-13 02:33:16 -------- d-----w- c:\users\snostorm\appdata\local\{5F0218A7-E57C-47A0-8386-6E490C2E0FF1}
2012-02-13 02:33:14 -------- d-----w- c:\users\snostorm\appdata\local\{0ACCBCD4-F407-4D1B-9A27-FAE1CAB5057B}
2012-02-12 02:33:22 6557240 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1f103985-ce28-4c1e-9eaf-fd87712d7b65}\mpengine.dll
2012-02-11 05:53:12 823296 ----a-w- c:\windows\j3dcore-d3d.dll
2012-02-11 05:53:12 49152 ----a-w- c:\windows\j3dcore-ogl-chk.dll
2012-02-11 05:53:12 40960 ----a-w- c:\windows\j3dcore-ogl-cg.dll
2012-02-11 05:53:12 163840 ----a-w- c:\windows\j3dcore-ogl.dll
2012-02-11 05:51:55 -------- d-----w- c:\users\snostorm\appdata\local\{3225C812-5FB8-41CE-B15F-997F80150000}
2012-02-11 03:17:55 -------- d-----w- c:\users\snostorm\appdata\local\ElevatedDiagnostics
2012-02-11 01:43:33 713784 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{415ad368-7ffe-4730-a4ff-1d1473303121}\gapaengine.dll
2012-02-11 01:29:05 388096 ----a-r- c:\users\snostorm\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-02-11 01:29:02 -------- d-----w- c:\program files\Trend Micro
2012-02-02 21:21:15 -------- d-----w- c:\windows\system32\RTCOM
2012-02-02 21:20:21 345328 ----a-w- c:\windows\system32\SRSTSXT.dll
2012-02-02 21:20:21 140528 ----a-w- c:\windows\system32\SRSWOW.dll
2012-02-02 21:20:12 1497704 ----a-w- c:\windows\system32\RTSndMgr.cpl
2012-02-02 21:20:09 3921448 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2012-02-02 21:20:08 2359400 ----a-w- c:\windows\system32\RtkPgExt.dll
2012-02-02 21:19:57 83560 ----a-w- c:\windows\system32\RtkCoInstII.dll
2012-02-02 21:19:57 13416 ----a-w- c:\windows\system32\RtkCoLDR.dll
2012-02-02 21:19:55 1378920 ----a-w- c:\windows\system32\RtkApoApi.dll
2012-02-02 21:19:52 3319400 ----a-w- c:\windows\system32\RtkAPO.dll
2012-02-02 21:19:36 78680 ----a-w- c:\windows\system32\RTEEL32A.dll
2012-02-02 21:19:36 64856 ----a-w- c:\windows\system32\RTEEG32A.dll
2012-02-02 21:19:36 359768 ----a-w- c:\windows\system32\RTEEP32A.dll
2012-02-02 21:19:35 170840 ----a-w- c:\windows\system32\RTEED32A.dll
2012-02-02 21:19:31 200468 ----a-w- c:\windows\system32\drivers\RTAIODAT.DAT
2012-02-02 21:19:30 295768 ----a-w- c:\windows\system32\RP3DHT32.dll
2012-02-02 21:19:29 295768 ----a-w- c:\windows\system32\RP3DAA32.dll
2012-02-02 21:11:18 -------- d-----w- c:\program files\Realtek
2012-01-30 20:09:31 -------- d-----w- c:\users\snostorm\appdata\roaming\OpenDNS Updater
2012-01-30 20:09:29 -------- d-----w- c:\program files\OpenDNS Updater
2012-01-23 18:37:38 53248 ----a-r- c:\users\snostorm\appdata\roaming\microsoft\installer\{3ee9bcae-e9a9-45e5-9b1c-83a4d357e05c}\ARPPRODUCTICON.exe
2012-01-23 18:37:15 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-01-23 18:33:22 -------- d-----w- c:\users\snostorm\appdata\roaming\Logishrd
2012-01-20 02:52:58 -------- d-----w- c:\program files\Microsoft Games
2012-01-20 02:50:52 -------- d-----w- c:\windows\system32\xlive
2012-01-20 02:50:23 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2012-01-19 01:25:00 -------- d-----w- c:\programdata\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
2012-01-17 23:13:14 369352 ----a-w- c:\windows\system32\drivers\cng.sys
2012-01-17 23:13:14 224768 ----a-w- c:\windows\system32\schannel.dll
2012-01-17 23:13:14 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-01-17 23:13:14 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-17 23:13:13 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-17 23:13:13 314880 ----a-w- c:\windows\system32\webio.dll
2012-01-17 23:13:13 22528 ----a-w- c:\windows\system32\lsass.exe
2012-01-17 23:13:13 22016 ----a-w- c:\windows\system32\secur32.dll
2012-01-17 23:13:13 15872 ----a-w- c:\windows\system32\sspisrv.dll
2012-01-17 23:13:13 100352 ----a-w- c:\windows\system32\sspicli.dll
.
==================== Find3M ====================
.
2012-01-31 12:44:05 237072 ------w- c:\windows\system32\MpSigStub.exe
2011-12-23 01:29:58 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-12-13 16:01:00 1698408 ----a-w- c:\windows\RtlExUpd.dll
2011-11-29 04:18:05 319456 ----a-w- c:\windows\DIFxAPI.dll
2011-11-28 05:34:14 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-24 04:25:27 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-11-19 14:01:00 67072 ----a-w- c:\windows\system32\packager.dll
2011-11-17 05:38:39 1288472 ----a-w- c:\windows\system32\ntdll.dll
.
============= FINISH: 23:36:00.77 ===============
SnoStorm
Active Member
 
Posts: 4
Joined: February 10th, 2012, 10:30 pm

Re: Slow Load Time

Unread postby maxi » February 14th, 2012, 4:27 pm

Hi SnoStorm,

Is this computer used for business purposes ? I need to know to give you the appropriate advice.

  • Please download MGA Diagnostic Tool and save it to your Desktop.
  • Right click on MGADiag.exe and select Run As Administrator to run it.
  • Click Continue.
  • The program will run. It takes a while to finish the diagnosis, please be patient.
  • Once done, click on Copy.
  • Open Notepad and paste the contents in the window.
  • Save this file and copy/paste it in your next reply.

"Microsoft Office Enterprise 2007": Do you know how this program came to be on your computer ?

In your next reply please include:
The log from MGADiag.exe.
The answers to my questions.

Regards maxi :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: Slow Load Time

Unread postby SnoStorm » February 14th, 2012, 11:07 pm

This is a personal machine. The copy of Office Enterprise came from my access to MSDN through my college. I like using the enterprise or business versions of larger software because they are less bloated then what is commercially distributed. This is also why my Windows 7 distro is Windows 7 Professional.

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0
Cached Online Validation Code: 0x0
Windows Product Key: *****-*****-D73JV-QHMTC-G9QGG
Windows Product Key Hash: IBzy/lyBLysvlu2zilzHcPEWT0g=
Windows Product ID: 00371-839-9840923-85336
Windows Product ID Type: 5
Windows License Type: Retail
Windows OS version: 6.1.7601.2.00010100.1.0.048
ID: {D44C6899-021D-4A36-A92B-90CC970F8454}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Professional
Architecture: 0x00000000
Build lab: 7601.win7sp1_gdr.111025-1505
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 100 Genuine
Microsoft Office Enterprise 2007 - 100 Genuine
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{D44C6899-021D-4A36-A92B-90CC970F8454}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.048</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-G9QGG</PKey><PID>00371-839-9840923-85336</PID><PIDType>5</PIDType><SID>S-1-5-21-2762240374-4203459493-1914529315</SID><SYSTEM><Manufacturer>Hewlett-Packard</Manufacturer><Model>HP Pavilion dv9500 Notebook PC </Model></SYSTEM><BIOS><Manufacturer>Hewlett-Packard</Manufacturer><Version>F.59 </Version><SMBIOSVersion major="2" minor="4"/><Date>20081125000000.000000+000</Date></BIOS><HWID>07D93E07018400FA</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>HPQOEM</OEMID><OEMTableID>SLIC-MPC</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{90120000-0030-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Enterprise 2007</Name><Ver>12</Ver><Val>7480B9502DF0D86</Val><Hash>oYWOW5ayFE3pZ+jvTpuXYsY64JE=</Hash><Pid>89388-707-8722531-65015</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/><App Id="BA" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>

Spsys.log Content: 0x80070002

Licensing Data-->
Software licensing service version: 6.1.7601.17514

Name: Windows(R) 7, Professional edition
Description: Windows Operating System - Windows(R) 7, RETAIL channel
Activation ID: e838d943-63ed-4a0b-9fb1-47152908acc9
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00371-00170-839-984092-00-1033-7600.0000-0702011
Installation ID: 000686052636688874720635914381668396281363946356249651
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: G9QGG
License Status: Licensed
Remaining Windows rearm count: 4
Trusted time: 2/14/2012 10:03:33 PM

Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: 0x00000000
HealthStatus: 0x0000000000000000
Event Time Stamp: 12:8:2011 02:56
ActiveX: Registered, Version: 7.1.7600.16395
Admin Service: Registered, Version: 7.1.7600.16395
HealthStatus Bitmask Output:


HWID Data-->
HWID Hash Current: NgAAAAEABwABAAEAAAABAAAAAQABAAEAJJTI3AgDPF7WdXB6kiQso0aDBgw6Gaj7VCZaISqF

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x0
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC HP 30CB
FACP HP 30CC
HPET HP 30CB
BOOT HP 30CB
MCFG HP 30CB
TMOR HP 30CC
SLIC HPQOEM SLIC-MPC
SSDT HP 30CB
SSDT HP 30CB
SSDT HP 30CB
SSDT HP 30CB
SnoStorm
Active Member
 
Posts: 4
Joined: February 10th, 2012, 10:30 pm

Re: Slow Load Time

Unread postby maxi » February 15th, 2012, 12:52 pm

Hi SnoStorm ,

Step 1
Run CKScanner

  • Please download CKScanner from Here
  • Important: - Save it to your desktop.
  • Right-click CKScanner.exe > select " Run as administrator " then click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved. Please Run the program only once.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

Step 2
ESET online scannner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Note: If you are using Windows Vista or Windows 7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
  • First please Disable any Antivirus you have active, as shown in This topic.
  • Note: Don't forget to re-enable it after the scan.
  • Next hold down Control then click on the following link to open a new window to ESET online scannner
  • Select the option YES, I accept the Terms of Use then click on Start.
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on Start.
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on Finish.
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

In your next reply please include:
The eset log.
The CKScanner log.
How your computer is behaving.

Regards maxi :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: Slow Load Time

Unread postby SnoStorm » February 15th, 2012, 2:19 pm

Its running exactly the same.

Eset:
CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.RP.11.SMAABR
----- EOF -----

CKScanner log:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=d58b415f19123c47bded2768e5176a7c
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-02-15 06:15:26
# local_time=2012-02-15 01:15:26 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776574 100 94 26417468 80873015 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=46451
# found=0
# cleaned=0
# scan_time=1502
SnoStorm
Active Member
 
Posts: 4
Joined: February 10th, 2012, 10:30 pm

Re: Slow Load Time

Unread postby maxi » February 16th, 2012, 3:26 pm

Hi snostorm,

Your Java is out of date.

It can be updated by the Java control panel
  • click on Start > Control Panel (Classic View) > Java (looks like a coffee cup) > Update Tab > Update Now.
  • An update should begin.
  • Just follow the prompts.

Remove the following tools from your Desktop:(Right click and select delete)
CKScanner
MGA Diagnostic Tool
DDS


Congratulations your logs show no sign of Malware :)

Please follow these steps to tidy up and help keep you malware free.

Create new clean restore point
  1. Go to Start > All Programs > Accessories > System Tools > System Restore
  2. Select Create a restore point... then press the Next...button.
  3. Type a name for the new SRP... like All Clean... then press the Create... button.
  4. When finished... press the Close...button.
Now you have a clean restore point to use if you need to restore your system.

Remove old infected restore points.

  1. Now... Go to Start > Run... type in: cleanmgr...press the OK...button.
    The Disk Cleanup begins "calculating" space savings by compressing old files. This could take several minutes.
  2. When available... select the More Options... tab.
  3. In the System Restore section... Press the Clean up...button.
  4. Reply Yes to the prompt. Press the X to close and exit.

This will remove all restore points except the one you just created.

A few tips to help you stay clean
If you want to stay malware free, you must keep your software up to date. Here are a couple of free programs that will help with that.
Make sure you keep Windows updated.
Make sure you keep the latest updates installed for Internet explorer. (This is important even if you typically use a different browser).

Some reccomended reading
Computer Security - a short guide to staying safer online
What to do if your Computer is running slowly

A little caution while surfing can go a long way toward staying clean. Stay away from dodgy web-sites and be carefull what you click on.

Please let me know if you have any questions. If not please acknowledge that you have read this and I will have this topic closed.

Happy Surfing, :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: Slow Load Time

Unread postby Cypher » February 18th, 2012, 6:29 am

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 106 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware