Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

PC super slow

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

PC super slow

Unread postby RobinhoOo22 » January 11th, 2013, 10:20 am

Hi, my pc is very slow and sometimes sending e-mails to all my contacts, i think that it is a virus. Here is the dds logs:

dds.txt
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_37
Run by WINDOWS XP at 12:03:47 on 2013-01-11
Microsoft Windows XP Professional 5.1.2600.2.1252.55.1046.18.1015.101 [GMT -2:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\Arquivos de programas\Application Updater\ApplicationUpdater.exe
C:\Arquivos de programas\Aladdin\eToken\PKIClient\x32\eTSrv.exe
C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe
C:\Arquivos de programas\Java\jre6\bin\jqs.exe
C:\Arquivos de programas\EPSON\MyEpson Portal\mepService.exe
C:\Arquivos de programas\CyberLink\Shared Files\RichVideo.exe
C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\alg.exe
C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe
C:\Arquivos de programas\Windows Media Player\wmplayer.exe
C:\Arquivos de programas\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Arquivos de programas\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Arquivos de programas\Arquivos comuns\Nokia\NoA\nokiaaserver.exe
C:\WINDOWS\explorer.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Documents and Settings\WINDOWS XP\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\WINDOWS XP\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\WINDOWS XP\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\WINDOWS XP\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Arquivos de programas\CompuFour\Aplicativos Comerciais\c4b.exe
C:\Arquivos de programas\Microsoft Office\Office12\EXCEL.EXE
C:\Documents and Settings\WINDOWS XP\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\WINDOWS XP\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\WINDOWS XP\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: pdfforge Toolbar: {B922D405-6D13-4A2B-AE89-08A030DA4402} - c:\arquivos de programas\pdfforge toolbar\ie\6.6\pdfforgeToolbarIE.dll
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - c:\arquivos de programas\ask.com\GenericAskToolbar.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\arquivos de programas\arquivos comuns\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\arquivos de programas\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\arquivos de programas\java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\arquivos de programas\avast software\avast\aswWebRepIE.dll
BHO: Auxiliar de Conexão do Windows Live: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\arquivos de programas\arquivos comuns\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: pdfforge Toolbar: {B922D405-6D13-4A2B-AE89-08A030DA4402} - c:\arquivos de programas\pdfforge toolbar\ie\6.6\pdfforgeToolbarIE.dll
BHO: GoogleToolbar_94.dll: {C12DBC8B-86BD-4751-9347-216F087086AC} - c:\program files (x86)\google\chrome\application\23.0.1271.32\GoogleToolbar_94.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\arquivos de programas\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\arquivos de programas\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\arquivos de programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\arquivos de programas\ask.com\GenericAskToolbar.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\arquivos de programas\ask.com\GenericAskToolbar.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\arquivos de programas\avast software\avast\aswWebRepIE.dll
TB: pdfforge Toolbar: {B922D405-6D13-4A2B-AE89-08A030DA4402} - c:\arquivos de programas\pdfforge toolbar\ie\6.6\pdfforgeToolbarIE.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [msnmsgr] "c:\arquivos de programas\windows live\messenger\msnmsgr.exe" /background
uRun: [NokiaOviSuite2] c:\arquivos de programas\nokia\nokia ovi suite\NokiaOviSuite.exe -tray
uRun: [Google Update] "c:\documents and settings\windows xp\configurações locais\dados de aplicativos\google\update\GoogleUpdate.exe" /c
uRun: [Auto EPSON TX220 Series em MINEIRAOPRINCIP] c:\windows\system32\spool\drivers\w32x86\3\e_fatigdl.exe /fu "c:\windows\temp\E_S15.tmp" /EF "HKCU"
uRun: [84CA28BEDA124182F373D037B5C91BB121A724AC] c:\docume~1\window~1\config~1\temp\31220121246.cpl
uRun: [msc] c:\documents and settings\windows xp\dados de aplicativos\pc suite\settings\GoogleToolbar_95.cpl
uRun: [IgfxTray] c:\documents and settings\windows xp\dados de aplicativos\pc suite\settings\GoogleToolbar_96.cpl
mRun: [GrooveMonitor] "c:\arquivos de programas\microsoft office\office12\GrooveMonitor.exe"
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [SkyTel] SkyTel.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [avast] "c:\arquivos de programas\avast software\avast\avastUI.exe" /nogui
mRun: [NokiaMServer] c:\arquivos de programas\arquivos comuns\nokia\mplatform\NokiaMServer /watchfiles startup
mRun: [Adobe Reader Speed Launcher] "c:\arquivos de programas\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\arquivos de programas\arquivos comuns\adobe\arm\1.0\AdobeARM.exe"
mRun: [eTMonitor] "c:\arquivos de programas\aladdin\etoken\pkiclient\x32\PKIMonitor.exe"
mRun: [ApnUpdater] "c:\arquivos de programas\ask.com\updater\Updater.exe"
mRun: [SunJavaUpdateSched] "c:\arquivos de programas\arquivos comuns\java\java update\jusched.exe"
mRun: [SearchSettings] "c:\arquivos de programas\arquivos comuns\spigot\search settings\SearchSettings.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\menuin~1\progra~1\inicia~1\mcafee~1.lnk - c:\arquivos de programas\mcafee security scan\2.0.181\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: EnableLUA = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xportar para o Microsoft Excel - c:\arquiv~1\micros~2\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\arquivos de programas\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{6723E55D-EC61-4A0E-A404-A3FD0109A7C2} : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\arquivos de programas\microsoft office\office12\GrooveSystemServices.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\arquivos de programas\microsoft office\office12\GrooveShellExtensions.dll
LSA: Authentication Packages = msv1_0 nwprovau
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\windows xp\dados de aplicativos\mozilla\firefox\profiles\8a57o6cz.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?clien ... OSJ000&&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\arquivos de programas\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\arquivos de programas\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\documents and settings\windows xp\configuraã§ãµes locais\dados de aplicativos\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2013-01-05 10:03; firefox@unfriendfinder.com; c:\documents and settings\windows xp\dados de aplicativos\mozilla\firefox\profiles\8a57o6cz.default\extensions\firefox@unfriendfinder.com.xpi
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-2-20 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-2-20 355632]
R2 Application Updater;Application Updater;c:\arquivos de programas\application updater\ApplicationUpdater.exe [2012-11-28 793600]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-2-20 21256]
R2 avast! Antivirus;avast! Antivirus;c:\arquivos de programas\avast software\avast\AvastSvc.exe [2012-2-20 44808]
R2 eTSrv;ETOKSRV;c:\arquivos de programas\aladdin\etoken\pkiclient\x32\eTSrv.exe [2009-12-31 12640]
S3 AKSUP;AKSUP;c:\windows\system32\drivers\aksup.sys [2008-7-29 34472]
S3 McComponentHostService;McAfee Security Scan aComponent Host Service;c:\arquivos de programas\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
.
=============== Created Last 30 ================
.
2012-12-18 12:00:08 -------- d-----w- c:\windows\system32\appmgmt
.
==================== Find3M ====================
.
2013-01-09 13:49:36 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-09 13:49:36 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
.
============= FINISH: 12:04:55,78 ===============


Attach.txt
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 15/2/2012 16:37:08
System Uptime: 10/1/2013 12:07:30 (24 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5GC-MX/CKD/POST/SI
Processor: Processador Intel Pentium II | LGA 775 | 1800/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 37 GiB total, 18,022 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description:
Device ID: ACPI\ATK0110\1010110
Manufacturer:
Name:
PNP Device ID: ACPI\ATK0110\1010110
Service:
.
==== System Restore Points ===================
.
RP211: 11/12/2012 14:43:19 - Ponto de verificação do sistema
RP212: 18/12/2012 09:59:01 - Nokia Ovi Player removido.
RP213: 22/12/2012 09:45:44 - Ponto de verificação do sistema
RP214: 2/1/2013 10:18:51 - Ponto de verificação do sistema
RP215: 5/1/2013 08:21:20 - Ponto de verificação do sistema
RP216: 10/1/2013 11:19:48 - Ponto de verificação do sistema
.
==== Installed Programs ======================
.
2007 Microsoft Office Suite Service Pack 1 (SP1)
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.2 - Português
Aplicativos Comerciais 2012
Ask Toolbar
Assistente de Conexão do Windows Live
atualizador Ask Toolbar Updater
avast! Free Antivirus
CobCAIXA
DVD Suite
Emissor de Cupom Fiscal
eToken PKI Client 5.1 SP1
Ferramenta de Carregamento do Windows Live
Google Chrome
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB954550-v5)
Intel(R) Graphics Media Accelerator Driver
Java Auto Updater
Java(TM) 6 Update 2
Java(TM) 6 Update 37
K-Lite Codec Pack 4.7.5 (Full)
McAfee Security Scan Plus
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office Access MUI (Portuguese (Brazil)) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Portuguese (Brazil)) 2007
Microsoft Office Groove MUI (Portuguese (Brazil)) 2007
Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (Portuguese (Brazil)) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (Portuguese (Brazil)) 2007
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007
Microsoft Office Shared MUI (Portuguese (Brazil)) 2007
Microsoft Office Word MUI (Portuguese (Brazil)) 2007
Microsoft Software Update for Web Folders (Portuguese (Brazil)) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox 17.0.1 (x86 pt-BR)
Mozilla Maintenance Service
MSVC80_x86_v2
MSVC90_x86
MSVCRT
MSXML 6.0 Parser
MyEpson Portal
Nero 7 Essentials
neroxml
Nokia Connectivity Cable Driver
Nokia Ovi Suite
Nokia Ovi Suite Software Updater
Nokia_Multimedia_Common_Components_2_5
Ovi Desktop Sync Engine
OviMPlatform
Pacote de Driver do Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
PC Connectivity Solution
PDFCreator
pdfforge Toolbar v6.6
PhotoScape
PowerDVD
Realtek High Definition Audio Driver
Segoe UI
Version 1.59
WebFldrs XP
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Player 11
WinRAR archiver
.
==== End Of File ===========================
RobinhoOo22
Active Member
 
Posts: 1
Joined: January 11th, 2013, 10:08 am
Advertisement
Register to Remove

Re: PC super slow

Unread postby deltalima » January 11th, 2013, 4:16 pm

Operating Systems no longer supported by Microsoft
It appears you are using a computer with an unsupported Operating System.

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.

The section here explains why we do not offer help for such computers. Thank you for your understanding.

This topic is now closed.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 293 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware