TechSpot

Very slow pc

By morphy201180
Sep 20, 2014
  1. Hi Can someone help.

    My PC seems to be dying a slow death. Everything from my Internet to the applications windows seem to take ages to open. If I try and install any software there is always an error message or a problem with the install. I have ran Malwarebytes which detected quite a bit of malware which should have been removed however when I restarted PC it is still extremely slow.

    Please see logs below. I hope someone can help.

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 20/09/2014
    Scan Time: 21:01:59
    Logfile: MB log.txt
    Administrator: Yes

    Version: 2.00.2.1012
    Malware Database: v2014.09.20.06
    Rootkit Database: v2014.09.19.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows XP Service Pack 3
    CPU: x86
    File System: NTFS
    User: Ian

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 316558
    Time Elapsed: 8 min, 19 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Warn
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 7
    PUP.Optional.Yontoo.A, HKU\S-1-5-21-329068152-1801674531-682003330-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}, Quarantined, [b72f509fdd9e989ef1d63258b34fe41c],
    PUP.Optional.Yontoo.A, HKU\S-1-5-21-329068152-1801674531-682003330-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}, Quarantined, [b72f509fdd9e989ef1d63258b34fe41c],
    PUP.Optional.Iminent.A, HKLM\SOFTWARE\Iminent, Quarantined, [a73fad425328270fd48b61d9cc375ca4],
    PUP.Optional.1ClickDownLoader.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pmlghpafmmnmmkjdhacccolfgnkiboco, Quarantined, [c81e35bae99254e2fe0160c0bd46e818],
    PUP.Optional.SweetIM.A, HKLM\SOFTWARE\SWEETIM, Quarantined, [12d42ac599e25cda3282b59bb45052ae],
    PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-329068152-1801674531-682003330-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, Quarantined, [5d89aa45245787afb4679eb3a75d956b],
    PUP.Optional.SweetIM.A, HKU\S-1-5-21-329068152-1801674531-682003330-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM, Quarantined, [1acc20cf8bf049ed347f153b34d0a060],

    Registry Values: 2
    PUP.Optional.SweetIM.A, HKLM\SOFTWARE\SWEETIM|simapp_id, 11111111, Quarantined, [12d42ac599e25cda3282b59bb45052ae]
    PUP.Optional.SweetIM.A, HKU\S-1-5-21-329068152-1801674531-682003330-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM|simapp_id, 11111111, Quarantined, [1acc20cf8bf049ed347f153b34d0a060]

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 3
    PUP.Optional.OpenCandy, C:\Documents and Settings\Ian\My Documents\Downloads\Unconfirmed 78546.crdownload, Quarantined, [9353757a205bea4cc98a70bce12425db],
    PUP.Optional.MindSpark.A, C:\Documents and Settings\Ian\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_totalrecipesearch.dl.tb.ask.com_0.localstorage, Quarantined, [776f3cb394e7d85e14cc899a788b0bf5],
    PUP.Optional.MindSpark.A, C:\Documents and Settings\Ian\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_totalrecipesearch.dl.tb.ask.com_0.localstorage-journal, Quarantined, [e402737c6813d36304dc70b37b8801ff],

    Physical Sectors: 0
    (No malicious items detected)


    (end)

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 14/07/2012 15:16:46
    System Uptime: 20/09/2014 21:12:23 (0 hours ago)
    .
    Motherboard: Dell Inc. | | 0YP696
    Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5600+ | Socket M2 | 2906/1000mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 149 GiB total, 123.712 GiB free.
    D: is CDROM ()
    E: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP717: 25/06/2014 11:18:43 - System Checkpoint
    RP718: 26/06/2014 11:26:03 - System Checkpoint
    RP719: 27/06/2014 12:26:03 - System Checkpoint
    RP720: 28/06/2014 14:08:46 - System Checkpoint
    RP721: 29/06/2014 14:27:26 - System Checkpoint
    RP722: 30/06/2014 14:28:05 - System Checkpoint
    RP723: 01/07/2014 14:29:07 - System Checkpoint
    RP724: 02/07/2014 15:29:17 - System Checkpoint
    RP725: 03/07/2014 15:30:29 - System Checkpoint
    RP726: 04/07/2014 15:31:29 - System Checkpoint
    RP727: 05/07/2014 17:58:16 - System Checkpoint
    RP728: 06/07/2014 18:32:40 - System Checkpoint
    RP729: 07/07/2014 20:25:05 - System Checkpoint
    RP730: 08/07/2014 20:57:33 - System Checkpoint
    RP731: 09/07/2014 21:42:02 - System Checkpoint
    RP732: 10/07/2014 22:42:01 - System Checkpoint
    RP733: 11/07/2014 22:43:03 - System Checkpoint
    RP734: 12/07/2014 22:44:04 - System Checkpoint
    RP735: 13/07/2014 23:44:03 - System Checkpoint
    RP736: 14/07/2014 23:45:25 - System Checkpoint
    RP737: 16/07/2014 00:45:23 - System Checkpoint
    RP738: 17/07/2014 00:46:23 - System Checkpoint
    RP739: 18/07/2014 00:47:25 - System Checkpoint
    RP740: 19/07/2014 01:59:25 - System Checkpoint
    RP741: 20/07/2014 02:48:26 - System Checkpoint
    RP742: 20/07/2014 10:25:03 - Printer Driver LogMeIn Printer Driver Installed
    RP743: 21/07/2014 10:26:11 - System Checkpoint
    RP744: 22/07/2014 10:50:11 - System Checkpoint
    RP745: 23/07/2014 10:52:20 - System Checkpoint
    RP746: 24/07/2014 11:51:12 - System Checkpoint
    RP747: 25/07/2014 11:52:14 - System Checkpoint
    RP748: 26/07/2014 12:16:04 - System Checkpoint
    RP749: 27/07/2014 12:54:18 - System Checkpoint
    RP750: 28/07/2014 12:55:27 - System Checkpoint
    RP751: 29/07/2014 13:55:27 - System Checkpoint
    RP752: 30/07/2014 14:11:31 - System Checkpoint
    RP753: 31/07/2014 14:47:18 - System Checkpoint
    RP754: 01/08/2014 16:18:19 - System Checkpoint
    RP755: 02/08/2014 17:10:15 - System Checkpoint
    RP756: 03/08/2014 18:19:19 - System Checkpoint
    RP757: 04/08/2014 18:44:30 - System Checkpoint
    RP758: 05/08/2014 19:10:14 - System Checkpoint
    RP759: 06/08/2014 20:21:32 - System Checkpoint
    RP760: 07/08/2014 20:33:32 - System Checkpoint
    RP761: 08/08/2014 21:34:34 - System Checkpoint
    RP762: 10/08/2014 11:00:07 - System Checkpoint
    RP763: 12/08/2014 13:12:52 - System Checkpoint
    RP764: 13/08/2014 13:24:19 - System Checkpoint
    RP765: 14/08/2014 14:25:20 - System Checkpoint
    RP766: 15/08/2014 15:29:12 - System Checkpoint
    RP767: 16/08/2014 16:14:38 - System Checkpoint
    RP768: 17/08/2014 23:08:42 - System Checkpoint
    RP769: 18/08/2014 23:16:04 - System Checkpoint
    RP770: 20/08/2014 00:05:05 - System Checkpoint
    RP771: 21/08/2014 00:49:07 - System Checkpoint
    RP772: 22/08/2014 01:39:40 - System Checkpoint
    RP773: 23/08/2014 02:08:06 - System Checkpoint
    RP774: 24/08/2014 02:22:51 - System Checkpoint
    RP775: 25/08/2014 02:29:11 - System Checkpoint
    RP776: 26/08/2014 02:30:28 - System Checkpoint
    RP777: 27/08/2014 03:30:29 - System Checkpoint
    RP778: 28/08/2014 03:31:29 - System Checkpoint
    RP779: 29/08/2014 03:32:32 - System Checkpoint
    RP780: 30/08/2014 03:56:31 - System Checkpoint
    RP781: 31/08/2014 03:57:32 - System Checkpoint
    RP782: 01/09/2014 04:34:33 - System Checkpoint
    RP783: 02/09/2014 04:35:44 - System Checkpoint
    RP784: 03/09/2014 05:35:47 - System Checkpoint
    RP785: 04/09/2014 06:12:45 - System Checkpoint
    RP786: 05/09/2014 06:37:48 - System Checkpoint
    RP787: 06/09/2014 08:32:15 - System Checkpoint
    RP788: 07/09/2014 10:16:29 - System Checkpoint
    RP789: 08/09/2014 10:39:59 - System Checkpoint
    RP790: 09/09/2014 10:40:26 - System Checkpoint
    RP791: 10/09/2014 10:53:27 - System Checkpoint
    RP792: 11/09/2014 11:05:27 - System Checkpoint
    RP793: 12/09/2014 11:15:50 - System Checkpoint
    RP794: 13/09/2014 11:57:37 - System Checkpoint
    RP795: 14/09/2014 14:25:21 - System Checkpoint
    RP796: 15/09/2014 15:20:32 - System Checkpoint
    RP797: 16/09/2014 15:39:53 - System Checkpoint
    RP798: 17/09/2014 16:39:53 - System Checkpoint
    RP799: 18/09/2014 16:41:13 - System Checkpoint
    RP800: 19/09/2014 17:44:13 - System Checkpoint
    RP801: 20/09/2014 18:04:13 - Installed Windows XP Wudf01000.
    RP802: 20/09/2014 18:04:25 - Installed Samsung Kies
    RP803: 20/09/2014 18:17:44 - Installed Samsung Kies
    RP804: 20/09/2014 18:47:33 - Revo Uninstaller's restore point - AVG Security Toolbar
    RP805: 20/09/2014 18:51:06 - Revo Uninstaller's restore point - Free YouTube to MP3 Converter version 3.12.9.725
    RP806: 20/09/2014 18:52:47 - Revo Uninstaller's restore point - McAfee Security Scan Plus
    RP807: 20/09/2014 18:53:44 - Revo Uninstaller's restore point - Samsung Kies
    RP808: 20/09/2014 18:54:46 - Removed Samsung Kies
    RP809: 20/09/2014 18:58:24 - Revo Uninstaller's restore point - CCleaner
    RP810: 20/09/2014 18:59:14 - Revo Uninstaller's restore point - AVG 2014
    RP811: 20/09/2014 19:02:33 - Revo Uninstaller's restore point - AVG 2014
    RP812: 20/09/2014 19:12:19 - avast! antivirus system restore point
    .
    ==== Installed Programs ======================
    .
    Adobe Flash Player 15 ActiveX
    Adobe Reader XI (11.0.03)
    avast! Free Antivirus
    Broadcom Gigabit Integrated Controller
    Brother 1450
    Brownie
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Update Helper
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB2756822)
    Hotfix for Windows XP (KB2779562)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB976002-v5)
    Java 7 Update 21
    Java Auto Updater
    LogMeIn
    Malwarebytes Anti-Malware version 2.0.2.1012
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Office Professional Edition 2003
    Microsoft Silverlight
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Nero 7 Ultra Edition
    NVIDIA Drivers
    Revo Uninstaller 1.95
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2618444)
    Security Update for Windows Internet Explorer 8 (KB2699988)
    Security Update for Windows Internet Explorer 8 (KB2722913)
    Security Update for Windows Internet Explorer 8 (KB2744842)
    Security Update for Windows Internet Explorer 8 (KB2761465)
    Security Update for Windows Internet Explorer 8 (KB2799329)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2510581)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2544521)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2619339)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2653956)
    Security Update for Windows XP (KB2655992)
    Security Update for Windows XP (KB2659262)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB2676562)
    Security Update for Windows XP (KB2685939)
    Security Update for Windows XP (KB2686509)
    Security Update for Windows XP (KB2691442)
    Security Update for Windows XP (KB2695962)
    Security Update for Windows XP (KB2698365)
    Security Update for Windows XP (KB2699988)
    Security Update for Windows XP (KB2705219)
    Security Update for Windows XP (KB2707511)
    Security Update for Windows XP (KB2712808)
    Security Update for Windows XP (KB2718523)
    Security Update for Windows XP (KB2719985)
    Security Update for Windows XP (KB2723135)
    Security Update for Windows XP (KB2724197)
    Security Update for Windows XP (KB2727528)
    Security Update for Windows XP (KB2731847)
    Security Update for Windows XP (KB2753842-v2)
    Security Update for Windows XP (KB2753842)
    Security Update for Windows XP (KB2757638)
    Security Update for Windows XP (KB2758857)
    Security Update for Windows XP (KB2761226)
    Security Update for Windows XP (KB2770660)
    Security Update for Windows XP (KB2779030)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923789)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982665)
    SigmaTel Audio
    Skype Click to Call
    Skype™ 6.18
    TomTom HOME
    TomTom HOME Visual Studio Merge Modules
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 8 (KB2598845)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2661254-v2)
    Update for Windows XP (KB2718704)
    Update for Windows XP (KB2736233)
    Update for Windows XP (KB2749655)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB973815)
    Visual Studio 2012 x86 Redistributables
    WebFldrs XP
    Winamp
    Windows Internet Explorer 8
    Windows Media Format 11 runtime
    .
    ==== Event Viewer Messages From Past Week ========
    .
    20/09/2014 21:17:01, error: Service Control Manager [7016] - The BrSplService service has reported an invalid current state 0.
    20/09/2014 19:08:57, error: Service Control Manager [7000] - The AVG WatchDog service failed to start due to the following error: The system cannot find the file specified.
    20/09/2014 18:39:17, error: Service Control Manager [7034] - The vToolbarUpdater18.1.9 service terminated unexpectedly. It has done this 1 time(s).
    20/09/2014 18:39:17, error: Service Control Manager [7034] - The TomTomHOMEService service terminated unexpectedly. It has done this 1 time(s).
    20/09/2014 18:39:17, error: Service Control Manager [7034] - The Skype C2C Service service terminated unexpectedly. It has done this 1 time(s).
    20/09/2014 18:39:17, error: Service Control Manager [7034] - The Machine Debug Manager service terminated unexpectedly. It has done this 1 time(s).
    20/09/2014 18:39:17, error: Service Control Manager [7034] - The LogMeIn service terminated unexpectedly. It has done this 1 time(s).
    20/09/2014 18:39:17, error: Service Control Manager [7034] - The LogMeIn Maintenance Service service terminated unexpectedly. It has done this 1 time(s).
    20/09/2014 18:39:17, error: Service Control Manager [7034] - The LMIGuardianSvc service terminated unexpectedly. It has done this 1 time(s).
    20/09/2014 18:39:17, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
    20/09/2014 18:39:16, error: Service Control Manager [7034] - The BrSplService service terminated unexpectedly. It has done this 1 time(s).
    17/09/2014 03:20:25, error: MRxSmb [8003] - The master browser has received a server announcement from the computer REDMONKIE-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{95B549D1-F8B0-4. The master browser is stopping or an election is being forced.
    16/09/2014 05:35:18, error: Dhcp [1002] - The IP address lease 192.168.0.117 for the Network Card with network address 002219010D8C has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
    15/09/2014 17:36:38, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
    15/09/2014 17:35:19, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
    .
    ==== End Of File ===========================
    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.21.2
    Run by Ian at 21:16:56 on 2014-09-20
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3006.2458 [GMT 1:00]
    .
    AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    .
    ============== Running Processes ================
    .
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\brss01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\stsystra.exe
    C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\LogMeIn\x86\RaMaint.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
    C:\Program Files\LogMeIn\x86\LogMeIn.exe
    C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.9012.1008\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    uRun: [Google Update] "c:\documents and settings\ian\local settings\application data\google\update\GoogleUpdate.exe" /c
    uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
    mRun: [SigmatelSysTrayApp] stsystra.exe
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [nwiz] nwiz.exe /install
    mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
    mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
    mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
    mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
    dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: NameServer = 192.168.0.1
    TCP: Interfaces\{95B549D1-F8B0-47FC-AAFC-D74143666C0A} : DHCPNameServer = 192.168.0.1
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\18.1.9\ViProtocol.dll
    Notify: LMIinit - LMIinit.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2014-9-20 49944]
    R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2014-9-20 192352]
    R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 147736]
    R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-8-9 241944]
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-9-20 779536]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2014-9-20 414520]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-3-19 197400]
    R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-8-30 42784]
    R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-9-20 24184]
    R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-9-20 67824]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2014-9-20 50344]
    R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2012-7-5 375120]
    R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2012-6-8 13624]
    R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2012-7-17 47640]
    R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2013-9-16 3273088]
    R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2013-8-27 93072]
    R2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9;c:\program files\common files\avg secure search\vtoolbarupdater\18.1.9\ToolbarUpdater.exe [2014-8-12 1820184]
    S2 avgwd;AVG WatchDog;"c:\program files\avg\avg2014\avgwdsvc.exe" --> c:\program files\avg\avg2014\avgwdsvc.exe [?]
    S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-10-23 172192]
    S4 LMIRfsClientNP;LMIRfsClientNP; [x]
    .
    =============== Created Last 30 ================
    .
    2014-09-20 19:29:18 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
    2014-09-20 19:29:08 53208 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
    2014-09-20 19:29:08 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
    2014-09-20 18:24:55 -------- d-----w- c:\documents and settings\ian\application data\AVAST Software
    2014-09-20 18:24:43 -------- d-----w- c:\windows\jumpshot.com
    2014-09-20 18:24:08 779536 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2014-09-20 18:24:08 192352 ----a-w- c:\windows\system32\drivers\aswVmm.sys
    2014-09-20 18:24:07 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
    2014-09-20 18:24:06 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2014-09-20 18:24:06 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
    2014-09-20 18:24:00 43152 ----a-w- c:\windows\avastSS.scr
    2014-09-20 18:12:19 -------- d-----w- c:\program files\AVAST Software
    2014-09-20 18:09:59 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software
    2014-09-20 18:00:03 -------- d-----w- c:\documents and settings\ian\local settings\application data\Avg
    2014-09-20 17:46:55 -------- d-----w- c:\program files\VS Revo Group
    2014-09-20 17:09:42 -------- d-----w- c:\documents and settings\ian\application data\Samsung
    2014-09-20 17:06:16 4659712 ----a-w- c:\windows\system32\Redemption.dll
    2014-09-20 17:04:35 -------- d-----w- c:\program files\Samsung
    .
    ==================== Find3M ====================
    .
    2014-09-10 09:53:05 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2014-09-10 09:53:05 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2014-08-12 09:45:28 42784 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
    2014-07-20 09:24:18 86888 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
    2014-07-20 09:24:18 53064 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll
    2014-07-20 09:24:17 85832 ----a-w- c:\windows\system32\LMIinit.dll
    2014-07-20 09:24:17 31560 ----a-w- c:\windows\system32\LMIport.dll
    .
    ============= FINISH: 21:17:31.53 ===============
     
  2. Broni

    Broni Malware Annihilator Posts: 52,895   +344

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ======================

    [​IMG] You're running two AV programs, AVG and Avast.
    You must uninstall one of them.
    If AVG use AVG Remover: http://www.avg.com/us-en/utilities

    [​IMG] Download RogueKiller from one of the following links and save it to your Desktop:

    Link 1
    Link 2

    • Close all the running programs
    • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

    [​IMG] Create new restore point before proceeding with the next step....
    How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

    Download [img=[url]http://www.imgdumper.nl/uploads6/51a5f31352f71/51a5f31352b88-icon_MBAR.png][/url]Malwarebytes Anti-Rootkit to your desktop.
    • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
    • Double click on downloaded file. OK self extracting prompt.
    • MBAR will start. Click "Next" to continue.
    • Click in the following screen "Update" to obtain the latest malware definitions.
    • Once the update is complete select "Next" and click "Scan".
    • When the scan is finished and no malware has been found select "Exit".
    • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
    • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
      • "mbar-log-{date} (xx-xx-xx).txt"
      • "system-log.txt"
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...