Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Not sure what I have..


  • This topic is locked This topic is locked
4 replies to this topic

#1 Shula

Shula

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:17 AM

Posted 22 February 2009 - 09:38 AM

My computer has been acting up lately.. It's become VERY slow and the internet sometimes stops randomly. I know this is not my internet causing the problems because I do online gaming on my Xbox, but I never lose connection. I was hoping I could get some help with this. I've run AVG free, found nothing. MBAM, nothing. I am now relying on your expertise to help repair this. =) Thanks in advance.


DDS (Ver_09-01-19.01) - NTFSx86
Run by phil at 9:22:42.00 on Sun 02/22/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.447.137 [GMT -5:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
c:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\VIAudioi\SBADeck\ADeck.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\WINDOWS\vVX3000.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Documents and Settings\phil\Desktop\Malware Tools\dds.scr

============== Pseudo HJT Report ===============

uStart Page = about:blank
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - No File
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [VTTrayp] VTtrayp.exe
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [AudioDeck] c:\program files\viaudioi\sbadeck\ADeck.exe 1
mRun: [Acrobat Assistant 7.0] "c:\program files\adobe\acrobat 7.0\distillr\Acrotray.exe"
mRun: [VX3000] c:\windows\vVX3000.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-0000-7760-000000000002}\SC_Acrobat.exe
StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - hxxp://www.eset.eu/buxus/docs/OnlineScanner.cab
DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\phil\applic~1\mozilla\firefox\profiles\gd3e962s.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npijjiFFPlugin1.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-2-13 325128]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-2-13 27656]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-2-13 107272]
R4 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-2-13 298264]
R4 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\CCSETMGR.EXE [2005-12-26 165488]
R4 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2009-2-8 206096]
S3 ccPwdSvc;Symantec Password Validation;c:\program files\common files\symantec shared\CCPWDSVC.EXE [2005-12-26 79472]
S4 0282761234074470mcinstcleanup;McAfee Application Installer Cleanup (0282761234074470);c:\docume~1\phil\locals~1\temp\028276~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service --> c:\docume~1\phil\locals~1\temp\028276~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service [?]

=============== Created Last 30 ================

2009-02-16 11:22 <DIR> --d-h--- C:\$AVG8.VAULT$
2009-02-13 21:55 10,520 a------- c:\windows\system32\avgrsstx.dll
2009-02-13 21:54 107,272 a------- c:\windows\system32\drivers\avgtdix.sys
2009-02-13 21:54 325,128 a------- c:\windows\system32\drivers\avgldx86.sys
2009-02-13 21:54 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-02-13 21:54 <DIR> --d----- c:\program files\AVG
2009-02-13 21:54 <DIR> --d----- c:\docume~1\alluse~1.win\applic~1\avg8
2009-02-11 20:25 41 a------- c:\windows\Filzip.ini
2009-02-11 20:23 <DIR> --d----- c:\program files\Filzip
2009-02-09 18:59 <DIR> --d----- c:\program files\EsetOnlineScanner
2009-02-08 20:47 <DIR> a-dshr-- C:\cmdcons
2009-02-08 01:27 <DIR> --d----- c:\program files\common files\McAfee
2009-02-08 01:25 <DIR> --d----- c:\program files\McAfee
2009-01-31 18:51 109 a------- c:\windows\lexstat.ini
2009-01-31 18:50 40,960 a------- c:\windows\system32\lxbkvs.dll
2009-01-31 18:48 87,040 ac------ c:\windows\system32\dllcache\wiafbdrv.dll
2009-01-31 18:48 87,040 a------- c:\windows\system32\wiafbdrv.dll
2009-01-31 18:48 983,101 a------- c:\windows\system32\LXBKGF.DLL
2009-01-31 18:48 352,256 a------- c:\windows\system32\LXBKUTIL.DLL
2009-01-31 18:48 69,632 a------- c:\windows\system32\lxbkscin.dll
2009-01-31 18:48 49,152 a------- c:\windows\system32\lxbkcoin.dll
2009-01-31 18:48 266 a------- c:\windows\system32\lxbkcoin.ini
2009-01-31 18:48 57,344 a------- c:\windows\system32\lxbkcinf.dll
2009-01-31 18:48 454,656 a------- c:\windows\system32\LXBKJSWR.DLL
2009-01-31 18:48 <DIR> --d----- c:\program files\Lexmark X1100 Series
2009-01-31 18:44 299,520 a------- c:\windows\uninst.exe
2009-01-31 18:43 <DIR> --d----- C:\Lxk1100
2009-01-30 20:07 <DIR> --d----- c:\docume~1\alluse~1.win\applic~1\Spybot - Search & Destroy
2009-01-30 18:55 410,984 a------- c:\windows\system32\deploytk.dll
2009-01-30 02:08 <DIR> --d----- c:\windows\system32\scripting
2009-01-30 02:08 <DIR> --d----- c:\windows\l2schemas
2009-01-30 02:08 <DIR> --d----- c:\windows\system32\en
2009-01-30 02:00 <DIR> --d----- c:\windows\ServicePackFiles
2009-01-28 20:39 <DIR> --d----- c:\program files\Trend Micro
2009-01-27 21:09 <DIR> --d----- c:\docume~1\phil\applic~1\Malwarebytes
2009-01-27 21:09 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-01-27 21:09 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-27 21:09 <DIR> --d----- c:\docume~1\alluse~1.win\applic~1\Malwarebytes
2009-01-27 21:09 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-01-24 13:22 <DIR> --d----- c:\documents and settings\phil\.housecall6.6

==================== Find3M ====================

2009-01-30 02:15 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-01-09 18:11 20,747 a------- c:\windows\system32\drivers\AegisP.sys
2008-12-20 18:15 826,368 a------- c:\windows\system32\wininet.dll
2008-11-26 12:27 43,520 a------- c:\windows\system32\CmdLineExt03.dll

============= FINISH: 9:24:17.17 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Shula

Shula
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:17 AM

Posted 22 February 2009 - 10:24 AM

I forgot to add one little tidbit.. Now when I boot my PC, I get a message saying that I'm missing drivers for a new PCI device. I know I haven't installed any new hardware, especially a PCI device.. so I'm not sure what it means.

#3 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,688 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:17 PM

Posted 05 March 2009 - 02:12 PM

Hi Shula,

Welcome to BC HijackThis forum and sorry for the delay. I am farbar. I am going to assist you with your problem.

Please refrain from making any changes to your system (updating Windows, installing applications, removing files, etc.) from now on as it might prolong handling your log and make the job for both of us more difficult.
  • Tell me if you have run any tool or have made a major change to the system since your last post. Also tell me how is the current condition of your computer.

  • To get an idea about the current condition of you computer download random's system information tool (RSIT) by random/random from here and save it to your desktop.
    • Double click on RSIT.exe to run RSIT.
    • Set the list of files/folders created to 3 Months and click Continue at the disclaimer screen.
    • Once it has finished, two logs will open.
    • log.txt (<<will be maximized)
    • info.txt (<<will be minimized).
  • Please copy and paste the content of just log.txt to your reply. No need for info.txt

    Note 1: If you have difficulty finding the log, the logs is in this folder: C:\rsit

    Note 2: The tool takes not more than one minute to scan the system.

You might want to save this page on your favorites, so you can find it again when you return.

#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,688 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:17 PM

Posted 09 March 2009 - 01:27 PM

I'll wait another day before closing the topic due to inactivity.

#5 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,688 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:02:17 PM

Posted 10 March 2009 - 06:33 AM

This thread will now be closed due to lack of activity.

If you should have a new issue, please start a new topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users