Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My log


  • This topic is locked This topic is locked
2 replies to this topic

#1 kg3

kg3

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:26 PM

Posted 26 October 2009 - 04:12 AM

All of a sudden my PC start up time has gone from less than 1 minute to over 3 minutes. Yesterday it loaded fine, today it lags at startup. But after it started up the pc functions fine. Is there any problems with this log?

Thanks



DDS (Ver_09-10-26.01) - NTFSx86
Run by Owner at 20:15:24.20 on Mon 26/10/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.61.1033.18.1535.970 [GMT 11:00]

AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: Look 'n' Stop 2.05p2 (Soft4Ever) *enabled* {2A530F53-4A99-4EE0-8471-4A00BA4A47B0}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\servises.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\LooknStop\looknstop.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\servises.exe
C:\WINDOWS\system32\servises.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\servises.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_06\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [PeerGuardian] c:\program files\peerguardian2\pg2.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [servises] c:\windows\system32\servises.exe
mRun: [VTTimer] VTTimer.exe
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [Look 'n' Stop] "c:\program files\looknstop\looknstop.exe" -auto
mRun: [nod32kui] "c:\program files\eset\nod32kui.exe" /WAITSERVICE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [servises] c:\windows\system32\servises.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uExplorerRun: [servises] c:\windows\system32\servises.exe
mExplorerRun: [servises] c:\windows\system32\servises.exe
StartupFolder: c:\docume~1\owner\startm~1\programs\startup\speedfan.lnk - c:\program files\speedfan\speedfan.exe
IE: &ieSpell Options - c:\program files\iespell\iespell.dll/SPELLOPTION.HTM
IE: Check &Spelling - c:\program files\iespell\iespell.dll/SPELLCHECK.HTM
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: Lookup on Merriam Webster - file://c:\program files\iespell\Merriam Webster.HTM
IE: Lookup on Wikipedia - file://c:\program files\iespell\wikipedia.HTM
IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://c:\program files\iespell\iespell.dll/SPELLCHECK.HTM
IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://c:\program files\iespell\iespell.dll/SPELLOPTION.HTM
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\program files\partygaming\partypoker\RunApp.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_06\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
LSP: c:\windows\system32\imon.dll
DPF: {02AA9E0F-B4EB-4BE9-A769-FD09543FEEC2} - hxxp://www.lebanonvoice.com/voicechat/ver5/voice-installer.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/E/3/9/E39C664F-A8E3-4F69-A109-1AE9849204EE/OGAControl.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1233977539078
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://sdlc-esd.sun.com/ESD42/JSCDL/jre/6u6-b90/jinstall-6u6-windows-i586-jc.cab?AuthParam=1214097477_b8bc2039e75a1a4539a5417d5a925b10&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD42/JSCDL/jre/6u6-b90/jinstall-6u6-windows-i586-jc.cab&File=jinstall-6u6-windows-i586-jc.cab
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: {2B870957-16C6-4ECE-B03C-0B6EE01B681F} = 211.29.132.12,198.142.0.51
TCP: {82E2A3DE-2B63-43C7-BC19-66913E036F6F} = 211.29.132.12,198.142.0.51
TCP: {83D64FFE-FEBD-462A-A78E-4D5CE7FA6D31} = 211.29.132.12,198.142.0.51
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-4-13 64288]
R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2008-6-21 11264]
R1 lnsfw1;lnsfw1;c:\windows\system32\drivers\lnsfw1.sys [2008-6-21 76160]
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2008-6-21 15424]
R1 vcdrom;Virtual CD-ROM Device Driver;c:\windows\system32\drivers\VCdRom.sys [2001-12-19 8576]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2008-11-8 845184]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys --> c:\windows\system32\drivers\ggflt.sys [?]
S3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1e51x86.sys [2008-11-8 36864]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-9-24 1170768]

=============== Created Last 30 ================

2009-10-26 08:44:51 401720 ----a-w- c:\program files\HijackThis.exe
2009-10-25 10:24:10 0 d-----w- c:\program files\EA Sports
2009-10-25 05:53:10 27648 ----a-w- c:\windows\system32\servises.exe
2009-10-19 02:36:19 6097 ----a-w- c:\windows\system32\drivers\sonyhcb.sys
2009-10-19 02:36:19 53248 ----a-w- c:\windows\system32\SONYHCY.DLL
2009-10-19 02:36:19 38739 ----a-w- c:\windows\system32\drivers\sonyhcc.sys
2009-10-19 02:36:19 3654 ----a-w- c:\windows\system32\drivers\Sonyhcp.dll
2009-10-19 02:36:19 299923 ----a-w- c:\windows\system32\drivers\sonyhcs.sys
2009-10-19 02:36:19 102220 ----a-w- c:\windows\system32\drivers\sonypvs1.sys
2009-10-19 02:36:19 0 d-----w- C:\Drivers
2009-10-16 08:24:39 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}

==================== Find3M ====================

2009-10-26 08:47:59 8117 ----a-w- c:\program files\hijackthis.log
2009-09-23 12:55:23 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-03 09:17:47 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-08-29 08:08:21 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-05 09:01:48 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 15:13:08 2145280 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-08-04 14:20:09 2023936 ----a-w- c:\windows\system32\ntkrnlpa.exe
2001-12-19 00:45:04 23552 ----a-w- c:\program files\VCdControlTool.exe

============= FINISH: 20:15:39.57 ===============

Attached Files


Edited by kg3, 26 October 2009 - 04:20 AM.


BC AdBot (Login to Remove)

 


#2 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:10:26 PM

Posted 01 November 2009 - 06:07 PM

Hello,

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and
we are trying our best to keep up.

My name is Syler and I will be helping you to solve your Malware issues. If you have since resolved your issues I would appreciate if you
would let me no so I can close this topic, if you still need help please let me no what issues you are still having, in your next reply.

  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
Then please post back here with the following:
  • log.txt
  • info.txt
Thanks

unite.jpg


#3 syler

syler

  • Malware Response Team
  • 8,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Warrington, UK
  • Local time:10:26 PM

Posted 05 November 2009 - 07:50 PM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending me a PM
with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.

unite.jpg





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users