Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Vista is running very slow.


  • This topic is locked This topic is locked
2 replies to this topic

#1 Muk1000

Muk1000

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:42 PM

Posted 11 November 2009 - 05:31 AM

Essentially what the topic says. I wish I could give more details, but here are a few things that I know:

- It came on fast, whatever it is. One night I was happily playing Team Fortress 2, the next day it's barely running.
- I've had problems off and on for a while, but it's been simple fixes, usually. System restore or uninstall a program or end a process.
- One process in particular has been problematic since this problem started: startmansvc.exe. It would take more and more resources the longer it ran. Other times it doesn't seem to run at all.

So, without further ado, my dds:


DDS (Ver_09-10-26.01) - NTFSX64
Run by Jeffrey at 1:47:56.05 on Wed 11/11/2009
Internet Explorer: 8.0.6001.18828
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.6142.4380 [GMT -8:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Program Files (x86)\AVG\AVG9\avgchsva.exe
C:\Program Files (x86)\AVG\AVG9\avgrsa.exe
C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\RAVCpl64.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehsched.exe
C:\Windows\ehome\ehRecvr.exe
C:\Windows\SysWOW64\conime.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
C:\Windows\System32\mobsync.exe
C:\Program Files (x86)\AVG\AVG9\avgnsa.exe
C:\Program Files (x86)\AVG\AVG9\avgemc.exe
C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
C:\Windows\SysWOW64\notepad.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Jeffrey\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Bar = Preserve
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cndt
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cndt
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cndt
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cndt
uInternet Settings,ProxyServer = <local>
uInternet Settings,ProxyOverride = <local>;*.local
mURLSearchHooks: AOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files (x86)\aol\aim toolbar 5.0\aoltb.dll
mWinlogon: Userinit=userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files (x86)\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files (x86)\askbardis\bar\bin\askBar.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files (x86)\avg\avg9\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File
BHO: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - No File
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files (x86)\java\jre1.6.0_01\bin\ssv.dll
BHO: AOL Toolbar Launcher: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files (x86)\aol\aim toolbar 5.0\aoltb.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {9527D42F-D666-11D3-B8DD-00600838CD5F} - No File
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files (x86)\yahoo!\companion\installs\cpn\yt.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: AIM Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files (x86)\aol\aim toolbar 5.0\aoltb.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files (x86)\askbardis\bar\bin\askBar.dll
mRun: [QuickTime Task] "c:\program files (x86)\quicktime\QTTask.exe" -atboottime
mRun: [SSDMonitor] "c:\program files (x86)\common files\pc tools\smonitor\SSDMonitor.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\progra~2\aim\aim.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} - c:\program files (x86)\java\jre1.6.0_01\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~2\office12\ONBttnIE.dll
IE: {3369AF0D-62E9-4bda-8103-B4C75499B578} - {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files (x86)\aol\aim toolbar 5.0\aoltb.dll
IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223} - c:\program files (x86)\bonjour\ExplorerPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~2\office12\REFIEBAR.DLL
DPF: vzTCPConfig - hxxp://www2.verizon.net/help/fios_settings_POTT20009/include/vzTCPConfig.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files (x86)\avg\avg9\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL
SEH: {a5780613-492e-4a2a-a7fd-549610edf6cc} - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files (x86)\avg\avg9\avgssiea.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB-X64: AIM Toolbar: {DE9C389F-3316-41A7-809B-AA305ED9D922} -
TB-X64: {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No File
mRun-x64: [RtHDVCpl] RAVCpl64.exe
mRun-x64: [Windows Defender] %programFiles%\Windows Defender\MSASCui.exe -hide
AppInit_DLLs-X64: avgrssta.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\jeffrey\appdata\roaming\mozilla\firefox\profiles\67dlaxgp.default\
FF - prefs.js: browser.startup.homepage - www.gamefaqs.com | www.kotaku.com | www.penny-arcade.com
FF - prefs.js: network.proxy.type - 4
FF - component: c:\program files (x86)\avg\avg9\firefox\components\avgssff.dll
FF - component: c:\users\jeffrey\appdata\roaming\mozilla\firefox\profiles\67dlaxgp.default\extensions\{463f6ca5-ee3c-4be1-b7e6-7fee11953374}\platform\winnt\components\FoxyTunes.dll
FF - plugin: c:\progra~2\sonyon~1\npsoe.dll
FF - plugin: c:\program files (x86)\microsoft\office live\npOLW.dll
FF - plugin: c:\program files (x86)\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files (x86)\mozilla firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files (x86)\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nppl3260.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprjplug.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpjplug.dll
FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R0 nvrd64;NVIDIA nForce RAID Driver;c:\windows\system32\drivers\nvrd64.sys [2008-7-21 166944]
R0 nvstor64;nvstor64;c:\windows\system32\drivers\nvstor64.sys [2008-7-21 170528]
R1 AvgLdx64;AVG Free AVI Loader Driver x64;c:\windows\system32\drivers\avgldx64.sys [2009-10-31 422920]
R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64;c:\windows\system32\drivers\avgmfx64.sys [2009-10-31 34248]
R1 AvgTdiA;AVG Free Network Redirector x64;c:\windows\system32\drivers\avgtdia.sys [2009-10-31 470024]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files (x86)\avg\avg9\avgemc.exe [2009-10-31 906520]
R2 avg9wd;AVG Free WatchDog;c:\program files (x86)\avg\avg9\avgwdsvc.exe [2009-10-31 285392]
R2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\common files\microsoft shared\windows live\WLIDSVC.EXE [2009-3-30 2297216]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2009-7-14 1708800]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\drivers\netr28x.sys [2008-5-27 405504]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\common files\pc tools\smonitor\startmansvc.exe --> c:\program files (x86)\common files\pc tools\smonitor\StartManSvc.exe [?]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe [2009-9-17 89920]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
S3 PerfHost;Performance Counter DLL Host;c:\windows\syswow64\perfhost.exe [2008-1-20 19968]
S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl64.sys [2009-8-28 49152]
S4 HPBtnSrv;HP Chasis Button Service;c:\hp\hpezbtn\HPBtnSrv.exe [2008-5-27 198240]

============== File Associations ===============

JSEFile=c:\windows\syswow64\WScript.exe "%1" %*

=============== Created Last 30 ================

2009-11-11 09:07:36 0 d-----w- c:\programdata\Startup Manager
2009-11-11 09:07:36 0 d-----w- c:\program files (x86)\Startup Manager
2009-11-10 06:48:41 0 d-----w- c:\program files (x86)\Free Window Registry Repair
2009-11-10 06:43:23 0 d-----w- c:\windows\syswow64\Registry Patrol
2009-11-10 06:42:57 86016 ----a-w- c:\windows\unvise32.exe
2009-11-10 06:41:52 0 d-----w- c:\program files (x86)\Registry Patrol
2009-11-10 05:54:13 524288 --sha-w- c:\users\jeffrey\ntuser.dat{c84d8a02-cdbc-11de-ba83-001644d62006}.TMContainer00000000000000000002.regtrans-ms
2009-11-10 05:54:11 65536 --sha-w- c:\users\jeffrey\ntuser.dat{c84d8a02-cdbc-11de-ba83-001644d62006}.TM.blf
2009-11-10 05:54:11 524288 --sha-w- c:\users\jeffrey\ntuser.dat{c84d8a02-cdbc-11de-ba83-001644d62006}.TMContainer00000000000000000001.regtrans-ms
2009-11-10 02:32:03 0 dc-h--w- c:\programdata\{EF63305C-BAD7-4144-9208-D65528260864}
2009-11-10 02:31:15 0 d-----w- c:\program files (x86)\Lavasoft
2009-11-09 23:31:25 0 d-----w- c:\users\jeffrey\appdata\roaming\PC Tools
2009-11-09 23:31:25 0 d-----w- c:\programdata\PC Tools
2009-11-09 23:31:25 0 d-----w- c:\program files (x86)\Spyware Doctor
2009-11-09 22:46:24 0 d-----w- c:\users\jeffrey\appdata\roaming\Uniblue
2009-11-09 22:46:16 0 d-----w- c:\program files (x86)\Uniblue
2009-11-09 22:20:23 0 d-----w- c:\programdata\SecTaskMan
2009-11-09 22:19:10 0 d-----w- c:\program files (x86)\Security Task Manager
2009-11-08 13:09:30 0 d-----w- c:\programdata\Google
2009-11-06 19:29:59 0 d-----w- c:\programdata\WindowsSearch
2009-11-04 08:54:55 5939712 ----a-w- c:\windows\syswow64\mshtml.dll
2009-11-04 08:54:54 1638912 ----a-w- c:\windows\syswow64\mshtml.tlb
2009-11-04 08:54:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2009-11-02 06:36:02 0 d-----w- c:\program files\iPod
2009-11-02 06:36:00 0 d-----w- c:\program files\iTunes
2009-11-02 06:36:00 0 d-----w- c:\program files (x86)\iTunes
2009-11-01 10:16:40 0 d-----w- c:\program files (x86)\Windows Portable Devices
2009-11-01 10:16:37 0 d-----w- c:\program files\Windows Portable Devices
2009-11-01 10:16:25 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2009-11-01 10:16:10 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-11-01 00:04:28 34816 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-11-01 00:04:28 30208 ----a-w- c:\windows\syswow64\WPDShextAutoplay.exe
2009-11-01 00:04:28 3009 ----a-w- c:\windows\system32\wbem\wpd_ci.mof
2009-11-01 00:04:17 37888 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-11-01 00:04:13 107008 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-10-31 23:47:55 4096 ----a-w- c:\windows\syswow64\oleaccrc.dll
2009-10-31 23:47:55 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-31 23:47:51 736256 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-10-31 23:47:51 555520 ----a-w- c:\windows\syswow64\UIAutomationCore.dll
2009-10-31 23:47:51 315904 ----a-w- c:\windows\system32\oleacc.dll
2009-10-31 23:47:51 234496 ----a-w- c:\windows\syswow64\oleacc.dll
2009-10-31 23:12:58 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_xusb21_01007.Wdf
2009-10-31 23:05:57 92672 ----a-w- c:\windows\syswow64\UIAnimation.dll
2009-10-31 23:05:57 103424 ----a-w- c:\windows\system32\UIAnimation.dll
2009-10-31 23:05:50 1164800 ----a-w- c:\windows\syswow64\UIRibbonRes.dll
2009-10-31 23:05:50 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2009-10-31 23:05:46 3815424 ----a-w- c:\windows\system32\UIRibbon.dll
2009-10-31 23:05:46 3023360 ----a-w- c:\windows\syswow64\UIRibbon.dll
2009-10-31 23:04:07 4984 ----a-w- c:\windows\system32\drivers\nvphy.bin
2009-10-31 22:54:41 0 d-----w- c:\program files\Realtek
2009-10-31 22:41:50 656896 ----a-w- c:\windows\system32\kerberos.dll
2009-10-31 22:41:44 499712 ----a-w- c:\windows\syswow64\kerberos.dll
2009-10-31 22:41:39 338432 ----a-w- c:\windows\system32\schannel.dll
2009-10-31 22:41:39 270848 ----a-w- c:\windows\syswow64\schannel.dll
2009-10-31 10:15:45 0 d--h--w- C:\$AVG
2009-10-31 10:14:19 12464 ----a-w- c:\windows\system32\avgrssta.dll
2009-10-31 10:14:07 470024 ----a-w- c:\windows\system32\drivers\avgtdia.sys
2009-10-31 10:13:48 422920 ----a-w- c:\windows\system32\drivers\avgldx64.sys
2009-10-31 10:13:39 34248 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2009-10-31 10:13:39 0 d-----w- c:\windows\system32\drivers\Avg
2009-10-31 10:12:39 0 d-----w- c:\programdata\avg9
2009-10-31 10:08:28 0 d-----w- c:\program files (x86)\CCleaner
2009-10-31 10:00:29 0 d-----w- c:\users\jeffrey\appdata\roaming\Registry Mechanic
2009-10-31 09:48:01 212992 ----a-w- c:\windows\syswow64\UniBoxVB12.ocx
2009-10-31 09:48:01 1101824 ----a-w- c:\windows\syswow64\UniBox210.ocx
2009-10-31 09:48:00 880640 ----a-w- c:\windows\syswow64\UniBox10.ocx
2009-10-31 09:47:50 0 d-----w- c:\program files (x86)\common files\PC Tools
2009-10-31 05:41:20 0 d-----w- c:\windows\syswow64\vi-VN
2009-10-31 05:41:20 0 d-----w- c:\windows\syswow64\eu-ES
2009-10-31 05:41:20 0 d-----w- c:\windows\syswow64\ca-ES
2009-10-31 05:41:15 0 d-----w- c:\windows\system32\eu-ES
2009-10-31 05:41:15 0 d-----w- c:\windows\system32\ca-ES
2009-10-31 05:40:45 0 d-----w- c:\windows\system32\vi-VN
2009-10-30 10:19:00 0 d-----w- c:\users\jeffrey\appdata\roaming\My Games
2009-10-30 09:27:46 0 d-----w- c:\program files (x86)\Firaxis Games
2009-10-30 09:24:41 372736 ----a-w- c:\windows\system32\unregmp2.exe
2009-10-30 09:24:41 10626560 ----a-w- c:\windows\syswow64\wmp.dll
2009-10-30 09:24:40 310784 ----a-w- c:\windows\syswow64\unregmp2.exe
2009-10-30 09:24:28 8147456 ----a-w- c:\windows\syswow64\wmploc.DLL
2009-10-30 09:24:27 8147968 ----a-w- c:\windows\system32\wmploc.DLL
2009-10-14 09:52:53 4698168 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-10-14 09:47:23 1689600 ----a-w- c:\windows\system32\lsasrv.dll
2009-10-14 09:47:22 77312 ----a-w- c:\windows\syswow64\secur32.dll
2009-10-14 09:47:22 515656 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-10-14 09:47:22 269312 ----a-w- c:\windows\system32\msv1_0.dll
2009-10-14 09:47:22 218624 ----a-w- c:\windows\syswow64\msv1_0.dll
2009-10-14 09:47:22 205312 ----a-w- c:\windows\system32\wdigest.dll
2009-10-14 09:47:22 175104 ----a-w- c:\windows\syswow64\wdigest.dll
2009-10-14 09:47:21 94720 ----a-w- c:\windows\system32\secur32.dll
2009-10-14 09:47:21 11264 ----a-w- c:\windows\system32\lsass.exe
2009-10-14 09:46:48 174592 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-10-14 09:46:26 82944 ----a-w- c:\windows\system32\msasn1.dll
2009-10-14 09:46:26 60928 ----a-w- c:\windows\syswow64\msasn1.dll

==================== Find3M ====================

2009-11-10 09:57:45 2356 ----a-w- c:\users\jeffrey\appdata\roaming\wklnhst.dat
2009-11-02 11:52:03 51200 ----a-w- c:\windows\inf\infpub.dat
2009-11-02 11:52:03 143360 ----a-w- c:\windows\inf\infstrng.dat
2009-11-01 10:16:28 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-11-01 10:16:27 86016 ----a-w- c:\windows\inf\infstor.dat
2009-10-31 04:31:36 37665 ----a-w- c:\windows\fonts\GlobalUserInterface.CompositeFont
2009-10-01 17:29:14 238960 ------w- c:\windows\system32\MpSigStub.exe
2009-10-01 01:02:17 2537472 ----a-w- c:\windows\syswow64\wpdshext.dll
2009-10-01 01:02:04 334848 ----a-w- c:\windows\syswow64\PortableDeviceApi.dll
2009-10-01 01:02:02 87552 ----a-w- c:\windows\syswow64\WPDShServiceObj.dll
2009-10-01 01:01:59 160256 ----a-w- c:\windows\syswow64\PortableDeviceTypes.dll
2009-10-01 01:01:56 60928 ----a-w- c:\windows\syswow64\PortableDeviceConnectApi.dll
2009-10-01 01:01:56 350208 ----a-w- c:\windows\syswow64\WPDSp.dll
2009-10-01 01:01:56 196608 ----a-w- c:\windows\syswow64\PortableDeviceWMDRM.dll
2009-10-01 01:01:56 100864 ----a-w- c:\windows\syswow64\PortableDeviceClassExtension.dll
2009-10-01 00:52:29 2727936 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 00:52:10 453120 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 00:51:59 110080 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 00:51:54 573440 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 00:51:50 433152 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 00:51:46 218624 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 00:51:45 77824 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 00:51:45 113152 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 00:51:42 46592 ----a-w- c:\windows\system32\drivers\WpdUsb.sys
2009-10-01 00:51:40 295936 ----a-w- c:\windows\system32\WpdMtp.dll
2009-10-01 00:51:34 214528 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 00:51:33 75264 ----a-w- c:\windows\system32\WpdMtpUS.dll
2009-10-01 00:51:32 37376 ----a-w- c:\windows\system32\WpdConns.dll
2009-09-25 02:27:43 1209856 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-09-25 02:10:10 974848 ----a-w- c:\windows\syswow64\WindowsCodecs.dll
2009-09-25 02:10:01 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-09-25 02:09:10 411648 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-09-25 02:07:08 189440 ----a-w- c:\windows\syswow64\WindowsCodecsExt.dll
2009-09-25 02:04:32 321024 ----a-w- c:\windows\syswow64\PhotoMetadataHandler.dll
2009-09-25 02:00:39 3068416 ----a-w- c:\windows\system32\xpsservices.dll
2009-09-25 01:56:42 643072 ----a-w- c:\windows\system32\XpsPrint.dll
2009-09-25 01:49:22 1554432 ----a-w- c:\windows\syswow64\xpsservices.dll
2009-09-25 01:48:08 351232 ----a-w- c:\windows\syswow64\XpsPrint.dll
2009-09-25 01:40:43 1461760 ----a-w- c:\windows\system32\OpcServices.dll
2009-09-25 01:40:07 470016 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2009-09-25 01:39:09 231936 ----a-w- c:\windows\system32\XpsRasterService.dll
2009-09-25 01:38:29 847360 ----a-w- c:\windows\syswow64\OpcServices.dll
2009-09-25 01:36:16 262656 ----a-w- c:\windows\system32\dxdiagn.dll
2009-09-25 01:36:13 280064 ----a-w- c:\windows\syswow64\XpsGdiConverter.dll
2009-09-25 01:36:08 1548800 ----a-w- c:\windows\system32\d3d10warp.dll
2009-09-25 01:35:49 328192 ----a-w- c:\windows\system32\dxdiag.exe
2009-09-25 01:35:48 449024 ----a-w- c:\windows\system32\WMPhoto.dll
2009-09-25 01:35:31 135680 ----a-w- c:\windows\syswow64\XpsRasterService.dll
2009-09-25 01:34:58 1269248 ----a-w- c:\windows\system32\d3d10.dll
2009-09-25 01:33:48 792576 ----a-w- c:\windows\system32\d3d11.dll
2009-09-25 01:33:25 195584 ----a-w- c:\windows\syswow64\dxdiagn.dll
2009-09-25 01:33:15 829440 ----a-w- c:\windows\syswow64\d3d10warp.dll
2009-09-25 01:33:01 369664 ----a-w- c:\windows\syswow64\WMPhoto.dll
2009-09-25 01:32:59 252928 ----a-w- c:\windows\syswow64\dxdiag.exe
2009-09-25 01:32:22 566272 ----a-w- c:\windows\system32\d3d10level9.dll
2009-09-25 01:31:53 519680 ----a-w- c:\windows\syswow64\d3d11.dll
2009-09-25 01:31:53 196608 ----a-w- c:\windows\system32\d3d10_1.dll
2009-09-25 01:31:51 326656 ----a-w- c:\windows\system32\d3d10_1core.dll
2009-09-25 01:31:47 625664 ----a-w- c:\windows\system32\dxgi.dll
2009-09-25 01:31:41 287744 ----a-w- c:\windows\system32\d3d10core.dll
2009-09-25 01:31:36 981504 ----a-w- c:\windows\system32\d2d1.dll
2009-09-25 01:31:26 486912 ----a-w- c:\windows\syswow64\d3d10level9.dll
2009-09-25 01:31:21 161280 ----a-w- c:\windows\syswow64\d3d10_1.dll
2009-09-25 01:31:19 218112 ----a-w- c:\windows\syswow64\d3d10_1core.dll
2009-09-25 01:31:16 1030144 ----a-w- c:\windows\syswow64\d3d10.dll
2009-09-25 01:31:15 828928 ----a-w- c:\windows\syswow64\d2d1.dll
2009-09-25 01:30:23 481792 ----a-w- c:\windows\syswow64\dxgi.dll
2009-09-25 01:30:23 190464 ----a-w- c:\windows\syswow64\d3d10core.dll
2009-09-25 01:27:18 893440 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-09-25 01:27:04 1064448 ----a-w- c:\windows\syswow64\DWrite.dll
2009-09-25 01:26:38 47616 ----a-w- c:\windows\system32\cdd.dll
2009-09-25 01:26:26 1548800 ----a-w- c:\windows\system32\DWrite.dll
2009-09-25 01:26:26 1142272 ----a-w- c:\windows\system32\FntCache.dll
2009-09-24 22:54:55 258048 ----a-w- c:\windows\syswow64\winspool.drv
2009-09-16 23:49:02 35840 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2009-09-16 23:49:02 342016 ----a-w- c:\windows\system32\winspool.drv
2009-09-16 23:49:02 1032192 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2009-08-29 02:42:52 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-08-29 02:42:33 32256 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-29 00:50:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-29 00:27:49 4240384 ----a-w- c:\windows\syswow64\GameUXLegacyGDFs.dll
2009-08-29 00:14:38 28672 ----a-w- c:\windows\syswow64\Apphlpdm.dll
2009-08-27 05:52:18 1147904 ----a-w- c:\windows\system32\wininet.dll
2009-08-27 05:47:24 132096 ----a-w- c:\windows\system32\iesysprep.dll
2009-08-27 05:47:23 77312 ----a-w- c:\windows\system32\iesetup.dll
2009-08-27 05:22:28 916480 ----a-w- c:\windows\syswow64\wininet.dll
2009-08-27 05:22:15 1208832 ----a-w- c:\windows\syswow64\urlmon.dll
2009-08-27 05:20:52 206848 ----a-w- c:\windows\syswow64\occache.dll
2009-08-27 05:18:37 594432 ----a-w- c:\windows\syswow64\msfeeds.dll
2009-08-27 05:18:37 55296 ----a-w- c:\windows\syswow64\msfeedsbs.dll
2009-08-27 05:18:00 25600 ----a-w- c:\windows\syswow64\jsproxy.dll
2009-08-27 05:17:43 71680 ----a-w- c:\windows\syswow64\iesetup.dll
2009-08-27 05:17:43 1985536 ----a-w- c:\windows\syswow64\iertutil.dll
2009-08-27 05:17:43 164352 ----a-w- c:\windows\syswow64\ieui.dll
2009-08-27 05:17:43 109056 ----a-w- c:\windows\syswow64\iesysprep.dll
2009-08-27 05:17:42 55808 ----a-w- c:\windows\syswow64\iernonce.dll
2009-08-27 05:17:42 184320 ----a-w- c:\windows\syswow64\iepeers.dll
2009-08-27 05:17:41 11069440 ----a-w- c:\windows\syswow64\ieframe.dll
2009-08-27 05:17:35 387584 ----a-w- c:\windows\syswow64\iedkcs32.dll
2009-08-27 04:10:33 162816 ----a-w- c:\windows\system32\ieUnatt.exe
2009-08-05 09:35:06 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2009-08-05 09:35:06 32768 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2009-08-05 09:35:06 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat

============= FINISH: 1:48:19.25 ===============

I hope you can help. Quite frustrating to not know what the problem is, and I'm not the best at this sort of thing. Thanks in advance!

Attached Files



BC AdBot (Login to Remove)

 


#2 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:42 PM

Posted 17 November 2009 - 10:53 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/

#3 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:42 PM

Posted 23 November 2009 - 03:49 PM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users