Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unusually slow computer, high memory usage


  • This topic is locked This topic is locked
2 replies to this topic

#1 madblade

madblade

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:25 AM

Posted 13 December 2010 - 07:32 AM

Recently without any new hardware or software changes my computer's been running slow (i7 920@3.5GHz) and memory usage is really high like 70% on idle with 6MB of RAM. I go do some browsing or something and the computer is fine. I watch a video, and the thing eventually slows down to a crawl, unable to properly play the video file, skips frames. When I go to the computer and do something the video suddenly fixes it self, sorta like if it goes idle the computer starts something else, by which I've heard some viruses do that. I've ran all sort of antivirus and antimalware programs (NOD32, Ad-aware, malwarebytes, AVG, etc...) and nothing.

Here is the DDS diagnostic. Is there anything else I might want to do?










DDS (Ver_10-12-05.01) - NTFS_AMD64
Run by Rick at 5:18:04.01 on Mon 12/13/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_18
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.6142.2392 [GMT -7:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe
C:\Windows\system32\lxeccoms.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
C:\Program Files (x86)\Rosewill\Common\RaRegistry.exe
C:\Program Files (x86)\Rosewill\Common\RaRegistry64.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe
C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Rosewill\Common\RaUI.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Portrait Displays\HP Display Assistant\DTHtml.exe
C:\Program Files (x86)\Portrait Displays\Pivot Software\floater.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files\Logitech\SetPointG\SetPointII.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\GrabIt\GrabIt.exe
C:\Users\Rick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rick\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Users\Rick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Rick\AppData\Local\Google\Chrome\Application\chrome.exe
C:\games\valvesoftware\steam.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft IntelliType Pro\IType.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Rick\Desktop\dds.scr
C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = <local>
mWinlogon: Userinit=C:\Windows\SysWOW64\userinit.exe
BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - C:\Program Files\Lexmark Toolbar\toolband.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - C:\Program Files\Lexmark Printable Web\bho.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
BHO: Microsoft Web Test Recorder 10.0 Helper: {dda57003-0068-4ed2-9d32-4d1ec707d94d} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - C:\Program Files\Lexmark Toolbar\toolband.dll
TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
EB: Web Test Recorder 10.0: {5802d092-1784-4908-8cdb-99b6842d353d} - mscoree.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [AdobeBridge]
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Google Update] "C:\Users\Rick\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [<NO NAME>]
mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [Lexmark Pro800-Pro900 Series] "C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\fm3032.exe" /s
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [PivotSoftware] "C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe"
mRun: [DT HWP] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -HWP
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
dRun: [CtxfiReg] CTXFIREG.exe /FAIL2
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ROSEWI~1.LNK - C:\Program Files (x86)\Rosewill\Common\RaUI.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15110/CTPID.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB-X64: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
mRun-x64: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
mRun-x64: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
mRun-x64: [lxecmon.exe] "C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe"
mRun-x64: [EzPrint] "C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe"
mRun-x64: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
mRun-x64: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
AppInit_DLLs-X64: acaptuser64.dll
Hosts: 255.255.255.255 broadcasthost
Hosts: 216.34.181.45 s # slashdot.org
Hosts: 64.233.187.104 g # google.com

================= FIREFOX ===================

FF - ProfilePath - C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\pxqo4g6k.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Rick\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Users\Rick\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Rick\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Extension: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\pxqo4g6k.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
FF - Extension: Flash Video Resources Downloader: max@subfighter.com - C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\pxqo4g6k.default\extensions\max@subfighter.com
FF - Extension: ChatZilla: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2} - C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\pxqo4g6k.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
FF - Extension: KeepTube Downloader: webmaster@keep-tube.com - C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\pxqo4g6k.default\extensions\webmaster@keep-tube.com

============= SERVICES / DRIVERS ===============

R0 BtHidBus;Bluetooth HID Bus Service;C:\Windows\System32\drivers\BtHidBus.sys [2009-9-24 23304]
R0 Lbd;Lbd;C:\Windows\System32\drivers\Lbd.sys [2010-12-10 69152]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-8-25 203264]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-9-11 735960]
R2 epfwwfpr;epfwwfpr;C:\Windows\System32\drivers\epfwwfpr.sys [2009-9-11 123200]
R2 GEST Service;GEST Service for program management.;C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe [2009-12-7 68136]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-12-3 1389400]
R2 lxec_device;lxec_device;C:\Windows\system32\lxeccoms.exe -service --> C:\Windows\system32\lxeccoms.exe -service [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-6 363344]
R2 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2010-9-18 109096]
R2 RalinkRegistryWriter;Ralink Registry Writer;C:\Program Files (x86)\Rosewill\Common\RaRegistry.exe [2009-12-7 185632]
R2 RalinkRegistryWriter64;Ralink Registry Writer 64;C:\Program Files (x86)\Rosewill\Common\RaRegistry64.exe [2009-12-7 211232]
R2 RtNdPt60;Realtek NDIS Protocol Driver;C:\Windows\System32\drivers\RtNdPt60.sys [2009-12-7 27136]
R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2010-8-25 7767040]
R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2010-8-25 279040]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-7-15 116240]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-3-16 35104]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2010-12-3 17440]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2009-12-9 24152]
R3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver;C:\Windows\System32\drivers\netr28ux.sys [2009-12-7 987648]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-9-16 347680]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-13 17920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 cpuz132;cpuz132;C:\Windows\System32\drivers\cpuz132_x64.sys [2009-12-9 19432]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-16 135664]
S2 lxecCATSCustConnectService;lxecCATSCustConnectService;C:\Windows\System32\spool\drivers\x64\3\lxecserv.exe [2010-6-5 45736]
S3 AODDriver;AODDriver;C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [2009-2-23 14904]
S3 atidgllk;atidgllk;C:\Program Files (x86)\GIGABYTE\ET6\atidgllk.sys [2006-7-19 12048]
S3 btnetBUs;Bluetooth PAN Bus Service;C:\Windows\System32\drivers\btnetBus.sys [2009-9-24 27776]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2009-12-6 79360]
S3 Creative Dolby Digital Live Pack Licensing Service;Creative Dolby Digital Live Pack Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\DDLLicensing.exe [2009-12-6 79360]
S3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\System32\drivers\CT20XUT.sys [2009-6-4 202776]
S3 CT20XUT;CT20XUT;C:\Windows\System32\drivers\CT20XUT.sys [2009-6-4 202776]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\System32\drivers\CTEXFIFX.sys [2009-6-4 1417240]
S3 CTEXFIFX;CTEXFIFX;C:\Windows\System32\drivers\CTEXFIFX.sys [2009-6-4 1417240]
S3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\System32\drivers\CTHWIUT.sys [2009-6-4 94744]
S3 CTHWIUT;CTHWIUT;C:\Windows\System32\drivers\CTHWIUT.sys [2009-6-4 94744]
S3 CYUSB;Cypress Generic USB Driver;C:\Windows\System32\drivers\CYUSB.sys [2010-7-15 47104]
S3 danewFltr;NewDeathAdder Mouse;C:\Windows\System32\drivers\danew.sys [2010-7-15 12032]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;C:\games\Dragon Age\bin_ship\daupdatersvc.service.exe [2009-12-15 25832]
S3 ENTECH64;ENTECH64;C:\Windows\System32\drivers\Entech64.sys [2009-12-9 12744]
S3 etdrv;etdrv;C:\Windows\etdrv.sys [2009-12-7 25640]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-12-19 1038088]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-20 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]
S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2009-12-7 30528]
S3 IvtBtBUs;IVT Bluetooth Bus Service;C:\Windows\System32\drivers\IvtBtBus.sys [2009-8-26 30344]
S3 LtcyCfgWDM;PCI Latency Tool Driver Service;C:\Windows\System32\drivers\LtcyCfgWDM.sys [2005-12-26 7936]
S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2009-6-19 20992]
S3 motccgpfl;MotCcgpFlService;C:\Windows\System32\drivers\motccgpfl.sys [2009-1-29 9216]
S3 RivaTuner64;RivaTuner64;C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [2009-8-22 19952]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);C:\Windows\System32\drivers\RtTeam60.sys [2009-12-7 50688]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);C:\Windows\System32\drivers\RtVlan60.sys [2009-12-7 24064]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);C:\Windows\System32\drivers\RtTeam60.sys [2009-12-7 50688]
S3 VSPerfDrv100;Performance Tools Driver 10.0;C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-3-17 68440]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-17 1255736]
S3 WMSVC;Web Management Service;C:\Windows\System32\inetsrv\WMSvc.exe [2009-7-13 10752]
S4 ftpsvc;Microsoft FTP Service;C:\Windows\system32\svchost.exe -k ftpsvc [2009-7-13 27136]
S4 MotoHelper.exe;Motorola Helper;C:\Program Files (x86)\Motorola\Moto Helper Service\MotoHelper.exe [2010-1-5 6656]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]
S4 RsFx0103;RsFx0103 Driver;C:\Windows\System32\drivers\RsFx0103.sys [2009-3-30 311656]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

=============== Created Last 30 ================

2010-12-12 20:38:47 -------- d-----w- C:\Program Files\Microsoft IntelliType Pro
2010-12-11 11:13:40 191488 ----a-w- C:\Windows\System32\unrar.dll
2010-12-11 11:13:40 136704 ----a-w- C:\Windows\System32\ff_vfw.dll
2010-12-11 11:13:39 -------- d-----w- C:\Program Files\KLCP64
2010-12-11 10:51:27 790528 ----a-w- C:\Windows\SysWow64\xvidcore.dll
2010-12-11 10:51:27 237568 ----a-w- C:\Windows\SysWow64\yv12vfw.dll
2010-12-11 10:51:27 232448 ----a-w- C:\Windows\SysWow64\mp3fhg.acm
2010-12-11 10:51:27 151552 ----a-w- C:\Windows\SysWow64\ac3acm.acm
2010-12-11 10:51:27 134144 ----a-w- C:\Windows\SysWow64\xvidvfw.dll
2010-12-11 10:51:26 108032 ----a-w- C:\Windows\SysWow64\ff_vfw.dll
2010-12-10 18:00:13 8199504 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{BCE958FB-83E7-44BA-9032-16ACEED4F60C}\mpengine.dll
2010-12-10 12:39:08 15880 ----a-w- C:\Windows\System32\lsdelete.exe
2010-12-10 11:58:57 -------- d-s---w- C:\ComboFix
2010-12-10 11:45:36 98816 ----a-w- C:\Windows\sed.exe
2010-12-10 11:45:36 89088 ----a-w- C:\Windows\MBR.exe
2010-12-10 11:45:36 256512 ----a-w- C:\Windows\PEV.exe
2010-12-10 11:45:36 161792 ----a-w- C:\Windows\SWREG.exe
2010-12-10 10:15:07 -------- d-----w- C:\Users\Rick\AppData\Roaming\AVG10
2010-12-10 10:13:20 -------- d--h--w- C:\PROGRA~3\Common Files
2010-12-10 10:12:26 -------- d-----w- C:\PROGRA~3\AVG10
2010-12-10 10:12:16 -------- d-----w- C:\Program Files (x86)\AVG
2010-12-10 10:07:23 69152 ----a-w- C:\Windows\System32\drivers\Lbd.sys
2010-12-10 10:07:20 49752 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
2010-12-10 10:02:46 -------- d-----w- C:\Users\Rick\AppData\Local\Sunbelt Software
2010-12-10 10:01:04 -------- dc-h--w- C:\PROGRA~3\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
2010-12-10 10:00:44 -------- d-----w- C:\Program Files (x86)\Lavasoft
2010-12-10 10:00:04 -------- d-----w- C:\PROGRA~3\MFAData
2010-12-08 15:50:21 -------- d-----w- C:\Users\Rick\AppData\Local\assembly
2010-12-08 15:50:18 -------- d-----w- C:\Users\Rick\AppData\Local\Apps
2010-12-08 15:50:17 -------- d-----w- C:\Users\Rick\AppData\Local\Deployment
2010-11-29 10:53:28 -------- d-----w- C:\Program Files\SyncToy 2.1
2010-11-24 02:44:05 7680 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll
2010-11-24 02:44:05 7680 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll
2010-11-16 23:04:01 24416 ----a-r- C:\Windows\System32\AdobePDFUI.dll
2010-11-16 23:03:18 112056 ----a-w- C:\Windows\SysWow64\acaptuser32.dll

==================== Find3M ====================

2010-12-10 12:42:16 25640 ----a-w- C:\Windows\gdrv.sys
2010-11-30 00:42:06 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-10-19 17:41:44 270720 ------w- C:\Windows\System32\MpSigStub.exe
2010-10-14 08:36:52 15451288 ----a-w- C:\Windows\SysWow64\xlive.dll
2010-10-14 08:36:50 13642904 ----a-w- C:\Windows\SysWow64\xlivefnt.dll
2010-09-23 06:47:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2010-09-23 06:36:48 48488 ----a-w- C:\Windows\System32\drivers\fssfltr.sys
2010-09-23 06:32:56 301936 ----a-w- C:\Windows\WLXPGSS.SCR
2010-09-21 20:49:02 252800 ----a-w- C:\Windows\System32\LIVESSP.DLL
2010-09-21 20:03:14 208768 ----a-w- C:\Windows\SysWow64\LIVESSP.DLL
2010-09-17 02:17:00 25640 ----a-w- C:\Windows\etdrv.sys
2010-09-17 02:12:56 30528 ----a-w- C:\Windows\GVTDrv64.sys

============= FINISH: 5:18:57.26 ===============

Attached Files

  • Attached File  DDS.txt   25.99KB   0 downloads


BC AdBot (Login to Remove)

 


#2 Judicandus

Judicandus

    Bleepin' Pasta


  • Malware Response Team
  • 730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Around the world
  • Local time:05:25 AM

Posted 22 December 2010 - 07:28 AM

Hello and welcome to Bleeping Computer

I'm judicandus and I'll be helping you out.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process. Please also continue to work with me until I give you the all clear. Even if your computer appears to act better, you may still be infected.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.

Once we start working together, please reply back within 3 days or this thread may be closed so we can help others who are waiting.

Please post a DDS log and Gmer log. For instructions please read this post:
http://www.bleepingcomputer.com/forums/topic34773.html

#3 Judicandus

Judicandus

    Bleepin' Pasta


  • Malware Response Team
  • 730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Around the world
  • Local time:05:25 AM

Posted 12 January 2011 - 02:46 AM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users