Computer Hope
Software => Computer viruses and spyware => Topic started by: JHenderson on May 27, 2009, 09:22:13 AM
-
I have noticed recently when trying to get on IE that it takes forever to pull up my msn.com homepage. My Computer is up to date, I have secunia loaded. I run AVG Free and did a scan plus Malwarebytes. Nothing. Seems like the processes in Task Manager have been incresed by number a little too. What to do........ My specv on my computer should be posted next to my login info but will type them out if need be. Evil has always helped in the past but I am not sure its a virus. Is there a program to check my processes running to see if I have and eating up my CPU and slowing down IE? Sorry for all the questions :-[
-
http://www.computerhope.com/forum/index.php/topic,46313.0.html
go to above and post the 3 logs here an expert will see them
-
Its taken more than 24 hours to run a SUPERanti scan. I am still waiting for it to be done. I have already ran CC. Ii has never taken this long. I look under task manager and SUPERanti is taking up most of my CPU usage. I will post my HJT logs too. Hopefully this scan hurries up.
-
have you tried resetting internet explorer? I think it's probably a software issue but I don't know ...
http://support.microsoft.com/kb/923737
-
I just reset my IE. We will see. It not just that but EVRYTHING is running slower than normal. I dunno. Something is definitely up. Maybe not a virus. Might be something with the OS.
-
do the reset i have used it 3/4 times and will do no harm
-
do the reset i have used it 3/4 times and will do no harm
except you might want to save your favorites / bookmarks. Supposedly it don't get lost when you do the reset but it has happened to me once but it wasn't a big deal, but if you have a big list of favorited sites, you probably don't want that to go lost ;D.
-
Yeah I saved the Favorites. That would SUCK! My list is so long. Probably need to make some folders and organize a little. Still waiting for SUPER scan to finish. I swear something is eating up my CPU. I looked under prcess manager as admin and didn't see anything noticeable but what do I know ;D
-
Yeah I saved the Favorites. That would SUCK! My list is so long. Probably need to make some folders and organize a little. Still waiting for SUPER scan to finish. I swear something is eating up my CPU. I looked under prcess manager as admin and didn't see anything noticeable but what do I know ;D
Maybe scanning in safe mode would make it go faster than it would or has been in normal mode ... after all, in safe mode, you got only the bare minimum windows running so there with everything else disabled until you reboot into normal mode :)
-
I should have. I have over a million files to scan on my computer. Thats the problem. I UPGRADED like an idiot from XP home. I don't know how to clean it all up though. I have no idea which folders are old and which are new; or which files are needed.
-
I should have. I have over a million files to scan on my computer. Thats the problem. I UPGRADED like an idiot from XP home. I don't know how to clean it all up though. I have no idea which folders are old and which are new; or which files are needed.
Vista is not that bad, I use it and I like it but now what do you have on your pc that you definitely do not want to delete? Your music, some documents and other media files if you go those? Saying your an idiot makes me feel a little odd 'cuz I used to have windows xp home on my pc but have not converted it into a vista machine and is currently not encountering problems that would desperately make me want to revert back to windows xp.
-
I should have done a clean install instead of an upgrade. Thats what I meant by me being an idiot. I keep all my media on externals. I don't know where all the extra files are from.
-
I should have done a clean install instead of an upgrade. Thats what I meant by me being an idiot. I keep all my media on externals. I don't know where all the extra files are from.
and yeah if you got the regular vista upgrade cd (the ones that didn't come with sp1 or sp2 already preinstalled with the windows), you could've done a clean install. That was a M$ loophole. Extra files from where? What's the names of those files or what do they look like?
-
I will have to look around, but seriously, is there directory that windows puts aside after the the vista upgrade that I can delete. Is there a way for someone to take a look at my directories and say "hey delete that". I am still waiting for the SUPER scan to get through. Its been almost 2 days since it's started. I have 4 computers where I live THANK GOD. otherwise I would be stuck completely.
-
use the disk cleaner and see what it finds. That's what I would do to clean out the computer. Just search Disk Cleanup using the start menu search bar and it should come up.
See what each option says and if you don't need it then you can check and delete it, also from here you can go to more options and have the cleaner clean out your system restore points if you use it so that you only have most recent on and that saves a lot of space on your hard drive.
I have done checked everything in there when I saw it was massive huge and it got rid of a lot of things, which were taking up space.
-
I sometimes see that a huge issue is if you have a lot of toolbars installed on IE. My brother's computer had like 4 and it took FOREVER to load. I removed them, and it started right up.
-
There is no way I have over 2 million 3 hundred thousand files on my computer. Could SUPERantispyware just keep repeating the scan over and over. I have started this scan over 5 days ago now. Could this be harmful to my laptop CPU to be running like this. It is maxed out CONSTANTLY. Should I stop the scan and run in safe mode?
-
Superantispyware is most likely not repeating the search over and over again. It might be that it is stuck on trying to scan a file. Did you check the screen to see what it's scanning? Is it still scanning or attempting to scan the same file or something with same filename?
-
I think Evilfantasy would agree after 5 days it's time to move on to the next program and post your log of SAS if you get one.
-
Superantispyware is most likely not repeating the search over and over again. It might be that it is stuck on trying to scan a file. Did you check the screen to see what it's scanning? Is it still scanning or attempting to scan the same file or something with same filename?
Like if there are too many folders in one directory (about 10000), then dir just freezes.
-
So I finally stopped SUPERantispyware after it was reading almost 2400000 files. I posted an earier log this year to show you the boost in files scanned from before til now. My logs are attached below. I laso had error messages during HJT. I pressed ok but included a screenshot before I did it. Thanks for any help. Will post Older SUPERscan I did in January showing the influx in files.
[attachment deleted by admin]
-
Here is the older scan
[attachment deleted by admin]
-
I laso had error messages during HJT. I pressed ok but included a screenshot before I did it.
Because you didn't use the 'Run as Administrator' option as stated in the instructions.
--
This does not appear to be malware but we can do some cleanup as well as double check for anything that might be hiding.
Download DDS by sUBs (http://www.forospyware.com/sUBs/dds) and save it to your desktop. Alternate DDS download link (http://download.bleepingcomputer.com/sUBs/dds.scr)
Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)
* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.
1) DDS.txt
2) Attach.txt
* Save both logs to your desktop.
* Please copy and paste the entire contents of both logs in your next reply.
Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copy and pasting it into the reply.
-
dds doesn't give me a run as administrator option, It just gives me test, configure, or install at the top. Should I install it. I definitely right clicked it. You were correct about my HJT error. Sorry about that. :-[
-
Just double click it. It should run.
-
Here are the completed logs. It worked by double clicking it :) I attached the logs instead. I didn't think they would fit in the reply. I appreciate your help Evilfantasy.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-05-14.01)
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume1
Install Date: 9/2/2008 12:25:46 AM
System Uptime: 6/6/2009 3:53:06 PM (5 hours ago)
Motherboard: TOSHIBA | | Portable PC
Processor: Intel(R) Pentium(R) M processor 1.60GHz | mFCPGA | 1595/133mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 74 GiB total, 10.938 GiB free.
D: is CDROM ()
E: is Removable
==== Disabled Device Manager Items =============
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Intel(R) PRO/Wireless 2200BG Network Connection
Device ID: PCI\VEN_8086&DEV_4220&SUBSYS_27418086&REV_05\4&15FA4845&0&20F0
Manufacturer: Intel Corporation
Name: Intel(R) PRO/Wireless 2200BG Network Connection
PNP Device ID: PCI\VEN_8086&DEV_4220&SUBSYS_27418086&REV_05\4&15FA4845&0&20F0
Service: NETw2v32
Class GUID: {a0a588a4-c46f-4b37-b7ea-c82fe89870c6}
Description: SDA Standard Compliant SD Host Controller
Device ID: PCI\VEN_104C&DEV_8034&SUBSYS_FF101179&REV_00\4&15FA4845&0&34F0
Manufacturer: SDA Standard Compliant SD Host Controller Vendor
Name: SDA Standard Compliant SD Host Controller
PNP Device ID: PCI\VEN_104C&DEV_8034&SUBSYS_FF101179&REV_00\4&15FA4845&0&34F0
Service: sdbus
Class GUID: {4d36e96d-e325-11ce-bfc1-08002be10318}
Description: TOSHIBA Software Modem
Device ID: PCI\VEN_8086&DEV_266D&SUBSYS_00011179&REV_04\3&33FD14CA&0&F3
Manufacturer: Agere
Name: TOSHIBA Software Modem
PNP Device ID: PCI\VEN_8086&DEV_266D&SUBSYS_00011179&REV_04\3&33FD14CA&0&F3
Service: Modem
==== System Restore Points ===================
No restore point in system.
==== Installed Programs ======================
AC3Filter (remove only)
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.4
Adobe Shockwave Player
AutoSizer
AVG 8.5
Canon iP2600 series
CCleaner (remove only)
Choice Guard
Compatibility Pack for the 2007 Office system
G-Force
Google Chrome
Google Earth
HijackThis 2.0.2
honestech TVR
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
InterActual Player
InterVideo WinDVD Creator 2
InterVideo WinDVD for TOSHIBA
Java(TM) 6 Update 13
LimeWire PRO 4.12.3
Linksys WCG200 Wireless-G Cable Gateway(B)
Linksys Wireless-N Notebook Adapter Driver - WPC300N
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB929729)
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Office Live Add-in 1.3
Microsoft Office Professional Edition 2003
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Mozilla Firefox (3.0b5)
MSVCRT
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
Native Instruments - Traktor 1.06
ObjectDock
PeerGuardian 2.0
PowerISO
Project64 1.6
RealPlayer
Realtek AC'97 Audio
Rhapsody Player Engine
Roxio Burn Engine
Screenshot Captor 2.56.01
SD Secure Module
Secunia PSI
Sonique
SoundMAX
SpywareBlaster 4.2
SUPERAntiSpyware Free Edition
Symantec KB-DocID:2003093015493306
Texas Instruments PCIxx21/x515 drivers.
TIxx21/x515
Torrent Harvester
TOSHIBA Assist
TOSHIBA Controls
TOSHIBA Hotkey Utility
TOSHIBA PC Diagnostic Tool
TOSHIBA Power Saver
Toshiba Registration
TOSHIBA Software Upgrades
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
Toshiba Tbiosdrv Driver
TOSHIBA TouchPad ON/Off Utility
TOSHIBA Utilities
TOSHIBA Virtual Sound
TOSHIBA Zooming Utility
Touch and Launch
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebFldrs XP
WhiteCap
Winamp
Winamp Remote
Windows Defender
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Live Communications Platform
Windows Live Essentials
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Player 11
WinRAR archiver
WOT for Internet Explorer
Xvid 1.1.2 final uninstall
==== Event Viewer Messages From Past Week ========
6/6/2009 8:08:43 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
5/31/2009 9:52:49 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avg8wd service.
5/31/2009 1:41:22 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer DENNIS-HENDERSO that believes that it is the master browser for the domain on transport NetBT_Tcpip_{83E2F9DE-2FF9-4E5D-84BF-E1. The master browser is stopping or an election is being forced.
5/30/2009 11:38:29 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Lbd sptd
5/30/2009 11:38:29 PM, Error: Service Control Manager [7001] - The Windows Media Player Network Sharing Service service depends on the UPnP Device Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
5/30/2009 11:38:29 PM, Error: Service Control Manager [7000] - The Universal WDM TV Tuner service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
5/30/2009 11:38:29 PM, Error: Service Control Manager [7000] - The SAA7135 TV Card service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
5/30/2009 11:38:29 PM, Error: Service Control Manager [7000] - The MCSTRM service failed to start due to the following error: The system cannot find the file specified.
5/30/2009 11:38:29 PM, Error: Service Control Manager [7000] - The AEGIS Protocol (IEEE 802.1x) v3.1.6.0 service failed to start due to the following error: The system cannot find the file specified.
5/30/2009 11:32:44 PM, Error: cdrom [11] - The driver detected a controller error on \Device\CdRom0.
5/30/2009 11:31:36 PM, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware.
5/30/2009 11:31:18 PM, Error: sptd [4] - Driver detected an internal error in its data structures for .
==== End Of File ===========================
DDS (Ver_09-05-14.01) - NTFSx86
Run by Justin Henderson at 20:34:52.85 on Sat 06/06/2009
Internet Explorer: 8.0.6001.18702
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1033.18.1527.898 [GMT -7:00]
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\System32\snmp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Windows\system32\svchost.exe -k imgsvc
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\AutoSizer\AutoSizer.exe
C:\Users\Justin Henderson\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Justin Henderson\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uSearch Bar = Preserve
uSearch Page = hxxp://us.rd.yahoo.com/customize/ycomp_adbe/defaults/sp/*http://www.yahoo.com
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://www.cox.net
uInternet Settings,ProxyOverride = *.local
BHO: {00000000-6cb0-410c-8c3d-8fa8d2011d0a} - DownloadRedirect Class
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - c:\program files\wot\WOT.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - c:\program files\wot\WOT.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [AutoSizer] "c:\program files\autosizer\AutoSizer.exe"
uRun: [Google Update] "c:\users\justin henderson\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [PeerGuardian] c:\program files\peerguardian2\pg2.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
mRun: [SoundMAXPnP] c:\program files\analog devices\soundmax\SMax4PNP.exe
mRun: [Tvs] c:\program files\toshiba\tvs\TvsTray.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
StartupFolder: c:\users\justin~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\stardo~1.lnk - c:\program files\stardock\objectdock\ObjectDock.exe
uPolicies-explorer: NoViewOnDrive = 0 (0x0)
uPolicies-explorer: HideRunAsVerb = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\partygaming\partypoker\RunApp.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
DPF: {00000055-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/fhg.CAB
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://dl8-cdn-09.sun.com/s/ESD7/JSCDL/jdk/6u13-b03/jinstall-6u13-windows-i586-jc.cab?e=1239532918143&h=7cb9c575117baf78e6cc365dec55b55f/&filename=jinstall-6u13-windows-i586-jc.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
AppInit_DLLs: avgrsstx.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
================= FIREFOX ===================
FF - ProfilePath - c:\users\justin~1\appdata\roaming\mozilla\firefox\profiles\o53cq62b.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\justin henderson\appdata\local\google\update\1.2.145.5\npGoogleOneClick8.dll
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300
c:\program files\mozilla firefox 3 beta 5\defaults\pref\firefox.js - pref("browser.urlbar.matchOnWordBoundary", true);
c:\program files\mozilla firefox 3 beta 5\defaults\pref\firefox.js - pref("browser.safebrowsing.malware.reportURL", "http://www.stopbadware.org/reports/container?source=Firefox&version=3.0b5&reportname=");
c:\program files\mozilla firefox 3 beta 5\defaults\pref\firefox.js - pref("browser.places.importBookmarksHTML", true);
c:\program files\mozilla firefox 3 beta 5\defaults\pref\firefox.js - pref("browser.places.createdSmartBookmarks", false);
============= SERVICES / DRIVERS ===============
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-4-10 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-4-10 108552]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2008-2-29 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-2-29 55024]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-4-10 298776]
R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-5-19 240512]
R3 WPC300N;Linksys Wireless Notebook Adapter WPC300N Driver;c:\windows\system32\drivers\WPC300N.SYS [2009-5-21 691192]
S2 713xTVCard;SAA7135 TV Card;c:\windows\system32\drivers\SAA713x.sys [2008-9-2 277504]
S2 WDMTVTuner;Universal WDM TV Tuner;c:\windows\system32\drivers\WDMTuner.sys [2008-9-2 23680]
S3 3xHybrid;SAA713x TV Card Service;c:\windows\system32\drivers\3xHybrid.sys [2007-7-6 906368]
S3 NETw2v32;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows Vista;c:\windows\system32\drivers\NETw2v32.sys [2006-11-2 2589184]
S3 nwusbmdm;Novatel Wireless Merlin CDMA EV-DO Modem Driver;c:\windows\system32\drivers\nwusbmdm.sys [2005-5-3 63360]
S3 nwusbser;Novatel Wireless Merlin CDMA EV-DO Status Port;c:\windows\system32\drivers\nwusbser.sys [2005-5-3 63360]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2009-3-24 7808]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2006-2-16 4096]
S3 WCG200BVistaI386;Linksys WCG200 Wireless-G Cable Gateway(B);c:\windows\system32\drivers\WCG200BVistaI386.sys [2006-12-22 15872]
=============== Created Last 30 ================
2009-06-06 02:00 <DIR> --d----- c:\users\justin~1\appdata\roaming\DonationCoder
2009-06-06 01:58 <DIR> --d----- c:\programdata\DonationCoder
2009-06-06 01:58 <DIR> --d----- c:\program files\ScreenshotCaptor
2009-06-06 01:58 <DIR> --d----- c:\progra~2\DonationCoder
2009-06-06 00:40 <DIR> --d-h--- C:\BJPrinter
2009-05-21 01:16 34,304 a------- c:\windows\DrvTool64.exe
2009-05-21 01:16 32,768 a------- c:\windows\DrvTool.exe
2009-05-21 01:16 520 a------- c:\windows\Hardware.ID
2009-05-21 01:16 825,336 a------- c:\windows\bcmwl664.sys
2009-05-21 01:16 691,192 a------- c:\windows\system32\drivers\WPC300N.SYS
2009-05-21 01:16 691,192 a------- c:\windows\bcmwl6.sys
2009-05-21 01:16 113,756 a------- c:\windows\Lsbcmnds.inf
2009-05-21 01:16 11,166 a------- c:\windows\bcm43xx64.cat
2009-05-21 01:16 11,166 a------- c:\windows\bcm43xx.cat
2009-05-21 01:16 27,072 -------- c:\windows\system32\drivers\CBPSp50.sys
2009-05-21 01:16 3,262 -------- c:\windows\Linksys.ico
2009-05-21 01:13 139,264 a------- c:\windows\UIButton.dll
2009-05-21 01:13 126,976 a------- c:\windows\UIListCtrl.dll
2009-05-21 01:13 94,208 a------- c:\windows\UITabCtrl.dll
2009-05-21 01:13 20,480 a------- c:\windows\RegActiveX.exe
2009-05-21 01:13 1,700,352 a------- c:\windows\GdiPlus.dll
2009-05-21 01:10 <DIR> --d----- c:\program files\Torrent Harvester
2009-05-14 16:37 0 a------- c:\windows\system32\tviresource.val
2009-05-12 16:02 <DIR> --d----- c:\windows\TweakVI
==================== Find3M ====================
2009-06-06 02:17 1,660 a------- c:\windows\bthservsdp.dat
2009-05-26 13:20 40,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-26 13:19 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-05-21 01:18 51,200 a------- c:\windows\inf\infpub.dat
2009-05-21 01:18 143,360 a------- c:\windows\inf\infstrng.dat
2009-05-21 01:18 86,016 a------- c:\windows\inf\infstor.dat
2009-05-04 09:12 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-05-04 09:12 325,896 a------- c:\windows\system32\drivers\avgldx86.sys
2009-05-04 09:12 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-04-17 09:44 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
2009-04-12 03:41 410,984 a------- c:\windows\system32\deploytk.dll
2009-03-16 20:38 40,960 a------- c:\windows\apppatch\apihex86.dll
2009-03-16 20:38 13,824 a------- c:\windows\system32\apilogen.dll
2009-03-16 20:38 24,064 a------- c:\windows\system32\amxread.dll
2008-09-03 23:19 174 a--sh--- c:\program files\desktop.ini
2008-09-03 22:58 665,600 a------- c:\windows\inf\drvindex.dat
2006-11-02 05:39 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 05:39 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 05:39 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 05:39 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 02:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 02:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 02:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 02:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2005-05-22 20:28 152 a------- c:\users\justin~1\appdata\roaming\wklnhst.dat
============= FINISH: 20:36:14.87 ===============
[attachment deleted by admin]
-
It makes it easier on me with logs posted directly in the reply. :)
Your Java is out of date.
Older versions have vulnerabilities that malicious sites can use to infect your system.
First install the new Sun Java Runtime Environment (http://www.majorgeeks.com/Sun_Java_Runtime_Environment_d4648.html)
Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.
Be sure to close all browser windows before beginning the install.
Remove the old version(s)
Download JavaRa (http://prm753.bchea.org/JavaRa.zip)
- Unzip the file and open the JavaRa.exe
- Click Remove Older Versions
- JavaRa will search for and remove any outdated version of Java and remove any that are found.
- Click Additional Tasks
- Place a check next to Remove Useless JRE Files and click Go
- Exit JavaRa
- Delete the JavaRa files from the Desktop
.
Additional Note: The Java Quick Starter (JQS.exe) (http://java.sun.com/javase/6/docs/technotes/guides/jweb/otherFeatures/jqs.html) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.
----------
I see no indication of a malware issue here.
Try posting in the Windows forum for more suggestions.
-
It makes it easier on me with logs posted directly in the reply. :)
Sorry about that :P I will remove older Java. I am surprised Secunia didn't pick up on that one. I was also wondering why you recommend disabling SUPERantispyware at startup. Is it because its the freeware version and is no help to my computer unless I do a scan myself? If that is so, heck, I might as well buy the darn thing for $20 bucks. I tried to win it on your blog. Nice blog BTW. Very useful information. Sorry for wasting your time. I will now go post my problem in the windows forum and see if someone can help me get these extra files off my computer and free up my CPU. I think I might have screwed up my cache or something. I dunno. I know that vista always takes up all my free memory and puts it to use so no worries there, but I still know that something is up. Thanks for all your help.
-
Is it because its the freeware version and is no help to my computer unless I do a scan myself?
Exactly.
Good luck with the other issues and thanks for the compliments! ;D