Computer extremely slow!!!
Thanks. I ran he combofix. Here is the content of the ComboFix.txt file:
ComboFix 09-11-24.02 – IBM 11/25/2009 8:56.1.1 – x86 Microsoft Windows XP Professional 5.1.2600.2.1255.1.1033.18.1022.560 [GMT 2:00] Running from: c:\documents and settings\IBM\Desktop\ComboFix.exe AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C} .
((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) .
C:\cleanup.exe c:\documents and settings\IBM\aheq.exe c:\documents and settings\IBM\ayn.exe c:\documents and settings\IBM\cox.exe c:\documents and settings\IBM\dbxvvm.exe c:\documents and settings\IBM\ffxpuo.exe c:\documents and settings\IBM\fwclkiu.exe c:\documents and settings\IBM\hsxq.exe c:\documents and settings\IBM\htku.exe c:\documents and settings\IBM\icw.exe c:\documents and settings\IBM\jcv.exe c:\documents and settings\IBM\jmvq.exe c:\documents and settings\IBM\kichj.exe c:\documents and settings\IBM\mmbtl.exe c:\documents and settings\IBM\nrliry.exe c:\documents and settings\IBM\nwnum.exe c:\documents and settings\IBM\qehmbo.exe c:\documents and settings\IBM\secupdat.dat c:\documents and settings\IBM\Start Menu\Programs\Startup\Logitech . Product Registration.lnk c:\documents and settings\IBM\wlacfb.exe c:\documents and settings\IBM\xekmwy.exe c:\documents and settings\IBM\xvtstmg.exe c:\documents and settings\IBM\yohhwx.exe c:\recycler\S-1-5-21-0232770502-0992348202-272163640-4613 c:\recycler\S-1-5-21-0969189177-1006819436-537816052-0156 c:\recycler\S-1-5-21-1340723235-4178647855-870972809-0609 c:\recycler\S-1-5-21-1340723235-4178647855-870972809-0609\Desktop.ini c:\recycler\S-1-5-21-1340723235-4178647855-870972809-0609\windll.exe c:\recycler\S-1-5-21-1791572941-1992593548-852294954-1261 c:\recycler\S-1-5-21-2308523122-6947216309-472557920-4653 c:\recycler\S-1-5-21-5873535100-7040189760-798797452-8011 c:\recycler\S-1-5-21-7981190497-1972610404-441752205-1056 c:\recycler\S-1-5-21-9290695779-8971937298-767174072-8096 c:\recycler\S-1-5-21-9348770919-0319156002-219656662-0462 C:\Thumbs.db c:\windows\system32\mssrv32.exe c:\windows\system32\pwdmon.dll c:\windows\system32\win.ini c:\windows\TEMP\logishrd\LVPrcInj02.dll
. ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) .
——-\Legacy_MSUPDATE ——-\Service_msupdate
((((((((((((((((((((((((( Files Created from 2009-10-25 to 2009-11-25 ))))))))))))))))))))))))))))))) .
2009-11-21 06:31 . 2009-11-21 06:31 70656 –sh–r- c:\documents and settings\IBM\Start Menu\Application Data\oynnuf.exe 2009-11-20 06:53 . 2009-11-20 06:53 ——– d—–w- c:\program files\Citrix 2009-11-20 06:53 . 2009-11-20 06:53 ——– d—–w- c:\documents and settings\IBM\Local Settings\Application Data\Citrix 2009-11-16 03:32 . 2009-11-16 03:33 ——– d—–w- c:\program files\Microsoft CAPICOM 2.1.0.2 2009-11-15 05:12 . 2009-08-06 17:23 215920 —-a-w- c:\windows\system32\muweb.dll 2009-11-15 05:12 . 2009-08-06 17:23 274288 —-a-w- c:\windows\system32\mucltui.dll 2009-11-15 02:07 . 2009-11-15 02:08 2605832 —-a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\Upgrade\Unpack\bfgsetup_s1_l1.exe 2009-11-15 02:07 . 2009-11-15 02:07 ——– d—–w- c:\documents and settings\All Users\Application Data\BigFishGamesCache 2009-11-14 23:46 . 2009-11-21 06:32 ——– d—–w- c:\documents and settings\IBM\Tracing 2009-11-14 23:43 . 2009-11-14 23:43 ——– d—–w- c:\program files\Microsoft 2009-11-14 23:42 . 2009-11-14 23:42 ——– d—–w- c:\program files\Windows Live SkyDrive 2009-11-14 23:41 . 2009-11-14 23:43 ——– d—–w- c:\program files\Windows Live 2009-11-14 23:37 . 2009-11-14 23:37 ——– d—–w- c:\program files\Common Files\Windows Live 2009-11-09 08:23 . 2009-11-09 08:23 ——– d—–w- c:\windows\Internet Logs 2009-11-09 08:22 . 2008-03-29 15:36 106768 —-a-w- c:\windows\system32\dneinobj.dll 2009-11-09 08:22 . 2008-03-29 15:36 125328 —-a-w- c:\windows\system32\drivers\dne2000.sys 2009-11-09 08:21 . 2009-11-09 08:21 ——– d—–w- c:\program files\Common Files\Deterministic Networks 2009-11-09 08:21 . 2009-11-09 08:21 ——– d—–w- c:\program files\Cisco Systems 2009-11-06 16:00 . 2009-11-06 16:00 ——– d—–w- c:\program files\Common Files\Logitech 2009-11-06 16:00 . 2009-11-06 16:00 ——– d—–w- c:\documents and settings\IBM\Local Settings\Application Data\Downloaded Installations 2009-11-04 18:26 . 2009-11-04 18:26 ——– d—–w- c:\documents and settings\IBM\Local Settings\Application Data\Radio_G 2009-11-04 18:26 . 2009-11-04 18:26 ——– d—–w- c:\program files\Radio_G 2009-11-03 03:05 . 2008-12-17 06:01 432664 —-a-r- c:\windows\system32\LVUI2RC.dll 2009-11-03 03:05 . 2008-12-17 06:00 494104 —-a-r- c:\windows\system32\LVUI2.dll 2009-11-03 03:05 . 2008-12-17 05:55 416280 —-a-r- c:\windows\system32\lvcodec2.dll 2009-11-03 03:05 . 2008-12-17 06:01 6364440 —-a-r- c:\windows\system32\drivers\lvuvc.sys 2009-11-03 03:04 . 2008-12-17 05:55 195096 —-a-r- c:\windows\system32\lvci11901262.dll 2009-11-03 03:04 . 2008-12-17 05:37 29562 —-a-r- c:\windows\system32\Repository.reg 2009-11-03 03:04 . 2008-12-17 06:01 41752 —-a-r- c:\windows\system32\drivers\LVUSBSta.sys 2009-11-03 03:04 . 2008-12-17 06:00 768024 —-a-r- c:\windows\system32\drivers\lvrs.sys 2009-11-03 03:03 . 2008-12-17 06:02 23832 —-a-r- c:\windows\system32\drivers\lvuvcflt.sys 2009-11-03 03:03 . 2009-11-03 03:04 ——– dc—-w- c:\windows\system32\DRVSTORE 2009-11-03 03:00 . 2009-11-03 03:05 ——– d—–w- c:\program files\Common Files\LogiShrd 2009-11-03 03:00 . 2009-11-06 15:58 ——– d—–w- c:\documents and settings\All Users\Application Data\LogiShrd 2009-11-03 03:00 . 2009-11-03 03:00 ——– d—–w- c:\program files\Logitech 2009-11-03 02:54 . 2009-11-25 07:07 ——– d—–w- c:\documents and settings\IBM\Start Menu\Application Data\Skype 2009-11-03 02:53 . 2009-11-03 02:53 ——– d—–w- c:\program files\Common Files\Skype 2009-11-03 02:53 . 2009-11-03 02:53 ——– d—–r- c:\program files\Skype 2009-11-03 01:57 . 2008-06-18 15:49 49904 —-a-r- c:\windows\system32\drivers\BVRPMPR5.SYS 2009-11-03 01:56 . 2009-11-03 02:30 ——– d—–w- C:\Netgear
. (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-25 07:33 . 2008-11-23 17:03 ——– d—–w- c:\documents and settings\IBM\Start Menu\Application Data\skypePM 2009-11-25 07:26 . 2006-02-21 14:18 ——– d—–w- c:\program files\Symantec AntiVirus 2009-11-25 07:25 . 2009-11-03 03:06 0 —-a-w- c:\windows\system32\drivers\lvuvc.hs 2009-11-25 07:25 . 2009-11-03 03:03 0 —-a-w- c:\windows\system32\drivers\logiflt.iad 2009-11-20 08:33 . 2007-04-28 17:39 ——– d—–w- c:\program files\FEN2PGN 2009-11-20 08:33 . 2007-06-15 20:23 ——– d—–w- c:\program files\Winamp 2009-11-16 04:27 . 2006-10-03 20:40 ——– d—–w- c:\documents and settings\IBM\Start Menu\Application Data\U3 2009-11-14 23:44 . 2006-02-21 08:34 66568 -c–a-w- c:\documents and settings\IBM\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-11-06 19:34 . 2009-10-16 17:41 ——– d—–w- c:\program files\BS_Player 2009-11-03 05:35 . 2006-03-04 15:34 ——– d—–w- c:\documents and settings\IBM\Start Menu\Application Data\EndNote 2009-11-03 02:53 . 2007-07-21 08:24 ——– d—–w- c:\documents and settings\All Users\Application Data\Skype 2009-10-17 21:23 . 2009-10-16 17:41 ——– d—–w- c:\documents and settings\IBM\Start Menu\Application Data\BSplayer 2009-10-16 17:41 . 2009-10-16 17:41 ——– d—–w- c:\program files\Conduit 2009-10-16 17:41 . 2009-10-16 17:41 ——– d—–w- c:\documents and settings\IBM\Start Menu\Application Data\BSplayer Pro 2009-10-16 17:41 . 2009-10-16 17:41 ——– d—–w- c:\program files\Webteh 2009-10-11 06:16 . 2006-02-21 14:12 ——– d—–w- c:\program files\Common Files\Adobe 2009-10-05 20:48 . 2008-04-26 15:07 ——– d—–w- c:\program files\ImageJ 2009-09-11 18:13 . 2009-09-11 18:13 143736 —-a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\Upgrade\stub\purrfect-pet-shop_s1_l1_gF2304T1L1_d692500247[1].exe 2009-09-11 18:12 . 2009-09-11 18:12 2541480 —-a-w- c:\documents and settings\All Users\Application Data\BigFishGamesCache\Upgrade\clientinstaller\bfgsetup_s1_l1.exe 2009-09-11 14:03 . 1979-12-31 22:00 136192 —-a-w- c:\windows\system32\msv1_0.dll 2009-09-04 20:45 . 1979-12-31 22:00 58880 —-a-w- c:\windows\system32\msasn1.dll 2009-08-29 07:36 . 1979-12-31 22:00 832512 —-a-w- c:\windows\system32\wininet.dll 2009-08-29 07:36 . 1979-12-31 22:00 78336 —-a-w- c:\windows\system32\ieencode.dll 2009-08-29 07:36 . 1979-12-31 22:00 17408 ——w- c:\windows\system32\corpol.dll .
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] “{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}”= “c:\program files\BS_Player\tbBS_1.dll” [2009-11-06 2166296] “{f228c6a4-a593-4017-944c-4e7958fb3177}”= “c:\program files\Radio_G\tbRadi.dll” [2009-10-27 2325528]
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[HKEY_CLASSES_ROOT\clsid\{f228c6a4-a593-4017-944c-4e7958fb3177}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f228c6a4-a593-4017-944c-4e7958fb3177}] 2009-10-27 09:45 2325528 —-a-w- c:\program files\Radio_G\tbRadi.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}] 2009-11-06 19:34 2166296 —-a-w- c:\program files\BS_Player\tbBS_1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] “{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}”= “c:\program files\BS_Player\tbBS_1.dll” [2009-11-06 2166296] “{f228c6a4-a593-4017-944c-4e7958fb3177}”= “c:\program files\Radio_G\tbRadi.dll” [2009-10-27 2325528]
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[HKEY_CLASSES_ROOT\clsid\{f228c6a4-a593-4017-944c-4e7958fb3177}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] “{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}”= “c:\program files\BS_Player\tbBS_1.dll” [2009-11-06 2166296] “{F228C6A4-A593-4017-944C-4E7958FB3177}”= “c:\program files\Radio_G\tbRadi.dll” [2009-10-27 2325528]
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[HKEY_CLASSES_ROOT\clsid\{f228c6a4-a593-4017-944c-4e7958fb3177}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “ibmmessages”=”c:\program files\IBM\Messages By IBM\ibmmessages.exe” [2004-08-06 442368] “Skype”=”c:\program files\Skype\Phone\Skype.exe” [2009-10-09 25623336] “swg”=”c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2007-07-13 68856] “Picasa Media Detector”=”c:\program files\Picasa2\PicasaMediaDetector.exe” [2007-09-12 443968] “msnmsgr”=”c:\program files\Windows Live\Messenger\msnmsgr.exe” [2009-07-26 3883856] “ctfmon.exe”=”c:\windows\system32\ctfmon.exe” [2004-08-04 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “SynTPLpr”=”c:\program files\Synaptics\SynTP\SynTPLpr.exe” [2005-09-15 110592] “SynTPEnh”=”c:\program files\Synaptics\SynTP\SynTPEnh.exe” [2005-09-15 512000] “TPKMAPHELPER”=”c:\program files\ThinkPad\Utilities\TpKmapAp.exe” [2005-10-28 864256] “TPHOTKEY”=”c:\progra~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe” [2006-02-01 94208] “ControlCenter”=”c:\program files\IBM fingerprint software\ctlcntr.exe” [2005-04-12 286821] “EZEJMNAP”=”c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe” [2005-11-17 237568] “SoundMAXPnP”=”c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe” [2004-10-14 1388544] “ATIPTA”=”c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe” [2005-05-10 344064] “UpdateManager”=”c:\program files\Common Files\Sonic\Update Manager\sgtray.exe” [2003-08-18 110592] “dla”=”c:\windows\system32\dla\tfswctrl.exe” [2005-03-06 122939] “ibmmessages”=”c:\program files\IBM\Messages By IBM\\ibmmessages.exe” [2004-08-06 442368] “IBMPRC”=”c:\ibmtools\UTILS\ibmprc.exe” [2005-04-27 90112] “PWRMGRTR”=”c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL” [2005-12-06 151552] “BLOG”=”c:\progra~1\ThinkPad\UTILIT~1\BatLogEx.DLL” [2005-12-06 208896] “SunJavaUpdateSched”=”c:\program files\Java\jre1.6.0_07\bin\jusched.exe” [2008-06-10 144784] “ccApp”=”c:\program files\Common Files\Symantec Shared\ccApp.exe” [2004-02-29 66680] “vptray”=”c:\progra~1\SYMANT~1\VPTray.exe” [2004-07-20 124112] “NDPS”=”c:\windows\system32\dpmw32.exe” [2004-09-15 28672] “ZENRC Tray Icon”=”c:\windows\system32\zentray.exe” [2004-05-17 40960] “ACTray”=”c:\program files\ThinkPad\ConnectUtilities\ACTray.exe” [2006-01-31 409600] “ACWLIcon”=”c:\program files\ThinkPad\ConnectUtilities\ACWLIcon.exe” [2006-01-31 98304] “TPKBDLED”=”c:\windows\system32\TpScrLk.exe” [2002-10-08 40960] “WinampAgent”=”c:\program files\Winamp\winampa.exe” [2007-05-14 35328] “Share-to-Web Namespace Daemon”=”c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe” [2002-04-17 69632] “LogitechQuickCamRibbon”=”c:\program files\Logitech\QuickCam\Quickcam.exe” [2008-12-20 2656528] “TpShocks”=”TpShocks.exe” – c:\windows\system32\TpShocks.exe [2005-11-07 106496] “TP4EX”=”tp4ex.exe” – c:\windows\system32\TP4EX.exe [2005-10-16 65536] “NWTRAY”=”NWTRAY.EXE” – c:\windows\system32\nwtray.exe [2004-09-15 28672]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=”c:\windows\system32\CTFMON.EXE” [2004-08-04 15360]
c:\documents and settings\All Users\Start Menu\Programs\Startup\ Acrobat Assistant.lnk – c:\program files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe [2006-2-27 49254] Adobe Gamma Loader.lnk – c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-2-27 113664] Adobe Reader Speed Launch.lnk – c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] BTTray.lnk – c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2005-5-24 565309] Digital Line Detect.lnk – c:\program files\Digital Line Detect\DLG.exe [2006-2-21 24576] GroupWise Notify.lnk – c:\novell\GroupWise\notify.exe [2006-2-21 184378] Microsoft Office.lnk – c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] VPN Client.lnk – c:\windows\Installer\{A7091E1D-36A4-47F1-A739-173CC341414F}\Icon3E5562ED7.ico [2009-11-9 6144]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] “CompatibleRUPSecurity”= 1 (0×1)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] “{763370C4-268E-4308-A60C-D8DA0342BE32}”= “c:\program files\Novell\ZENworks\NalShell.dll” [2004-06-15 417792]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\NetIdentity Notification] 2004-02-26 09:58 24576 —-a-w- c:\windows\system32\novell\xtnotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus] 2005-04-12 14:39 110179 —-a-w- c:\program files\IBM fingerprint software\psfus.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpfnf2] 2006-02-01 13:09 28672 —-a-w- c:\windows\system32\notifyf2.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey] 2006-02-01 13:09 24576 —-a-w- c:\windows\system32\tphklock.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwv1_0
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] “DisableMonitoring”=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] “%windir%\\system32\\sessmgr.exe”= “c:\\Novell\\GroupWise\\grpwise.exe”= “c:\\Novell\\GroupWise\\notify.exe”= “c:\\WINDOWS\\system32\\dpmw32.exe”= “c:\\Program Files\\MATLAB71\\bin\\win32\\MATLAB.exe”= “%windir%\\Network Diagnostic\\xpnetdiag.exe”= “c:\\Program Files\\ImageJ\\jre\\bin\\javaw.exe”= “c:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe”= “c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe”= “c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe”= “c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe”= “c:\\Program Files\\Skype\\Phone\\Skype.exe”=
R1 nipplpt2;Novell iCapture Lpt Redirector 2;c:\windows\system32\drivers\nipplpt.sys [2/21/2006 4:17 PM 18527] R2 BlankScr;HBDevice;c:\windows\system32\drivers\blankscr.sys [6/4/2004 9:17 PM 6899] R2 ibmfilter;ibmfilter;c:\windows\system32\drivers\ibmfilter.sys [4/27/2005 10:27 AM 63616] R3 Darpan;Darpan;c:\windows\system32\drivers\Darpan.sys [5/10/2004 12:18 PM 2773] . Contents of the ‘Scheduled Tasks’ folder
2009-09-11 c:\windows\Tasks\AppleSoftwareUpdate.job – c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-10-10 15:13]
2009-11-25 c:\windows\Tasks\PMTask.job – c:\progra~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE [2005-12-19 23:12]
2009-11-25 c:\windows\Tasks\WGASetup.job – c:\windows\system32\KB905474\wgasetup.exe [2009-04-27 19:18] . . ——- Supplementary Scan ——- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uDefault_Search_URL = hxxp://www.google.com/ie uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch uInternet Settings,ProxyServer = wwwproxy.weizmann.ac.il:8080 uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &יצא ל- Microsoft Excel – c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 IE: Send To &Bluetooth – c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm DPF: Microsoft XML Parser for Java – file://c:\windows\Java\classes\xmldso.cab FF – ProfilePath – c:\documents and settings\IBM\Start Menu\Application Data\Mozilla\Firefox\Profiles\ympm0s35.default\ FF – prefs.js: browser.search.defaulturl – hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms} FF – prefs.js: browser.search.selectedEngine – Bing FF – prefs.js: browser.startup.homepage – hxxp://go.microsoft.com/fwlink/?LinkId=69157 FF – prefs.js: keyword.URL – hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&q= FF – component: c:\program files\Mozilla Firefox\extensions\browserhighlighter@ebay.com\components\Shim.dll
—- FIREFOX POLICIES —- c:\program files\Mozilla Firefox\greprefs\security-prefs.js – pref(“security.ssl3.rsa_seed_sha”, true); . – - – - ORPHANS REMOVED – - – -
HKLM-Run-zzzHPSETUP – D:\Setup.exe HKLM-Run-QuickTime Task – c:\program files\QuickTime\qttask.exe Notify-ACNotify – ACNotify.dll SafeBoot-vclvrwng.sys AddRemove-ShockwaveFlash – c:\windows\system32\Macromed\Flash\FlashUtil9c.exe AddRemove-{91810AFC-A4F8-4EBA-A5AA-B198BBC81144} – c:\program files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe REMOVEALL
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista – rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-11-25 09:30 Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes …
scanning hidden autostart entries …
scanning hidden files …
scan completed successfully hidden files: 0
************************************************************************** . ——————— DLLs Loaded Under Running Processes ———————
– - – - – - – > ‘winlogon.exe’(1560) c:\program files\novell\zenworks\ZENPOL32.DLL c:\windows\system32\xmlparse.dll c:\program files\thinkpad\connectutilities\ACNotify.dll c:\program files\thinkpad\connectutilities\AcSvcStub.dll c:\program files\thinkpad\connectutilities\AcLocSettings.dll c:\program files\thinkpad\connectutilities\ACHelper.dll c:\windows\system32\Ati2evxx.dll c:\program files\IBM fingerprint software\psfus.dll c:\program files\Common Files\Virtual Token\psutil.dll c:\windows\system32\tphklock.dll c:\windows\system32\NRDWIN32.dll c:\windows\system32\AXNMAS~1.OCX c:\windows\system32\AXNMAS~2.OCX
– - – - – - – > ‘Explorer.exe’(2952) c:\windows\system32\WININET.dll c:\windows\system32\IEFRAME.dll c:\windows\system32\NLS\ENGLISH\NWSHLXNR.DLL c:\windows\system32\NLS\ENGLISH\NOVNPNTR.DLL . ———————— Other Running Processes ———————— . c:\program files\Common Files\Virtual Token\vtserver.exe c:\windows\system32\ibmpmsvc.exe c:\windows\system32\Ati2evxx.exe c:\program files\Intel\Wireless\Bin\EvtEng.exe c:\program files\Intel\Wireless\Bin\S24EvMon.exe c:\program files\ThinkPad\Bluetooth Software\bin\btwdins.exe c:\windows\system32\cusrvc.exe c:\program files\Cisco Systems\VPN Client\cvpnd.exe c:\program files\Symantec AntiVirus\DefWatch.exe c:\program files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe c:\program files\Novell\ZENworks\nalntsrv.exe c:\program files\Intel\Wireless\Bin\RegSrvc.exe c:\program files\Novell\ZENworks\RemoteManagement\RMAgent\ZenRem32.exe c:\program files\Analog Devices\SoundMAX\SMAgent.exe c:\program files\Symantec AntiVirus\Rtvscan.exe c:\windows\System32\TPHDEXLG.EXE c:\windows\system32\wdfmgr.exe c:\program files\Novell\ZENworks\wm.exe c:\program files\ThinkPad\ConnectUtilities\AcSvc.exe c:\windows\System32\Novell\XTAgent.exe c:\windows\system32\Ati2evxx.exe c:\program files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe c:\windows\system32\rundll32.exe c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe c:\progra~1\ThinkPad\BLUETO~1\BTSTAC~1.EXE c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe c:\program files\Skype\Plugin Manager\skypePM.exe c:\program files\Java\jre1.6.0_07\bin\jucheck.exe . ************************************************************************** . Completion time: 2009-11-25 10:25 – machine was rebooted ComboFix-quarantined-files.txt 2009-11-25 08:25
Pre-Run: 4,675,645,440 bytes free Post-Run: 4,758,396,928 bytes free
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT=”Microsoft Windows Recovery Console” /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS=”Microsoft Windows XP Professional” /fastdetect
– - End Of File – - 6D25DEF1437030E5D8AAF7527F62C3AE
Incoming search terms for the article:
Similar articles
- Computer running real slow
ComboFix 09-08-07.09 – Ash 08/08/2009 19:45.1.1 – NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1527.1068 [GMT -4:00] Running from: c:\documents and settings\Ash\Desktop\Combo-Fix.exe AV: avast! antivirus 4.8.1335 [VPS 090808-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Ash\Local Settings\Temporary Internet Files\CPV.stt c:\program files\AntiSpywareMaster c:\program files\CPV c:\program files\Temporary c:\recycler\S-1-5-21-756675163-450111082-2657256198-1003
... - COmputer going Slow
OTL logfile created on: 6/5/2010 2:00:03 AM – Run 2 OTL by OldTimer – Version 3.1.37.3 Folder = E:\download\ANTIvirus Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) – Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1,015.00 Mb
... - My laptop very slow
Logfile of HijackThis v1.99.1 Scan saved at 10:18:45 PM, on 3/26/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\MSN Messenger\msnmsgr.exe
... - PC Slow When Connected to the Netwo
Hi all, I have a PC which runs really slow when connected to the network, slow programs menu, opening files and folders etc… Unplug the cable and it works fast again.. I have tried my collection of most common fixes for this problem but none have worked… Im at a complete loss, maybe someone here
... - Please help computer getting slower and slower
Please help my computer getting slower and slower and it is getting very annoying. This happens after I first logon to the computer and especially the internet I don’t know what to do. Here is my HJT log I am running windows XP Logfile of HijackThis v1.99.1 Scan saved at 11:52:37 AM, on 14/02/2007
...