1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

computer is running slow and internet is not working

Discussion in 'Virus & Other Malware Removal' started by ke0ni, Dec 15, 2011.

Thread Status:
Not open for further replies.
  1. ke0ni

    ke0ni Thread Starter

    Joined:
    Dec 15, 2011
    Messages:
    1
    I received this computer from my parents. It has not been used in over a year due to its problems. The computer is running slow and the internet connection wireless does not work due to possible firewall problems in normal mode. I suspect there could be malware on this computer. Currently I am running in safemode with networking and the internet is working fine. Here are the required log files. I am running windows xp. Please help me get this computer to running shape. Thank you and merry christmas

    Hijack this:
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 9:33:52 PM, on 12/14/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Safe mode with network support
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Administrator\Desktop\HijackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/USCON/1
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://g.msn.com/USCON/1
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [PersistenceThread] C:\WINDOWS\system32\PersistenceThread.exe
    O4 - HKLM\..\Run: [WSED] C:\Program Files\WSED\WSED.exe
    O4 - HKLM\..\Run: [BTMeter] C:\Program Files\Battery Meter\BTMeter.exe
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [CapsLKNotify] C:\Program Files\CapsLKNotify\CapsLKNotify.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [PCMAgent] "C:\Program Files\Dell\Media Experience\PCMAgent.exe"
    O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Dell\Media Experience\Kernel\CLML\CLMLSvc.exe"
    O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Dell\PlayMovie\PMVService.exe"
    O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
    O4 - .DEFAULT User Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
    O4 - Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
    O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: igdlogin - igdlogin.dll (file missing)
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: QueryExplorer Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\QueryExplorer\queryexplorer117.exe
    O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
    --
    End of file - 6526 bytes

    DDS Log file
    .
    DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
    Internet Explorer: 8.0.6001.18702
    Run by Administrator at 21:47:25 on 2011-12-14
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.624 [GMT -8:00]
    .
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Administrator\Desktop\HijackThis.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    .
    ============== Pseudo HJT Report ===============
    .
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [ETDWare] c:\program files\elantech\ETDCtrl.exe
    mRun: [RTHDCPL] RTHDCPL.EXE
    mRun: [Alcmtr] ALCMTR.EXE
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [PersistenceThread] c:\windows\system32\PersistenceThread.exe
    mRun: [WSED] c:\program files\wsed\WSED.exe
    mRun: [<NO NAME>]
    mRun: [BTMeter] c:\program files\battery meter\BTMeter.exe
    mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
    mRun: [CapsLKNotify] c:\program files\capslknotify\CapsLKNotify.exe
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [PCMAgent] "c:\program files\dell\media experience\PCMAgent.exe"
    mRun: [CLMLServer] "c:\program files\dell\media experience\kernel\clml\CLMLSvc.exe"
    mRun: [PlayMovie] "c:\program files\dell\playmovie\PMVService.exe"
    mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
    StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\delldo~2.lnk - c:\program files\dell\delldock\DellDock.exe
    StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\delldo~1.lnk - c:\program files\dell\delldock\DellDock.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
    TCP: DhcpNameServer = 68.87.76.182 68.87.78.134
    TCP: Interfaces\{4CEB5B47-063E-4D74-8F06-ED81E8E51EF5} : DhcpNameServer = 68.87.76.182 68.87.78.134
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Notify: igdlogin - igdlogin.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath -
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 EMSC;COMPAL Embedded System Control;c:\windows\system32\drivers\EMSC.sys [2010-3-19 14248]
    R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2010-3-19 93952]
    R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [2010-3-19 157696]
    S2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2009-6-9 155648]
    S2 QueryExplorer Service;QueryExplorer Service;c:\documents and settings\all users\application data\queryexplorer\queryexplorer117.exe [2010-10-19 57624]
    S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-3-19 1684736]
    S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\drivers\CtClsFlt.sys [2010-3-19 143840]
    S3 igd;igd;c:\windows\system32\drivers\igxpmp32.sys [2010-3-19 5097632]
    S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2010-3-19 110080]
    S3 OA012Afx;Provides a software interface to control audio effects of OA012 camera.;c:\windows\system32\drivers\OA012Afx.sys [2010-3-19 148056]
    S3 OA012Ufd;Creative Camera OA012 Upper Filter Driver;c:\windows\system32\drivers\OA012Ufd.sys [2010-3-19 133472]
    S3 OA012Vid;Creative Camera OA012 Function Driver;c:\windows\system32\drivers\OA012Vid.sys [2010-3-19 271328]
    S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-25 14336]
    .
    =============== Created Last 30 ================
    .
    2011-12-15 05:23:24 -------- d-----w- c:\windows\LastGood.Tmp
    2011-12-14 17:57:23 -------- d-sh--w- c:\documents and settings\administrator\PrivacIE
    2011-12-07 18:13:21 -------- d-----w- c:\windows\ServicePackFiles
    2011-12-07 02:34:02 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
    2011-12-07 02:31:29 105472 -c----w- c:\windows\system32\dllcache\mup.sys
    2011-12-07 02:26:08 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
    .
    ==================== Find3M ====================
    .
    2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
    2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll
    2011-09-26 19:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
    2011-09-26 19:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
    2011-09-26 19:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
    .
    ============= FINISH: 21:48:24.09 ===============
     

    Attached Files:

  2. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    80,962
    First Name:
    Frank
    All these programs and add-ons need to be updated:

    Adobe Flash Player 10 ActiveX to version 11.1.102.55

    Adobe Flash Player 10 Plugin to version 11.1.102.55

    Adobe Reader 9 to version 10.1.1

    Java(TM) 6 Update 17 to version 6 Update 30

    Mozilla Firefox 3.6.12 to version 8.0.1
    If you don't need or use it, uninstall it instead.

    Skype 5.0 to version 5.6.0.110
    If you don't need or use it, uninstall it instead.

    -----------------------------------------------------

    All these programs and add-ons need to be downloaded and installed:

    Microsoft Security Essentials 2.1.1116.0

    Malwarebytes Anti-Malware 1.51.2.1300

    SUPERAntiSpyware 5.0.0.1136

    Advise me when they've been installed, then I'll give you complete instructions for them.

    -----------------------------------------------------

    Click the green icon with white down arrow at each site to download and save them.

    The new version will overwrite and replace the old version, so there's no need to uninstall the old version first.

    ----------------------------------------------------
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1031309

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice