1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Computer is running slow, freezing

Discussion in 'Virus & Other Malware Removal' started by rarodrig, May 19, 2014.

Thread Status:
Not open for further replies.
  1. rarodrig

    rarodrig Thread Starter

    Joined:
    Aug 2, 2002
    Messages:
    365
    Win 8 is running slow, HDD response gets up to 2000-9500 ms.

    Ran the scans, one said Unable to open HOSTS file

    I thought it was Kaspersky which was eating up lots of resources (CPU &

    HDD) when it runs a scan. But Response time is long even when Kaspersky

    isn't scanning. Also when Task Mgr shows 100% HDD the processes don't

    add up to 100%.

    Thanks,
    Rich


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 5:01:54 PM, on 5/18/2014
    Platform: Unknown Windows (WinNT 6.02.1008)
    MSIE: Internet Explorer v11.0 (11.00.9600.17037)
    Boot mode: Normal
    ************ Hijackthis message: I would need to edit HOSTS file ??????
    Running processes:
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security

    14.0.0\avpui.exe
    C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
    C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Users\Rich\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

    http://g.msn.com/HPNOT/1
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

    http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

    about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

    http://go.microsoft.com/fwlink/p/?LinkId=255141
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

    http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

    http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

    about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:

    \Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet

    Settings,ProxyServer = http=127.0.0.1:8555;https=127.0.0.1:8555
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-

    5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet

    Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
    O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784

    -C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet

    Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-

    D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -

    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security

    14.0.0\IEExt\OnlineBanking\online_banking_bho.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-

    9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:

    \Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security

    14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
    O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-

    99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support

    Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
    O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink

    \PowerDVD10\PDVD10Serv.exe"
    O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-

    Packard\HP Quick Launch\HPMSGSVC.exe
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files

    \Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink

    \Power2Go8\VirtualDrive.exe" /R
    O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies

    \KiesTrayAgent.exe
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies

    \ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common

    Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files

    \Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes

    \iTunesHelper.exe"
    O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies

    \Kies.exe /preload
    O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies

    \KiesAirMessage.exe -startup
    O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External

    \FirmwareUpdate\KiesPDLR.exe Run
    O4 - Startup: Microsoft HealthVault Connection Center.lnk = C:\Program

    Files (x86)\Microsoft HealthVault\Connection Center\ConnectionCenter.exe
    O4 - Startup: _uninst_26073592.lnk = Rich\AppData\Local\Temp

    \_uninst_26073592.bat
    O4 - Startup: _uninst_61779443.lnk = ?
    O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files

    (x86)\Kaspersky Lab\Kaspersky Internet Security

    14.0.0\ie_banner_deny.htm
    O9 - Extra button: Virtual Keyboard - {0C4CC089-D306-440D-9772-

    464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet

    Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer

    \WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-

    D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer

    \WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live

    \Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7

    -D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer

    \WriterBrowserExtension.dll
    O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support

    Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 -

    {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files

    (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck

    \NCLauncherFromIE.exe
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP

    Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102

    - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files

    (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck

    \NCLauncherFromIE.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -

    C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O9 - Extra button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} -

    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security

    14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:

    \Program Files (x86)\Windows Live\Photo Gallery

    \AlbumDownloadProtocolHandler.dll
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner

    - C:\WINDOWS\System32\alg.exe (file missing)
    O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO -

    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security

    14.0.0\avp.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown

    owner - C:\WINDOWS\System32\lsass.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown

    owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. -

    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc.

    - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: HP Support Assistant Service - Hewlett-Packard Company -

    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework

    \hpsa_service.exe
    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-

    Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared

    \hpqwmiex.exe
    O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:

    \Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
    O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner

    - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000

    (IEEtwCollectorService) - Unknown owner - C:\WINDOWS

    \system32\IEEtwCollector.exe (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS

    \system32\lsass.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS

    \System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) -

    Unknown owner - C:\WINDOWS\system32\lsass.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) -

    Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown

    owner - C:\WINDOWS\system32\lsass.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) -

    Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown

    owner - C:\WINDOWS\System32\spoolsv.exe
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown

    owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) -

    Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) -

    Unknown owner - C:\WINDOWS\system32\lsass.exe
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner

    - C:\WINDOWS\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown

    owner - C:\WINDOWS\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) -

    Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320

    (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender

    \NisSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310

    (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender

    \MsMpEng.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv)

    - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101

    (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media

    Player\wmpnetwk.exe (file missing)

    --
    End of file - 10552 bytes
    __________________


    GMER 2.1.19357 - http://www.gmer.net
    Rootkit scan 2014-05-18 17:17:28
    Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000002a

    HGST_HTS541075A9E680 rev.JA2OA590 698.64GB
    Running: 2yryho9k.exe; Driver: C:\Users\Rich\AppData\Local\Temp

    \kxldrpow.sys


    ---- Disk sectors - GMER 2.1 ----

    Disk \Device\Harddisk0\DR0 unknown MBR code

    ---- Threads - GMER 2.1 ----

    Thread C:\WINDOWS\System32\svchost.exe [908:1364] 00007ffad3ab6dd0
    Thread C:\WINDOWS\System32\svchost.exe [908:2324] 00007ffad3ab4f30
    Thread C:\WINDOWS\System32\svchost.exe [908:4260] 00007ffad2da2d3c
    Thread C:\WINDOWS\System32\svchost.exe [908:3016] 00007ffad2da3078
    Thread C:\WINDOWS\system32\svchost.exe [388:3744] 00007ffab7155540
    Thread C:\WINDOWS\system32\svchost.exe [1280:1560] 00007ffad5602b90
    Thread C:\WINDOWS\system32\svchost.exe [1280:2032] 00007ffad56067bc
    Thread C:\WINDOWS\system32\svchost.exe [1280:1892] 00007ffad54e2110
    Thread C:\WINDOWS\system32\svchost.exe [1280:2100] 00007ffad3861584
    Thread C:\WINDOWS\system32\svchost.exe [1280:2232] 00007ffad3801b30
    Thread C:\WINDOWS\system32\svchost.exe [1280:2480] 00007ffad4a04608
    Thread C:\WINDOWS\system32\svchost.exe [1280:4232] 00007ffad4a01040
    Thread C:\WINDOWS\system32\csrss.exe [5220:6080] fffff96000976b90

    ---- EOF - GMER 2.1 ----
     
  2. rarodrig

    rarodrig Thread Starter

    Joined:
    Aug 2, 2002
    Messages:
    365
    WIl try somewhere else..... Computer is pretty useless....
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1126253

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice