1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Help my pc is dying

Discussion in 'Virus & Other Malware Removal' started by miavalentina, Oct 3, 2009.

Thread Status:
Not open for further replies.
  1. miavalentina

    miavalentina Thread Starter

    Joined:
    Oct 3, 2009
    Messages:
    3
    The same this is happening with my pc that happened with my last one which i had to replace 2 and half years ago.
    The fan is going ten to the dozen,pages are not loading or freezing,its taking ages for my pc to start up or even turn off. I really cannot afford to be paying out for another pc..ok so the one i have is not 'high spec' but surely these pc's arent meant to just last 2/3 years..are they?

    Reading on another post i decided to download Combofix (i have commodo firewall,anti virusand safe surf already).The commodo does not seem to be doing its job properly (or maybe its me) not sure whether i should delete this programme and try another? On running Combofix the safe surf popped up asking me if i wanted to disable all applications or remove just the ones i add below..i didnt touch it as i havent a clue!

    Here is the log,please tell me what to do next and an understanding of my log would be great,is my pc on its way out or is this just a whole load of virus's etc..?

    Thankyou in advance

    ComboFix 09-10-01.05 - 03/10/2009 23:52.1.1 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.445.200 [GMT 1:00]
    Running from: c:\documents and settings\Desktop\ComboFix.exe
    AV: COMODO Antivirus *On-access scanning disabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
    FW: COMODO Firewall *disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    c:\documents and settings\My Documents\My Music\My Music.url
    c:\program files\TinyProxy
    c:\program files\VirusIsolator
    c:\program files\VirusIsolator\vscan.tsi
    c:\program files\VirusIsolator\zlib.dll
    c:\program files\webmediaviewer
    c:\program files\webmediaviewer\hpmom.exe
    c:\recycler\S-1-5-21-1533800857-3409057941-3787361992-1003
    c:\windows\bemark2.dat
    c:\windows\desktop
    c:\windows\f49f4daa.dat
    c:\windows\fmark2.dat
    c:\windows\Installer\2594e63.msp
    c:\windows\Installer\2da0e1a.msp
    c:\windows\Installer\3223a5.msi
    c:\windows\Installer\3304593.msp
    c:\windows\Installer\3cd5c0d.msp
    c:\windows\Installer\4a2e78e.msp
    c:\windows\Installer\4a2e790.msp
    c:\windows\Installer\4a2e792.msp
    c:\windows\Installer\d25d07.msp
    c:\windows\Installer\da366d.msp
    c:\windows\Installer\f82321.msp
    c:\windows\tmark2.dat
    D:\Autorun.inf
    .
    ((((((((((((((((((((((((( Files Created from 2009-09-03 to 2009-10-03 )))))))))))))))))))))))))))))))
    .
    2009-10-03 13:59 . 2009-10-03 14:00 -------- d-----w- c:\documents and settings\Application Data\HpUpdate
    2009-09-23 18:01 . 2009-09-23 18:01 -------- d-----w- C:\ConvertTemp
    2009-09-09 23:05 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-10-03 23:07 . 2008-12-30 18:47 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
    2009-10-03 23:07 . 2008-12-30 18:47 0 ----a-w- c:\windows\system32\drivers\logiflt.iad
    2009-10-02 22:59 . 2008-06-19 20:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
    2009-09-29 23:18 . 2008-10-28 19:29 -------- d-----w- c:\documents and settings\Application Data\Skype
    2009-09-27 19:54 . 2007-01-17 18:38 46234 ----a-w- c:\documents and settings\Application Data\wklnhst.dat
    2009-09-10 08:31 . 2009-03-14 16:37 -------- d-----w- c:\program files\Microsoft Silverlight
    2009-09-03 21:24 . 2009-02-15 01:30 -------- d-----w- c:\program files\Spybot - Search & Destroy
    2009-09-03 21:23 . 2009-02-15 01:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
    2009-08-05 17:12 . 2009-01-07 18:10 157508 ----a-w- c:\windows\hpoins29.dat
    2009-08-05 09:01 . 2005-04-25 23:05 204800 ----a-w- c:\windows\system32\mswebdvd.dll
    2009-07-17 19:01 . 2005-04-25 23:05 58880 ----a-w- c:\windows\system32\atl.dll
    2009-07-13 22:43 . 2005-04-25 23:06 286208 ----a-w- c:\windows\system32\wmpdxm.dll
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
    "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
    "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-06-19 68856]
    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-13 212992]
    "MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2006-11-07 1121280]
    "itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2006-11-22 813912]
    "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-02-05 849280]
    "COMODO SafeSurf"="c:\program files\COMODO\SafeSurf\cssurf.exe" [2008-11-18 278264]
    "COMODO Internet Security"="c:\program files\Comodo\COMODO Internet Security\cfp.exe" [2008-11-18 1797880]
    "LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]
    "LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184]
    "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
    "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
    "KMCONFIG"="c:\program files\Silvercrest MTS2218 driver\StartAutorun.exe" [2008-05-30 212992]
    "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-05-09 198160]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-12-27 98304]
    "CHotkey"="zHotkey.exe" - c:\windows\zHotkey.exe [2004-12-08 550912]
    "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-04-16 16143872]
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
    c:\documents and settings\All Users\Start Menu\Programs\Startup\
    Install Pending Files.LNK - c:\program files\SIFXINST\SIFXINST.EXE [2006-8-31 729088]
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
    backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Exif Launcher S.lnk]
    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Exif Launcher S.lnk
    backup=c:\windows\pss\Exif Launcher S.lnkCommon Startup
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
    path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
    backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\WINDOWS\\system32\\dpvsetup.exe"=
    "c:\\WINDOWS\\system32\\mshta.exe"=
    "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
    "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"=
    "c:\\WINDOWS\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
    "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "8448:TCP"= 8448:TCP:127.0.0.1/255.255.255.255:Disabled:proxy
    "1:TCP"= 1:TCP:
    R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [18/11/2008 19:22 99856]
    R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [18/11/2008 19:22 31504]
    R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [14/03/2009 17:36 55152]
    R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Silvercrest MTS2218 driver\KMWDSrv.exe [30/05/2008 01:17 208896]
    R2 sprtlisten;SupportSoft Listener Service;c:\program files\Common Files\supportsoft\bin\sprtlisten.exe [15/10/2007 12:26 1213728]
    S2 Google Updater Service (gusvc) ;Google Updater Service (gusvc) ;c:\program files\tinyproxy\tinyproxy.exe --> c:\program files\tinyproxy\tinyproxy.exe [?]
    S3 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 19:08 533360]
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    .
    Contents of the 'Scheduled Tasks' folder
    2009-10-03 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-03 11:39]
    .
    .
    ------- Supplementary Scan -------
    .
    uSearchMigratedDefaultURL = hxxp://windiwsfsearch.com/search?q={searchTerms}
    uStart Page = hxxp://www.google.com/
    uInternet Settings,ProxyOverride = *.local;<local>
    uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
    Trusted Zone: facebook.com\www
    Trusted Zone: google.ie\www
    Trusted Zone: hotmail.com\www
    TCP: {9993C0D6-979C-481B-941A-A84154982240} = 213.94.190.194,213.94.190.236
    DPF: {2A493D5F-8914-4D3E-8BF3-767F281862F4} - hxxp://sell.autotrader.co.uk/uk-ola/common/TraderMediaX.cab
    DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} - hxxp://www.facebook.com/controls/contactx.dll
    .
    - - - - ORPHANS REMOVED - - - -
    BHO-{3FB1AAE9-EDAB-4953-83E3-61DE0085F150} - c:\windows\system32\ssqOiJdE.dll
    BHO-{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - c:\program files\Yontoo Layers Client for Internet Explorer\YontooIEClient.dll
    HKCU-Run-gcbmmlcx - c:\windows\system32\enehwvab.exe
    HKLM-Run-LogitechVideoRepair - c:\program files\Logitech\Video\ISStart.exe
    HKLM-Run-sysberay2 - c:\windows\che6.exe
    HKLM-Run-systray - c:\windows\mstre8.exe
    HKLM-Explorer_Run-uYUMg0BQYQ - c:\documents and settings\All Users\Application Data\unsvejut\srodqhav.exe
    SSODL-vadokmxt-{431C9290-3C70-4C47-BF34-401CCE23A5B3} - c:\windows\vadokmxt.dll
    SSODL-wdpoefan-{A0FF7DA4-796E-4CB8-8894-A7F07B420F54} - c:\windows\wdpoefan.dll
    Notify-fccDSigg - fccDSigg.dll
    AddRemove-Browser Toolbar - c:\program files\WebMediaViewer\browseu.exe

    **************************************************************************
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-10-04 00:08
    Windows 5.1.2600 Service Pack 3 NTFS
    scanning hidden processes ...
    scanning hidden autostart entries ...
    scanning hidden files ...
    scan completed successfully
    hidden files: 0
    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
    "Enabled"=dword:00000001
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
    @="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe"
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker3"
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    - - - - - - - > 'winlogon.exe'(588)
    c:\windows\system32\Ati2evxx.dll
    - - - - - - - > 'explorer.exe'(3624)
    c:\windows\system32\WININET.dll
    c:\windows\system32\ieframe.dll
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\windows\system32\ati2evxx.exe
    c:\windows\system32\ati2evxx.exe
    c:\program files\Comodo\COMODO Internet Security\cmdagent.exe
    c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    c:\program files\Silvercrest MTS2218 driver\KMCONFIG.exe
    c:\program files\Silvercrest MTS2218 driver\KMProcess.exe
    c:\program files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
    c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    c:\program files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
    c:\windows\system32\wscntfy.exe
    .
    **************************************************************************
    .
    Completion time: 2009-10-03 0:16 - machine was rebooted
    ComboFix-quarantined-files.txt 2009-10-03 23:16
    Pre-Run: 54,728,822,784 bytes free
    Post-Run: 55,234,109,440 bytes free
    223 --- E O F --- 2009-09-10 01:35
     
  2. miavalentina

    miavalentina Thread Starter

    Joined:
    Oct 3, 2009
    Messages:
    3
    So many programmes seem to be running on start up and i keep getting notifications that my pc needs to increase my memory and my pages seem to close without me having closed them.
    Please also could a moderator take my name off the google search results,i have edited my log after seeing my name in google but its still there.
    Thanks
     
  3. miavalentina

    miavalentina Thread Starter

    Joined:
    Oct 3, 2009
    Messages:
    3
    is anybody able to help please?
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/865763

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice