1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Running very slow and constantly freezing; Windows XP

Discussion in 'Virus & Other Malware Removal' started by SimAli9702, Nov 9, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. SimAli9702

    SimAli9702 Thread Starter

    Joined:
    Jun 9, 2003
    Messages:
    21
    Hi all,

    I think I followed everything correctly to get you the requested logs and am in great hopes you can help me.

    A little background, as requested. First off, my computer could be considered a "dinosaur" in computer terminology, but I rarely do anything other than check email, browse the web and do the occasional work from home.

    It has been running fine for years. Never really noticed any lags or extreme slowness, I'm assuming it's due to my not doing a lot of "space consuming" things.

    The only thing I want to mention is that anything "Tor" related such as the "Tor Browser" or Bitcoins, they are to do with an anonymous browser that I have on my computer and have had installed for weeks with no issues at all. I need them when doing work at home to ensure anonymity.

    I also constantly run and keep updated Microsoft Security Essentials, just FYI :D

    Following are the logs requested:

    HJT:


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 12:18:45 AM, on 11/9/2011
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\HPConfig.exe
    C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
    C:\Program Files\Common Files\Motive\McciCMService.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\HPZipm12.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe
    C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
    C:\Documents and Settings\Rev George S Jenkins\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Rev George S Jenkins\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Rev George S Jenkins\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Rev George S Jenkins\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Rev George S Jenkins\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Rev George S Jenkins\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Rev George S Jenkins\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Rev George S Jenkins\Desktop\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [InstallIQUpdater] "C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun
    O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {9239E4EC-C9A6-11D2-A844-00C04F68D538} - (no file)
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135705719971
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1317934285876
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
    O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
    O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
    O23 - Service: Netgear Wireless Domain Login Service (NWDLS) - Unknown owner - C:\WINDOWS\system32\NWDLS.exe (file missing)
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

    --
    End of file - 5981 bytes

    DDS Text:

    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702
    Run by Rev George S Jenkins at 3:34:01 on 2011-11-09
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.446.123 [GMT -5:00]
    .
    AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\HPConfig.exe
    C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
    C:\Program Files\Common Files\Motive\McciCMService.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\HPZipm12.exe
    C:\WINDOWS\System32\svchost.exe -k imgsvc
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Rev George S Jenkins\Desktop\6khkzn88.exe
    C:\Documents and Settings\Rev George S Jenkins\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Rev George S Jenkins\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Rev George S Jenkins\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Rev George S Jenkins\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Documents and Settings\Rev George S Jenkins\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    uInternet Connection Wizard,ShellNext = iexplore
    uInternet Settings,ProxyOverride = <local>
    mWinlogon: Userinit=c:\windows\system32\userinit.exe
    BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0 ce\reader\activex\AcroIEHelper.dll
    EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
    EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [InstallIQUpdater] "c:\program files\w3i\installiqupdater\InstallIQUpdater.exe" /silent /autorun
    mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
    mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office10\EXCEL.EXE/3000
    IE: {9239E4EC-C9A6-11D2-A844-00C04F68D538}
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
    IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
    DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
    DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1135705719971
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1317934285876
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: DhcpNameServer = 10.59.1.1
    TCP: Interfaces\{672EAF52-34DA-460A-9E17-EE8E39F0805C} : DhcpNameServer = 10.59.1.1
    Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
    Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\rev george s jenkins\application data\mozilla\firefox\profiles\73ohfrst.default\
    FF - prefs.js: browser.search.selectedEngine -
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: c:\documents and settings\rev george s jenkins\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll
    FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
    R1 MpKsl170012ae;MpKsl170012ae;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{563d4332-d15b-4d41-9fb1-0b7646a87fe3}\MpKsl170012ae.sys [2011-11-9 28752]
    R1 MpKsl213f8a61;MpKsl213f8a61;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{563d4332-d15b-4d41-9fb1-0b7646a87fe3}\MpKsl213f8a61.sys [2011-11-8 28752]
    R3 CALIAUD;Conexant AMC 3D ENVIRONMENTAL AUDIO;c:\windows\system32\drivers\caliaud.sys [2003-6-1 291328]
    R3 CALIHALA;CALIHALA;c:\windows\system32\drivers\calihal.sys [2003-6-1 244608]
    R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [2011-10-6 604064]
    S1 MpKsl3ad3adc4;MpKsl3ad3adc4;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{2a42cf0d-4771-46b1-b61b-15eb653278ee}\mpksl3ad3adc4.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{2a42cf0d-4771-46b1-b61b-15eb653278ee}\MpKsl3ad3adc4.sys [?]
    S1 MpKsl3dbc92cf;MpKsl3dbc92cf;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{76b582f6-4884-45be-8cbb-834533654c5a}\mpksl3dbc92cf.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{76b582f6-4884-45be-8cbb-834533654c5a}\MpKsl3dbc92cf.sys [?]
    S1 MpKsl9014830d;MpKsl9014830d;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{2a42cf0d-4771-46b1-b61b-15eb653278ee}\mpksl9014830d.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{2a42cf0d-4771-46b1-b61b-15eb653278ee}\MpKsl9014830d.sys [?]
    S1 MpKsl988b894f;MpKsl988b894f;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9cbe3150-9994-4521-bb6b-eb6db14835d8}\mpksl988b894f.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9cbe3150-9994-4521-bb6b-eb6db14835d8}\MpKsl988b894f.sys [?]
    S1 MpKslc7044cd1;MpKslc7044cd1;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{dbb53d88-2afd-41c6-86fa-48dec0427947}\mpkslc7044cd1.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{dbb53d88-2afd-41c6-86fa-48dec0427947}\MpKslc7044cd1.sys [?]
    S1 MpKsld139625e;MpKsld139625e;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e79ac95b-aa75-4cff-834f-51acadf2188c}\mpksld139625e.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e79ac95b-aa75-4cff-834f-51acadf2188c}\MpKsld139625e.sys [?]
    S1 MpKslde7e8909;MpKslde7e8909;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{dbb53d88-2afd-41c6-86fa-48dec0427947}\mpkslde7e8909.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{dbb53d88-2afd-41c6-86fa-48dec0427947}\MpKslde7e8909.sys [?]
    S3 AWINDIS5;AWINDIS5 Protocol Driver;c:\windows\system32\AWINDIS5.SYS [2008-7-6 16194]
    S3 bkn50USB;Belkin 54Mbps Wireless USB Network Adapter;c:\windows\system32\drivers\rt2500usb.sys [2006-12-25 140416]
    S3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\drivers\BrSerIb.sys [2011-3-21 71424]
    S3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\drivers\BrUsbSib.sys [2011-3-21 11520]
    S3 DP83815;National Semiconductor Corp. DP83815/816 NDIS 5.0 Miniport Driver;c:\windows\system32\drivers\DP83815.sys [2003-6-1 16512]
    S3 NETGEAR_WPN511_SERVICE;NETGEAR WPN511 Wireless Adapter Service;c:\windows\system32\drivers\wpn511.sys [2008-7-6 488992]
    S3 Wdm1;USB Bridge Cable Driver;c:\windows\system32\drivers\usbbc.sys [2005-8-3 15576]
    .
    =============== Created Last 30 ================
    .
    2011-11-09 05:00:22 28752 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{563d4332-d15b-4d41-9fb1-0b7646a87fe3}\MpKsl170012ae.sys
    2011-11-09 04:45:55 28752 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{563d4332-d15b-4d41-9fb1-0b7646a87fe3}\MpKsl213f8a61.sys
    2011-11-09 04:34:59 56200 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{563d4332-d15b-4d41-9fb1-0b7646a87fe3}\offreg.dll
    2011-11-09 04:33:39 6668624 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{563d4332-d15b-4d41-9fb1-0b7646a87fe3}\mpengine.dll
    2011-11-08 02:59:13 6668624 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
    2011-11-06 18:52:58 -------- d-----w- c:\program files\Microsoft Security Client
    2011-10-27 19:42:47 -------- d-----w- C:\e1b1bb3e986d49eb2015
    2011-10-26 21:16:59 -------- d-----w- c:\documents and settings\rev george s jenkins\application data\BitZipper
    2011-10-26 21:16:50 -------- d-sh--w- c:\windows\system32\AI_RecycleBin
    2011-10-26 21:16:28 -------- d-----w- c:\program files\W3i
    2011-10-26 21:16:27 -------- d-----w- c:\documents and settings\all users\application data\W3i
    2011-10-26 21:15:41 -------- d-----w- c:\program files\BitZipper
    2011-10-26 21:14:57 -------- d-----w- c:\program files\Free Offers from Freeze.com
    2011-10-26 21:14:48 -------- d-----w- c:\documents and settings\all users\application data\WeCareReminder
    2011-10-25 03:24:07 -------- d-----w- c:\documents and settings\rev george s jenkins\local settings\application data\LastPass
    2011-10-24 16:10:36 222080 ------w- c:\windows\system32\MpSigStub.exe
    2011-10-23 15:55:33 954368 ------w- c:\windows\system32\dllcache\mfc40.dll
    2011-10-23 15:55:32 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
    2011-10-23 15:52:50 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
    2011-10-23 15:51:34 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys
    2011-10-23 15:49:59 139656 ------w- c:\windows\system32\dllcache\rdpwd.sys
    2011-10-23 15:48:49 105472 ------w- c:\windows\system32\dllcache\mup.sys
    2011-10-23 15:42:21 10496 ------w- c:\windows\system32\dllcache\ndistapi.sys
    2011-10-23 15:41:22 45568 ------w- c:\windows\system32\dllcache\wab.exe
    2011-10-22 21:49:22 -------- d-----w- c:\windows\system32\scripting
    2011-10-22 21:49:13 -------- d-----w- c:\windows\l2schemas
    2011-10-22 21:49:12 -------- d-----w- c:\windows\system32\en
    2011-10-22 21:37:53 -------- d-----w- c:\windows\network diagnostic
    2011-10-17 02:27:53 -------- d-----w- c:\documents and settings\rev george s jenkins\local settings\application data\Solid State Networks
    2011-10-17 02:05:24 -------- d-----w- c:\documents and settings\rev george s jenkins\application data\Bitcoin
    2011-10-17 02:04:49 -------- d-----w- c:\program files\Bitcoin
    2011-10-15 11:37:34 -------- d-----w- c:\windows\SxsCaPendDel
    2011-10-15 05:29:01 -------- d-----w- c:\program files\Conduit
    2011-10-15 05:28:08 -------- d-----w- c:\documents and settings\rev george s jenkins\local settings\application data\Conduit
    2011-10-15 05:28:01 -------- d-----w- c:\documents and settings\rev george s jenkins\local settings\application data\Temp
    2011-10-15 05:26:39 -------- d-----w- c:\documents and settings\rev george s jenkins\application data\uTorrent
    2011-10-15 05:13:23 -------- d-----w- c:\windows\system32\XPSViewer
    2011-10-15 05:11:41 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
    2011-10-15 05:10:11 117760 ------w- c:\windows\system32\prntvpt.dll
    2011-10-15 05:10:10 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
    2011-10-15 05:10:09 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
    2011-10-15 05:10:09 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
    2011-10-15 05:10:09 575488 ------w- c:\windows\system32\xpsshhdr.dll
    2011-10-15 05:10:09 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
    2011-10-15 05:10:07 1676288 ------w- c:\windows\system32\xpssvcs.dll
    2011-10-15 05:10:07 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
    2011-10-15 05:10:04 -------- d-----w- C:\2a560ff914cec9e57c339f
    2011-10-15 05:01:17 -------- d-----w- c:\program files\MSXML 6.0
    2011-10-15 04:55:24 -------- d-----w- c:\documents and settings\all users\application data\Soluto
    2011-10-15 04:47:53 -------- d-----w- c:\documents and settings\rev george s jenkins\local settings\application data\Google
    .
    ==================== Find3M ====================
    .
    2011-10-21 04:32:13 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-09-26 15:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
    2011-09-26 15:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
    2011-09-26 15:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
    2011-09-09 09:12:13 599040 ----a-w- c:\windows\system32\crypt32.dll
    2011-09-06 13:20:51 1858944 ------w- c:\windows\system32\win32k.sys
    2011-08-22 23:48:55 916480 ----a-w- c:\windows\system32\wininet.dll
    2011-08-22 23:48:54 43520 ----a-w- c:\windows\system32\licmgr10.dll
    2011-08-22 23:48:54 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2011-08-22 11:56:39 385024 ----a-w- c:\windows\system32\html.iec
    2011-08-17 13:49:54 138496 ------w- c:\windows\system32\drivers\afd.sys
    .
    ============= FINISH: 3:36:00.52 ===============


    Attach text uploaded as requested


    Ark text:

    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2011-11-09 03:09:59
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 IC25N040ATCS04-0 rev.CA4OA71A
    Running: 6khkzn88.exe; Driver: C:\DOCUME~1\REVGEO~1\LOCALS~1\Temp\uxgcrkog.sys


    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
    AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 mouclass.sys (Mouse Class Driver/Microsoft Corporation)
    AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

    ---- EOF - GMER 1.0.15 ----


    Thanks in advance for any assistance and thank you for what you do! It's very much appreciated.

    Belinda
     

    Attached Files:

  2. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    78,092
    First Name:
    Frank
    What's the model name and model number of that HP laptop?

    What's the product number on the sticker?

    How much RAM does it have?

    --------------------------------------------------------

    Click Start - Run, then type in

    %temp%

    and then click OK.

    Click Start - Run, then type in

    c:\windows\temp

    and then click OK.

    Once those 2 temp folders appear and you can view their contents, select and delete EVERYTHING that's inside them.

    If a few files resist being deleted, that's normal behavior. Leave them alone and delete EVERYTHING else.

    After you're done, restart the computer.

    --------------------------------------------------------

    Start HiJackThis, but don't run a scan.

    Click on the "Open The Misc Tools Section" button.

    Click on the "Open Uninstall Manager" button.

    Click on the "Save List" button.

    Save the "uninstall_list.txt" file somewhere.

    It'll then open in Notepad.

    Return here to your thread, then copy-and-paste the entire file here.

    --------------------------------------------------------

    What are the names of the checked entries in Start - Run - MSCONFIG - OK - "Startup" tab?

    -------------------------------------------------------
     
  3. SimAli9702

    SimAli9702 Thread Starter

    Joined:
    Jun 9, 2003
    Messages:
    21

    Hi and thanks for helping me. First to answer your questions:

    Computer: Presario 2100:

    Product number: DK577A

    Ram: It looks like, if I’m seeing right 446mb

    Names of files in startup:

    Issch
    Syntplpr
    Msseces
    Ctfmon
    Installiqupdater

    Here’s the hjt log requested:

    Adobe Acrobat 5.0
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader 6.0.2 CE
    ATI Control Panel
    ATI Display Driver
    BitZipper 2010
    Conexant 56K ACLink Modem
    Conexant AC-Link Audio
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    Inactive HP Printer Drivers (Remove only)
    InstallIQ Updater
    IntelliMover
    Microsoft .NET Framework (English)
    Microsoft .NET Framework (English) v1.0.3705
    Microsoft .NET Framework 1.0 Hotfix (KB928367)
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2572067)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 3.5 SP1
    Microsoft Antimalware
    Microsoft Office 2000 SR-1 Disc 2
    Microsoft Office FrontPage 2003
    Microsoft Office XP Professional
    Microsoft Project 2000
    Microsoft Security Client
    Microsoft Security Essentials
    Microsoft Silverlight
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Web Publishing Wizard 1.52
    Microsoft Works 7.0
    Mozilla Firefox 7.0.1 (x86 en-US)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 6 Service Pack 2 (KB973686)
    NETGEAR RangeMax(TM) Wireless PC Card WPN511
    Notebook Utilities
    OmniPage Pro 10.0
    One-Touch Buttons
    PaperPort Image Printer
    RealPlayer Basic
    Security Update for CAPICOM (KB931906)
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Step By Step Interactive Training (KB898458)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2586448)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player (KB979402)
    Security Update for Windows Media Player 8 (KB917734)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567053)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923789)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950759)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982381)
    Security Update for Windows XP (KB982665)
    Sonic Foundry Sound Forge 5.0
    Synaptics Pointing Device Driver
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2616676-v2)
    Update for Windows XP (KB942763)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Update for Windows XP (KB980182)
    Visual C++ Runtime for Dragon NaturallySpeaking
    Windows Backup Utility
    Windows Genuine Advantage v1.3.0254.0
    Windows Imaging Component
    Windows XP Service Pack 3
     
  4. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    78,092
    First Name:
    Frank
    According to product number DK577A, your computer is a Compaq Presario 2178CL laptop.

    Here is the support site for it which you should add and save in your browser favorites/bookmarks list so you can readily refer to it when needed.

    According to its product specifications section, it came with 2 - 256 MB DDR PC2100 modules.

    The integrated graphics controller has 64 MB dedicated to its use, so the remaining 448 MB is being used to run Windows XP and your programs.

    It supports a maximum of 1024 MB of RAM, so you do have the option of replacing those 2 - 256 MB modules with 2 - 512 MB modules.

    Adding more RAM is the best and most cost-effective way of boosting speed and performance in a computer.

    512 MB modules sell for $19.98 plus shipping at the MemoryTen site - which is where I purchase RAM modules.

    ------------------------------------------------------------

    How long ago did you start using the Google Chrome browser?

    Some people have complained about it slowing down their computer.

    The Mozilla Firefox 7.0.1 browser just upgraded to version 8.0 yesterday, so you might want to upgrade it if you use it.

    ------------------------------------------------------------

    Except for msseces and SynTPLpr, you can uncheck the other startup entries.

    After you do, click Apply - OK - Restart.

    When the small System Configuration Utility window appears, ignore its message.

    Put a checkmark in the lower left of it, then click OK to close it.

    ------------------------------------------------------------

    I don't see anything in your uninstall_list.txt log for combating malware, spyware, rogues, hijackers, etc..

    An accumulation and infestation of these things can noticably slow down a computer.

    Go here to download and save Malwarebytes Anti-Malware Free 1.51.2.1300.

    Go here to download and save SUPERAntiSpyware 5.0.0.1134.

    After they've been downloaded and saved, close all open windows.

    Install them both, and make sure to update their definition files during the install process.

    DON'T run any scans with them yet.

    ------------------------------------------------------------
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1026100

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice