1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Slow Internet and Computer Speeds

Discussion in 'Virus & Other Malware Removal' started by Rk609, Apr 16, 2013.

Thread Status:
Not open for further replies.
  1. Rk609

    Rk609 Thread Starter

    Joined:
    Jul 18, 2012
    Messages:
    17
    Over the past month or so my internet and computer speeds have been rapidly declining. I have a 20mb download speed usually, but I am not getting only 3, while another computer on the network is getting around 18. I will post my logs, and any help would be useful. I have no idea what is causing this issue, but I am lead to believe it is a virus.

    GMER Log
    Code:
    GMER 2.1.19163 - http://www.gmer.net
    Rootkit scan 2013-04-16 11:50:23
    Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000063 Hitachi_ rev.MS2O 931.51GB
    Running: lrnqzi4u.exe; Driver: C:\Users\Derp\AppData\Local\Temp\kxldiaob.sys
    
    
    ---- Threads - GMER 2.1 ----
    
    Thread  C:\Windows\System32\svchost.exe [332:1292]                      000007fefac759a0
    Thread  C:\Windows\System32\svchost.exe [332:3504]                      000007fefd881a70
    Thread  C:\Windows\System32\svchost.exe [332:3508]                      000007fef85020c0
    Thread  C:\Windows\System32\svchost.exe [332:3516]                      000007fef85026a8
    Thread  C:\Windows\System32\svchost.exe [332:3528]                      000007fef7a514a0
    Thread  C:\Windows\System32\svchost.exe [332:3532]                      000007fef85029dc
    Thread  C:\Windows\System32\svchost.exe [332:3536]                      000007fef85029dc
    Thread  C:\Windows\System32\svchost.exe [332:3624]                      000007fef762a2b0
    Thread  C:\Windows\System32\svchost.exe [332:3076]                      000007fef9d488f8
    Thread  C:\Windows\system32\svchost.exe [476:3812]                      000007fef9cf5124
    Thread  C:\Windows\system32\svchost.exe [476:5504]                      000007fef8df506c
    Thread  C:\Windows\system32\svchost.exe [476:4860]                      000007fefb8a1ab0
    Thread  C:\Windows\system32\svchost.exe [476:1816]                      000007fefb6d4164
    Thread  C:\Windows\system32\svchost.exe [476:896]                       000007fee91ecb70
    Thread  C:\Windows\system32\svchost.exe [476:724]                       000007fef5bb5170
    Thread  C:\Windows\system32\svchost.exe [476:6288]                      000007fef5bb5170
    Thread  C:\Windows\System32\spoolsv.exe [1432:3356]                     000007fef80710c8
    Thread  C:\Windows\System32\spoolsv.exe [1432:3360]                     000007fef8046144
    Thread  C:\Windows\System32\spoolsv.exe [1432:3364]                     000007fefa0a5fd0
    Thread  C:\Windows\System32\spoolsv.exe [1432:3368]                     000007fef8023438
    Thread  C:\Windows\System32\spoolsv.exe [1432:3372]                     000007fefa0a63ec
    Thread  C:\Windows\System32\spoolsv.exe [1432:3380]                     000007fef8105e5c
    Thread  C:\Windows\System32\spoolsv.exe [1432:3384]                     000007fef81b5074
    Thread  C:\Windows\system32\svchost.exe [1464:1772]                     000007fefa3e35c0
    Thread  C:\Windows\system32\svchost.exe [1464:3044]                     000007fefa3e5600
    Thread  C:\Windows\system32\svchost.exe [1464:2052]                     000007fef87e2940
    Thread  C:\Windows\system32\svchost.exe [1464:3252]                     000007fef8472888
    Thread  C:\Windows\system32\taskhost.exe [3560:3616]                    000007fef7642740
    Thread  C:\Windows\system32\taskhost.exe [3560:3652]                    000007fef74b1f38
    Thread  C:\Windows\system32\taskhost.exe [3560:3916]                    000007fef6ab1010
    Thread  C:\Windows\system32\SearchIndexer.exe [3220:4804]               000007fef5bb5170
    Thread  C:\Windows\system32\SearchIndexer.exe [3220:5024]               000007fef60a69ac
    Thread  C:\Windows\system32\SearchIndexer.exe [3220:5036]               000007fef5e13dac
    Thread  C:\Windows\system32\SearchIndexer.exe [3220:5040]               000007fef5e11700
    Thread  C:\Windows\system32\SearchIndexer.exe [3220:5048]               000007fef5e3b248
    Thread  C:\Windows\system32\SearchIndexer.exe [3220:5060]               000007fef5e3c4ac
    Thread  C:\Windows\system32\SearchIndexer.exe [3220:5132]               000007fef60a69ac
    Thread  C:\Windows\system32\SearchIndexer.exe [3220:4484]               000007fef60a69ac
    Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [4972:4604]  000007feff870168
    Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [4972:3844]  000007fefc4c2a7c
    Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [4972:5608]  000007fef9cf5124
    Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [4972:5296]  000007feff870168
    Thread  C:\Windows\System32\svchost.exe [3932:172]                      000007fee93f9688
    Thread  C:\Windows\system32\taskhost.exe [1644:4312]                    000007fef8b4ef24
    
    ---- EOF - GMER 2.1 ----
    
    DDS Log
    Code:
    DDS (Ver_2012-11-20.01) - NTFS_AMD64 
    Internet Explorer: 9.0.8112.16476  BrowserJavaVersion: 10.9.2
    Run by Derp at 11:50:31 on 2013-04-16
    Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3571.2214 [GMT -5:00]
    .
    AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
    C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    C:\Program Files (x86)\PDF Complete\pdfsvc.exe
    C:\Windows\SysWOW64\PnkBstrA.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\atieclxx.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
    C:\Program Files\Plantronics\GameCom780\GameCom780.exe
    C:\Program Files (x86)\BitTorrent\BitTorrent.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files (x86)\Internet Explorer\IELowutil.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\vssvc.exe
    C:\Windows\System32\svchost.exe -k swprv
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    mWinlogon: Userinit = userinit.exe
    BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    uRun: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe"  /MINIMIZED
    uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
    uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe -update activex
    mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
    mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
    mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    Trusted Zone: clonewarsadventures.com
    Trusted Zone: freerealms.com
    Trusted Zone: soe.com
    Trusted Zone: sony.com
    TCP: NameServer = 209.18.47.61 209.18.47.62
    TCP: Interfaces\{1BD4E6D2-579F-43CF-BF5A-B3EBC2E35860} : DHCPNameServer = 209.18.47.61 209.18.47.62
    TCP: Interfaces\{B04EDAD8-EE9A-4CC3-8B46-44B1E37C9002} : NameServer = 8.8.8.8,8.8.4.4
    TCP: Interfaces\{B04EDAD8-EE9A-4CC3-8B46-44B1E37C9002} : DHCPNameServer = 209.18.47.61 209.18.47.62
    Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
    Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
    x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
    x64-Run: [GamecomSound] C:\Program Files\Plantronics\GameCom780\GameCom780.exe
    x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
    x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    x64-mASetup: {B34A07DD-C6F7-414A-AE63-01019482EAF0} - msiexec /fu {B34A07DD-C6F7-414A-AE63-01019482EAF0} /qn
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Derp\AppData\Roaming\Mozilla\Firefox\Profiles\9d9w2p8w.default\
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
    FF - plugin: C:\Users\Derp\AppData\Roaming\RCKR\plugins\nprcplugin.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
    FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
    FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
    FF - ExtSQL: 2013-03-02 23:28; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Derp\AppData\Roaming\Mozilla\Firefox\Profiles\9d9w2p8w.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    FF - ExtSQL: 2013-03-02 23:29; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; C:\Users\Derp\AppData\Roaming\Mozilla\Firefox\Profiles\9d9w2p8w.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2012-2-29 82560]
    R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2012-2-29 42624]
    R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-4-7 65336]
    R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-11-23 1025808]
    R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-11-23 377920]
    R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
    R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 240640]
    R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
    R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
    R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-11-23 33400]
    R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-11-23 80816]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-4-7 45248]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]
    R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
    R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
    R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-1-12 1128952]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-2 483688]
    R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-15 3467768]
    R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-7-5 1874016]
    R3 PlantronicsGC;PLTGC Interface;C:\Windows\System32\drivers\PLTGC.sys [2013-2-22 1327104]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-1-12 533096]
    R3 rzendpt;rzendpt;C:\Windows\System32\drivers\rzendpt.sys [2012-11-7 22016]
    R3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2012-11-7 113664]
    R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2009-12-2 721768]
    R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2009-12-2 269672]
    R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2009-12-2 25960]
    R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2009-12-2 22376]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-2 209768]
    R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
    R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-1-12 47232]
    S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
    S2 CalendarSynchService;CalendarSynchService;"C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe" --> C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 HP Support Assistant Service;HP Support Assistant Service;"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" --> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [?]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
    S3 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-4-7 178624]
    S3 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-2 19456]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-2 57856]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-12-2 30208]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-11-25 1255736]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2013-04-16 13:16:04	9311288	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CDDFC399-C369-4D10-9030-361534342F9E}\mpengine.dll
    2013-04-14 19:05:58	--------	d-----w-	C:\Users\Derp\AppData\Roaming\SUPERAntiSpyware.com
    2013-04-14 19:05:38	--------	d-----w-	C:\ProgramData\SUPERAntiSpyware.com
    2013-04-14 19:05:38	--------	d-----w-	C:\Program Files\SUPERAntiSpyware
    2013-04-12 22:26:27	--------	d-----w-	C:\Users\Derp\AppData\Roaming\Malwarebytes
    2013-04-12 22:26:12	--------	d-----w-	C:\ProgramData\Malwarebytes
    2013-04-12 22:26:10	25928	----a-w-	C:\Windows\System32\drivers\mbam.sys
    2013-04-12 22:26:10	--------	d-----w-	C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-04-12 22:26:02	--------	d-----w-	C:\Users\Derp\AppData\Local\Programs
    2013-04-12 00:00:54	--------	d-----w-	C:\Users\Derp\AppData\Local\Adobe
    2013-04-10 08:00:59	1494528	----a-w-	C:\Windows\System32\inetcpl.cpl
    2013-04-10 07:47:14	3153408	----a-w-	C:\Windows\System32\win32k.sys
    2013-04-10 07:47:12	1655656	----a-w-	C:\Windows\System32\drivers\ntfs.sys
    2013-04-10 07:46:33	5550424	----a-w-	C:\Windows\System32\ntoskrnl.exe
    2013-04-10 07:46:31	3913560	----a-w-	C:\Windows\SysWow64\ntoskrnl.exe
    2013-04-10 07:46:30	3968856	----a-w-	C:\Windows\SysWow64\ntkrnlpa.exe
    2013-04-10 07:46:29	112640	----a-w-	C:\Windows\System32\smss.exe
    2013-04-10 07:46:28	43520	----a-w-	C:\Windows\System32\csrsrv.dll
    2013-04-10 07:46:26	6656	----a-w-	C:\Windows\SysWow64\apisetschema.dll
    2013-04-09 12:08:59	--------	d-----w-	C:\ProgramData\SoftSafe
    2013-04-09 12:08:50	--------	d-----w-	C:\ProgramData\InstallMate
    2013-04-07 21:51:12	178624	----a-w-	C:\Windows\System32\drivers\aswVmm.sys
    2013-04-07 21:51:11	65336	----a-w-	C:\Windows\System32\drivers\aswRvrt.sys
    2013-03-26 00:19:11	19968	----a-w-	C:\Windows\System32\drivers\usb8023.sys
    .
    ==================== Find3M  ====================
    .
    2013-03-13 01:36:29	73432	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-03-13 01:36:29	693976	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-03-13 01:36:23	16486616	----a-w-	C:\Windows\SysWow64\FlashPlayerInstaller.exe
    2013-03-12 06:10:56	282744	------w-	C:\Windows\System32\MpSigStub.exe
    2013-03-06 22:33:21	70992	----a-w-	C:\Windows\System32\drivers\aswRdr2.sys
    2013-03-06 22:33:21	1025808	----a-w-	C:\Windows\System32\drivers\aswSnx.sys
    2013-03-06 22:33:20	80816	----a-w-	C:\Windows\System32\drivers\aswMonFlt.sys
    2013-03-06 22:32:51	41664	----a-w-	C:\Windows\avastSS.scr
    2013-02-22 06:27:49	2312704	----a-w-	C:\Windows\System32\jscript9.dll
    2013-02-22 06:20:51	1392128	----a-w-	C:\Windows\System32\wininet.dll
    2013-02-22 06:15:48	173056	----a-w-	C:\Windows\System32\ieUnatt.exe
    2013-02-22 06:15:23	599040	----a-w-	C:\Windows\System32\vbscript.dll
    2013-02-22 06:12:41	2382848	----a-w-	C:\Windows\System32\mshtml.tlb
    2013-02-22 03:46:00	1800704	----a-w-	C:\Windows\SysWow64\jscript9.dll
    2013-02-22 03:38:00	1129472	----a-w-	C:\Windows\SysWow64\wininet.dll
    2013-02-22 03:37:50	1427968	----a-w-	C:\Windows\SysWow64\inetcpl.cpl
    2013-02-22 03:34:17	142848	----a-w-	C:\Windows\SysWow64\ieUnatt.exe
    2013-02-22 03:34:03	420864	----a-w-	C:\Windows\SysWow64\vbscript.dll
    2013-02-22 03:31:46	2382848	----a-w-	C:\Windows\SysWow64\mshtml.tlb
    2013-01-26 20:33:27	283032	----a-w-	C:\Windows\SysWow64\PnkBstrB.xtr
    2013-01-26 20:33:27	283032	----a-w-	C:\Windows\SysWow64\PnkBstrB.exe
    2013-01-26 05:12:22	283032	----a-w-	C:\Windows\SysWow64\PnkBstrB.ex0
    2013-01-26 05:03:38	76888	----a-w-	C:\Windows\SysWow64\PnkBstrA.exe
    2013-01-25 23:28:54	3130440	----a-w-	C:\Windows\SysWow64\pbsvc_blr.exe
    .
    ============= FINISH: 11:50:45.46 ===============
    
    HJT Log
    Code:
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 11:51:39 AM, on 4/16/2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16476)
    Boot mode: Normal
    
    Running processes:
    C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
    C:\Program Files\Plantronics\GameCom780\GameCom780.exe
    C:\Program Files (x86)\BitTorrent\BitTorrent.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
    C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
    C:\Program Files (x86)\Internet Explorer\IELowutil.exe
    C:\Users\Derp\Downloads\HijackThis.exe
    
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
    O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe"  /MINIMIZED
    O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe -update activex
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O15 - Trusted Zone: *.clonewarsadventures.com
    O15 - Trusted Zone: *.freerealms.com
    O15 - Trusted Zone: *.soe.com
    O15 - Trusted Zone: *.sony.com
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B04EDAD8-EE9A-4CC3-8B46-44B1E37C9002}: NameServer = 8.8.8.8,8.8.4.4
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
    O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CalendarSynchService - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
    O23 - Service: HP Support Assistant Service - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (file missing)
    O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
    O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
    O23 - Service: HP Software Framework Service (hpqwmiex) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (file missing)
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    
    --
    End of file - 11125 bytes
    
    I have run multiple scans, including SUPERAntiSpyware, Malwarebytes, and Avast.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1096294

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice