Jump to content


  • Posts

  • Joined

  • Last visited

Everything posted by gogogo

  1. Hi, I heard you mention something about lots of internet explorer instances. So I decided to remove internet explorer 8 and get back to internet explorer 7. Funnily enough, everything is running great again So I think for some reason, my system didnt like IE8 so I think I stick with IE7 and use firefox for now. Thanks
  2. Ok, I will continue working on this system and hope it doesnt get any worse. Thank for your time.
  3. Ok, that reassured me a bit. So from the logs my system is clean? is the latest version of IE8 buggy as well because its not just firefox browser that has a very slow startup?
  4. I should have been clearer, I opened the script and nothing opened ot had shown up, the CPU was 50% during this, then a window opened and I can see that after 3 minutes or so, the script is actuallt running and I can read what was written. Then it ran smoothly. I just think that shouldn't normal windows behaviour be something like you open a script, it should take at most a few seconds to load?? same with other tasks??
  5. But i thought that I was infected somehow when every thing I run took like 5 minutes to open. The script you asked me to run took about 3 minutes and the CPU usage was 50% all the way through that period. Also when downloading files for the first time, the firefox freezes for a few minutes and cuts off during download and that always happens. When I try to go into the device manager or msconfig or services.msc the same thing happens. 50% CPU increase for each one and I have to wait quite a while for my system to respond again. I have a feeling that it will always be like this....
  6. I have a feeling that it isnt eset doing this. I have had firefox and eset installed from day one after installing SP3. They have been running fine with no problems i.e. I didnt have to wait for desktop to load and didnt have to wait for firefox to load as well as other tasks until today. The DDS log is below: DDS (Ver_09-03-16.01) - NTFSx86 Run by Henry at 20:22:11.76 on 07/05/2009 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.2047.1446 [GMT 1:00] AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) FW: ESET Personal firewall *enabled* ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch C:\WINDOWS\system32\svchost -k rpcss C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\System32\svchost.exe -k LocalService C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe -k LocalService C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\DllHost.exe C:\WINDOWS\system32\spoolsv.exe C:\Documents and Settings\Henry\Desktop\dds.scr C:\WINDOWS\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uInternet Connection Wizard,ShellNext = hxxp://allyours.virginmedia.com/wbbadditional BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [unHackMe Monitor] c:\program files\unhackme\hackmon.exe mRun: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204 DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1241458698050 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1241464877187 Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\henry\applic~1\mozilla\firefox\profiles\cbwiug9y.default\ FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdjvu.dll ============= SERVICES / DRIVERS =============== R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-2-6 106208] R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2009-2-6 727720] S0 Partizan;Partizan;c:\windows\system32\drivers\Partizan.sys [2009-5-7 34760] S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\12d.tmp --> c:\windows\system32\12D.tmp [?] =============== Created Last 30 ================ 2009-05-07 20:09 <DIR> --d----- c:\docume~1\henry\applic~1\WinPatrol 2009-05-07 20:05 <DIR> --d----- c:\program files\BillP Studios 2009-05-07 18:22 28,544 a------- c:\windows\system32\drivers\pavboot.sys 2009-05-07 18:19 <DIR> --d----- c:\program files\Panda Security 2009-05-07 17:54 153,104 a------- c:\windows\system32\drivers\tmcomm.sys 2009-05-07 17:04 34,760 a------- c:\windows\system32\drivers\Partizan.sys 2009-05-07 17:04 32,480 a------- c:\windows\system32\Partizan.exe 2009-05-07 16:44 <DIR> --d----- c:\program files\Trend Micro 2009-05-07 16:35 <DIR> --d----- c:\docume~1\henry\applic~1\Malwarebytes 2009-05-07 16:35 15,504 a------- c:\windows\system32\drivers\mbam.sys 2009-05-07 16:35 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-05-07 16:35 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes 2009-05-07 16:35 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware 2009-05-07 16:00 2 a--shrot c:\windows\winstart.bat 2009-05-07 16:00 12,752 a------- c:\windows\system32\drivers\UnHackMeDrv.sys 2009-05-07 15:59 <DIR> --d----- c:\program files\UnHackMe 2009-05-07 15:41 <DIR> --d----- c:\docume~1\henry\applic~1\uTorrent 2009-05-07 12:55 1,071,088 a------- c:\windows\system32\MSCOMCTL.OCX 2009-05-07 12:55 118,784 a------- c:\windows\system32\MSSTDFMT.DLL 2009-05-07 12:55 <DIR> --d----- c:\program files\SpywareBlaster 2009-05-07 00:33 5,504 ac------ c:\windows\system32\dllcache\intelide.sys 2009-05-07 00:33 5,504 a------- c:\windows\system32\drivers\intelide.sys 2009-05-07 00:10 <DIR> --d----- c:\docume~1\henry\applic~1\ESET 2009-05-07 00:04 <DIR> --d----- c:\program files\ESET 2009-05-07 00:00 <DIR> --d----- c:\program files\LizardTech 2009-05-06 23:52 <DIR> --d----- c:\program files\Spybot - Search & Destroy 2009-05-06 23:52 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy 2009-05-06 05:46 <DIR> --d----- C:\1 NTFS_001 2009-05-05 20:40 <DIR> --d----- C:\1 NTFS_000 2009-05-05 19:53 <DIR> --d----- C:\1 NTFS 2009-05-05 17:41 <DIR> --d----- c:\program files\K-Lite Codec Pack 2009-05-05 17:37 <DIR> --d----- c:\program files\Cloudbrain 2009-05-05 17:06 27,496 a------- c:\windows\system32\mucltui.dll.mui 2009-05-05 17:06 268,648 a------- c:\windows\system32\mucltui.dll 2009-05-04 20:53 <DIR> --d----- c:\program files\EASEUS 2009-05-04 20:06 <DIR> --d----- c:\program files\Windows Media Connect 2 2009-05-04 20:05 <DIR> --d----- c:\windows\system32\LogFiles 2009-05-04 20:03 <DIR> --d----- c:\windows\system32\URTTemp 2009-05-04 20:00 <DIR> --dsh--- c:\documents and settings\henry\PrivacIE 2009-05-04 19:59 0 a------- c:\windows\ativpsrm.bin 2009-05-04 19:58 593,920 -------- c:\windows\system32\ati2sgag.exe 2009-05-04 19:57 <DIR> --d----- c:\program files\ATI Technologies 2009-05-04 19:57 <DIR> --d----- C:\ATI 2009-05-04 19:57 292 a------- c:\windows\system\cmicnfg.ini 2009-05-04 19:55 <DIR> --dsh--- c:\documents and settings\henry\IETldCache 2009-05-04 19:54 <DIR> --d----- c:\windows\ie8updates 2009-05-04 19:54 105,984 -c------ c:\windows\system32\dllcache\iecompat.dll 2009-05-04 19:53 <DIR> -cd-h--- c:\windows\ie8 2009-05-04 19:47 146,048 ac------ c:\windows\system32\dllcache\portcls.sys 2009-05-04 19:47 129,536 ac------ c:\windows\system32\dllcache\ksproxy.ax 2009-05-04 19:47 4,096 ac------ c:\windows\system32\dllcache\ksuser.dll 2009-05-04 19:47 146,048 a------- c:\windows\system32\drivers\portcls.sys 2009-05-04 19:47 129,536 a------- c:\windows\system32\ksproxy.ax 2009-05-04 19:47 4,096 a------- c:\windows\system32\ksuser.dll 2009-05-04 19:47 60,160 ac------ c:\windows\system32\dllcache\drmk.sys 2009-05-04 19:47 60,160 a------- c:\windows\system32\drivers\drmk.sys 2009-05-04 19:44 333,952 -c------ c:\windows\system32\dllcache\srv.sys 2009-05-04 19:44 455,296 -c------ c:\windows\system32\dllcache\mrxsmb.sys 2009-05-04 19:44 1,106,944 -c------ c:\windows\system32\dllcache\msxml3.dll 2009-05-04 19:44 337,408 -c------ c:\windows\system32\dllcache\netapi32.dll 2009-05-04 19:44 331,776 -c------ c:\windows\system32\dllcache\msadce.dll 2009-05-04 19:43 691,712 -c------ c:\windows\system32\dllcache\inetcomm.dll 2009-05-04 19:43 272,128 -c------ c:\windows\system32\dllcache\bthport.sys 2009-05-04 19:43 203,136 -c------ c:\windows\system32\dllcache\rmcast.sys 2009-05-04 19:41 <DIR> --d----- c:\program files\Western Digital Corporation 2009-05-04 19:33 <DIR> --d----- c:\windows\system32\scripting 2009-05-04 19:33 <DIR> --d----- c:\windows\system32\en 2009-05-04 19:33 <DIR> --d----- c:\windows\l2schemas 2009-05-04 19:29 <DIR> --d----- c:\windows\network diagnostic 2009-05-04 19:22 4,126 -c------ c:\windows\system32\dllcache\msdxmlc.dll 2009-05-04 19:13 <DIR> --d----- c:\windows\system32\PreInstall 2009-05-04 19:13 <DIR> --d-h--- c:\windows\$hf_mig$ 2009-05-04 19:06 316,640 a------- c:\windows\WMSysPr9.prx 2009-05-04 19:05 <DIR> --d----- c:\windows\provisioning 2009-05-04 19:05 <DIR> --d----- c:\windows\peernet 2009-05-04 19:04 <DIR> --d----- c:\windows\ServicePackFiles 2009-05-04 19:01 <DIR> --d----- c:\windows\system32\ReinstallBackups 2009-05-04 19:01 26,144 a------- c:\windows\system32\spupdsvc.exe 2009-05-04 19:00 <DIR> --d----- c:\windows\EHome 2009-05-04 18:58 11,264 -------- c:\windows\system32\spnpinst.exe 2009-05-04 18:58 7,208 -------- c:\windows\system32\secupd.sig 2009-05-04 18:58 4,569 -------- c:\windows\system32\secupd.dat 2009-05-04 18:49 36,352 -------- C:\WGASetup.exe 2009-05-04 18:41 <DIR> --d----- c:\windows\system32\bits 2009-05-04 18:40 354,304 a------- c:\windows\system32\winhttp.dll 2009-05-04 18:40 18,944 a------- c:\windows\system32\qmgrprxy.dll 2009-05-04 18:40 438,784 -------- c:\windows\system32\xpob2res.dll 2009-05-04 18:40 8,192 -------- c:\windows\system32\bitsprx2.dll 2009-05-04 18:40 7,168 -------- c:\windows\system32\bitsprx3.dll 2009-05-04 18:38 31,768 a------- c:\windows\system32\wucltui.dll.mui 2009-05-04 18:38 213,528 a------- c:\windows\system32\wuaucpl.cpl 2009-05-04 18:38 23,576 a------- c:\windows\system32\wuaucpl.cpl.mui 2009-05-04 18:38 23,576 a------- c:\windows\system32\wuapi.dll.mui 2009-05-04 18:38 18,456 a------- c:\windows\system32\wuaueng.dll.mui 2009-05-04 18:38 <DIR> --dsh--- c:\documents and settings\henry\UserData 2009-05-04 18:34 <DIR> --d----- c:\windows\system32\?? 2009-05-04 18:34 <DIR> --ds---- c:\windows\system32\Microsoft 2009-05-04 18:31 459,520 a------- c:\windows\system32\drivers\rt73.sys 2009-05-04 18:29 53,299 a------- c:\windows\system32\pthreadVC.dll 2009-05-04 18:28 256,640 a------- c:\windows\system32\PROUnstl.exe 2009-05-04 18:28 1,904 -------- c:\windows\system32\SetupBD.din 2009-05-04 17:46 106,496 ac------ c:\windows\system32\dllcache\imekrcic.dll 2009-05-04 17:45 3,072 a------- c:\windows\system32\drivers\audstub.sys 2009-05-04 17:44 57,600 a------- c:\windows\system32\drivers\redbook.sys 2009-05-04 17:44 25,856 a------- c:\windows\system32\drivers\usbprint.sys 2009-05-04 17:44 6,400 a------- c:\windows\system32\drivers\enum1394.sys 2009-05-04 17:44 74,240 ac------ c:\windows\system32\dllcache\usbui.dll 2009-05-04 17:44 74,240 a------- c:\windows\system32\usbui.dll 2009-05-04 17:43 <DIR> --d----- c:\program files\common files\ODBC 2009-05-04 17:43 <DIR> --d----- c:\program files\common files\SpeechEngines 2009-05-04 17:42 <DIR> --d--r-- c:\documents and settings\all users\Documents 2009-05-04 17:41 261 a------- c:\windows\system32\$winnt$.inf 2009-05-04 16:53 <DIR> --dsh--- c:\documents and settings\all users\DRM 2009-05-04 16:51 <DIR> --d----- c:\program files\common files\MSSoap 2009-05-04 16:50 <DIR> --d-h--- c:\program files\WindowsUpdate 2009-05-04 16:50 <DIR> --d----- c:\program files\Online Services 2009-05-04 16:50 <DIR> --d----- c:\program files\Messenger 2009-05-04 16:50 <DIR> --d----- c:\program files\MSN Gaming Zone 2009-05-04 16:50 <DIR> --d----- c:\program files\Windows NT ==================== Find3M ==================== 2009-05-04 19:36 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat 2009-05-04 16:51 21,640 a------- c:\windows\system32\emptyregdb.dat 2009-04-02 14:21 84,480 a------- c:\windows\system32\ff_vfw.dll 2009-03-16 22:33 3,597,312 a------- c:\windows\system32\drivers\ati2mtag.sys 2009-03-16 21:27 442,368 a------- c:\windows\system32\ATIDEMGX.dll 2009-03-16 21:26 328,704 a------- c:\windows\system32\ati2dvag.dll 2009-03-16 21:17 307,200 a------- c:\windows\system32\atiiiexx.dll 2009-03-16 21:17 204,800 a------- c:\windows\system32\atipdlxx.dll 2009-03-16 21:16 155,648 a------- c:\windows\system32\Oemdspif.dll 2009-03-16 21:16 26,112 a------- c:\windows\system32\Ati2mdxx.exe 2009-03-16 21:16 43,520 a------- c:\windows\system32\ati2edxx.dll 2009-03-16 21:16 155,648 a------- c:\windows\system32\ati2evxx.dll 2009-03-16 21:15 602,112 a------- c:\windows\system32\ati2evxx.exe 2009-03-16 21:13 53,248 a------- c:\windows\system32\ATIDDC.DLL 2009-03-16 21:06 3,820,736 a------- c:\windows\system32\ati3duag.dll 2009-03-16 21:04 11,563,008 a------- c:\windows\system32\atioglxx.dll 2009-03-16 20:53 2,675,328 a------- c:\windows\system32\ativvaxx.dll 2009-03-16 20:53 3,107,788 a------- c:\windows\system32\ativva5x.dat 2009-03-16 20:53 887,724 a------- c:\windows\system32\ativva6x.dat 2009-03-16 20:40 49,664 a------- c:\windows\system32\atimpc32.dll 2009-03-16 20:40 49,664 a------- c:\windows\system32\amdpcom32.dll 2009-03-16 20:36 475,136 a------- c:\windows\system32\atikvmag.dll 2009-03-16 20:35 303,104 a------- c:\windows\system32\atiok3x2.dll 2009-03-16 20:35 131,072 a------- c:\windows\system32\atiadlxx.dll 2009-03-16 20:35 45,056 a------- c:\windows\system32\aticalrt.dll 2009-03-16 20:34 45,056 a------- c:\windows\system32\aticalcl.dll 2009-03-16 20:34 17,408 a------- c:\windows\system32\atitvo32.dll 2009-03-16 20:34 53,248 a------- c:\windows\system32\drivers\ati2erec.dll 2009-03-16 20:33 3,264,512 a------- c:\windows\system32\aticaldd.dll 2009-03-16 20:28 630,784 a------- c:\windows\system32\ati2cqag.dll 2009-03-08 04:34 914,944 a------- c:\windows\system32\wininet.dll 2009-03-08 04:34 43,008 a------- c:\windows\system32\licmgr10.dll 2009-03-08 04:33 18,944 a------- c:\windows\system32\corpol.dll 2009-03-08 04:33 420,352 a------- c:\windows\system32\vbscript.dll 2009-03-08 04:32 72,704 a------- c:\windows\system32\admparse.dll 2009-03-08 04:32 71,680 a------- c:\windows\system32\iesetup.dll 2009-03-08 04:31 34,816 a------- c:\windows\system32\imgutil.dll 2009-03-08 04:31 48,128 a------- c:\windows\system32\mshtmler.dll 2009-03-08 04:31 45,568 a------- c:\windows\system32\mshta.exe 2009-03-08 04:22 156,160 a------- c:\windows\system32\msls31.dll 2009-03-06 15:22 284,160 a------- c:\windows\system32\pdh.dll 2009-03-06 13:54 180,224 a------- c:\windows\system32\Ncs2Setp.dll 2009-03-04 15:42 760,368 a------- c:\windows\system32\ncs2dmix.dll 2009-03-04 15:41 530,992 a------- c:\windows\system32\accesor.dll 2009-03-04 15:26 141,872 a------- c:\windows\system32\ncs2instutility.dll 2009-03-04 15:17 1,522,224 a------- c:\windows\system32\ncscolib.dll 2009-03-03 20:56 118,784 a------- c:\windows\system32\atibtmon.exe 2009-02-26 21:47 2,255,360 a------- c:\windows\system32\x264vfw.dll 2009-02-23 22:39 184,394 a------- c:\windows\system32\atiicdxx.dat 2009-02-18 18:55 294,912 a------- c:\windows\system32\ATIODE.exe 2009-02-09 13:10 729,088 a------- c:\windows\system32\lsasrv.dll 2009-02-09 13:10 714,752 a------- c:\windows\system32\ntdll.dll 2009-02-09 13:10 617,472 a------- c:\windows\system32\advapi32.dll 2009-02-09 13:10 401,408 a------- c:\windows\system32\rpcss.dll 2009-02-09 12:13 1,846,784 a------- c:\windows\system32\win32k.sys ============= FINISH: 20:22:59.88 =============== DDS.txt Attach.txt DDS.txt Attach.txt
  7. Hi, I recently had problems with my hard drive and had to format the whole thing. SO I reinstalled XP Professional and updated it to SP3. Now everything was working smoothly apart when I opened it today. It somehow went a lot slower than it did yesterday and I dont know why. The problem is that whenever my computer loads up into the main desktop, it takes about 5 minutes to load and the hard drive makes a constant low sound which I think it is doing something like scanning through the drive to find something. Basically, it loads the icons for the LAN and the wireless internet. I then installed spybot and ran a complete scan but nothing showed up. Once this is loaded, whenever I try to load my computer or check services.msc, the CPU usage increases by 50% for each. I.e. when I double click on my computer CPU usage increases by 50% when is I try to check out services.msc, it increases by 50% as well for the mmc.exe service. I also hear that low sound coming from my hard drive as if its busy, its not the sound it makes when defragmenting but more quiter. THen when i try to go on firefox, and the same thing happens when I look at process explorer. Now something is wrong here. I have downloaded the Malicious removal tool and it has found nothing in the quick scan. But essentially, everytime I do something new in a program like firefox, say downloading a file for the first time after opening firefox, say the malicious removal tool, it supposed to be 9.5 MB so I clicked it and downloaded it. Firefox froze. Later it says download complete but it only downloaded 1.7MB not the full 9.5MB. So i download it again, it didnt freeze this time and downloaded the whole file. Its these things which slow my computer down and I have no idea what could be the cause. I read the guide to download the antimalware and after downloading the malicious removal tool, I can download files with no problems, there is no more freezing. Then I tried to install antimalware but when it almost finished it kinda froze for minutes. I have included a screenshot of process explorer of the cpu usage. SO I had to wait. Also there was something about hijackthis so I downloaded that as well and installed it. But when I was about to install, I took a screenshot to show you that any new task I do, the CPU isage like increases by 50%. See the attachment. Is there anyway I can return my computer back to normal? I dont want to keep formatting and formatting and end up with the same problem. I am currently doing a full malwarebytes scan but I have included the results of a quick scan. Any help would be much appreciated. mbam_log_2009_05_07__16_52_46_.txt mbam_log_2009_05_07__16_52_46_.txt
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.