Jump to content

Toeforce

Members
  • Posts

    7
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hi Chris, Thanks again for the reply and your continued help. I've done everything you recommended, and while it seems like my computer might be running a little faster it's still definitely got problems. Seems to be an issue with the graphics driver (which I updated from the Toshiba website. I think I'm going to have to take it in to a shop to have it looked at in person. Thanks for all that you've done to help me figure this out. Very much appreciated! Philip P.S. here are the second round of results from pc pitstop: http://www.pcpitstop.com/betapit/sec.asp?conid=24492348&report=Summary The video performance rating is about half the normal reported rating for my video card and in the bottom 18% of all laptops scanned
  2. Hey Chris, Thanks very much for your help! It does seem like whatever is going on is not from malware... The Direct x Diagnostic program reports the display device as Intel HD Graphics (core i3) with 1696 mb memory and display mode 1366 x 768 in 32 bit (60 hz) Not sure if that is all necessary/sufficient to give you an idea of graphics card situation Here is the pc pitstop results url: http://www.pcpitstop.com/betapit/sec.asp?conid=24492348 Cheers! -Philip
  3. Dear malware removal experts, I have a less than a year old toshiba satellite l655-s5117 laptop running windows 7 home premium service pack 1. I've been working on a public health project in Bolivia for about 2 months, and about the time I got down here I noticed some serious performance issues with my computer. The response seems to hang for a few seconds fairly often especially with media or when watching videos on youtube, and when this happens the sound distorts and slows down as well. Also, occasionally when watching a video on youtube or playing a game in dosbox, I've had the computer go nonresponsive for close to a minute, the screen black out, and then come back with a notification that the display driver has crashed. I have Malwarebytes full and Avast free antivirus, and they have not found anything on the system. Here is my DDS.txt file: . DDS (Ver_2011-06-23.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Philip at 14:58:51 on 2011-08-01 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.2175 [GMT -4:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\windows\system32\wininit.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\windows\system32\WLANExt.exe C:\windows\system32\conhost.exe C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\windows\system32\dlbxcoms.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\PROGRA~2\PHAROS~1\Core\CTskMstr.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe c:\Program Files (x86)\Smith Micro\StuffIt 2010\ArcNameService.exe C:\Windows\system32\TODDSrv.exe C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe C:\Program Files\TOSHIBA\TECO\TecoService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\windows\system32\SearchIndexer.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\windows\system32\wbem\unsecapp.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\windows\System32\svchost.exe -k secsvcs C:\Program Files\Windows Media Player\wmpnetwk.exe C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe C:\windows\system32\igfxsrvc.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Program Files\TOSHIBA\TECO\Teco.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\AccuWeather.com Stratus\AccuWeather.com Stratus.exe C:\Users\Philip\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\MagicDisc\MagicDisc.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\Citrix\ICA Client\concentr.exe C:\Program Files (x86)\Freecorder\FLVSrvc.exe C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe C:\windows\system32\igfxext.exe C:\windows\system32\wuauclt.exe C:\Program Files\iPod\bin\iPodService.exe C:\windows\System32\svchost.exe -k LocalServicePeerNet C:\windows\system32\DllHost.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Users\Philip\Downloads\Defogger.exe C:\windows\system32\conhost.exe C:\windows\system32\taskeng.exe C:\windows\System32\svchost.exe -k WerSvcGroup C:\windows\system32\SearchProtocolHost.exe C:\windows\system32\SearchFilterHost.exe C:\windows\SysWOW64\cmd.exe C:\windows\system32\conhost.exe C:\windows\SysWOW64\cscript.exe C:\windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSND&bmod=TSND uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSND&bmod=TSND mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSND&bmod=TSND mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSND&bmod=TSND uInternet Settings,ProxyOverride = *.local;<local> mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup mRun: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run mRun: [KORG USB-MIDI Driver] C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe /s mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui StartupFolder: C:\Users\Philip\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ACCUWE~1.LNK - C:\Program Files (x86)\AccuWeather.com Stratus\AccuWeather.com Stratus.exe StartupFolder: C:\Users\Philip\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Philip\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\Users\Philip\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} - C:\Users\Philip\AppData\Local\Temp\f5tmp\urxvpn.cab DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} - C:\Users\Philip\AppData\Local\Temp\f5tmp\f5tunsrv.cab DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} - C:\Users\Philip\AppData\Local\Temp\IXP000.TMP\InstallerControl.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} - C:\Users\Philip\AppData\Local\Temp\f5tmp\urxshost.cab DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} - C:\Users\Philip\AppData\Local\Temp\f5tmp\urxhost.cab TCP: DhcpNameServer = 200.7.160.10 200.7.165.10 TCP: Interfaces\{9D6276E4-C1F3-4992-BD70-9EE62672CFC3} : DhcpNameServer = 200.7.160.10 200.7.165.10 TCP: Interfaces\{DCDB13AE-1B16-4C0F-AD6B-CCBAD7590C8F} : DhcpNameServer = 192.168.0.100 TCP: Interfaces\{DCDB13AE-1B16-4C0F-AD6B-CCBAD7590C8F}\25F6379656 : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{DCDB13AE-1B16-4C0F-AD6B-CCBAD7590C8F}\341425C4148343 : DhcpNameServer = 192.168.0.1 Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll BHO-X64: Increase performance and video formats for your HTML5 <video> - No File BHO-X64: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll BHO-X64: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - No File BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun-x64: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup mRun-x64: [Freecorder FLV Service] "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run mRun-x64: [KORG USB-MIDI Driver] C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe /s mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\j56f0pek.default\ FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npicaN.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Philip\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\j56f0pek.default\extensions\{DBBB3167-6E81-400f-BBFD-BD8921726F52}\plugins\NPuroamHost.dll FF - plugin: C:\windows\system32\Wat\npWatWeb.dll FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: F5 Networks Host Plugin: {DBBB3167-6E81-400f-BBFD-BD8921726F52} - %profile%\extensions\{DBBB3167-6E81-400f-BBFD-BD8921726F52} FF - Ext: Torrent Finder Toolbar: TFToolbarX@torrent-finder - %profile%\extensions\TFToolbarX@torrent-finder FF - Ext: avast! WebRep: wrc@avast.com - C:\Program Files\AVAST Software\Avast\WebRep\FF . ============= SERVICES / DRIVERS =============== . R1 aswSnx;aswSnx;C:\windows\system32\drivers\aswSnx.sys --> C:\windows\system32\drivers\aswSnx.sys [?] R1 aswSP;aswSP;C:\windows\system32\drivers\aswSP.sys --> C:\windows\system32\drivers\aswSP.sys [?] R1 ctxusbm;Citrix USB Monitor Driver;C:\windows\system32\DRIVERS\ctxusbm.sys --> C:\windows\system32\DRIVERS\ctxusbm.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?] R2 aswFsBlk;aswFsBlk;C:\windows\system32\drivers\aswFsBlk.sys --> C:\windows\system32\drivers\aswFsBlk.sys [?] R2 aswMonFlt;aswMonFlt;\??\C:\windows\system32\drivers\aswMonFlt.sys --> C:\windows\system32\drivers\aswMonFlt.sys [?] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-7-9 42184] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-6-4 366640] R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-2-25 252928] R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\system32\DRIVERS\TVALZFL.sys --> C:\windows\system32\DRIVERS\TVALZFL.sys [?] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-17 2320920] R3 HECIx64;Intel® Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?] R3 Impcd;Impcd;C:\windows\system32\DRIVERS\Impcd.sys --> C:\windows\system32\DRIVERS\Impcd.sys [?] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\system32\DRIVERS\L1C62x64.sys --> C:\windows\system32\DRIVERS\L1C62x64.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\windows\system32\drivers\mbam.sys --> C:\windows\system32\drivers\mbam.sys [?] R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\windows\system32\DRIVERS\NETwNs64.sys --> C:\windows\system32\DRIVERS\NETwNs64.sys [?] R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?] R3 QIOMem;Generic IO & Memory Access;C:\windows\system32\DRIVERS\QIOMem.sys --> C:\windows\system32\DRIVERS\QIOMem.sys [?] R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-10-17 54136] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560] R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952] R3 urvpndrv;F5 Networks VPN Adapter;C:\windows\system32\DRIVERS\covpnv64.sys --> C:\windows\system32\DRIVERS\covpnv64.sys [?] R3 wdkmd;Intel WiDi KMD;C:\windows\system32\DRIVERS\WDKMD.sys --> C:\windows\system32\DRIVERS\WDKMD.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-9 136176] S3 f5ipfw;F5 Networks StoneWall Filter;\??\C:\windows\system32\drivers\urfltv64.sys --> C:\windows\system32\drivers\urfltv64.sys [?] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-9-9 136176] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-7-19 340240] S3 RDID1110;OCTA-CAPTURE;C:\windows\system32\Drivers\rdwm1110.sys --> C:\windows\system32\Drivers\rdwm1110.sys [?] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?] S3 SrvHsfHDA;SrvHsfHDA;C:\windows\system32\DRIVERS\VSTAZL6.SYS --> C:\windows\system32\DRIVERS\VSTAZL6.SYS [?] S3 SrvHsfV92;SrvHsfV92;C:\windows\system32\DRIVERS\VSTDPV6.SYS --> C:\windows\system32\DRIVERS\VSTDPV6.SYS [?] S3 SrvHsfWinac;SrvHsfWinac;C:\windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\windows\system32\DRIVERS\VSTCNXT6.SYS [?] S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?] S3 X19;Optikam Pro 318CU/518CU/319CU/519CU Camera Driver;C:\windows\system32\Drivers\x18cu.sys --> C:\windows\system32\Drivers\x18cu.sys [?] . =============== Created Last 30 ================ . 2011-07-29 23:28:00 8578896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3E1FD0C5-A27A-4251-B713-F37401EAA58C}\mpengine.dll 2011-07-16 17:37:13 421888 ----a-w- C:\windows\System32\KernelBase.dll 2011-07-16 17:37:00 272384 ----a-w- C:\windows\SysWow64\KernelBase.dll 2011-07-15 13:33:38 362496 ----a-w- C:\windows\System32\wow64win.dll 2011-07-15 13:33:38 338944 ----a-w- C:\windows\System32\conhost.exe 2011-07-15 13:33:37 214528 ----a-w- C:\windows\System32\winsrv.dll 2011-07-15 13:33:35 25600 ----a-w- C:\windows\SysWow64\setup16.exe 2011-07-15 13:33:35 243200 ----a-w- C:\windows\System32\wow64.dll 2011-07-15 13:33:35 16384 ----a-w- C:\windows\System32\ntvdm64.dll 2011-07-15 13:33:34 7680 ----a-w- C:\windows\SysWow64\instnm.exe 2011-07-15 13:33:34 5120 ----a-w- C:\windows\SysWow64\wow32.dll 2011-07-15 13:33:34 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll 2011-07-15 13:33:34 13312 ----a-w- C:\windows\System32\wow64cpu.dll 2011-07-15 13:33:29 2048 ----a-w- C:\windows\SysWow64\user.exe 2011-07-15 13:32:25 3137536 ----a-w- C:\windows\System32\win32k.sys 2011-07-10 12:46:34 404640 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-07-03 03:56:21 600920 ----a-w- C:\windows\System32\drivers\aswSnx.sys 2011-07-03 03:56:17 64856 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys 2011-07-03 03:55:55 40112 ----a-w- C:\windows\avastSS.scr 2011-07-03 03:55:29 -------- d-----w- C:\ProgramData\AVAST Software 2011-07-03 03:55:29 -------- d-----w- C:\Program Files\AVAST Software . ==================== Find3M ==================== . 2011-07-10 13:47:50 16 ----a-w- C:\Users\Philip\AppData\Roaming\msregsvv.dll 2011-06-23 02:25:06 175616 ----a-w- C:\windows\System32\msclmd.dll 2011-06-23 02:25:06 152576 ----a-w- C:\windows\SysWow64\msclmd.dll 2011-06-03 05:57:52 44032 ----a-w- C:\windows\apppatch\acwow64.dll 2011-06-03 03:48:32 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2011-06-03 03:48:31 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2011-06-03 03:48:31 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2011-06-03 03:48:31 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2011-05-29 13:11:30 39984 ----a-w- C:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-05-29 13:11:20 25912 ----a-w- C:\windows\System32\drivers\mbam.sys 2011-05-24 23:14:10 270720 ------w- C:\windows\System32\MpSigStub.exe 2011-05-24 11:42:55 404480 ----a-w- C:\windows\System32\umpnpmgr.dll 2011-05-24 10:40:05 64512 ----a-w- C:\windows\SysWow64\devobj.dll 2011-05-24 10:40:05 44544 ----a-w- C:\windows\SysWow64\devrtl.dll 2011-05-24 10:39:38 145920 ----a-w- C:\windows\SysWow64\cfgmgr32.dll 2011-05-24 10:37:54 252928 ----a-w- C:\windows\SysWow64\drvinst.exe 2011-05-04 05:25:03 2315776 ----a-w- C:\windows\System32\tquery.dll 2011-05-04 05:22:25 778752 ----a-w- C:\windows\System32\mssvp.dll 2011-05-04 05:22:25 2223616 ----a-w- C:\windows\System32\mssrch.dll 2011-05-04 05:22:24 75264 ----a-w- C:\windows\System32\msscntrs.dll 2011-05-04 05:22:24 491520 ----a-w- C:\windows\System32\mssph.dll 2011-05-04 05:22:24 288256 ----a-w- C:\windows\System32\mssphtb.dll 2011-05-04 05:19:28 591872 ----a-w- C:\windows\System32\SearchIndexer.exe 2011-05-04 05:19:28 249856 ----a-w- C:\windows\System32\SearchProtocolHost.exe 2011-05-04 05:19:28 113664 ----a-w- C:\windows\System32\SearchFilterHost.exe 2011-05-04 04:34:43 1549312 ----a-w- C:\windows\SysWow64\tquery.dll 2011-05-04 04:32:02 666624 ----a-w- C:\windows\SysWow64\mssvp.dll 2011-05-04 04:32:01 337408 ----a-w- C:\windows\SysWow64\mssph.dll 2011-05-04 04:32:01 197120 ----a-w- C:\windows\SysWow64\mssphtb.dll 2011-05-04 04:32:01 1401344 ----a-w- C:\windows\SysWow64\mssrch.dll 2011-05-04 04:32:00 59392 ----a-w- C:\windows\SysWow64\msscntrs.dll 2011-05-04 04:28:31 86528 ----a-w- C:\windows\SysWow64\SearchFilterHost.exe 2011-05-04 04:28:31 427520 ----a-w- C:\windows\SysWow64\SearchIndexer.exe 2011-05-04 04:28:31 164352 ----a-w- C:\windows\SysWow64\SearchProtocolHost.exe . ============= FINISH: 15:01:38.58 =============== Here is the MBAM log file from today: Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Database version: 7348 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 8/1/2011 5:15:39 PM mbam-log-2011-08-01 (17-15-34).txt Scan type: Full scan (C:\|) Objects scanned: 382359 Time elapsed: 58 minute(s), 3 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) And the other logs are in the attachment. The rootkit detector did not find any altered processes, but I have attached the log anyway. Thanks so much to anybody who takes the time to check this out for me. I'd really like to get my computer back to an appropriate level of functionality. -Philip logs.zip
  4. Wow... Did not know that MBAM was not a full-on antivirus... I actually removed the annoying AV my computer came with because I thought it would destroy performance if I used it with MBAM, which I trust more. Thanks for setting me straight on that. I'm going to download some free AV and see what it finds
  5. The main thing I noticed, though, was the heavy performance hit my system was taking
  6. Hey Daledoc, thanks for the welcome, OS is windows 7 64 bit, service pack 1 I have MBAM 1.51.0.1200 PRO I have database 7003 I do not have any other antivirus than MBAM installed, I have windows firewall activated I use wireless routers to connect to the internet most of the time, and was worried that I might have gotten some malware because network security could be worse here than in the states. I vaguely recall that my computer booted once without MBAM running active protection, which had me worried. I also had a browser start page redirect to some search engine site which I fixed within firefox. MBAM did not detect it as a problem.
  7. Hi everybody, First off, wanted to say Malwarebytes is the best antivirus program out there, at least for somebody like me with no real programming knowledge. So thanks very much to the crew who made it and keep it up to date. Now, something strange has happened with malwarebytes and the performance of my toshiba satellite l655 laptop which makes me kind of suspicious. I'm down in Bolivia for the summer doing public health research, and shortly after or maybe slightly before I got down here, my laptop started performing waaaaaay below its rated specs, temporarily freezing routinely during internet use, not being able to play more than a few seconds of media files before becoming temporarily unresponsive, and generally being extremely slow for a relatively new computer. I updated and ran malwarebytes full system scans several times, but to this day they find nothing suspicious. Finally, today, I decided to check and see if renaming the malwarebytes executable would yield different scan results. I renamed mbam.exe to onoyoudont.exe, and ran the scan, which again found nothing. However, I noticed an immediate improvement to my computer's performance, so that now it is performing at or at least very close to the level it was at when I bought it. This seems very suspicious to me. Any thoughts?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.