EAHUFF
2013-07-07, 04:27
While this laptop is older recently it has gotten extremely slow loading and internet use. Any assistance would be appreciated.
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Butch Tuthill at 17:47:06 on 2013-07-06
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.894.411 [GMT -7:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.0.1\ToolbarUpdater.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
uRun: [ROC_ROC_APR2013_AV] c:\documents and settings\butch tuthill\application data\avg april 2013 campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 39228938aa0447d38175d15c83279067-a2a9668d078a01e46722d44183cb80ce7e100132 --CMPID ROC_APR2013_AV --CMPIDEXTRA 2013
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [SigmatelSysTrayApp] c:\program files\sigmatel\c-major audio\wdm\stsystra.exe
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
StartupFolder: c:\docume~1\butcht~1\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1348110943625
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{55CC3C06-FF9D-4411-976C-861CC07D26CF} : DHCPNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{6A70B8EF-4201-4BB5-924C-D0F02D29C6B0} : DHCPNameServer = 192.168.0.1
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-10-15 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 245048]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2012-11-16 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-9-14 39224]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-10-22 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2012-9-21 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-10-2 170808]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-9-21 182072]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-5-5 33624]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-5-14 4937264]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-4-18 283136]
R2 vToolbarUpdater15.0.1;vToolbarUpdater15.0.1;c:\program files\common files\avg secure search\vtoolbarupdater\15.0.1\ToolbarUpdater.exe [2013-5-5 990896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-12 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2013-06-22 00:47:18 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-22 00:47:17 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-07 22:30:06 920064 ----a-w- c:\windows\system32\wininet.dll
2013-05-07 22:30:05 43520 ------w- c:\windows\system32\licmgr10.dll
2013-05-07 22:30:05 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-05-07 21:53:29 385024 ------w- c:\windows\system32\html.iec
2013-05-05 21:13:55 33624 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-05-03 01:26:26 2193536 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-03 00:38:18 2070144 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-10 01:31:19 1876352 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 17:47:43.28 ===============
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-06 17:52:00
-----------------------------
17:52:00.375 OS Version: Windows 5.1.2600 Service Pack 3
17:52:00.375 Number of processors: 1 586 0x4C02
17:52:00.375 ComputerName: MARIEMOM UserName:
17:52:00.671 Initialize success
18:15:56.796 AVAST engine defs: 13070601
18:16:32.625 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
18:16:32.625 Disk 0 Vendor: WDC_WD600BEVS-75LAT0 02.06M02 Size: 57231MB BusType: 3
18:16:32.843 Disk 0 MBR read successfully
18:16:32.843 Disk 0 MBR scan
18:16:32.921 Disk 0 Windows XP default MBR code
18:16:32.921 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 70 MB offset 63
18:16:32.937 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 53615 MB offset 144585
18:16:32.984 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 3537 MB offset 109948860
18:16:32.984 Disk 0 scanning sectors +117194175
18:16:33.031 Disk 0 scanning C:\WINDOWS\system32\drivers
18:16:48.406 Service scanning
18:17:09.484 Modules scanning
18:17:16.125 Module: C:\WINDOWS\System32\DLA\DLADResN.SYS **SUSPICIOUS**
18:17:17.453 Disk 0 trace - called modules:
18:17:17.468 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
18:17:17.468 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84b54ab8]
18:17:17.468 3 CLASSPNP.SYS[f7544fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x84b69b00]
18:17:18.078 AVAST engine scan C:\WINDOWS
18:17:23.984 AVAST engine scan C:\WINDOWS\system32
18:22:32.890 AVAST engine scan C:\WINDOWS\system32\drivers
18:22:53.578 AVAST engine scan C:\Documents and Settings\Butch Tuthill
18:23:49.906 AVAST engine scan C:\Documents and Settings\All Users
18:24:44.234 Scan finished successfully
18:25:12.062 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Butch Tuthill\Desktop\Do Not Delete\MBR.dat"
18:25:12.062 The log file has been saved successfully to "C:\Documents and Settings\Butch Tuthill\Desktop\Do Not Delete\aswMBR.txt"
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Butch Tuthill at 17:47:06 on 2013-07-06
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.894.411 [GMT -7:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.0.1\ToolbarUpdater.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
uRun: [ROC_ROC_APR2013_AV] c:\documents and settings\butch tuthill\application data\avg april 2013 campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 39228938aa0447d38175d15c83279067-a2a9668d078a01e46722d44183cb80ce7e100132 --CMPID ROC_APR2013_AV --CMPIDEXTRA 2013
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [SigmatelSysTrayApp] c:\program files\sigmatel\c-major audio\wdm\stsystra.exe
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
StartupFolder: c:\docume~1\butcht~1\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1348110943625
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{55CC3C06-FF9D-4411-976C-861CC07D26CF} : DHCPNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{6A70B8EF-4201-4BB5-924C-D0F02D29C6B0} : DHCPNameServer = 192.168.0.1
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-10-15 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 245048]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2012-11-16 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-9-14 39224]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-10-22 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2012-9-21 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-10-2 170808]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-9-21 182072]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-5-5 33624]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-5-14 4937264]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-4-18 283136]
R2 vToolbarUpdater15.0.1;vToolbarUpdater15.0.1;c:\program files\common files\avg secure search\vtoolbarupdater\15.0.1\ToolbarUpdater.exe [2013-5-5 990896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-12 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2013-06-22 00:47:18 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-22 00:47:17 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-07 22:30:06 920064 ----a-w- c:\windows\system32\wininet.dll
2013-05-07 22:30:05 43520 ------w- c:\windows\system32\licmgr10.dll
2013-05-07 22:30:05 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-05-07 21:53:29 385024 ------w- c:\windows\system32\html.iec
2013-05-05 21:13:55 33624 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-05-03 01:26:26 2193536 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-03 00:38:18 2070144 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-10 01:31:19 1876352 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 17:47:43.28 ===============
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-07-06 17:52:00
-----------------------------
17:52:00.375 OS Version: Windows 5.1.2600 Service Pack 3
17:52:00.375 Number of processors: 1 586 0x4C02
17:52:00.375 ComputerName: MARIEMOM UserName:
17:52:00.671 Initialize success
18:15:56.796 AVAST engine defs: 13070601
18:16:32.625 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
18:16:32.625 Disk 0 Vendor: WDC_WD600BEVS-75LAT0 02.06M02 Size: 57231MB BusType: 3
18:16:32.843 Disk 0 MBR read successfully
18:16:32.843 Disk 0 MBR scan
18:16:32.921 Disk 0 Windows XP default MBR code
18:16:32.921 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 70 MB offset 63
18:16:32.937 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 53615 MB offset 144585
18:16:32.984 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 3537 MB offset 109948860
18:16:32.984 Disk 0 scanning sectors +117194175
18:16:33.031 Disk 0 scanning C:\WINDOWS\system32\drivers
18:16:48.406 Service scanning
18:17:09.484 Modules scanning
18:17:16.125 Module: C:\WINDOWS\System32\DLA\DLADResN.SYS **SUSPICIOUS**
18:17:17.453 Disk 0 trace - called modules:
18:17:17.468 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
18:17:17.468 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x84b54ab8]
18:17:17.468 3 CLASSPNP.SYS[f7544fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x84b69b00]
18:17:18.078 AVAST engine scan C:\WINDOWS
18:17:23.984 AVAST engine scan C:\WINDOWS\system32
18:22:32.890 AVAST engine scan C:\WINDOWS\system32\drivers
18:22:53.578 AVAST engine scan C:\Documents and Settings\Butch Tuthill
18:23:49.906 AVAST engine scan C:\Documents and Settings\All Users
18:24:44.234 Scan finished successfully
18:25:12.062 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Butch Tuthill\Desktop\Do Not Delete\MBR.dat"
18:25:12.062 The log file has been saved successfully to "C:\Documents and Settings\Butch Tuthill\Desktop\Do Not Delete\aswMBR.txt"