Results 1 to 10 of 15

Thread: Sluggish Computer, Unstable when opening PDFs, is this a virus?

Threaded View

Previous Post Previous Post   Next Post Next Post
  1. 2010-05-21, 16:25 #1
    CaffeinatedPonderer
    CaffeinatedPonderer is offline
    Member
    Join Date
    Nov 2009
    Posts
    48

    Default Sluggish Computer, Unstable when opening PDFs, is this a virus?

    When I open Adobe PDFs online, my tablet often freezes and displays a blue windows classic-esque screen in the background that replaces my desktop.

    I've also noticed outlook running more sluggishly than usual.

    No pop-ups, but these may be blocked by my firewall/AV.

    Is this a virus?

    Tx,
    CP




    DDS (Ver_10-03-17.01) - NTFSx86
    Run by Administrator at 10:20:10.73 on Fri 05/21/2010
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_19
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3318.2325 [GMT -4:00]

    AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
    FW: Online Armor Firewall *enabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A}

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\Program Files\Tall Emu\Online Armor\OAcat.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
    C:\Program Files\Tall Emu\Online Armor\oasrv.exe
    C:\WINDOWS\SYSTEM32\WISPTIS.EXE
    C:\WINDOWS\System32\tabbtnu.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\System32\digtizer.exe
    E:\Java\bin\jqs.exe
    C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
    C:\WINDOWS\system32\lkads.exe
    C:\WINDOWS\system32\lktsrv.exe
    E:\Program Files\National Instruments\MAX\nimxs.exe
    E:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
    C:\WINDOWS\system32\nisvcloc.exe
    E:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe
    C:\WINDOWS\system32\o2flash.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
    C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
    C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
    C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
    C:\Program Files\Fujitsu\fjdvrupd\fjdvrupd.exe
    C:\Program Files\Tall Emu\Online Armor\oaui.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files\Fujitsu\Utils\FjDspMon.exe
    C:\Program Files\Fujitsu\Utils\fjevents.exe
    C:\Program Files\Fujitsu\Utils\FjMenu.exe
    C:\WINDOWS\system32\igfxext.exe
    C:\Program Files\Tall Emu\Online Armor\OAhlp.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    E:\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
    E:\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    E:\Microsoft Office 2007\Office12\ONENOTEM.EXE
    C:\Program Files\iPod\bin\iPodService.exe
    E:\Mozilla Firefox\firefox.exe
    E:\MICROS~1\Office12\OUTLOOK.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    E:\Java\bin\java.exe
    C:\Program Files\Common Files\Java\Java Update\jucheck.exe
    C:\Documents and Settings\Administrator\My Documents\Downloads\dds(2).scr
    C:\WINDOWS\system32\SearchProtocolHost.exe

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.google.ca/
    uSearch Page = hxxp://www.google.com
    uSearch Bar = hxxp://www.google.com/ie
    uInternet Connection Wizard,ShellNext = hxxp://us.fujitsu.com/computers
    uInternet Settings,ProxyOverride = *.local
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
    mSearchAssistant = hxxp://www.google.com/ie
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - e:\adobe\/Adobe Contribute CS4/contributeieplugin.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - e:\java\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - e:\java\lib\deploy\jqs\ie\jqs_plugin.dll
    BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
    TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
    TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - e:\adobe\/Adobe Contribute CS4/contributeieplugin.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [TabletWizard] c:\windows\help\SplshWrp.exe
    mRun: [TabletTip] "c:\program files\common files\microsoft shared\ink\tabtip.exe" /resume
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [RTHDCPL] RTHDCPL.EXE
    mRun: [Alcmtr] ALCMTR.EXE
    mRun: [AGRSMMSG] AGRSMMSG.exe
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [IndicatorUtility] c:\program files\fujitsu\fujitsu hotkey utility\IndicatorUty.exe
    mRun: [LoadFUJ02E3] c:\program files\fujitsu\fuj02e3\FUJ02E3.exe
    mRun: [LoadBtnHnd] c:\program files\fujitsu\btnhnd\BtnHnd.exe
    mRun: [SSUtility] c:\program files\fujitsu\ssutility\FJSSDMN.exe
    mRun: [<NO NAME>]
    mRun: [FjStrtAp] c:\program files\fujitsu\utils\FjStrtAp.exe
    mRun: [FJUPDNV_Chitose] c:\program files\fujitsu\fjdvrupd\fjdvrupd.exe
    mRun: [@OnlineArmor GUI] "c:\program files\tall emu\online armor\oaui.exe"
    mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
    mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [Adobe Acrobat Speed Launcher] "e:\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"
    mRun: [Acrobat Assistant 8.0] "e:\adobe\acrobat 9.0\acrobat\Acrotray.exe"
    mRun: [Adobe_ID0ENQBO] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [iTunesHelper] "e:\itunes\iTunesHelper.exe"
    StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\erunta~1.lnk - e:\erunt\AUTOBACK.EXE
    StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\onenot~1.lnk - e:\microsoft office 2007\office12\ONENOTEM.EXE
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
    IE: E&xport to Microsoft Excel - e:\micros~1\office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - e:\micros~1\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - e:\micros~1\office12\REFIEBAR.DLL
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    Notify: igfxcui - igfxdev.dll
    Notify: loginkey - c:\program files\common files\microsoft shared\ink\loginkey.dll
    Notify: TabBtnWL - TabBtnWL.dll
    Notify: tpgwlnotify - tpgwlnot.dll
    SEH: OA Shell Helper: {4f07da45-8170-4859-9b5f-037ef2970034} - c:\progra~1\tallem~1\online~1\oaevent.dll
    SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\26uz42yo.default\
    FF - plugin: e:\itunes\mozilla plugins\npitunes.dll
    FF - plugin: e:\java\bin\new_plugin\npdeploytk.dll
    FF - plugin: e:\java\bin\new_plugin\npjp2.dll
    FF - plugin: e:\mozilla firefox\plugins\NPLV82Win32.dll
    FF - plugin: e:\mozilla firefox\plugins\nplv90win32.dll
    FF - plugin: e:\picasa3\npPicasa3.dll
    FF - HiddenExtension: Java Console: No Registry Reference - e:\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

    ---- FIREFOX POLICIES ----
    e:\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
    e:\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
    e:\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
    e:\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
    e:\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
    e:\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
    e:\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
    e:\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
    e:\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
    e:\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
    e:\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
    e:\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
    e:\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
    e:\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
    e:\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
    e:\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
    e:\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
    e:\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
    e:\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
    e:\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
    e:\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
    e:\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
    e:\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
    e:\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
    e:\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
    e:\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
    e:\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
    e:\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
    e:\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
    e:\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
    e:\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
    e:\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
    e:\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
    e:\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
    e:\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
    e:\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
    e:\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

    ============= SERVICES / DRIVERS ===============

    R0 FBIOSDRV;FBIOSDRV;c:\windows\system32\drivers\FBIOSDRV.SYS [2007-4-19 8960]
    R0 FJGPNV;FJGPNV;c:\windows\system32\drivers\FJGPNV.SYS [2007-4-19 10496]
    R0 FJGSDisk;G-Sensor Application Filter Driver;c:\windows\system32\drivers\FJGSDisk.sys [2007-4-19 7168]
    R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2006-10-3 36640]
    R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2006-10-12 33152]
    R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-4-8 11608]
    R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2010-4-8 226680]
    R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2010-4-8 24440]
    R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [2010-4-8 29560]
    R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-4-8 135336]
    R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-4-8 267432]
    R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-4-8 60936]
    R2 OAcat;Online Armor Helper Service;c:\program files\tall emu\online armor\oacat.exe [2010-4-8 1284600]
    R2 SvcOnlineArmor;Online Armor;c:\program files\tall emu\online armor\oasrv.exe [2010-4-8 3360760]
    R3 Fjbtndrv;Fujitsu Button Driver;c:\windows\system32\drivers\FjBtnDrv.sys [2007-4-19 17920]
    R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\drivers\fuj02e3.sys [2007-4-19 4864]
    R3 hidpen;Wacom Serial Pen HID MiniDriver;c:\windows\system32\drivers\hidpen.sys [2007-4-19 30976]
    R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2007-4-19 36608]
    R3 OZSCR;O2Micro SmartCardBus Smartcard Reader;c:\windows\system32\drivers\ozscr.sys [2006-3-8 92550]
    S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\common files\adobe\adobe version cue cs4\server\bin\VersionCueCS4.exe [2008-8-15 284016]
    S3 ADVNTDRV;ADVNTDRV;c:\windows\system32\drivers\ADVNTDRV.SYS [1999-11-18 3872]
    S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2010-4-18 17408]
    S3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\drivers\wacompen.sys [2007-4-18 14208]

    =============== Created Last 30 ================

    2010-05-14 02:09:22 0 d-sh--w- c:\documents and settings\administrator\IECompatCache
    2010-05-08 01:21:48 0 d-----w- c:\documents and settings\administrator\dwhelper
    2010-05-08 00:28:24 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy

    ==================== Find3M ====================

    2010-04-18 17:15:31 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_netaapl_01005.Wdf
    2010-04-18 17:15:29 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
    2010-04-11 22:33:27 411368 ----a-w- c:\windows\system32\deploytk.dll
    2010-04-09 08:41:09 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
    2010-04-08 19:26:27 0 ----a-w- c:\windows\system32\drivers\FUJITSU_A1A6J1E313B60011_WXPTPC.MKR
    2010-03-22 18:38:00 3600384 ----a-w- c:\windows\system32\GPhotos.scr
    2010-03-16 23:53:48 1419232 ----a-w- c:\windows\system32\wdfcoinstaller01005.dll
    2010-02-25 06:24:37 916480 ----a-w- c:\windows\system32\wininet.dll

    ============= FINISH: 10:22:00.62 ===============

    http://forums.spybot.info/showthread.php?t=57249 archived.
    Last edited by tashi; 2010-05-22 at 03:06. Reason: Added link
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules