Our 12 year old has been clicking on random links via his friends on facebook and has downloaded all these facebook games.
It's come to the point where the laptop is now becoming unresponsive.
Sometimes the internet browser or applications just disappear from the screen when my wife and I are on the laptop.
Windows updates won't install MS Office updates and return errors.
I have Avast & Zonealarm installed and nothing untoward has appeared on the virus check logs. However the system takes ages to start up and also shut down. Come to the point where 4gb of data is being removed every night from windows clean up and I am having to defrag the harddrive every night.
Come to point where I have reset the router and renewed the IP address and even contacted our telco provider to check the line, even had a new filter installed on the line.
Anyhelp or advice would be grateful.
Lee
DDS (Ver_2012-11-07.01) - NTFS_x86
Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.7.2
Run by Lee James at 21:34:32 on 2012-11-17
#Option Extended Search is enabled.
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.1013.52 [GMT 0:00]
.
AV: ZoneAlarm Antivirus *Enabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ZoneAlarm Anti-Spyware *Enabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
FW: ZoneAlarm Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Toshiba TEMPRO\TemproTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Opera\opera.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uWindow Title = Internet Explorer, optimized for Bing and MSN
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [topi] c:\program files\toshiba\toshiba online product information\topi.exe -startup
mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe" /start
mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE
mRun: [SmoothView] c:\program files\toshiba\smoothview\SmoothView.exe
mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe
mRun: [Toshiba Registration] c:\program files\toshiba\registration\ToshibaRegistration.exe
mRun: [ZoneAlarm] c:\program files\checkpoint\zonealarm\zatray.exe
mRun: [Toshiba TEMPRO] c:\program files\toshiba tempro\TemproTray.exe
mRun: [ISW] c:\program files\checkpoint\zaforcefield\ForceField.exe /icon="hidden"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
StartupFolder: c:\users\leejam~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{191A215B-673E-4A78-85ED-C3690F8F514C} : DHCPNameServer = 192.168.0.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [2012-5-15 11352]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 58680]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2011-11-3 27016]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-2-26 7168]
.
=============== File Associations ===============
.
FileExt: .js: Applications\notepad.exe=c:\windows\system32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 60 ================
.
2012-11-14 23:50:58 678912 ----a-w- c:\program files\internet explorer\iedvtool.dll
2012-11-14 23:50:55 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 23:50:10 6918632 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{b9586fd6-0b73-485b-bf35-d18e47e06a89}\mpengine.dll
2012-11-14 23:38:04 75776 ----a-w- c:\windows\system32\synceng.dll
2012-11-14 23:35:13 2047488 ----a-w- c:\windows\system32\win32k.sys
2012-11-13 21:17:28 -------- d-----w- c:\users\lee james\appdata\roaming\OpenOffice.org
2012-11-13 21:06:30 -------- d-----w- c:\program files\OpenOffice.org 3
2012-11-06 20:16:46 -------- d-----w- c:\users\lee james\appdata\local\RawTherapee3.0.1
2012-11-06 20:14:48 -------- d-----w- c:\program files\RawTherapee3.0.1
2012-11-04 21:51:00 -------- d-----w- c:\users\lee james\appdata\roaming\Thinstall
2012-11-04 21:50:58 -------- d-----w- c:\users\lee james\appdata\local\Thinstall
2012-11-04 21:49:26 -------- d-----w- C:\Lightroom22
2012-11-02 20:11:10 -------- d-----w- c:\users\lee james\appdata\local\Windows Live
2012-11-02 20:11:10 -------- d-----w- c:\program files\common files\Windows Live
2012-11-02 20:09:57 754688 ----a-w- c:\windows\system32\webservices.dll
2012-10-30 22:33:39 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:33:35 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:31:02 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:29:53 -------- d-----w- c:\programdata\AVAST Software
2012-10-30 22:29:53 -------- d-----w- c:\program files\AVAST Software
2012-10-28 21:09:08 -------- d-----w- C:\Test
2012-10-13 20:31:30 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-10-13 20:31:30 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-10-11 21:40:59 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-11 21:40:35 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-10-11 21:40:23 985088 ----a-w- c:\windows\system32\crypt32.dll
2012-10-11 21:40:23 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-11 21:40:22 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-11 21:33:16 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-10-11 21:33:15 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-09-30 21:15:57 -------- d-----w- c:\users\lee james\appdata\roaming\GlarySoft
2012-09-30 21:08:06 -------- d-----w- c:\program files\Glarysoft
2012-09-30 20:58:57 -------- d-----w- c:\program files\Glary Utilities
2012-09-27 22:25:38 -------- d-----w- c:\program files\ESET
2012-09-26 21:48:41 -------- d-----w- c:\users\lee james\appdata\local\Apps
2012-09-21 21:13:39 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
==================== Find6M ====================
.
2012-11-10 22:50:25 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-10 22:50:23 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-08 07:56:24 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-10-08 07:44:05 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-10-08 07:43:21 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-10-08 07:40:56 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-09-29 18:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-21 21:13:08 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-09-21 21:13:08 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-25 08:58:47 74703 ----a-w- c:\windows\system32\mfc45.dll
2012-06-25 15:04:24 1394248 ----a-w- c:\windows\system32\msxml4.dll
2012-06-05 16:47:28 1401856 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 16:47:27 1248768 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 15:26:04 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 22:12:32 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12:13 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 14:19:42 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 14:12:20 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 00:04:25 278528 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 00:03:42 204288 ----a-w- c:\windows\system32\ncrypt.dll
2012-05-31 12:25:14 237072 ------w- c:\windows\system32\MpSigStub.exe
.
============= FINISH: 21:43:09.49 ===============
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-18 22:58:08
-----------------------------
22:58:08.473 OS Version: Windows 6.0.6002 Service Pack 2
22:58:08.473 Number of processors: 2 586 0xF0D
22:58:08.476 ComputerName: --SPARE-- UserName: Lee James
22:58:15.763 Initialize success
23:01:03.469 AVAST engine defs: 12101802
23:02:29.504 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
23:02:29.510 Disk 0 Vendor: TOSHIBA_ LV01 Size: 152627MB BusType: 3
23:02:29.573 Disk 0 MBR read successfully
23:02:29.579 Disk 0 MBR scan
23:02:29.847 Disk 0 Windows VISTA default MBR code
23:02:29.885 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
23:02:29.940 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 76000 MB offset 3074048
23:02:30.131 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 75125 MB offset 158722048
23:02:30.260 Disk 0 scanning sectors +312578048
23:02:30.504 Disk 0 scanning C:\Windows\system32\drivers
23:03:33.395 Service scanning
23:07:15.142 Modules scanning
23:09:04.123 Disk 0 trace - called modules:
23:09:04.451 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
23:09:04.451 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x864e0ac8]
23:09:04.467 3 CLASSPNP.SYS[86f1a8b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x852d1028]
23:09:19.162 AVAST engine scan C:\
02:45:52.558 Scan finished successfully
04:49:43.961 Disk 0 MBR has been saved successfully to "C:\Users\Lee James\Desktop\MBR.dat"
04:49:44.211 The log file has been saved successfully to "C:\Users\Lee James\Desktop\aswMBR.txt"
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-17 22:17:40
-----------------------------
22:17:40.489 OS Version: Windows 6.0.6002 Service Pack 2
22:17:40.489 Number of processors: 2 586 0xF0D
22:17:40.505 ComputerName: --SPARE-- UserName: Lee James
22:19:05.447 Initialize success
22:19:17.662 AVAST engine defs: 12111700
22:19:20.969 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
22:19:20.969 Disk 0 Vendor: TOSHIBA_ LV01 Size: 152627MB BusType: 3
22:19:21.047 Disk 0 MBR read successfully
22:19:21.047 Disk 0 MBR scan
22:19:21.062 Disk 0 Windows VISTA default MBR code
22:19:21.109 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
22:19:21.156 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 76000 MB offset 3074048
22:19:21.281 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 75125 MB offset 158722048
22:19:21.312 Disk 0 scanning sectors +312578048
22:19:22.264 Disk 0 scanning C:\Windows\system32\drivers
22:20:13.229 Service scanning
22:21:01.932 Modules scanning
22:21:40.714 Disk 0 trace - called modules:
22:21:40.807 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
22:21:40.854 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8692eac8]
22:21:40.870 3 CLASSPNP.SYS[873138b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x856e6028]
22:21:43.288 AVAST engine scan C:\Windows
22:21:59.311 AVAST engine scan C:\Windows\system32
22:28:34.506 AVAST engine scan C:\Windows\system32\drivers
22:29:18.626 AVAST engine scan C:\Users\Lee James
22:44:08.648 AVAST engine scan C:\ProgramData
22:52:51.425 Scan finished successfully
22:54:11.524 Disk 0 MBR has been saved successfully to "C:\Users\Lee James\Desktop\MBR.dat"
22:54:11.587 The log file has been saved successfully to "C:\Users\Lee James\Desktop\aswMBR.txt"