Results 1 to 6 of 6

Thread: Super Slow browsing

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Junior Member
    Join Date
    Aug 2013
    Posts
    3

    Default Super Slow browsing

    I think I am infected because my usually super fast internet (University of Illinois Research Hall) was so slow it basically didn't work. Many pages simply failed to load. Despite slow page loading, speedtest is up in the 80 Mbps range.

    I have had following programs
    Avast
    Commodo
    SpywareBlaster
    Malwarbytes

    Added

    Combofix
    MSE

    to try and clean the problem




    I ran a bootime Avast scan and got three entries.

    Threat:Win32:Adware-gen [Adw]----------deleted
    PUP:Win32:Toolbar-N [PUP]-------------deleted
    PUP: Win32:Toolbar-N{PUP]------------Error:Error
    ------------

    Ran Malwarebytes and found nothing

    I then stupidly ran combofix and I think it did find some things and deleted them

    ----------------------------

    Ran MSE and found nothing

    ----------------------------------



    ---------------------

    DDS log


    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16502 BrowserJavaVersion: 10.13.2
    Run by KAS at 11:46:29 on 2013-08-22
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6088.3651 [GMT -5:00]
    .
    AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
    SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: COMODO Defense+ *Enabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
    FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
    .
    ============== Running Processes ================
    .
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Users\KAS\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
    C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\CyberLink\Shared Files\brs.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
    C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
    C:\windows\SysWOW64\RunDll32.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
    C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://lenovo.msn.com
    mStart Page = hxxp://lenovo.msn.com
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    uPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: PromptOnSecureDesktop = dword:0
    IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    IE: Send image to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Send page to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    TCP: NameServer = 130.126.2.131
    TCP: Interfaces\{00E35BEC-233D-46C2-8B06-4A135AE72A68} : NameServer = 8.26.56.26,156.154.70.22
    TCP: Interfaces\{00E35BEC-233D-46C2-8B06-4A135AE72A68} : DHCPNameServer = 130.126.2.131
    TCP: Interfaces\{0D3FABA4-F402-4271-85CE-20D4ED48F960} : NameServer = 8.26.56.26,156.154.70.22
    TCP: Interfaces\{0D3FABA4-F402-4271-85CE-20D4ED48F960} : DHCPNameServer = 64.185.96.68 64.185.96.4
    TCP: Interfaces\{4F07A7AD-271F-4D3D-99C3-AE5AB5E5809A}\D416272796F64747F534F4E464 : DHCPNameServer = 4.2.2.1
    TCP: Interfaces\{9149E5CB-1FA9-4137-880D-DD74F7CB3523} : DHCPNameServer = 77.234.40.79
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    AppInit_DLLs= C:\Windows\SysWOW64\guard32.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-mStart Page = hxxp://lenovo.msn.com
    x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
    x64-Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
    x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
    x64-DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
    x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_45-windows-i586.cab
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\KAS\AppData\Roaming\Mozilla\Firefox\Profiles\wrw0g1wk.default\
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
    FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
    FF - plugin: C:\windows\SysWOW64\npmproxy.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswRvrt;aswRvrt;C:\windows\System32\drivers\aswRvrt.sys [2013-6-2 65336]
    R0 aswVmm;aswVmm;C:\windows\System32\drivers\aswVmm.sys [2013-6-2 189936]
    R0 fbfmon;fbfmon;C:\windows\System32\drivers\fbfmon.sys [2011-8-25 57952]
    R0 LHDmgr;LHDmgr;C:\windows\System32\drivers\LhdX64.sys [2011-8-25 39008]
    R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2011-11-2 1030952]
    R1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2011-11-2 378944]
    R1 BPntDrv;BPntDrv;C:\windows\System32\drivers\BPntDrv.sys [2011-8-25 13408]
    R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\windows\System32\drivers\cmdGuard.sys [2011-10-7 574216]
    R1 cmdHlp;COMODO Internet Security Helper Driver;C:\windows\System32\drivers\cmdhlp.sys [2011-10-7 43248]
    R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2011-8-25 203776]
    R2 aswFsBlk;aswFsBlk;C:\windows\System32\drivers\aswFsBlk.sys [2011-11-2 33400]
    R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2011-11-2 80816]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-6-2 46808]
    R2 CLPSLS;COMODO livePCsupport Service;C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-11-23 1267000]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-8-25 13336]
    R2 PSI_SVC_2_x64;Protexis Licensing V2 x64;C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-8-25 2656280]
    R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\System32\drivers\AcpiVpc.sys [2010-10-25 29792]
    R3 BTWAMPFL;BTWAMPFL;C:\windows\System32\drivers\btwampfl.sys [2011-8-25 349224]
    R3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\drivers\btwl2cap.sys [2011-8-25 39464]
    R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2011-1-28 31088]
    R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-8-25 317440]
    R3 intelkmd;intelkmd;C:\windows\System32\drivers\igdpmd64.sys [2011-8-25 12262336]
    R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2011-8-25 76912]
    R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]
    R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248]
    S2 CLKMSVC10_3A60B698;CyberLink Product - 2011/08/26 03:17:30;C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\kmsvc.exe [2011-2-24 241648]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-3 162408]
    S3 athur;Wireless Network Adapter Service;C:\windows\System32\drivers\athurx.sys [2012-6-8 1847296]
    S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\rtsuvstor.sys [2011-8-25 299520]
    S3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]
    S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-9-25 1255736]
    S3 wsvd;wsvd;C:\windows\System32\drivers\wsvd.sys [2009-7-21 121840]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2013-08-21 21:45:22 -------- d-----w- C:\f1449519b8848781fa11
    2013-08-21 21:40:16 661184 ----a-w- C:\autoruns.exe
    2013-08-21 21:40:16 579264 ----a-w- C:\autorunsc.exe
    2013-08-21 21:36:37 -------- d-----w- C:\AdwCleaner
    2013-08-21 21:13:24 -------- d-sh--w- C:\$RECYCLE.BIN
    2013-08-21 20:49:57 98816 ----a-w- C:\windows\sed.exe
    2013-08-21 20:49:57 256000 ----a-w- C:\windows\PEV.exe
    2013-08-21 20:49:57 208896 ----a-w- C:\windows\MBR.exe
    2013-08-19 20:30:03 9460976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6A74D857-FA61-417D-84AF-C7CEE36DB0D9}\mpengine.dll
    2013-08-15 15:55:21 -------- d-----w- C:\windows\System32\MRT
    2013-08-15 15:50:58 387584 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdbgui.dll
    2013-08-15 15:50:58 104448 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll
    2013-08-15 15:50:57 499200 ----a-w- C:\Program Files\Internet Explorer\jsdbgui.dll
    2013-08-15 15:50:56 887808 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll
    2013-08-15 15:50:56 678912 ----a-w- C:\Program Files (x86)\Internet Explorer\iedvtool.dll
    2013-08-14 20:03:29 1472512 ----a-w- C:\windows\System32\crypt32.dll
    2013-08-14 20:03:28 224256 ----a-w- C:\windows\System32\wintrust.dll
    2013-08-14 20:03:28 184320 ----a-w- C:\windows\System32\cryptsvc.dll
    2013-08-14 20:03:28 175104 ----a-w- C:\windows\SysWow64\wintrust.dll
    2013-08-14 20:03:28 140288 ----a-w- C:\windows\SysWow64\cryptsvc.dll
    2013-08-14 20:03:28 1166848 ----a-w- C:\windows\SysWow64\crypt32.dll
    2013-08-14 20:03:27 139776 ----a-w- C:\windows\System32\cryptnet.dll
    2013-08-14 20:03:27 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll
    2013-08-14 20:03:06 2048 ----a-w- C:\windows\SysWow64\tzres.dll
    2013-08-14 20:03:06 2048 ----a-w- C:\windows\System32\tzres.dll
    2013-08-14 20:01:58 1910208 ----a-w- C:\windows\System32\drivers\tcpip.sys
    2013-08-12 01:25:14 230400 ----a-w- C:\windows\System32\Spool\prtprocs\x64\hpzppw71.dll
    2013-07-31 19:04:25 -------- d-----w- C:\Program Files\Common Files\Corel
    2013-07-31 19:03:54 -------- d-----w- C:\Program Files\Common Files\Protexis
    2013-07-31 19:03:49 -------- d-----w- C:\ProgramData\Corel
    2013-07-31 18:56:27 -------- d-----w- C:\Program Files\Corel
    .
    ==================== Find3M ====================
    .
    2013-08-21 22:01:53 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-08-21 22:01:53 692104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
    2013-07-25 09:25:54 1888768 ----a-w- C:\windows\System32\WMVDECOD.DLL
    2013-07-25 08:57:27 1620992 ----a-w- C:\windows\SysWow64\WMVDECOD.DLL
    2013-07-25 03:37:25 2312704 ----a-w- C:\windows\System32\jscript9.dll
    2013-07-25 03:30:49 1392128 ----a-w- C:\windows\System32\wininet.dll
    2013-07-25 03:29:41 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
    2013-07-25 03:28:46 173056 ----a-w- C:\windows\System32\ieUnatt.exe
    2013-07-25 03:28:31 599040 ----a-w- C:\windows\System32\vbscript.dll
    2013-07-25 03:27:20 2382848 ----a-w- C:\windows\System32\mshtml.tlb
    2013-07-25 02:32:35 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll
    2013-07-25 02:26:10 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
    2013-07-25 02:25:30 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
    2013-07-25 02:23:59 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
    2013-07-25 02:23:58 420864 ----a-w- C:\windows\SysWow64\vbscript.dll
    2013-07-25 02:22:35 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
    2013-07-09 06:03:30 5550528 ----a-w- C:\windows\System32\ntoskrnl.exe
    2013-07-09 05:54:22 1732032 ----a-w- C:\windows\System32\ntdll.dll
    2013-07-09 05:53:12 243712 ----a-w- C:\windows\System32\wow64.dll
    2013-07-09 05:51:16 1217024 ----a-w- C:\windows\System32\rpcrt4.dll
    2013-07-09 05:03:34 3968960 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
    2013-07-09 05:03:34 3913664 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
    2013-07-09 04:53:47 1292192 ----a-w- C:\windows\SysWow64\ntdll.dll
    2013-07-09 04:52:33 663552 ----a-w- C:\windows\SysWow64\rpcrt4.dll
    2013-07-09 04:52:33 5120 ----a-w- C:\windows\SysWow64\wow32.dll
    2013-07-09 04:45:07 44032 ----a-w- C:\windows\apppatch\acwow64.dll
    2013-07-09 02:49:42 25600 ----a-w- C:\windows\SysWow64\setup16.exe
    2013-07-09 02:49:41 7680 ----a-w- C:\windows\SysWow64\instnm.exe
    2013-07-09 02:49:39 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
    2013-07-09 02:49:38 2048 ----a-w- C:\windows\SysWow64\user.exe
    2013-06-29 02:13:55 189936 ----a-w- C:\windows\System32\drivers\aswVmm.sys
    2013-06-29 02:13:54 1030952 ----a-w- C:\windows\System32\drivers\aswSnx.sys
    2013-06-15 04:32:16 39936 ----a-w- C:\windows\System32\drivers\tssecsrv.sys
    2013-06-10 00:13:01 545200 ----a-w- C:\windows\System32\npdeployJava1.dll
    2013-06-10 00:13:01 526768 ----a-w- C:\windows\System32\deployJava1.dll
    2013-06-05 03:34:27 3153920 ----a-w- C:\windows\System32\win32k.sys
    2013-06-04 06:00:13 624128 ----a-w- C:\windows\System32\qedit.dll
    2013-06-04 04:53:07 509440 ----a-w- C:\windows\SysWow64\qedit.dll
    .
    ============= FINISH: 11:51:58.41 ===============



    --------------


    aswMBR Log

    aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
    Run date: 2013-08-22 12:41:19
    -----------------------------
    12:41:19.635 OS Version: Windows x64 6.1.7601 Service Pack 1
    12:41:19.636 Number of processors: 4 586 0x2A07
    12:41:19.642 ComputerName: KAS-PC UserName: KAS
    12:41:23.005 Initialize success
    12:41:23.559 AVAST engine defs: 13082200
    12:43:07.441 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
    12:43:07.451 Disk 0 Vendor: WDC_WD75 02.0 Size: 715404MB BusType: 3
    12:43:07.571 Disk 0 MBR read successfully
    12:43:07.581 Disk 0 MBR scan
    12:43:07.591 Disk 0 Windows 7 default MBR code
    12:43:07.601 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
    12:43:07.621 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 670402 MB offset 411648
    12:43:07.631 Disk 0 Partition - 00 0F Extended LBA 29693 MB offset 1373394944
    12:43:07.661 Disk 0 Partition 3 00 12 Compaq diag NTFS 15108 MB offset 1434206208
    12:43:07.701 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 29692 MB offset 1373396992
    12:43:07.781 Disk 0 scanning C:\windows\system32\drivers
    12:43:20.541 Service scanning
    12:43:54.536 Modules scanning
    12:43:54.896 Disk 0 trace - called modules:
    12:43:54.926 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
    12:43:54.936 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007e53060]
    12:43:54.956 3 CLASSPNP.SYS[fffff88001b4543f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005f58050]
    12:43:56.888 AVAST engine scan C:\windows
    12:44:01.686 AVAST engine scan C:\windows\system32
    12:47:35.927 AVAST engine scan C:\windows\system32\drivers
    12:47:53.431 AVAST engine scan C:\Users\KAS
    12:48:58.592 Disk 0 MBR has been saved successfully to "C:\Users\KAS\Desktop\MBR.dat"
    12:48:58.608 The log file has been saved successfully to "C:\Users\KAS\Desktop\aswMBR.txt"





    Many Thanks

  2. #2
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,067

    Default

    hi gjax21,

    Sorry for the delay. If you still need help simply reply back.
    How Can I Reduce My Risk?

  3. #3
    Junior Member
    Join Date
    Aug 2013
    Posts
    3

    Default reply

    Hi. I can access the internet now but I think it is still infected, it tends to slow down a lot sometimes. My text often does not appear as soon as I type it. There are random slow hangs. The computer and internet are pretty quick, so this should not be happening. Do you guys think I am still infected?

    Thanks!

  4. #4
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,067

    Default

    hi,

    Dont recognize any malware in the logs and you have run several tools.
    One thing: Does COMODO Defense+ have a antivirus component bundled in it? Only need one AV per machine. You have Avast and Comodo defense would make two AV if it does have one.

    A lot of "all in one" suites can have multiply components: AV, antimalware, "Web shields", antiphising, etc etc. Install two of these and you could have overlapping features that accomplish the same thing. This could chew up your CPU cycles/resources.
    How Can I Reduce My Risk?

  5. #5
    Junior Member
    Join Date
    Aug 2013
    Posts
    3

    Default extra programs

    Thanks!

    My commodo looks like it is just a firewall but I am wondering if it is actually what is slowing it down. I might try disabling it and using another firewall. Do you think I would significantly compromise my system if I operated with just the windows firewall?

    The only other program I know that might be causing a problem is spyware blaster. Do you think this is possible? Is there any point to keeping it around with everything else I have?



    Quote Originally Posted by shelf life View Post
    hi,

    Dont recognize any malware in the logs and you have run several tools.
    One thing: Does COMODO Defense+ have a antivirus component bundled in it? Only need one AV per machine. You have Avast and Comodo defense would make two AV if it does have one.

    A lot of "all in one" suites can have multiply components: AV, antimalware, "Web shields", antiphising, etc etc. Install two of these and you could have overlapping features that accomplish the same thing. This could chew up your CPU cycles/resources.

  6. #6
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,067

    Default

    I went to the Comodo site and I really couldnt tell if its just a firewall or has other functions. Does its GUI have other functions besides what a FW would have?
    In any case Windows native FW is good enough. Most likely you are also behind a local area network which makes it even better. Look in add/remove programs panel and uninstall anything Comodo, reboot machine and see if things improve.
    How Can I Reduce My Risk?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •