Laptop running really slow....please help

To talk on Icrontic, just register!

It only takes 30 seconds.

Have an account? Sign in:

To reopen your thread, send a Private Message (PM) to Trogan with a link to your thread.

If you are not the user who started this thread, you must start your own thread instead.

Reply to Discussion

Options

jph77

Icrontic Regular

25 Posts

29 Jun 2009, 8:41pm

Laptop running really slow....please help

Hi all, I got the little lad a laptop for christmas, which has probably only been used a dozen times yet it is now painfully slow, takes an age to start up, to the point where using it is a wind up!

I've run Adaware, Spybot & AVG and there doesn't seem to be any bad content, so I'm a bit puzzled, any help would be appreciated

chiaz

Spyware Mod

1,219 Posts

30 Jun 2009, 9:39am

Hello.

Please download Malwarebytes' Anti-Malware by clicking the link below:
http://www.besttechie.net/tools/mbam-setup.exe

Double Click mbam-setup.exe to install the application.

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select "Perform Quick Scan", then click Scan.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* You'll be required to post the contents of this log later.

Please Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

==============================================

Next let's have you download ComboFix.exe. Please visit this webpage for downloading and instructions for running the tool:

Go here ======> A guide and tutorial on using ComboFix <====== Go here

Please ensure you read this guide carefully and install the Recovery Console first.This applies to XP Pro and XP Home users only.If you have SP3 installed you will need to use SP2

The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

Once installed, you should get a prompt that says:

The Recovery Console was successfully installed.

Please continue as follows:

(1) Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
(2) Click Yes to allow ComboFix to continue scanning for malware.

When the tool is finished, it will produce a report for you.

Please include the following reports for further review (copy and paste them, not attach), so that we may continue cleansing the system:

MBAM log
C:\ComboFix.txt

Caution: Never run and remove files with Combofix unless supervised by a qualified security analyst who is experienced in the use of Combofix. Misuse can cause serious computer problems.

jph77

Icrontic Regular

25 Posts

30 Jun 2009, 8:25pm

hi here's the results....

Malwarebytes' Anti-Malware 1.38
Database version: 2356
Windows 6.0.6001 Service Pack 1
30/06/2009 19:38:41
mbam-log-2009-06-30 (19-38-41).txt
Scan type: Quick Scan
Objects scanned: 82908
Time elapsed: 10 minute(s), 27 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)

ComboFix 09-06-29.07 - JPH 30/06/2009 19:52.1 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.44.1033.18.444.68 [GMT 1:00]
Running from: c:\users\JPH\Desktop\ComboFix.exe
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((( Files Created from 2009-05-28 to 2009-06-30 )))))))))))))))))))))))))))))))
.
2009-06-30 19:00 . 2009-06-30 19:00 -------- d-----w- c:\users\Jack\AppData\Local\temp
2009-06-30 18:25 . 2009-06-30 18:25 -------- d-----w- c:\users\JPH\AppData\Roaming\Malwarebytes
2009-06-30 18:24 . 2009-06-17 10:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-30 18:24 . 2009-06-30 18:24 -------- d-----w- c:\programdata\Malwarebytes
2009-06-30 18:24 . 2009-06-17 10:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-30 18:24 . 2009-06-30 18:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-27 12:58 . 2009-06-27 12:58 -------- d-----w- c:\program files\CCleaner
2009-06-27 12:23 . 2004-08-04 06:00 506368 ----a-w- c:\windows\system32\msxml.dll
2009-06-26 19:37 . 2009-06-26 19:37 -------- d-----w- c:\windows\Sun
2009-06-26 19:28 . 2009-06-26 19:26 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-26 19:26 . 2009-06-26 19:26 -------- d-----w- c:\program files\Java
2009-06-25 17:55 . 2006-12-21 09:55 24363 ----a-w- c:\windows\system32\drivers\Camd913d.sys
2009-06-25 17:55 . 2006-12-21 09:52 29522 ----a-w- c:\windows\system32\drivers\Capt913d.sys
2009-06-25 17:49 . 2009-06-20 18:01 2052888 ----a-w- c:\programdata\avg8\update\backup\avgcorex.dll
2009-06-24 20:17 . 2009-06-24 20:17 -------- d-----w- c:\programdata\WindowsSearch
2009-06-24 20:09 . 2009-06-27 13:00 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-06-24 20:09 . 2009-06-25 17:36 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-06-24 16:29 . 2009-06-24 16:28 456304 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbB6FB.tmp.exe
2009-06-20 19:30 . 2009-06-28 19:34 -------- d--h--w- C:\$AVG8.VAULT$
2009-06-20 18:02 . 2009-06-20 18:02 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-06-20 18:02 . 2009-06-20 18:02 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-06-20 18:01 . 2009-06-20 18:01 327688 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-06-20 18:01 . 2009-06-20 18:01 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-06-20 18:01 . 2009-06-30 18:07 -------- d-----w- c:\windows\system32\drivers\Avg
2009-06-20 18:00 . 2009-06-20 18:00 -------- d-----w- c:\program files\AVG
2009-06-20 18:00 . 2009-06-20 18:00 -------- d-----w- c:\programdata\avg8
2009-06-20 17:45 . 2009-06-20 17:45 -------- dc-h--w- c:\programdata\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-06-20 17:45 . 2009-03-12 08:17 2902048 -c--a-w- c:\programdata\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\Ad-AwareAE.exe
2009-06-20 17:45 . 2009-06-20 17:47 -------- d-----w- c:\programdata\Lavasoft
2009-06-20 17:45 . 2009-06-20 17:45 -------- d-----w- c:\program files\Lavasoft
2009-06-20 16:55 . 2009-06-20 16:55 456304 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbEFB7.tmp.exe
2009-06-19 09:37 . 2009-04-21 11:55 2033152 ----a-w- c:\windows\system32\win32k.sys
2009-06-19 09:37 . 2009-04-23 12:42 636928 ----a-w- c:\windows\system32\localspl.dll
2009-06-19 09:37 . 2009-04-23 12:43 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-06-19 09:20 . 2009-06-19 09:20 456304 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb179D.tmp.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-25 17:55 . 2008-09-02 10:03 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-20 18:34 . 2009-05-17 19:43 -------- d-----w- c:\users\JPH\AppData\Roaming\Nokia Multimedia Player
2009-05-26 22:02 . 2009-05-26 21:56 -------- d-----w- c:\programdata\Google Updater
2009-05-26 22:01 . 2008-09-02 11:07 -------- d-----w- c:\program files\Google
2009-05-18 17:28 . 2009-05-18 17:27 -------- d-----w- c:\users\Jack\AppData\Roaming\PC Suite
2009-05-17 19:43 . 2009-05-17 19:40 -------- d-----w- c:\users\JPH\AppData\Roaming\Nokia
2009-05-17 19:43 . 2009-05-17 19:43 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_05_00.Wdf
2009-05-17 19:42 . 2009-05-17 19:40 -------- d-----w- c:\programdata\PC Suite
2009-05-17 19:41 . 2009-05-17 19:41 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-05-17 19:40 . 2009-05-17 19:37 -------- d-----w- c:\users\JPH\AppData\Roaming\PC Suite
2009-05-17 19:40 . 2009-05-17 19:40 -------- d-----w- c:\program files\DIFX
2009-05-17 19:39 . 2009-05-17 19:38 -------- d-----w- c:\program files\Common Files\PCSuite
2009-05-17 19:38 . 2009-05-17 19:38 -------- d-----w- c:\program files\Common Files\Nokia
2009-05-17 19:38 . 2009-05-17 19:35 -------- d-----w- c:\program files\Nokia
2009-05-17 19:37 . 2009-05-17 19:37 -------- d-----w- c:\program files\PC Connectivity Solution
2009-05-17 19:34 . 2009-05-17 19:34 9728 ----a-w- c:\programdata\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstPCS.exe
2009-05-17 19:34 . 2009-05-17 19:34 8192 ----a-w- c:\programdata\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstCCD.exe
2009-05-17 19:34 . 2009-05-17 19:34 15360 ----a-w- c:\programdata\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstPCSFEMsi.exe
2009-05-17 19:33 . 2009-05-17 19:33 -------- d-----w- c:\programdata\Installations
2009-05-14 21:09 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-04-24 16:05 . 2009-06-19 09:36 827904 ----a-w- c:\windows\system32\wininet.dll
2009-04-24 16:02 . 2009-06-19 09:36 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-04-24 13:44 . 2009-06-19 09:36 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-04-21 07:21 . 2009-04-21 07:21 70176 ----a-w- c:\users\Jack\AppData\Local\GDIPFONTCACHEV1.DAT
2008-04-21 14:39 . 2008-04-21 14:39 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Reminder_MUI"="c:\applications\oem\Reminder\Reminder_MUI.exe" [2008-04-16 1081344]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-02 68856]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"RegistryMechanic"="c:\program files\Registry Mechanic\RMTray.exe" [2008-07-03 812952]
"WindowsWelcomeCenter"="oobefldr.dll" - c:\windows\System32\oobefldr.dll [2008-01-21 2153472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSTray"="c:\program files\SiS VGA Utilities\SiSTray.exe" [2008-05-23 552960]
"SpareMessaging"="c:\program files\Spare Messaging\MessagingApp.exe" [2007-11-28 42824]
"Google EULA Launcher"="c:\program files\Google\Google EULA\GoogleEULALauncher.exe" [2008-08-06 20480]
"UpdateP2GShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-01-04 222504]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 227328]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-06-20 518488]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-20 1948440]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-26 148888]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-05-28 6144000]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Launch.lnk - c:\windows\Installer\{4A65DAD2-E914-4923-9C2A-81B968A68CE2}\_A685CC3126A7CC37D335DE.exe [2008-9-2 17542]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{6DC3B181-B81D-46B0-856C-3D1BC0D1D06E}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{B869A05B-6596-4AD5-92AA-CC1EA1F24F98}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{5F564E86-AF66-4777-8680-FF07509852C5}"= c:\program files\AVG\AVG8\avgemc.exe:avgemc.exe
"{35097156-7527-41BB-8DE0-BC4F5DF8FAEB}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{9BDBCB32-EC6C-48BE-831E-23C6B9BFE8F6}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
R2 gupdate1c9de4d4501981e;Google Update Service (gupdate1c9de4d4501981e);c:\program files\Google\Update\GoogleUpdate.exe [2009-05-26 133104]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-06-20 1003344]
R3 CEBFilter;CEBFilter;c:\program files\C&E\OSD\OsdService\cebuffer.sys [x]
R3 CEIO;CEIO;c:\program files\C&E\OSD\OsdService\ceio.sys [x]
R3 cKBFilter;cKBFilter;c:\program files\C&E\OSD\OsdService\kbfiltr.sys [x]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2009-06-20 64160]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-06-20 327688]
S1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-06-20 108552]
S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-06-20 906520]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-06-20 298776]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [2007-08-07 283136]
S3 SiS6350;SiS6350;c:\windows\system32\DRIVERS\SISGRKMD.sys [2008-05-23 458752]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSGB6.sys [2007-11-15 48128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
Contents of the 'Scheduled Tasks' folder
2009-06-20 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 17:47]
2009-06-30 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-09-02 21:56]
2009-06-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-26 21:59]
2009-06-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-26 21:59]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=DSGI&bmod=DSGI
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-30 20:01
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-06-30 20:08
ComboFix-quarantined-files.txt 2009-06-30 19:08
Pre-Run: 37,461,737,472 bytes free
Post-Run: 37,378,097,152 bytes free
175 --- E O F --- 2009-06-30 18:25

chiaz

Spyware Mod

1,219 Posts

1 Jul 2009, 2:14am

Hi, how's your PC running now?

jph77

Icrontic Regular

25 Posts

3 Jul 2009, 9:23pm

Quoting chiaz

Hi, how's your PC running now?

Hi, sorry for the delay, been away for a few days, it's still running really slow to be honest, neither of the programs found anything either.... it's a bit confusing

chiaz

Spyware Mod

1,219 Posts

4 Jul 2009, 2:45am

It's time to remove ComboFix.

Go to to Start > Run
Type in box

combofix /u

Note: the space between the X and the /u

Press Enter.

This command will:

Delete the following:
ComboFix and its associated files and folders.
VundoFix backups, if present
The C:\Deckard folder, if present
The C:_OtMoveIt folder, if present

Reset the clock settings.
Hide file extensions, if required.
Hide System/Hidden files, if required.
Reset System Restore.

======================================================

Now download CCleaner (freeware) from here.
Run the installer, and uncheck the option to install Yahoo toolbar (unless you want Yahoo toolbar).
Once installed, run CCleaner.

The following should be selected by default, if not, please select:

Then please click

and choose

Please uncheck

Then go back to

and click

to run it.

Restart your PC.

============================================================

Next register (it's free, don't worry) with PCPitStop and run the full tests here. When the tests are complete, a results page will pop up. Copy and paste the URL of the Results screen and post it here for me.

Katana

MRU Expert

1,682 Posts

16 Jul 2009, 9:21pm

Inactive

Whilst we appreciate that you may be busy, it has been 5 days or more since we heard from you. This topic is now closed.

Infections can change and fresh instructions will now need to be given. If you wish to reopen your topic, please send a Private Message (PM) to Trogan with a link to your thread.

If you are not the user who started this thread, you must start your own Thread instead

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Slow running system	crazyjoeiv	Operating Systems	4	7 Apr 2008 12:35am
system running slow	tmh88	General Hardware	0	24 Apr 2006 4:00am
Ram is running very slow	KP84	General Hardware	20	20 Jan 2006 11:51pm
Memory Running Slow	RWB	General Hardware	11	9 Jan 2005 9:39am

		Icrontic Forums > Malware Help > Spyware & Virus Removal > Resolved / Inactive
Laptop running really slow....please help

Jump to

This Thread	Search this Thread
Print Email	Search this Thread: Advanced Search

Username
Password	Forgot?
Remember me