We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

computer on go slow !!

Options
24

Comments

  • devon_scouse
    devon_scouse Posts: 108 Forumite
    It did not start going slow from when you installed
    RP26: 24/02/2013 22:47:33 - Installed Rapport
    by any chance.
    .
  • shaynemawer
    shaynemawer Posts: 132 Forumite
    # AdwCleaner v2.115 - Logfile created 03/23/2013 at 15:03:58
    # Updated 17/03/2013 by Xplode
    # Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
    # User : homepc - PCHOME
    # Boot Mode : Safe mode with networking
    # Running from : C:\Documents and Settings\homepc\My Documents\Downloads\adwcleaner.exe
    # Option [Delete]


    ***** [Services] *****
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    The AdwCleaner log is incomplete. aswMBR log? Have things improved?
  • shaynemawer
    shaynemawer Posts: 132 Forumite
    aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
    Run date: 2013-03-23 15:45:26
    15:45:26.937 OS Version: Windows 5.1.2600 Service Pack 3
    15:45:26.937 Number of processors: 2 586 0xF0D
    15:45:26.968 ComputerName: PCHOME UserName: homepc
    15:45:35.046 Initialize success
    15:49:03.437 AVAST engine defs: 13032301
    16:01:16.546 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e
    16:01:16.562 Disk 0 Vendor: MAXTOR_STM3250310AS 3.AAC Size: 238475MB BusType: 3
    16:01:16.578 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-19
    16:01:16.593 Disk 1 Vendor: ST3500641AS 3.AGE Size: 476940MB BusType: 3
    16:01:16.734 Disk 0 MBR read successfully
    16:01:16.750 Disk 0 MBR scan
    16:01:16.828 Disk 0 Windows XP default MBR code
    16:01:16.843 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 238464 MB offset 63
    16:01:16.984 Disk 0 scanning sectors +488376000
    16:01:17.203 Disk 0 scanning C:\WINDOWS\system32\drivers
    16:01:49.343 Service scanning
    16:02:40.046 Service pkbhwk C:\WINDOWS\system32\vsftn.dll **INFECTED** Win32:Rootkit-gen [Rtk]
    16:02:56.187 Service ttdnx C:\WINDOWS\system32\vsftn.dll **INFECTED** Win32:Rootkit-gen [Rtk]
    16:03:05.625 Modules scanning
    16:03:23.796 Disk 0 trace - called modules:
    16:03:23.843 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys sptd.sys hal.dll pciide.sys
    16:03:23.859 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ac76ab8]
    16:03:23.875 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-e[0x8ac49d98]
    16:03:30.875 AVAST engine scan C:\WINDOWS
    16:03:52.984 AVAST engine scan C:\WINDOWS\system32
    16:08:41.343 File: C:\WINDOWS\system32\vsftn.dll **INFECTED** Win32:Rootkit-gen [Rtk]
    16:11:17.921 AVAST engine scan C:\WINDOWS\system32\drivers
    16:11:53.640 AVAST engine scan C:\Documents and Settings\homepc
    17:08:41.546 AVAST engine scan C:\Documents and Settings\All Users
    17:15:28.093 Scan finished successfully
    22:09:14.328 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\homepc\Desktop\MBR.dat"
    22:09:14.343 The log file has been saved successfully to "C:\Documents and Settings\homepc\Desktop\aswMBR.txt"



    that was all that was in the adwcleaner s1 log, there is a adwcleaner s2 log
  • closed
    closed Posts: 10,886 Forumite
    what's the physical ram total and commit charge from task manager, performance?

    https://forums.moneysavingexpert.com/discussion/2436849
    !!
    > . !!!! ----> .
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    shaynemawer wrote: »
    16:01:49.343 Service scanning
    16:02:40.046 Service pkbhwk C:\WINDOWS\system32\vsftn.dll **INFECTED** Win32:Rootkit-gen [Rtk]
    16:02:56.187 Service ttdnx C:\WINDOWS\system32\vsftn.dll **INFECTED** Win32:Rootkit-gen [Rtk]
    16:03:05.625 Modules scanning
    16:03:23.796 Disk 0 trace - called modules:
    16:03:23.843 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys sptd.sys hal.dll pciide.sys
    16:03:23.859 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ac76ab8]
    16:03:23.875 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-e[0x8ac49d98]
    16:03:30.875 AVAST engine scan C:\WINDOWS
    16:03:52.984 AVAST engine scan C:\WINDOWS\system32
    16:08:41.343 File: C:\WINDOWS\system32\vsftn.dll **INFECTED** Win32:Rootkit-gen [Rtk]

    https://www.virustotal.com/en/file/34a1b67eb599b2ef023410fb9727f18756cb0b8df5d68b777bf747081fe6ca1f/analysis/
  • shaynemawer
    shaynemawer Posts: 132 Forumite
    total is 633800 - limit is 4037816 and peak is 1069320

    just thought i'd say thanks to everyone that is trying to help :-)
  • closed
    closed Posts: 10,886 Forumite
    total of 633800 - is that commit charge or physical ram total (what is the latter)
    !!
    > . !!!! ----> .
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    At this stage the commit charge stats matter not - 2GB RAM should be sufficient for XP - What's more pressing is that you're infected with Conficker - An antivirus would have stopped this.


    Go here and read through the instructions for downloading and running ComboFix:

    Bleeping Computer ComboFix Tutorial
    • IMPORTANT! Ensure you temporarily turn off Avira before running.
      Instructions here
    • Save combofix to your desktop.
    • Double click combofix.exe & follow the prompts closely.
    • Combofix may reboot the PC several times.
    • When it's finished, it will automatically produce a log. Post the contents of that log.
    • It can also be found on your C:\ drive named combofix.txt
    Above all, BE PATIENT! and let it run it's course. It may take combofix slightly longer than stated as this malware can be harder to remove.
  • shaynemawer
    shaynemawer Posts: 132 Forumite
    ComboFix 13-03-24.03 - homepc 25/03/2013 15:11:12.1.2 - x86 NETWORK
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1620 [GMT 0:00]
    Running from: c:\documents and settings\homepc\My Documents\Downloads\ComboFix.exe
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\All Users\Start Menu\Programs\Startup\.lnk
    c:\documents and settings\homepc\Application Data\vso_ts_preview.xml
    c:\documents and settings\homepc\WINDOWS
    c:\favoritevideo\InvisibleFolder
    c:\favoritevideo\InvisibleFolder\20100813174225_jingji100813zanting15s.swf
    c:\favoritevideo\InvisibleFolder\20100902163248_jingji100902zhu15s.swf
    c:\favoritevideo\InvisibleFolder\20100930152150_pptv100930zhu15s.swf
    c:\favoritevideo\InvisibleFolder\20101014160145_sasa101014jiao15s1.swf
    c:\favoritevideo\InvisibleFolder\20101028150745_sasa101028zanting15s.swf
    c:\favoritevideo\InvisibleFolder\20101029114223_sasa101029cha15s.swf
    c:\favoritevideo\InvisibleFolder\20101029175115_biyadi101029zanting15s.swf
    c:\favoritevideo\InvisibleFolder\20101104115357_sasa101104zhu15s.swf
    c:\favoritevideo\InvisibleFolder\20101104135837_shenghuojia101104zanting15s.swf
    c:\favoritevideo\InvisibleFolder\20101105155052_xixun101105zhu15s.wmv
    c:\favoritevideo\InvisibleFolder\20101112103740_taobao101112cha15s.swf
    c:\favoritevideo\InvisibleFolder\20101112141416_sasa101112cha2.swf
    c:\favoritevideo\InvisibleFolder\20101117100050_pinganchexian101117qipao15s.swf
    c:\favoritevideo\InvisibleFolder\20101118161832_kuowang101118zhu5s.swf
    c:\favoritevideo\InvisibleFolder\20101119115856_taobao101119cha15sman.swf
    c:\favoritevideo\InvisibleFolder\20101119120106_taobao101119cha15swoman.swf
    c:\favoritevideo\InvisibleFolder\20101126174343_zhongguoliantong101129zhu15s.swf
    c:\favoritevideo\InvisibleFolder\20101202165626_yuandayiyuan101202cha15s.gif
    c:\favoritevideo\InvisibleFolder\20101217100327_xiangganglvyouju101217zanting15s.swf
    c:\favoritevideo\InvisibleFolder\20101217112741_xiaogouwang101217zhu15s.swf
    c:\favoritevideo\InvisibleFolder\20101220144744_biyadi101223zanting15s.jpg
    c:\favoritevideo\InvisibleFolder\20101220144923_biyadi101223cha15s.swf
    c:\favoritevideo\InvisibleFolder\20101220164804_vip101220zhu15s.swf
    c:\favoritevideo\InvisibleFolder\20101220164848_vip101220zanting15s.jpg
    c:\favoritevideo\InvisibleFolder\20101220170858_pingan101220cha15s.swf
    c:\favoritevideo\InvisibleFolder\20101220171122_pingan101220zanting15s.swf
    c:\favoritevideo\InvisibleFolder\20101220172306_pingan101220houtie.swf
    c:\favoritevideo\InvisibleFolder\20101220174642_dongfengrichan101220cha15s.swf
    c:\favoritevideo\InvisibleFolder\20101220174837_dongfengrichan101220zanting15s.swf
    c:\favoritevideo\InvisibleFolder\20101220190559_taobao101221zhu15s.swf
    c:\favoritevideo\InvisibleFolder\20101220190717_taobao101221bkqipao15s.swf
    c:\favoritevideo\InvisibleFolder\20101221174112_woyouwangluo101221bkqipao15s.swf
    c:\favoritevideo\InvisibleFolder\20101223092851_tianyijue101223bkqipao15s.swf
    c:\favoritevideo\InvisibleFolder\20101223114801_tianyijue101223zanting15s.swf
    c:\favoritevideo\InvisibleFolder\20101223160139_wopaiwang101223zanting15s.swf
    c:\favoritevideo\InvisibleFolder\20101223181149_jianfengzhanji101223zhu15s.swf
    c:\favoritevideo\InvisibleFolder\20101223181313_jianfengzhanji101223zanting15s.swf
    c:\favoritevideo\InvisibleFolder\20101223181751_shijitiancheng101224zanting15s.swf
    c:\favoritevideo\InvisibleFolder\20101224112404_woyouwangluo101224zhu15s.swf
    c:\favoritevideo\InvisibleFolder\20101224112522_woyouwangluo101224zanting15s.swf
    c:\favoritevideo\InvisibleFolder\20101224165431_91wan101225zanting15s.swf
    c:\favoritevideo\InvisibleFolder\20101228211855_kfc101228jiaobiao.swf
    c:\favoritevideo\InvisibleFolder\20101228212043_kfc101228zanting15s.swf
    c:\favoritevideo\InvisibleFolder\20101229171754_taobao101230cha15s.swf
    c:\favoritevideo\InvisibleFolder\20101229171842_taobao101230zanting15s.swf
    c:\favoritevideo\InvisibleFolder\20101229175616_tianxiaer101230zanting15s.swf
    c:\favoritevideo\InvisibleFolder\20101230102637_tianxiaer110101zhu15s.swf
    c:\favoritevideo\InvisibleFolder\20101230110836_qinpeng101230zhu15s.swf
    c:\favoritevideo\InvisibleFolder\20101230142434_zhoudafu101230zanting15s.jpg
    c:\favoritevideo\InvisibleFolder\20101230142738_zhoudafu101230cha15s.jpg
    c:\favoritevideo\InvisibleFolder\20101231152742_wopaiwang110103zanting15s.swf
    c:\favoritevideo\InvisibleFolder\20101231163830_baidu110101zanting15s.swf
    c:\favoritevideo\InvisibleFolder\20101231165505_oppo110101zhu15s.MP4
    c:\favoritevideo\InvisibleFolder\20101231180112_taobao110104cha15s.swf
    c:\favoritevideo\InvisibleFolder\20101231180204_taobao110104zanting15s.swf
    c:\favoritevideo\InvisibleFolder\20101231180328_taobao110104zhu15s.swf
    c:\favoritevideo\InvisibleFolder\20101231192854_woyouwang110104bkqipao15s.swf
    c:\favoritevideo\InvisibleFolder\20101231192955_woyouwang110104zhu15s.swf
    c:\favoritevideo\InvisibleFolder\20101231201102_woyouwang110104zanting15s.swf
    c:\favoritevideo\InvisibleFolder\20110104094550_wanglaoji110104zanting15sps.swf
    c:\favoritevideo\InvisibleFolder\20110104095524_wanglaoji110104cha15s.swf
    c:\favoritevideo\InvisibleFolder\20110104095800_wanglaoji110104jiao15s.swf
    c:\favoritevideo\InvisibleFolder\20110104120724_wanglaoji110104zhu15sps.swf
    c:\favoritevideo\InvisibleFolder\20110104165621_ruishishoubiao110104zhu15s.swf
    c:\favoritevideo\InvisibleFolder\20110104175701_oulainuo110105qipao15s.swf
    c:\favoritevideo\InvisibleFolder\20110105145904_wanmeishenguishijie110108zanting15s.swf
    c:\favoritevideo\InvisibleFolder\20110105150645_tianxiaer110107zanting15s.swf
    c:\favoritevideo\InvisibleFolder\20110105161556_taobao110106cha15s.swf
    c:\favoritevideo\InvisibleFolder\20110105161646_taobao110106zanting15s.swf
    c:\favoritevideo\InvisibleFolder\20110105161746_taobao110106zhu15s.swf
    c:\favoritevideo\InvisibleFolder\20110105164925_baidushinianyijian110106zhu15s.swf
    c:\favoritevideo\InvisibleFolder\20110105165459_juedifanji110105zhu15s.swf
    c:\favoritevideo\InvisibleFolder\20110105170002_tianyijue110106zhu15s.swf
    c:\favoritevideo\InvisibleFolder\20110105183141_juedifanji110105cha15s.swf
    c:\favoritevideo\InvisibleFolder\20110105183309_juedifanji110105zanting15s.swf
    c:\favoritevideo\InvisibleFolder\ppva.dll
    c:\windows\system32\SET124.tmp
    c:\windows\system32\SET130.tmp
    .
    .
    ((((((((((((((((((((((((( Files Created from 2013-02-25 to 2013-03-25 )))))))))))))))))))))))))))))))
    .
    .
    2013-03-24 06:14 . 2013-03-24 06:14
    d
    w- c:\documents and settings\homepc\Application Data\AVG2013
    2013-03-24 06:12 . 2013-03-24 06:12
    d
    w- c:\documents and settings\homepc\Application Data\TuneUp Software
    2013-03-24 06:12 . 2013-03-24 06:12
    d
    w- c:\windows\LastGood
    2013-03-24 06:11 . 2013-03-24 06:13
    d
    w- c:\documents and settings\All Users\Application Data\AVG2013
    2013-03-24 06:11 . 2013-03-24 06:11
    d
    w- C:\$AVG
    2013-03-24 06:09 . 2013-03-24 06:09
    d
    w- c:\windows\system32\config\systemprofile\Local Settings\Application Data\Avg2013
    2013-03-24 06:09 . 2013-03-24 06:09
    d
    w- c:\program files\AVG
    2013-03-24 06:05 . 2013-03-24 06:16
    d
    w- c:\documents and settings\homepc\Local Settings\Application Data\Avg2013
    2013-03-24 06:05 . 2013-03-24 06:05
    d--h--w- c:\documents and settings\All Users\Application Data\Common Files
    2013-03-24 06:05 . 2013-03-24 06:05
    d
    w- c:\documents and settings\homepc\Local Settings\Application Data\MFAData
    2013-03-23 12:33 . 2013-03-23 12:33
    d
    w- c:\documents and settings\homepc\Application Data\Malwarebytes
    2013-03-23 12:33 . 2013-03-23 12:33
    d
    w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2013-03-23 12:33 . 2013-03-23 12:33
    d
    w- c:\program files\Malwarebytes' Anti-Malware
    2013-03-23 12:33 . 2012-12-14 16:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
    2013-03-22 10:44 . 2013-03-22 10:44
    d
    w- c:\program files\ESET
    2013-03-07 05:17 . 2013-03-07 05:17
    d
    w- c:\documents and settings\LocalService\Local Settings\Application Data\Sun
    2013-03-01 10:32 . 2013-03-01 10:32 22328 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
    2013-02-26 23:40 . 2013-02-26 23:40 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
    2013-02-25 00:01 . 2013-02-25 00:01
    d
    w- c:\documents and settings\homepc\Local Settings\Application Data\PCHealth
    2013-02-24 22:28 . 2008-11-07 18:55 16928
    w- c:\windows\system32\spmsgXP_2k3.dll
    2013-02-24 22:22 . 2013-02-24 22:22 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
    2013-02-24 22:22 . 2013-02-24 22:22 25200 ----a-w- c:\windows\system32\drivers\ggsemc.sys
    2013-02-24 22:22 . 2013-02-24 22:22 12400 ----a-w- c:\windows\system32\drivers\ggflt.sys
    2013-02-24 22:17 . 2013-03-24 07:00
    d
    w- c:\program files\Sony Ericsson
    .
    .
    .
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 350.9K Banking & Borrowing
  • 253.1K Reduce Debt & Boost Income
  • 453.5K Spending & Discounts
  • 243.9K Work, Benefits & Business
  • 598.7K Mortgages, Homes & Bills
  • 176.9K Life & Family
  • 257.1K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture