HijackThis log for analysis, slow pc

Wammer

Oops, getting confused now whether you are talking about HJT or tdsskiller.

No I haven't done anything with HJT.

I have re-ran tdsskiller in default and not threats found.

closed

forget hijackthis, I'm talking about have you zapped these using tdsskiller

02:33:35.0804 10020 C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe - copied to quarantine
02:33:36.0220 10020 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
[FONT=&quot]02:33:36.0289 10020 C:\Windows\system32\Drivers\DrvAgent32.sys - copied to quarantine[/FONT]
[FONT=&quot]02:33:36.0547 10020 DrvAgent32 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine [/FONT]
[FONT=&quot]02:33:36.0622 10020 C:\Program Files\DellSupport\brkrsvc.exe - copied to quarantine[/FONT]
[FONT=&quot]02:33:36.0956 10020 DSBrokerService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine [/FONT]
[FONT=&quot]02:33:37.0018 10020 C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys - copied to quarantine[/FONT]
[FONT=&quot]02:33:37.0190 10020 DSproct ( UnsignedFile.Multi.Generic ) - User select action: Quarantine [/FONT]
[FONT=&quot]02:33:37.0229 10020 C:\Program Files\DellSupport\Drivers\dsunidrv.sys - copied to quarantine[/FONT]
[FONT=&quot]02:33:37.0320 10020 dsunidrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine [/FONT]
[FONT=&quot]02:33:37.0402 10020 C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe - copied to quarantine[/FONT]
[FONT=&quot]02:33:37.0492 10020 IAANTMON ( UnsignedFile.Multi.Generic ) - User select action: Quarantine [/FONT]
[FONT=&quot]02:33:37.0574 10020 C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe - copied to quarantine[/FONT]
[FONT=&quot]02:33:37.0726 10020 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine [/FONT]
[FONT=&quot]02:33:37.0849 10020 C:\Program Files\Mouse Driver\KMWDSrv.exe - copied to quarantine[/FONT]
[FONT=&quot]02:33:38.0089 10020 KMWDSERVICE ( UnsignedFile.Multi.Generic ) - User select action: Quarantine [/FONT]
[FONT=&quot]02:33:38.0117 10020 C:\Windows\system32\DRIVERS\TVICHW32.SYS - copied to quarantine[/FONT]
[FONT=&quot]02:33:38.0230 10020 TVICHW32 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine [/FONT]


A backup would have been really useful at this point

Wammer

I copied them to Quarantine, but I didn't do anything after that as in pressing anything that said to actually Quarantine them.

I have a fresh log after running it in default, but it is massive, 55 pages in Word compared to 20 pages for the logs I posted above.

KWMDSERVICE is still listed in it.

closed

ok, provided you didn't select delete, you should be ok, I hope! You may want to do a backup before rebooting, just in case.

if tdsskiller doesn't find anything you're probably ok, but there is a line in the hijackthis log which pointed to a possible previous infection.

Wammer

I had a problem yesterday when I got a warning from Avast about a threat. It turned out to be an advert on a site I had open. Could that be what it was?

I appreciate your help and patience.

I am OK with keeping everything up to date, running CCleaner and Mbam regularly, but things like reinstalling Windows scares the bejesus out of me.

I need to check that I have Windows and Office disks and keys before I even think about it.

I will look for an external drive. Should I go bigger than 500GB or will that be enough seeing as I have only used 121GB in 6 years?

Can you have more than one backup on an external drive?

closed

Doubt it's connected.

windows keys you dont need, office you do, unless it came preinstalled.

if it scares you, think what would happen if the disk failed or it doesn't boot tomorrow - both good reasons to do disk image backups, (along with a windows disc, and disk imager bootcd) then you can put it back to like it is now in an hour.

you have several machines, add up all the used space on all of them, and buy something at least as big as that, with some space for growth

provided you dont use the clone option, you can store as many backups (from many machines) on an external drive as can fit. You may wish to keep old backups too, so you can go back in time. 2.5" portable drives don't need external power, and are less bulky than their 3.5" counterparts

Wammer

Thanks. I will have a look at external drives tomorrow, maybe a 750GB one, will see what is available.

I take it I don't need to do anything with my HJT log?

Off to bed now as I have to be up for work in a couple of hours.

closed

there a bit of bloat in there (the O4's, google, updaters, opendns), really depends whether you are going to bite the factory restore bullet or not, switching to hibernate may possibly improve things, it's hard to diagnose without seeing what's going on at the time, why so many different browsers running at the same time?

tend to get better value at the 500 or 1TB size, but not always.

Wammer

I am seriously considering the factory restore if nothing else is going to work, but it may take me a couple of weeks to do by the time I get the external drive and find enough time at a weekend.

I have changed the Power Off / Shutdwon button to Hibernate instead of Sleep. Hibernate is not showing in the Start Menu drop down for power options. Is that likely to appear once I reboot?

I have Opera with MSE, Gmail and a few other sites I view daily; Firefox for other sites I visit daily that don't work well in Opera and just recently I have started using Chrome for a game I play on Facebook as I have a few tabs related to the game.

Wammer

closed wrote: »

there a bit of bloat in there (the O4's, google, updaters, opendns), .

I am not going to try and fix anything in HJT log until you specifically tell me which ones. I use Gmail so would be worried about deleting anything Google related without instruction in case I lost that.

One thing I would like to keep is FileHippo as I find it invaluable for keeping my programmes up to date.