reagrds myrti
Unknown Infection. Everything is slow and computer won't stay onl
Started by
Bulldog04
, Feb 26 2012 01:50 PM
#16
Posted 06 March 2012 - 12:29 PM
reagrds myrti
#17
Posted 06 March 2012 - 12:43 PM
No, I haven't updated Avast. I can't do anything unless I'm in safe mode. I've got to run the FSS scan you asked for in safe mode. When I restarted regularly, the computer just won't respond.
#18
Posted 06 March 2012 - 12:47 PM
Here is the FSS Log: (I did have to run it in Safe Mode)
Farbar Service Scanner Version: 01-03-2012
Ran by Dana (administrator) on 06-03-2012 at 12:44:43
Running from "C:\Documents and Settings\Dana\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Nerwork
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\WINDOWS\system32\wuauserv.dll".
BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.
EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem: "C:\WINDOWS\system32\svchost.exe -k netsvcs".
The ServiceDll of EventSystem: "C:\WINDOWS\system32\es.dll".
File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
Extra List:
=======
aswTdi(9) Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x0A00000004000000010000000200000003000000090000005600000005000000060000000700000008000000
IpSec Tag value is correct.
**** End of log ****
Farbar Service Scanner Version: 01-03-2012
Ran by Dana (administrator) on 06-03-2012 at 12:44:43
Running from "C:\Documents and Settings\Dana\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Nerwork
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\WINDOWS\system32\wuauserv.dll".
BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.
EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem: "C:\WINDOWS\system32\svchost.exe -k netsvcs".
The ServiceDll of EventSystem: "C:\WINDOWS\system32\es.dll".
File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
Extra List:
=======
aswTdi(9) Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x0A00000004000000010000000200000003000000090000005600000005000000060000000700000008000000
IpSec Tag value is correct.
**** End of log ****
#19
Posted 06 March 2012 - 12:50 PM
Can you please perform a clean boot and see if you can boot into windows normal mode then: http://support.microsoft.com/kb/310353
#20
Posted 06 March 2012 - 01:31 PM
Clean boot done. Here is the new FSS log:
Farbar Service Scanner Version: 01-03-2012
Ran by Dana (administrator) on 06-03-2012 at 13:21:10
Running from "C:\Documents and Settings\Dana\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Security Center:
============
Windows Update:
============
File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
Extra List:
=======
aswTdi(9) Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x0A00000004000000010000000200000003000000090000005600000005000000060000000700000008000000
IpSec Tag value is correct.
**** End of log ****
Farbar Service Scanner Version: 01-03-2012
Ran by Dana (administrator) on 06-03-2012 at 13:21:10
Running from "C:\Documents and Settings\Dana\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Security Center:
============
Windows Update:
============
File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
Extra List:
=======
aswTdi(9) Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x0A00000004000000010000000200000003000000090000005600000005000000060000000700000008000000
IpSec Tag value is correct.
**** End of log ****
#21
Posted 06 March 2012 - 02:10 PM
Hi,
I'm going to assume your PC is running better now? Could you try to uninstall and reinstall avast?
regards myrti
I'm going to assume your PC is running better now? Could you try to uninstall and reinstall avast?
regards myrti
#22
Posted 06 March 2012 - 02:12 PM
Yes, it is running better now. I will try to uninstall and re-install avast. It still sounds like it's running constantly and still quite slow, but at least I could open the browser this time.
#23
Posted 06 March 2012 - 04:54 PM
Better did not mean fixed. Still got the whirring noise. There IS something running that I can't control.
#24
Posted 06 March 2012 - 04:56 PM
Hi,
did you reinstall Avast? Have you checked in Taskmanager if something is running at 100% cpu usage?
regards myrti
did you reinstall Avast? Have you checked in Taskmanager if something is running at 100% cpu usage?
regards myrti
#25
Posted 06 March 2012 - 04:59 PM
Something is running at 100%. Yes I did uninstall and re-install Avast.
#26
Posted 06 March 2012 - 05:06 PM
Hi,
are you seeing what that soemthing is in taskmanager? Can you give me the name of it?
are you seeing what that soemthing is in taskmanager? Can you give me the name of it?
#27
Posted 06 March 2012 - 05:16 PM
No, I tried to look at the screen just says CPU Usage and CPU usage history. I can't get back to the process and other tabs.
#28
Posted 06 March 2012 - 05:26 PM
Hi,
what happens when you try to go back to the CPU usage page? Is it empty? Can you try to use Process Explorer isntead of the task manager: http://technet.micro...ernals/bb896653
Just unzip the file and double-click to launch it.
regards myrti
what happens when you try to go back to the CPU usage page? Is it empty? Can you try to use Process Explorer isntead of the task manager: http://technet.micro...ernals/bb896653
Just unzip the file and double-click to launch it.
regards myrti
#29
Posted 06 March 2012 - 05:35 PM
Now what?
#30
Posted 06 March 2012 - 05:46 PM
Check which process uses the most CPU and give me the name of it.
regards myrti
regards myrti
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users