Laptop keeps shutting off and running extremely slow

My laptop seems to have been infected by who knows what. It randomly shuts off and is running extremely slow atm.

You help is always appreciated.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:24:24 PM, on 11/7/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Joann\My Documents\Downloads\winlogon.scr

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1231860124983
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 5392 bytes

Please download Malwarebytes Anti-Malware from here.

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Full Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  
• Please save the log to a location you will remember.
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy and paste the entire report in your next reply.
  

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

As directed

Malwarebytes' Anti-Malware 1.41
Database version: 3118
Windows 5.1.2600 Service Pack 3

11/7/2009 5:33:36 PM
mbam-log-2009-11-07 (17-33-36).txt

Scan type: Full Scan (C:\|)
Objects scanned: 146889
Time elapsed: 36 minute(s), 10 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Joann\My Documents\downloads\winlogon.scr (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan

• Tick the box next to YES, I accept the Terms of Use
  
• Click Start
  
• When asked, allow the ActiveX control to install
  
• Click Start
  
• Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  
• Click Scan (This scan can take several hours, so please be patient)
  
• Once the scan is completed, you may close the window
  
• Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  
• Copy and paste that log as a reply to this topic
  

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=ecb7a957f827264d97ee50c52efa7683
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-11-08 05:24:44
# local_time=2009-11-08 12:24:44 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=769 16775125 100 98 0 193015926 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=46920
# found=1
# cleaned=1
# scan_time=5111
C:\Documents and Settings\Joann\Local Settings\Temp\NERO1002529\unit_app_75\Toolbar.exe Win32/Toolbar.AskSBar application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

It appears to be clean. How is your computer running? Is it still shutting off?

Download WhoCrashed from here
This program checks for any drivers which may have been causing your computer to crash....

Click on the file you just downloaded and run it.
Put a tick in Accept then click on Next
Put a tick in the Don't create a start menu folder then click Next
Put a tick in Create a Desktop Icon then click on Install and make sure there is a tick in Launch Whocrashed before clicking Finish
Click Analyze
It will want to download the Debugger and install it Say Yes

WhoCrashed will create report but you have to scroll down to see it
Copy and paste it into your next reply

Crash dump directory: C:\WINDOWS\Minidump

Crash dumps are enabled on your computer.


No valid crash dumps have been found on your computer

Run chkdsk:

1. Right-click the Start button and select Explore (alternatively, hit WINDOWS key E on your keyboard).
   
2. Using Windows Explorer, navigate to your C:\ drive, then right-click the drive and select Properties
   
3. In the Properties window that pops up, click the Tools tab and then, under "Error-checking", click on the button that says Check Now...
   
4. In the Check disk options window that pops up, place a checkmark in both boxes:
   
   
   
   • Automatically fix file system errors
     
   • Scan for and attempt recovery of bad sectors
     

Now click on Start

A new window will pop up saying, "Windows can't check the disk while it's in use".

Click Yes to schedule the disk check.

Now shut down (do NOT restart!) your computer, and then turn your computer back on with its power button.

When your computer turns on, you will see a black screen with white lettering, this is chkdsk running.

Let chkdsk run through its five stages. When the utility finishes, Windows will boot to the Desktop.
NOTE: Running chkdsk may take some time to complete. Please be patient and do NOT use the computer, press any keys, or try to stop the chkdsk scan once it has started!

==

Locate the chkdsk log and post it here:

1. Click on Start, then click Run...
   
2. Copy and paste the following text into the "Open:" box: eventvwr.msc /s
   NOTE there is a space between "eventvwr.msc" and "/s"!
   
3. Click OK (or hit Enter).
   
   This will bring up the Event Viewer window.
   

In the left panel, click on Application

The chkdsk log should be the first entry, with a source of Winlogon
NOTE: If it is not the first log, click on View, and then on Newest First: that should place the chkdsk log at the top of the list.

Click on the entry once.

Right-click on the entry and choose Properties

In the window that pops up, click on to copy the log.

Paste the log in a reply to this topic.

Checking file system on C:
The type of the file system is NTFS.

A disk check has been scheduled.
Windows will now check the disk.
Cleaning up instance tags for file 0xa425.
Cleaning up minor inconsistencies on the drive.
Cleaning up 1484 unused index entries from index $SII of file 0x9.
Cleaning up 1484 unused index entries from index $SDH of file 0x9.
Cleaning up 1484 unused security descriptors.
CHKDSK is verifying file data (stage 4 of 5)...
File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
Free space verification is complete.
CHKDSK discovered free space marked as allocated in the
master file table (MFT) bitmap.
Windows has made corrections to the file system.

78140128 KB total disk space.
16092132 KB in 52805 files.
17188 KB in 4914 indexes.
0 KB in bad sectors.
134220 KB in use by the system.
65536 KB occupied by the log file.
61896588 KB available on disk.

4096 bytes in each allocation unit.
19535032 total allocation units on disk.
15474147 allocation units available on disk.

Internal Info:
f0 f8 00 00 82 e1 00 00 76 1a 01 00 00 00 00 00 ........v.......
c8 0f 00 00 02 00 00 00 17 0d 00 00 00 00 00 00 ................
0a 13 b9 01 00 00 00 00 ca 1b 57 2c 00 00 00 00 ..........W,....
6c 6d 6a 11 00 00 00 00 5c c3 29 78 02 00 00 00 lmj.....\.)x....
da cf 5e 43 04 00 00 00 34 e8 b6 02 07 00 00 00 ..^C....4.......
99 9e 36 00 00 00 00 00 00 39 07 00 45 ce 00 00 ..6......9..E...
00 00 00 00 00 90 2f d6 03 00 00 00 32 13 00 00 ....../.....2...

Windows has finished checking your disk.
Please wait while your computer restarts.


For more information, see Help and Support Center at

How is your computer running? Is it still shutting off randomly?