computer running slowly

Page 1 of 2 1, 2  Next

View previous topic View next topic Go down

computer running slowly

Post by celtic85 on Mon 14 Jun 2010, 3:34 am

My computer is older, but recently has been running much much slower... Thanks for your help

celtic85

Newbie Surfer
Newbie Surfer

Posts : 15
Joined : 2010-06-14
Operating System : XP

View user profile

Back to top Go down

Re: computer running slowly

Post by Belahzur on Mon 14 Jun 2010, 11:37 am

Hello.

Download OTL by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: computer running slowly

Post by celtic85 on Tue 29 Jun 2010, 6:30 am

OTL logfile created on: 6/28/2010 2:37:37 PM - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Owner\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 128.00 Mb Available Physical Memory | 25.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 49.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 52.34 Gb Total Space | 12.74 Gb Free Space | 24.34% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HOME-302C4CD2FF
Current User Name: Owner
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/06/28 14:35:32 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe
PRC - [2010/04/05 07:42:30 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/03/21 08:53:34 | 002,046,816 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2009/09/27 14:28:48 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/09/27 14:28:46 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009/09/27 14:28:37 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/09/27 14:27:36 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/09/27 14:27:24 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/07/08 14:27:15 | 000,297,240 | ---- | M] (Impulse Point, LLC) -- C:\Program Files\SafeConnect\SCClient.exe
PRC - [2009/07/08 14:27:15 | 000,128,280 | ---- | M] (Impulse Point, LLC) -- C:\Program Files\SafeConnect\scManager.sys
PRC - [2008/06/12 17:57:18 | 000,991,584 | ---- | M] (Vendio Services, Inc.) -- C:\Program Files\Search Settings\SearchSettings.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/04 17:41:28 | 000,177,672 | R--- | M] (Authentium, Inc.) -- C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
PRC - [2006/06/29 12:12:34 | 000,376,832 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2006/02/21 11:30:32 | 000,397,312 | ---- | M] (Logitech) -- C:\Program Files\Common Files\Logitech\Pen\Phal\Service\LPhal.exe
PRC - [2004/05/13 19:23:56 | 000,098,304 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe


========== Modules (SafeList) ==========

MOD - [2010/06/28 14:35:32 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe
MOD - [2008/04/13 20:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2004/05/13 19:23:50 | 000,066,048 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/03/08 17:42:57 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/09/27 14:27:36 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009/09/27 14:27:24 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009/07/08 14:27:15 | 000,128,280 | ---- | M] (Impulse Point, LLC) [Auto | Running] -- C:\Program Files\SafeConnect\scManager.sys -- (SCManager)
SRV - [2007/07/02 12:12:28 | 000,066,864 | ---- | M] (Authentium, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Authentium\ESPLService.exe -- (ESPLService)
SRV - [2007/07/02 11:14:36 | 000,075,056 | ---- | M] (Authentium, Inc.) [On_Demand | Stopped] -- C:\Program Files\Authentium\ESP Enterprise Manager\ESPLPush.exe -- (ESPLPush)
SRV - [2007/04/30 10:24:46 | 000,098,296 | ---- | M] (Radialpoint Inc.) [On_Demand | Stopped] -- C:\Program Files\Verizon\PC Security Checkup\rpsupdaterR.exe -- (RPSUpdaterR)
SRV - [2007/04/04 17:41:28 | 000,177,672 | R--- | M] (Authentium, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe -- (dvpapi)
SRV - [2006/11/03 20:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/06/29 12:12:34 | 000,376,832 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2006/02/21 11:30:32 | 000,397,312 | ---- | M] (Logitech) [Auto | Running] -- C:\Program Files\Common Files\Logitech\Pen\Phal\Service\LPhal.exe -- (PenSup)
SRV - [2006/02/21 11:30:32 | 000,397,312 | ---- | M] (Logitech) [Auto | Running] -- C:\Program Files\Common Files\Logitech\Pen\Phal\Service\LPhal.exe -- (PenRendezvous)
SRV - [2003/08/11 04:07:38 | 000,065,795 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2009/09/27 14:28:47 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/09/27 14:28:47 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/05/24 15:11:33 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008/04/13 14:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2007/04/04 17:15:02 | 000,839,880 | ---- | M] (Authentium, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Css-Dvp.sys -- (CSS DVP)
DRV - [2007/03/12 11:07:28 | 000,507,264 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2860.sys -- (RT80x86)
DRV - [2006/10/19 11:11:40 | 000,010,664 | ---- | M] (Applied Networking Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gan_adapter.sys -- (hamachi_oem)
DRV - [2005/08/12 17:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/03/07 12:35:54 | 000,056,832 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LPhalUsb.sys -- (Phal)
DRV - [2004/11/15 15:37:52 | 000,264,440 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97.sys -- (STAC97) Audio Driver (WDM)
DRV - [2004/10/07 21:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/08/13 02:56:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/08/13 01:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/08/13 01:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/08/13 01:05:00 | 000,086,202 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/08/13 01:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/08/13 01:05:00 | 000,025,723 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/08/13 01:05:00 | 000,014,715 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/08/13 01:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/08/13 01:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/08/13 01:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/08/04 03:21:00 | 000,087,136 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/07/14 11:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/07/14 11:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2004/05/13 19:19:22 | 000,182,688 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2003/09/26 10:41:10 | 000,044,032 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: *{03402f96-3dc7-4285-bc50-9e81fefafe43} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: *{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll (Vendio Services, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429
FF - prefs.js..extensions.enabledItems: avg@igeared:3.011.025.005
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0.0.071302000002
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.5.4.20081105
FF - prefs.js..keyword.URL: "http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p="


FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/12/30 14:54:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared [2009/12/31 12:42:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/05 07:42:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/05 07:42:39 | 000,000,000 | ---D | M]

[2009/02/11 16:03:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2010/06/28 14:32:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n676lxcy.default\extensions
[2010/03/28 17:23:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n676lxcy.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/12/31 12:11:14 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n676lxcy.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/02/15 14:02:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\n676lxcy.default\extensions\moveplayer@movenetworks.com
[2009/02/11 16:03:00 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/03/31 01:03:11 | 000,378,447 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 13042 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll (Vendio Services, Inc.)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe (Vendio Services, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SafeConnect.lnk = C:\Program Files\SafeConnect\SCClient.exe (Impulse Point, LLC)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &AIM Toolbar Search - C:\Documents and Settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.)
O9 - Extra Button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} [You must be registered and logged in to see this link.] (Support.com Configuration Class)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} [You must be registered and logged in to see this link.] (Office Genuine Advantage Validation Tool)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} [You must be registered and logged in to see this link.] (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} [You must be registered and logged in to see this link.] (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [You must be registered and logged in to see this link.] (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_05)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.64.150 68.87.75.198
O18 - Protocol\Handler\bw+0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw+0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw-0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw00 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw00s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw-0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw10 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw10s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw20 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw20s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw30 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw30s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw40 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw40s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw50 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw50s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw60 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw60s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw70 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw70s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw80 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw80s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw90 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bw90s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwa0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwa0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwb0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwb0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwc0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwc0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwd0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwd0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwe0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwe0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwf0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwf0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwg0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwg0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwh0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwh0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwi0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwi0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwj0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwj0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwk0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwk0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwl0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwl0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwm0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwm0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwn0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwn0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwo0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwo0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwp0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwp0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwq0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwq0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwr0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwr0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bws0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bws0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwt0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwt0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwu0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwu0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwv0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwv0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bww0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bww0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwx0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwx0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwy0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwy0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwz0 {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\bwz0s {1848dafb-a34b-40a6-be3b-a2f9b635c89f} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\offline-8876480 {1848DAFB-A34B-40A6-BE3B-A2F9B635C89F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll (BackWeb Technologies Inc. )
O20 - AppInit_DLLs: (c:\windows\system32\satehuta.dll) - C:\WINDOWS\System32\satehuta.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O21 - SSODL: husutapuf - {40ae6988-423f-4b4d-b0dc-837529ae25d4} - C:\WINDOWS\System32\satehuta.dll File not found
O22 - SharedTaskScheduler: {40ae6988-423f-4b4d-b0dc-837529ae25d4} - kupuhivus - C:\WINDOWS\System32\satehuta.dll File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/07/25 16:32:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{5db8c790-83fe-11dd-ae64-001143640914}\Shell - "" = AutoRun
O33 - MountPoints2\{5db8c790-83fe-11dd-ae64-001143640914}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5db8c790-83fe-11dd-ae64-001143640914}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{9d400651-8a6e-11dc-ac88-001143640914}\Shell - "" = AutoRun
O33 - MountPoints2\{9d400651-8a6e-11dc-ac88-001143640914}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9d400651-8a6e-11dc-ac88-001143640914}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{a7272120-55c2-11dc-ac32-001143640914}\Shell - "" = AutoRun
O33 - MountPoints2\{a7272120-55c2-11dc-ac32-001143640914}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a7272120-55c2-11dc-ac32-001143640914}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/06/15 02:56:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\st
[9 C:\Documents and Settings\Owner\My Documents\*.tmp files -> C:\Documents and Settings\Owner\My Documents\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/06/28 14:25:24 | 061,458,679 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/06/28 14:20:16 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/28 14:20:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/28 01:51:06 | 009,175,040 | ---- | M] () -- C:\Documents and Settings\Owner\NTUSER.DAT
[2010/06/28 01:51:06 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Owner\ntuser.ini
[2010/06/28 01:36:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/06/15 03:55:13 | 000,149,992 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/15 03:36:19 | 000,000,801 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/06/15 03:32:58 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/06/15 03:10:49 | 000,531,476 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/06/15 03:10:49 | 000,461,986 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/06/15 03:10:49 | 000,079,592 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/06/13 16:55:23 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/06/13 13:00:06 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\WebReg 20080819130020.job
[9 C:\Documents and Settings\Owner\My Documents\*.tmp files -> C:\Documents and Settings\Owner\My Documents\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2007/10/23 09:32:54 | 000,000,021 | ---- | C] () -- C:\WINDOWS\atid.ini
[2007/10/16 21:00:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2007/10/16 20:59:52 | 000,906,784 | ---- | C] () -- C:\WINDOWS\System32\owl52f.dll
[2007/10/16 20:59:51 | 000,385,024 | ---- | C] () -- C:\WINDOWS\System32\UTILib36.dll
[2007/10/16 20:59:51 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\EZTW32.DLL
[2007/08/22 01:25:10 | 000,000,156 | ---- | C] () -- C:\WINDOWS\Kpcms.ini
[2007/08/22 01:24:40 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\Msvcrt10.dll
[2007/07/28 18:23:01 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/07/25 19:11:03 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2007/07/25 17:48:29 | 000,000,207 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/03/05 13:34:28 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2006/07/26 22:05:58 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2006/06/21 06:33:40 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2006/02/21 11:28:02 | 000,352,256 | ---- | C] () -- C:\WINDOWS\System32\LogLfx.dll
[2005/07/12 14:44:42 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL
[2004/09/22 14:47:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/06/03 05:40:04 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\LPIconRes.dll
[2004/03/23 16:38:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2003/08/11 04:07:40 | 000,565,248 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:18B7103A
< End of report >

celtic85

Newbie Surfer
Newbie Surfer

Posts : 15
Joined : 2010-06-14
Operating System : XP

View user profile

Back to top Go down

Re: computer running slowly

Post by Belahzur on Tue 29 Jun 2010, 6:46 am

Hello.

Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):


    :OTL
    IE - HKCU\..\URLSearchHook: *{03402f96-3dc7-4285-bc50-9e81fefafe43} - Reg Error: Key error. File not found
    IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
    IE - HKCU\..\URLSearchHook: *{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - Reg Error: Key error. File not found
    O20 - AppInit_DLLs: (c:\windows\system32\satehuta.dll) - C:\WINDOWS\System32\satehuta.dll File not found
    O21 - SSODL: husutapuf - {40ae6988-423f-4b4d-b0dc-837529ae25d4} - C:\WINDOWS\System32\satehuta.dll File not found
    O22 - SharedTaskScheduler: {40ae6988-423f-4b4d-b0dc-837529ae25d4} - kupuhivus - C:\WINDOWS\System32\satehuta.dll File not found



  • Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: computer running slowly

Post by celtic85 on Tue 29 Jun 2010, 7:48 am

========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\*{03402f96-3dc7-4285-bc50-9e81fefafe43} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\*{03402f96-3dc7-4285-bc50-9e81fefafe43}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\*{CFBFAE00-17A6-11D0-99CB-00C04FD64497} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\*{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\*{E312764E-7706-43F1-8DAB-FCDD2B1E416D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\*{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\windows\system32\satehuta.dll deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\husutapuf deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40ae6988-423f-4b4d-b0dc-837529ae25d4}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\\{40ae6988-423f-4b4d-b0dc-837529ae25d4} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40ae6988-423f-4b4d-b0dc-837529ae25d4}\ not found.

OTL by OldTimer - Version 3.2.7.0 log created on 06282010_164429

celtic85

Newbie Surfer
Newbie Surfer

Posts : 15
Joined : 2010-06-14
Operating System : XP

View user profile

Back to top Go down

Re: computer running slowly

Post by Belahzur on Wed 30 Jun 2010, 4:32 am

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: computer running slowly

Post by celtic85 on Fri 02 Jul 2010, 3:24 pm

Malwarebytes' Anti-Malware 1.46
[You must be registered and logged in to see this link.]

Database version: 4261

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

6/30/2010 2:52:12 PM
mbam-log-2010-06-30 (14-52-12).txt

Scan type: Quick scan
Objects scanned: 133686
Time elapsed: 15 minute(s), 5 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

celtic85

Newbie Surfer
Newbie Surfer

Posts : 15
Joined : 2010-06-14
Operating System : XP

View user profile

Back to top Go down

Re: computer running slowly

Post by Belahzur on Sat 03 Jul 2010, 8:01 am

Hello.

  • Download combofix from here
    Link 1
    Link 2

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See HERE for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: computer running slowly

Post by celtic85 on Sat 03 Jul 2010, 3:21 pm

ComboFix 10-07-01.02 - Owner 07/02/2010 23:49:58.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.126 [GMT -4:00]
Running from: c:\documents and settings\Owner\Desktop\Combo-Fix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Search Settings
c:\program files\Search Settings\kb127\SearchSettings.dll
c:\program files\Search Settings\kb127\SearchSettingsRes409.dll
c:\program files\Search Settings\SearchSettings.exe

.
((((((((((((((((((((((((( Files Created from 2010-06-03 to 2010-07-03 )))))))))))))))))))))))))))))))
.

2010-07-03 03:24 . 2010-07-03 03:14 1062184 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll
2010-07-03 03:24 . 2010-07-03 03:13 895256 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
2010-07-03 03:21 . 2010-07-03 03:21 56765 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-07-03 03:21 . 2010-07-03 03:21 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2010-07-03 03:20 . 2010-07-03 03:20 56997 ----a-w- c:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
2010-07-03 03:19 . 2010-07-03 03:19 53600 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.exe
2010-07-03 03:19 . 2010-07-03 03:19 57715 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Player\Uninstaller.exe
2010-07-03 03:18 . 2010-07-03 03:18 84062 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe
2010-07-03 03:16 . 2010-07-03 03:16 57409 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
2010-07-03 03:16 . 2010-07-03 03:16 54101 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe
2010-07-03 03:16 . 2010-07-03 03:16 52963 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-07-03 03:16 . 2010-07-03 03:16 54073 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
2010-07-03 03:15 . 2010-07-03 03:15 56969 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
2010-06-28 20:44 . 2010-06-28 20:44 -------- d-----w- C:\_OTL

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-03 03:24 . 2007-08-17 05:14 -------- d-----w- c:\program files\Google
2010-07-03 03:20 . 2010-04-18 03:50 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX
2010-07-03 03:17 . 2010-07-03 03:17 57054 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
2010-07-03 03:17 . 2010-07-03 03:17 54166 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
2010-07-03 03:17 . 2010-07-03 03:17 57532 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
2010-07-03 03:17 . 2010-07-03 03:17 56458 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-07-03 03:17 . 2010-07-03 03:17 54174 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
2010-07-03 03:17 . 2010-07-03 03:17 54153 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe
2010-07-03 03:17 . 2010-07-03 03:17 54128 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Converter\Uninstaller.exe
2010-07-03 03:17 . 2010-07-03 03:17 54644 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe
2010-07-03 03:15 . 2009-10-25 03:40 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-06-15 06:57 . 2007-09-03 14:06 -------- d-----w- c:\documents and settings\Owner\Application Data\U3
2010-06-09 04:14 . 2008-02-10 20:16 -------- d-----w- c:\program files\Microsoft Silverlight
2010-05-26 03:13 . 2007-09-08 00:47 -------- d-----w- c:\documents and settings\Owner\Application Data\gtk-2.0
2010-05-10 03:21 . 2009-02-07 16:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-10 01:55 . 2010-05-10 01:55 -------- d-----w- c:\program files\Photo Story 3 for Windows
2010-05-10 01:05 . 2010-02-15 19:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-05-04 17:20 . 2004-08-12 14:09 832512 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 17:20 . 2004-08-12 13:58 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-05-04 17:20 . 2004-08-12 13:56 17408 ----a-w- c:\windows\system32\corpol.dll
2010-05-02 05:22 . 2004-08-12 14:09 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-29 19:39 . 2009-02-07 16:19 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 19:39 . 2009-02-07 16:19 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-27 18:40 . 2010-07-03 03:18 9200 ------w- c:\windows\system32\drivers\cdralw2k.sys
2010-04-27 18:40 . 2010-07-03 03:18 9072 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2010-04-27 18:40 . 2010-07-03 03:18 133616 ------w- c:\windows\system32\pxafs.dll
2010-04-27 18:40 . 2007-07-26 00:29 126448 ------w- c:\windows\system32\pxinsi64.exe
2010-04-27 18:40 . 2007-07-26 00:29 123888 ------w- c:\windows\system32\pxcpyi64.exe
2010-04-27 18:40 . 2004-08-02 06:03 45648 ------w- c:\windows\system32\drivers\pxhelp20.sys
2010-04-20 05:30 . 2004-08-12 13:55 285696 ----a-w- c:\windows\system32\atmfd.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 18:01 1230080 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ares"="c:\program files\Ares\Ares.exe" [2009-02-03 1004544]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-13 98304]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-14 536576]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-02-25 118784]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-08-13 122939]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2010-03-21 2046816]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-04 866584]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
SafeConnect.lnk - c:\program files\SafeConnect\scClient.exe [2007-11-13 297240]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-09-27 18:28 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AutoUpdate Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\AutoUpdate Monitor.lnk
backup=c:\windows\pss\AutoUpdate Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Belkin F5D8013 N Wireless Notebook Card Utility.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Belkin F5D8013 N Wireless Notebook Card Utility.lnk
backup=c:\windows\pss\Belkin F5D8013 N Wireless Notebook Card Utility.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-12 03:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim]
2009-10-05 19:10 3634024 ----a-w- c:\program files\AIM\aim.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
2009-02-03 13:22 1004544 ----a-w- c:\program files\Ares\Ares.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSyncU.exe]
2006-06-12 18:32 700416 ------w- c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DadApp]
2004-03-04 15:36 211828 ----a-w- c:\program files\Dell\AccessDirect\DadApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]
2006-06-29 16:13 1032192 ----a-w- c:\program files\Dell\QuickSet\quickset.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2004-04-11 15:43 53248 ----a-w- c:\program files\CyberLink\PowerDVD\DVDLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
2003-06-26 22:50 212992 ----a-w- c:\program files\HP\hpcoretech\hpcmpmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2003-06-25 15:24 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2004-02-25 20:42 155648 ----a-w- c:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jing]
2010-01-19 16:27 3118344 ----a-w- c:\program files\TechSmith\Jing\Jing.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
2007-12-28 04:39 32768 ----a-w- c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pen.TrayIcon]
2006-02-21 15:42 20480 ----a-w- c:\program files\Logitech\io2Software\Pen.TrayIcon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-06-29 10:24 286720 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
2004-01-07 05:01 110592 ----a-w- c:\program files\Common Files\Sonic\Update Manager\sgtray.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Java\\jre1.6.0_02\\bin\\javaw.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Diablo II\\Diablo II.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\AIM\\aim.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [5/24/2009 3:11 PM 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [5/24/2009 3:11 PM 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [7/8/2009 2:29 PM 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [7/8/2009 2:29 PM 297752]
R2 SCManager;SafeConnect Manager;c:\program files\SafeConnect\scManager.sys servicestart --> c:\program files\SafeConnect\scManager.sys servicestart [?]
S0 ptgymldm;ptgymldm;c:\windows\system32\drivers\rwinabow.sys --> c:\windows\system32\drivers\rwinabow.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7/2/2010 11:15 PM 135664]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 8:19 PM 13592]
S3 ESPLPush;ESPLPush;c:\program files\Authentium\ESP Enterprise Manager\ESPLPush.exe [7/2/2007 11:14 AM 75056]
S3 ESPLService;ESPLService;c:\program files\Common Files\Authentium\ESPLService.exe [7/2/2007 12:12 PM 66864]
S3 hamachi_oem;PlayLinc Adapter;c:\windows\system32\drivers\gan_adapter.sys [10/19/2006 11:11 AM 10664]
S3 Phal;Phal - Logitech io2 USB driver;c:\windows\system32\drivers\LPhalUsb.sys [3/7/2005 12:35 PM 56832]
S3 Radialpoint Security Services;Radialpoint Security Services;c:\windows\system32\dllhost.exe [8/12/2004 9:56 AM 5120]
S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [3/12/2007 11:07 AM 507264]
.
Contents of the 'Scheduled Tasks' folder

2010-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-03 03:14]

2010-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-03 03:14]

2010-01-30 c:\windows\Tasks\HP DArC Task 2003-06-26 13:16ewlett-Packard2003-06-26 13:16p psc 1300 seriesA3652443A372B157BFD83129692C2C2475483DE7212166612.job
- c:\program files\HP\hpcoretech\comp\hpdarc.exe [2003-06-26 22:50]

2010-06-13 c:\windows\Tasks\WebReg 20080819130020.job
- c:\program files\HP\Digital Imaging\bin\hpqwrg.exe [2003-07-07 05:43]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
IE: &AIM Toolbar Search - c:\documents and settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\n676lxcy.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\n676lxcy.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp071302000002.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(yahoo.homepage.dontask, truec:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-SearchSettings - c:\program files\Search Settings\SearchSettings.exe
HKLM-Run-DivXUpdate - c:\program files\DivX\DivX Update\DivXUpdate.exe
MSConfigStartUp-Aim6 - c:\program files\AIM6\aim6.exe
MSConfigStartUp-BearShare - c:\program files\BearShare\BearShare.exe
MSConfigStartUp-DXDllRegExe - dxdllreg.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
AddRemove-{7585478E9D9B42108671C12F8714CEFE} - c:\program files\DivX\ConverterUninstall.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
AddRemove-{B13A7C41581B411290FBC0395694E2A9} - c:\program files\DivX\ConverterUninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2010-07-03 00:00
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3000)
c:\windows\system32\WININET.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCR80.dll
c:\program files\Logitech\io2Software\Pen.ShellExtension.dll
c:\program files\Logitech\io2Software\Pen.Ink.HandwrittenData.dll
c:\program files\Logitech\io2Software\Loli.Core.dll
c:\program files\Logitech\io2Software\Pen.Utilities.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Authentium\AntiVirus\dvpapi.exe
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Dell\QuickSet\NICCONFIGSVC.exe
c:\program files\Common Files\Logitech\Pen\Phal\Service\LPhal.exe
c:\program files\SafeConnect\scManager.sys
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2010-07-03 00:06:48 - machine was rebooted
ComboFix-quarantined-files.txt 2010-07-03 04:06

Pre-Run: 16,033,452,032 bytes free
Post-Run: 16,162,455,552 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
redirect=usebiossettings
redirectbaudrate=
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 276B0ED2D2985712844779C4CDFE745E

celtic85

Newbie Surfer
Newbie Surfer

Posts : 15
Joined : 2010-06-14
Operating System : XP

View user profile

Back to top Go down

Re: computer running slowly

Post by Belahzur on Sun 04 Jul 2010, 9:44 am

Hello.

  1. Close any open browsers.
  2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  3. Open notepad and copy/paste the text in the quotebox below into it:
    Code:

    Driver::
    ptgymldm
  4. Save this as CFScript.txt, in the same location as ComboFix.exe



  5. Referring to the picture above, drag CFScript into ComboFix.exe
  6. When finished, it shall produce a log for you at C:\ComboFix.txt
  7. Please post the contents of the log in your next reply.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: computer running slowly

Post by celtic85 on Mon 05 Jul 2010, 9:50 am

ComboFix 10-07-04.01 - Owner 07/04/2010 18:27:20.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.276 [GMT -4:00]
Running from: c:\documents and settings\Owner\Desktop\Combo-Fix.exe
Command switches used :: c:\documents and settings\Owner\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_ptgymldm


((((((((((((((((((((((((( Files Created from 2010-06-04 to 2010-07-04 )))))))))))))))))))))))))))))))
.

2010-07-03 06:04 . 2009-06-07 20:24 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2010-07-03 06:04 . 2009-06-07 20:16 819200 ----a-w- c:\windows\system32\xvidcore.dll
2010-07-03 06:04 . 2010-07-03 06:04 -------- d-----w- c:\program files\Xvid
2010-07-03 03:24 . 2010-07-03 03:14 1062184 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll
2010-07-03 03:24 . 2010-07-03 03:13 895256 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
2010-07-03 03:21 . 2010-07-03 03:21 56765 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-07-03 03:21 . 2010-07-03 03:21 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2010-07-03 03:20 . 2010-07-03 03:20 56997 ----a-w- c:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
2010-07-03 03:19 . 2010-07-03 03:19 53600 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.exe
2010-07-03 03:19 . 2010-07-03 03:19 57715 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Player\Uninstaller.exe
2010-07-03 03:18 . 2010-07-03 03:18 84062 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe
2010-07-03 03:16 . 2010-07-03 03:16 57409 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
2010-07-03 03:16 . 2010-07-03 03:16 54101 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe
2010-07-03 03:16 . 2010-07-03 03:16 52963 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-07-03 03:16 . 2010-07-03 03:16 54073 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
2010-07-03 03:15 . 2010-07-03 03:15 56969 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
2010-06-28 20:44 . 2010-06-28 20:44 -------- d-----w- C:\_OTL

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-03 03:24 . 2007-08-17 05:14 -------- d-----w- c:\program files\Google
2010-07-03 03:20 . 2010-04-18 03:50 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX
2010-07-03 03:17 . 2010-07-03 03:17 57054 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
2010-07-03 03:17 . 2010-07-03 03:17 54166 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
2010-07-03 03:17 . 2010-07-03 03:17 57532 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
2010-07-03 03:17 . 2010-07-03 03:17 56458 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-07-03 03:17 . 2010-07-03 03:17 54174 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
2010-07-03 03:17 . 2010-07-03 03:17 54153 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe
2010-07-03 03:17 . 2010-07-03 03:17 54128 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Converter\Uninstaller.exe
2010-07-03 03:17 . 2010-07-03 03:17 54644 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe
2010-07-03 03:15 . 2009-10-25 03:40 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-06-15 06:57 . 2007-09-03 14:06 -------- d-----w- c:\documents and settings\Owner\Application Data\U3
2010-06-09 04:14 . 2008-02-10 20:16 -------- d-----w- c:\program files\Microsoft Silverlight
2010-05-26 03:13 . 2007-09-08 00:47 -------- d-----w- c:\documents and settings\Owner\Application Data\gtk-2.0
2010-05-10 03:21 . 2009-02-07 16:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-10 01:55 . 2010-05-10 01:55 -------- d-----w- c:\program files\Photo Story 3 for Windows
2010-05-10 01:05 . 2010-02-15 19:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-05-04 17:20 . 2004-08-12 14:09 832512 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 17:20 . 2004-08-12 13:58 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-05-04 17:20 . 2004-08-12 13:56 17408 ----a-w- c:\windows\system32\corpol.dll
2010-05-02 05:22 . 2004-08-12 14:09 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-29 19:39 . 2009-02-07 16:19 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 19:39 . 2009-02-07 16:19 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-27 18:40 . 2010-07-03 03:18 9200 ------w- c:\windows\system32\drivers\cdralw2k.sys
2010-04-27 18:40 . 2010-07-03 03:18 9072 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2010-04-27 18:40 . 2010-07-03 03:18 133616 ------w- c:\windows\system32\pxafs.dll
2010-04-27 18:40 . 2007-07-26 00:29 126448 ------w- c:\windows\system32\pxinsi64.exe
2010-04-27 18:40 . 2007-07-26 00:29 123888 ------w- c:\windows\system32\pxcpyi64.exe
2010-04-27 18:40 . 2004-08-02 06:03 45648 ------w- c:\windows\system32\drivers\pxhelp20.sys
2010-04-20 05:30 . 2004-08-12 13:55 285696 ----a-w- c:\windows\system32\atmfd.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 18:01 1230080 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ares"="c:\program files\Ares\Ares.exe" [2009-02-03 1004544]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-13 98304]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-14 536576]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-02-25 118784]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-08-13 122939]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2010-03-21 2046816]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-04 866584]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
SafeConnect.lnk - c:\program files\SafeConnect\scClient.exe [2007-11-13 297240]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-09-27 18:28 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AutoUpdate Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\AutoUpdate Monitor.lnk
backup=c:\windows\pss\AutoUpdate Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Belkin F5D8013 N Wireless Notebook Card Utility.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Belkin F5D8013 N Wireless Notebook Card Utility.lnk
backup=c:\windows\pss\Belkin F5D8013 N Wireless Notebook Card Utility.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-12 03:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim]
2009-10-05 19:10 3634024 ----a-w- c:\program files\AIM\aim.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
2009-02-03 13:22 1004544 ----a-w- c:\program files\Ares\Ares.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSyncU.exe]
2006-06-12 18:32 700416 ------w- c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DadApp]
2004-03-04 15:36 211828 ----a-w- c:\program files\Dell\AccessDirect\DadApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]
2006-06-29 16:13 1032192 ----a-w- c:\program files\Dell\QuickSet\quickset.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2004-04-11 15:43 53248 ----a-w- c:\program files\CyberLink\PowerDVD\DVDLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
2003-06-26 22:50 212992 ----a-w- c:\program files\HP\hpcoretech\hpcmpmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2003-06-25 15:24 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2004-02-25 20:42 155648 ----a-w- c:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jing]
2010-01-19 16:27 3118344 ----a-w- c:\program files\TechSmith\Jing\Jing.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
2007-12-28 04:39 32768 ----a-w- c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pen.TrayIcon]
2006-02-21 15:42 20480 ----a-w- c:\program files\Logitech\io2Software\Pen.TrayIcon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-06-29 10:24 286720 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
2004-01-07 05:01 110592 ----a-w- c:\program files\Common Files\Sonic\Update Manager\sgtray.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Java\\jre1.6.0_02\\bin\\javaw.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Diablo II\\Diablo II.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\AIM\\aim.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [5/24/2009 3:11 PM 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [5/24/2009 3:11 PM 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [7/8/2009 2:29 PM 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [7/8/2009 2:29 PM 297752]
R2 SCManager;SafeConnect Manager;c:\program files\SafeConnect\scManager.sys servicestart --> c:\program files\SafeConnect\scManager.sys servicestart [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7/2/2010 11:15 PM 135664]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 8:19 PM 13592]
S3 ESPLPush;ESPLPush;c:\program files\Authentium\ESP Enterprise Manager\ESPLPush.exe [7/2/2007 11:14 AM 75056]
S3 ESPLService;ESPLService;c:\program files\Common Files\Authentium\ESPLService.exe [7/2/2007 12:12 PM 66864]
S3 hamachi_oem;PlayLinc Adapter;c:\windows\system32\drivers\gan_adapter.sys [10/19/2006 11:11 AM 10664]
S3 Phal;Phal - Logitech io2 USB driver;c:\windows\system32\drivers\LPhalUsb.sys [3/7/2005 12:35 PM 56832]
S3 Radialpoint Security Services;Radialpoint Security Services;c:\windows\system32\dllhost.exe [8/12/2004 9:56 AM 5120]
S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [3/12/2007 11:07 AM 507264]
.
Contents of the 'Scheduled Tasks' folder

2010-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-03 03:14]

2010-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-03 03:14]

2010-01-30 c:\windows\Tasks\HP DArC Task 2003-06-26 13:16ewlett-Packard2003-06-26 13:16p psc 1300 seriesA3652443A372B157BFD83129692C2C2475483DE7212166612.job
- c:\program files\HP\hpcoretech\comp\hpdarc.exe [2003-06-26 22:50]

2010-07-03 c:\windows\Tasks\WebReg 20080819130020.job
- c:\program files\HP\Digital Imaging\bin\hpqwrg.exe [2003-07-07 05:43]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
IE: &AIM Toolbar Search - c:\documents and settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\n676lxcy.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\n676lxcy.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp071302000002.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(yahoo.homepage.dontask, truec:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2010-07-04 18:36
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2936)
c:\windows\system32\WININET.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Authentium\AntiVirus\dvpapi.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Dell\QuickSet\NICCONFIGSVC.exe
c:\program files\Common Files\Logitech\Pen\Phal\Service\LPhal.exe
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\SafeConnect\scManager.sys
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2010-07-04 18:43:19 - machine was rebooted
ComboFix-quarantined-files.txt 2010-07-04 22:43
ComboFix2.txt 2010-07-03 04:06

Pre-Run: 14,573,879,296 bytes free
Post-Run: 14,560,792,576 bytes free

- - End Of File - - B196BA83A7EFBF94121D088D86595F46

celtic85

Newbie Surfer
Newbie Surfer

Posts : 15
Joined : 2010-06-14
Operating System : XP

View user profile

Back to top Go down

Re: computer running slowly

Post by Belahzur on Mon 05 Jul 2010, 11:05 am

Hello.

Please download the current version of HijackThis from HERE

  • Double click and run the installer.
  • It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  • After installing, you should get the user agreement, press accept and Hijack This will run.
  • When Hijack This opens, click "Open the Misc Tools section"
  • Then select "Open Uninstall Manager"
  • Click on "Save List..." (generates uninstall_list.txt)
  • Click Save, copy and paste the results in your next post.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: computer running slowly

Post by celtic85 on Fri 16 Jul 2010, 4:33 pm

AccessDirect
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Flash Player 10 Plugin
Adobe Premiere Elements 7.0
Adobe Premiere Elements 7.0
Adobe Premiere Elements 7.0 Templates
Adobe Premiere Elements 7.0 Templates
Adobe Reader 8.1.2
Adobe Shockwave Player
AIM 7
AIM Toolbar
Ares 2.1.1
AudibleManager
Authentium AntiVirus SDK - 2
AVG Free 8.5
Belkin F5D8013 N Wireless Notebook Card
Broadcom 440x 10/100 Integrated Controller
Calculator Powertoy for Windows XP
CCleaner
Chessmaster Challenge (remove only)
C-Major Audio
Compatibility Pack for the 2007 Office system
Creative Removable Disk Manager
Creative System Information
Creative ZEN V Series (R2)
Dell Driver Reset Tool
Diablo II
DivX Setup
Download Updater (AOL LLC)
ESP Enterprise Manager
Google Update Helper
GTK+ 2.10.13 runtime environment
HiJackThis
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Photo & Imaging 3.1
HP PSC & OfficeJet 3.0
HP Software Update
Impulse
Intel(R) Extreme Graphics 2 Driver
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Jing
Logitech Desktop Messenger
Logitech io2 Software
Malwarebytes' Anti-Malware
Memories Disc Creator 2.0
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Standard Edition 2003
Microsoft Silverlight
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works 6-9 Converter
Mozilla Firefox (3.6.6)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
Photo Story 3 for Windows
PowerDVD 5.1
PPSDKRedistributables
QuickSet
QuickTime
Radialpoint Security Services
Real Alternative 1.7.5
SafeConnect
Search Settings 1.2
Security Advisor
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981349)
SmartSound Quicktracks for Premiere Elements
SmartSound Quicktracks for Premiere Elements
Sonic DLA
Sonic RecordNow!
Sonic Update Manager
Spybot - Search & Destroy
Synaptics Pointing Device Driver
The GIMP 2.2.17
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
URGE
VC80CRTRedist - 8.0.50727.4053
Verizon Online DSL
Verizon PC Security Checkup
Viewpoint Media Player
Vz In Home Agent
Windows Defender
Windows Imaging Component
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 10 Hotfix - KB895316
Windows Media Player 11
Windows Media Player 11
Windows Presentation Foundation
Windows XP Service Pack 3
Yahoo! Install Manager
ZENcast Organizer


celtic85

Newbie Surfer
Newbie Surfer

Posts : 15
Joined : 2010-06-14
Operating System : XP

View user profile

Back to top Go down

Re: computer running slowly

Post by DragonMaster Jay on Mon 19 Jul 2010, 6:12 am

Please download Malwarebytes Anti-Malware from Malwarebytes.org.
Alternate link: BleepingComputer.com.
(Note: if you already have the program installed, just follow the directions. No need to re-download or re-install!)

Double Click mbam-setup.exe to install the application.

(Note: if you already have the program installed, open Malwarebytes from the Start Menu or Desktop shortcut, click the Update tab, and click Check for Updates, before doing the scan as instructed below!)

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If you are prompted to restart, please allow it to restart your computer. Failure to do this, will cause the infection to still be active on the computer.
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • The log can also be found at C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Copy and paste the entire report in your next reply.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: computer running slowly

Post by celtic85 on Thu 26 Aug 2010, 1:34 pm

Malwarebytes' Anti-Malware 1.46
[You must be registered and logged in to see this link.]

Database version: 4438

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

8/17/2010 1:06:00 AM
mbam-log-2010-08-17 (01-06-00).txt

Scan type: Quick scan
Objects scanned: 138942
Time elapsed: 41 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

celtic85

Newbie Surfer
Newbie Surfer

Posts : 15
Joined : 2010-06-14
Operating System : XP

View user profile

Back to top Go down

Re: computer running slowly

Post by DragonMaster Jay on Fri 27 Aug 2010, 7:02 am

It's been a long time for you to reply. What current issues are happening now?


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: computer running slowly

Post by celtic85 on Fri 27 Aug 2010, 3:47 pm

sorry, very slow on start up, freezes alot online.

celtic85

Newbie Surfer
Newbie Surfer

Posts : 15
Joined : 2010-06-14
Operating System : XP

View user profile

Back to top Go down

Re: computer running slowly

Post by DragonMaster Jay on Sat 28 Aug 2010, 7:08 am

Note: the following tool is to only be used under the guidance of a malware helper. In the event you already have the tool, please delete the old copy and download a new copy.

Please download ComboFix from BleepingComputer.com

Alternate link: GeeksToGo.com

Alternate link: Forospyware.com (Click the green button on the page to download it).

Rename ComboFix.exe to combo-fix.exe before you save it to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  • Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\combo-fix.exe" /killall
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed.

    *NOTE*: If you already have the Recovery Console installed, ComboFix will skip this part and will continue scanning for malware.

    With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


  • Click on Yes, to continue scanning for malware.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: computer running slowly

Post by celtic85 on Tue 31 Aug 2010, 4:05 pm

ComboFix 10-08-30.02 - Owner 08/31/2010 0:33.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.173 [GMT -4:00]
Running from: c:\documents and settings\Owner\desktop\combo-fix.exe
Command switches used :: /killall
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2010-07-28 to 2010-08-31 )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-17 04:11 . 2010-02-15 19:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-07-16 01:32 . 2010-07-07 04:45 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-07-16 01:32 . 2010-07-07 04:34 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX
2010-07-16 01:32 . 2010-07-16 01:32 56765 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-07-16 01:32 . 2010-07-07 04:34 -------- d-----w- c:\program files\DivX
2010-07-16 01:32 . 2010-07-16 01:32 57715 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Player\Uninstaller.exe
2010-07-16 01:31 . 2010-07-16 01:31 84054 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TransferWizard\Uninstaller.exe
2010-07-16 01:31 . 2010-07-16 01:31 54153 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DFXPlugin\Uninstaller.exe
2010-07-16 01:18 . 2010-07-16 01:18 144696 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe
2010-07-16 01:18 . 2010-07-07 04:43 1062184 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll
2010-07-16 01:18 . 2010-07-07 04:43 895256 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
2010-07-09 03:37 . 2010-07-07 04:43 -------- d-----w- c:\documents and settings\Owner\Application Data\DivX
2010-07-07 04:43 . 2010-07-07 04:43 56997 ----a-w- c:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
2010-07-07 04:43 . 2010-07-07 04:43 53600 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.exe
2010-07-07 04:41 . 2010-07-07 04:41 57054 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
2010-07-07 04:41 . 2010-07-07 04:41 54166 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
2010-07-07 04:41 . 2010-07-07 04:41 57532 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
2010-07-07 04:41 . 2010-07-07 04:41 56458 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-07-07 04:41 . 2010-07-07 04:41 54174 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
2010-07-07 04:41 . 2010-07-07 04:41 54128 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Converter\Uninstaller.exe
2010-07-07 04:41 . 2010-07-07 04:41 54644 ----a-w- c:\documents and settings\All Users\Application Data\DivX\TranscodeEngine\Uninstaller.exe
2010-07-07 04:41 . 2010-07-07 04:41 54101 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MPEG2Plugin\Uninstaller.exe
2010-07-07 04:41 . 2010-07-07 04:41 57409 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
2010-07-07 04:41 . 2010-07-07 04:41 52963 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-07-07 04:36 . 2010-07-07 04:35 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-07-07 04:36 . 2010-07-07 04:36 54073 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
2010-07-07 04:35 . 2010-07-07 04:35 56969 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
2010-07-07 04:28 . 2007-08-17 05:14 -------- d-----w- c:\program files\Google
2010-07-07 03:41 . 2010-07-07 03:41 388096 ----a-r- c:\documents and settings\Owner\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2010-07-07 03:40 . 2010-07-07 03:40 -------- d-----w- c:\program files\TrendMicro
2010-06-30 12:31 . 2004-08-12 14:04 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:15 . 2004-08-12 14:09 832512 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:15 . 2004-08-12 13:58 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-06-24 12:15 . 2004-08-12 13:56 17408 ----a-w- c:\windows\system32\corpol.dll
2010-06-23 13:44 . 2004-08-12 14:09 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2004-08-12 14:06 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2004-08-12 13:57 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 07:41 . 2004-08-12 14:01 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-06-09 23:01 . 2010-07-07 04:42 9200 ------w- c:\windows\system32\drivers\cdralw2k.sys
2010-06-09 23:01 . 2010-07-07 04:42 9072 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2010-06-09 23:01 . 2010-07-07 04:42 133616 ------w- c:\windows\system32\pxafs.dll
2010-06-09 23:01 . 2007-07-26 00:29 126448 ------w- c:\windows\system32\pxinsi64.exe
2010-06-09 23:01 . 2007-07-26 00:29 123888 ------w- c:\windows\system32\pxcpyi64.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 18:01 1230080 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ares"="c:\program files\Ares\Ares.exe" [2009-02-03 1004544]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-13 98304]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-14 536576]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-02-25 118784]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-08-13 122939]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2010-07-15 2048352]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-04 866584]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-06-03 1144104]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
SafeConnect.lnk - c:\program files\SafeConnect\scClient.exe [2007-11-13 297240]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-09-27 18:28 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AutoUpdate Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\AutoUpdate Monitor.lnk
backup=c:\windows\pss\AutoUpdate Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Belkin F5D8013 N Wireless Notebook Card Utility.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Belkin F5D8013 N Wireless Notebook Card Utility.lnk
backup=c:\windows\pss\Belkin F5D8013 N Wireless Notebook Card Utility.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-12 03:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim]
2009-10-05 19:10 3634024 ----a-w- c:\program files\AIM\aim.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
2009-02-03 13:22 1004544 ----a-w- c:\program files\Ares\Ares.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSyncU.exe]
2006-06-12 18:32 700416 ------w- c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DadApp]
2004-03-04 15:36 211828 ----a-w- c:\program files\Dell\AccessDirect\DadApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]
2006-06-29 16:13 1032192 ----a-w- c:\program files\Dell\QuickSet\quickset.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2004-04-11 15:43 53248 ----a-w- c:\program files\CyberLink\PowerDVD\DVDLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
2003-06-26 22:50 212992 ----a-w- c:\program files\HP\hpcoretech\hpcmpmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2003-06-25 15:24 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2004-02-25 20:42 155648 ----a-w- c:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jing]
2010-01-19 16:27 3118344 ----a-w- c:\program files\TechSmith\Jing\Jing.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
2007-12-28 04:39 32768 ----a-w- c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pen.TrayIcon]
2006-02-21 15:42 20480 ----a-w- c:\program files\Logitech\io2Software\Pen.TrayIcon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-06-29 10:24 286720 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
2004-01-07 05:01 110592 ----a-w- c:\program files\Common Files\Sonic\Update Manager\sgtray.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Java\\jre1.6.0_02\\bin\\javaw.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Diablo II\\Diablo II.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Ares\\Ares.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\AIM\\aim.exe"=

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-03 135664]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-04 13592]
R3 ESPLPush;ESPLPush;c:\program files\Authentium\ESP Enterprise Manager\ESPLPush.exe [2007-07-02 75056]
R3 ESPLService;ESPLService;c:\program files\Common Files\Authentium\ESPLService.exe [2007-07-02 66864]
R3 hamachi_oem;PlayLinc Adapter;c:\windows\system32\DRIVERS\gan_adapter.sys [2006-10-19 10664]
R3 Phal;Phal - Logitech io2 USB driver;c:\windows\system32\Drivers\LPhalUsb.sys [2005-03-07 56832]
R3 Radialpoint Security Services;Radialpoint Security Services;c:\windows\system32\dllhost.exe [2008-04-14 5120]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-09-27 335240]
S1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-05-24 108552]
S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-09-27 908056]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-09-27 297752]
S2 SCManager;SafeConnect Manager;c:\program files\SafeConnect\scManager.sys servicestart [x]
S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\DRIVERS\RT2860.sys [2007-03-12 507264]

.
Contents of the 'Scheduled Tasks' folder

2010-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-03 03:14]

2010-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-03 03:14]

2010-01-30 c:\windows\Tasks\HP DArC Task 2003-06-26 13:16ewlett-Packard2003-06-26 13:16p psc 1300 seriesA3652443A372B157BFD83129692C2C2475483DE7212166612.job
- c:\program files\HP\hpcoretech\comp\hpdarc.exe [2003-06-26 22:50]

2010-07-22 c:\windows\Tasks\WebReg 20080819130020.job
- c:\program files\HP\Digital Imaging\bin\hpqwrg.exe [2003-07-07 05:43]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
IE: &AIM Toolbar Search - c:\documents and settings\All Users\Application Data\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\n676lxcy.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\n676lxcy.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp071302000002.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(yahoo.homepage.dontask, truec:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2010-08-31 00:48
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3912)
c:\windows\system32\WININET.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Authentium\AntiVirus\dvpapi.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Dell\QuickSet\NICCONFIGSVC.exe
c:\program files\Common Files\Logitech\Pen\Phal\Service\LPhal.exe
c:\program files\SafeConnect\scManager.sys
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2010-08-31 01:04:07 - machine was rebooted
ComboFix-quarantined-files.txt 2010-08-31 05:04
ComboFix2.txt 2010-07-04 22:43
ComboFix3.txt 2010-07-03 04:06

Pre-Run: 13,775,962,112 bytes free
Post-Run: 14,073,028,608 bytes free

- - End Of File - - 21B692E745F55096CC01EF24C0ECC0BC

celtic85

Newbie Surfer
Newbie Surfer

Posts : 15
Joined : 2010-06-14
Operating System : XP

View user profile

Back to top Go down

Re: computer running slowly

Post by DragonMaster Jay on Tue 31 Aug 2010, 4:08 pm

Please do a scan with Kaspersky Online Scanner

Click on the Accept button and install any components it needs.

  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer.
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

Note: If the scan freezes for more than 30 minutes, stop the scan, and report back to me.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: computer running slowly

Post by celtic85 on Sun 05 Sep 2010, 4:39 am

Malwarebytes' Anti-Malware 1.46
[You must be registered and logged in to see this link.]

Database version: 4542

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

9/4/2010 11:14:13 AM
mbam-log-2010-09-04 (11-14-13).txt

Scan type: Quick scan
Objects scanned: 141805
Time elapsed: 10 minute(s), 46 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

celtic85

Newbie Surfer
Newbie Surfer

Posts : 15
Joined : 2010-06-14
Operating System : XP

View user profile

Back to top Go down

Re: computer running slowly

Post by celtic85 on Sun 05 Sep 2010, 4:40 am

When I go online now it constantly asks me if I want to stop the script.

celtic85

Newbie Surfer
Newbie Surfer

Posts : 15
Joined : 2010-06-14
Operating System : XP

View user profile

Back to top Go down

Re: computer running slowly

Post by DragonMaster Jay on Sun 05 Sep 2010, 5:35 am

Download SuperAntiSpyware

  • Load SuperAntiSpyware and click the Check for updates button.
  • Once the update is finished click the Scan your computer button.
  • Check Perform Complete Scan and then next.
  • SuperAntiSpyware will now scan your computer and when its finished it will list all the infections it has found.
  • Make sure that they all have a check next to them and press next.
  • Click finish and you will be taken back to the main interface.
  • Click Preferences and then click the statistics/logs tab. Click the dated log and press view log and a text file will appear.
  • Copy and paste the log onto the forum.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: computer running slowly

Post by celtic85 on Wed 08 Sep 2010, 8:49 am

SUPERAntiSpyware Scan Log
[You must be registered and logged in to see this link.]

Generated 09/05/2010 at 03:34 AM

Application Version : 4.42.1000

Core Rules Database Version : 5457
Trace Rules Database Version: 3269

Scan type : Quick Scan
Total Scan Time : 02:36:15

Memory items scanned : 477
Memory threats detected : 0
Registry items scanned : 2125
Registry threats detected : 3
File items scanned : 5726
File threats detected : 0

Rogue.Component/Trace
HKLM\Software\Microsoft\E82E2910
HKLM\Software\Microsoft\E82E2910#e82e2910
HKLM\Software\Microsoft\E82E2910#Version

celtic85

Newbie Surfer
Newbie Surfer

Posts : 15
Joined : 2010-06-14
Operating System : XP

View user profile

Back to top Go down

Re: computer running slowly

Post by DragonMaster Jay on Thu 09 Sep 2010, 8:26 am

ESET Online Scan

Please run a free online scan with the ESET Online Scanner
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: computer running slowly

Post by Sponsored content Today at 2:58 pm


Sponsored content


Back to top Go down

Page 1 of 2 1, 2  Next

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum