computer running very slow

View previous topic View next topic Go down

computer running very slow

Post by drsin331204 on Mon 29 Nov 2010, 10:21 am

can someone here help me computer running very slow.

drsin331204

Newbie Surfer
Newbie Surfer

Posts : 6
Joined : 2010-11-29
Operating System : windows xp

View user profile

Back to top Go down

Re: computer running very slow

Post by Belahzur on Mon 29 Nov 2010, 11:42 am

Hello.

Download OTL by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

extras. txt

Post by drsin331204 on Mon 29 Nov 2010, 11:53 am

OTL Extras logfile created on: 11/28/2010 6:51:05 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Rick Sinclair\My Documents
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

247.00 Mb Total Physical Memory | 31.00 Mb Available Physical Memory | 12.00% Memory free
956.00 Mb Paging File | 329.00 Mb Available in Paging File | 34.00% Paging File free
Paging file location(s): C:\pagefile.sys 372 744 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.37 Gb Total Space | 33.97 Gb Free Space | 48.97% Space Free | Partition Type: NTFS
Drive D: | 5.14 Gb Total Space | 0.93 Gb Free Space | 18.20% Space Free | Partition Type: FAT32
Unable to calculate disk information.

Computer Name: YOUR-W04GTXLD67 | User Name: Rick Sinclair | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)
"C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze -- File not found
"C:\Program Files\SopCast\adv\SopAdver.exe" = C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver -- ([You must be registered and logged in to see this link.]
"C:\Program Files\SopCast\SopCast.exe" = C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application -- ([You must be registered and logged in to see this link.]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files\TVUPlayer\TVUPlayer.exe" = C:\Program Files\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component -- (TVU networks)
"C:\Program Files\TVAnts\Tvants.exe" = C:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts -- (Zhejiang University)
"C:\Program Files\Google\Chrome\Application\chrome.exe" = C:\Program Files\Google\Chrome\Application\chrome.exe:*:Disabled:Google Chrome -- (Google Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{14589F05-C658-4594-9429-D437BA688686}" = IntelliMover Data Transfer Demo
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{2A267BC6-F77F-4DD4-825F-7AEB1F68B4B1}" = HpSdpAppCoreApp
"{2E132061-C78A-48D4-A899-1D13B9D189FA}" = Memories Disc Creator 2.0
"{2F1FD032-67D1-4569-923F-47EAF132BF0F}" = DocProc
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{45B6180B-DCAB-4093-8EE8-6164457517F0}" = Photosmart 140,240,7200,7600,7700,7900 Series
"{483616D1-867E-46F8-BEC7-3C6475933908}" = Adobe Photoshop Album Starter Edition
"{4FB6F304-A91D-4919-98E5-D96E074EA9E5}" = SkinsHP1
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5ADF6293-D60F-4425-AFA7-CEB820DB872B}" = QuickProjects
"{5D7F0A0E-369E-46C0-9F99-FAB21A064781}" = HP Photo and Imaging 2.0 - Photosmart Cameras
"{66C018BD-6F16-4B32-B4CD-1DC1B21FBDFF}" = Zone Deluxe Games
"{7148F0A8-6813-11D6-A77B-00B0D0142000}" = Java 2 Runtime Environment, SE v1.4.2
"{745A92AF-53B4-41A7-91C3-9B026B1D5897}" = InstantShare
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{7BBD57D6-09B1-4CC3-9664-A0D53EE25247}" = PSShortcutsP
"{829698DE-9EAC-475E-9A05-B7BA807CA1EF}" = Director
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F4EEA0C-7174-4BD3-89AF-7AB2F9F6AEDD}" = hpmdtab
"{A363B66C-1547-47bf-90F0-3834E70A841A}" = CreativeProjects
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8
"{AF36CE1D-FD2C-4BA0-93FA-1196785DD610}" = Adobe Flash Player 10 Plugin
"{C38BC5B7-62D3-4880-82DD-A4803FD81921}" = PhotoGallery
"{C6A7AF96-4EB1-4AAE-8318-1AB393C64F88}" = Microsoft Plus! Digital Media Edition
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC0A24CB-87C9-4F1C-A1F2-F87D8D4DDCAF}" = HP Software Update
"{CE4F8FFB-4063-4247-9F14-ECE61AFEFA25}" = TrayApp
"{CF097717-F174-4144-954A-FBC4BF301033}" = Nero 7 Ultra Edition
"{D0122362-6333-4DE4-93F6-A5A2F3CC101A}" = Compaq Organize
"{D1D8C9C4-89BE-4f37-9EC4-B80E3C239C41}" = Copy
"{D545BB81-DEB0-49f7-BE26-197BC31AAF57}" = SkinsHP2
"{E4ABB302-9D82-4D18-83D5-AD1DFE786AA8}" = Unload
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{FBBF532A-47AC-457d-AC06-0D3163D8911E}" = WebReg
"05E21449-3BA3-42BF-BBDA-95205F4EA40A" = Polar Bowler from Compaq (remove only)
"26DC0ED6-93A7-43C1-8DC5-EC16079580F9" = Orbital from Compaq (remove only)
"2FDCC229-354D-4279-ABEF-CE17E355BFFA" = Five Card Frenzy from Compaq (remove only)
"8A225900-C06D-41DD-B66C-43840D472758" = Otto from Compaq (remove only)
"8BA6F58B-7A91-461F-95F8-E34F8BD8AA4E" = Slyder from Compaq (remove only)
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"BackWeb-1940576 Uninstaller" = Compaq Connections
"BitTorrent" = BitTorrent
"C679AA5F-C2C8-4EA8-9CD1-504A39AEC264" = Excavation from Compaq (remove only)
"Compaq Instant Support" = Compaq Instant Support
"FA7F5211-C629-4711-BD82-7DFFB08CB518" = Overball from Compaq (remove only)
"Google Chrome" = Google Chrome
"HP Photo & Imaging" = HP Photo & Imaging 3.1
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"LimeWire" = LimeWire 5.5.8
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft Security Essentials" = Microsoft Security Essentials
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA" =
"NVIDIA GART Driver" = NVIDIA GART Driver
"PS2" = PS2
"Python 2.2 combined Win32 extensions" = Python 2.2 combined Win32 extensions
"Python 2.2.1" = Python 2.2.1
"RealPlayer 12.0" = RealPlayer
"SopCast" = SopCast 3.2.9
"TVAnts 1.0" = TVAnts 1.0
"TVUPlayer" = TVUPlayer 2.5.3.1
"UTStarcom USB Modem" = UTStarcom USB Modem Software
"Veetle TV" = Veetle TV 0.9.18
"ViewpointMediaPlayer" = Viewpoint Media Player (Remove Only)
"VLC media player" = VLC media player 0.9.2
"vShare" = vShare Plugin
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/13/2010 7:43:02 PM | Computer Name = YOUR-W04GTXLD67 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6301.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 11/14/2010 11:35:19 PM | Computer Name = YOUR-W04GTXLD67 | Source = Application Hang | ID = 1002
Description = Hanging application chrome.exe, version 0.0.0.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 11/14/2010 11:37:32 PM | Computer Name = YOUR-W04GTXLD67 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6301.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 11/25/2010 9:51:58 AM | Computer Name = YOUR-W04GTXLD67 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/25/2010 6:37:44 PM | Computer Name = YOUR-W04GTXLD67 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/28/2010 5:25:41 PM | Computer Name = YOUR-W04GTXLD67 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 microsoft antimalware (bcf43643-a118-4432-aede-d861fcbcfcde),
P2 2.1.6805.0, P3 timeout, P4 1.1.6402.0, P5 local, P6 unspecified, P7 unspecified,
P8 NIL, P9 NIL, P10 NIL.

Error - 11/28/2010 7:05:35 PM | Computer Name = YOUR-W04GTXLD67 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/28/2010 7:05:35 PM | Computer Name = YOUR-W04GTXLD67 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/28/2010 7:05:37 PM | Computer Name = YOUR-W04GTXLD67 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/28/2010 7:05:37 PM | Computer Name = YOUR-W04GTXLD67 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 11/7/2010 5:00:06 PM | Computer Name = YOUR-W04GTXLD67 | Source = Service Control Manager | ID = 7000
Description = The nVidia WDM A/V Crossbar service failed to start due to the following
error: %%1058

Error - 11/7/2010 5:06:01 PM | Computer Name = YOUR-W04GTXLD67 | Source = DCOM | ID = 10010
Description = The server {0002DF01-0000-0000-C000-000000000046} did not register
with DCOM within the required timeout.

Error - 11/7/2010 5:12:16 PM | Computer Name = YOUR-W04GTXLD67 | Source = DCOM | ID = 10010
Description = The server {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} did not register
with DCOM within the required timeout.

Error - 11/8/2010 5:08:13 PM | Computer Name = YOUR-W04GTXLD67 | Source = Microsoft Antimalware | ID = 2001
Description = %%861 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.93.1345.0 Update Source: %%859 Update Stage:
%%852 Source Path: [You must be registered and logged in to see this link.] Signature Type: %%800 Update Type: %%803

User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.6301.0 Error
code: 0x80072efd Error description: A connection with the server could not be established


Error - 11/11/2010 4:38:14 AM | Computer Name = YOUR-W04GTXLD67 | Source = Service Control Manager | ID = 7000
Description = The nVidia WDM Video Capture (universal) service failed to start due
to the following error: %%1058

Error - 11/11/2010 4:38:14 AM | Computer Name = YOUR-W04GTXLD67 | Source = Service Control Manager | ID = 7000
Description = The nVidia WDM A/V Crossbar service failed to start due to the following
error: %%1058

Error - 11/13/2010 9:39:26 AM | Computer Name = YOUR-W04GTXLD67 | Source = Service Control Manager | ID = 7000
Description = The nVidia WDM Video Capture (universal) service failed to start due
to the following error: %%1058

Error - 11/13/2010 9:39:26 AM | Computer Name = YOUR-W04GTXLD67 | Source = Service Control Manager | ID = 7000
Description = The nVidia WDM A/V Crossbar service failed to start due to the following
error: %%1058

Error - 11/13/2010 7:41:55 PM | Computer Name = YOUR-W04GTXLD67 | Source = DCOM | ID = 10010
Description = The server {0002DF01-0000-0000-C000-000000000046} did not register
with DCOM within the required timeout.

Error - 11/25/2010 9:56:44 AM | Computer Name = YOUR-W04GTXLD67 | Source = DCOM | ID = 10010
Description = The server {0002DF01-0000-0000-C000-000000000046} did not register
with DCOM within the required timeout.


< End of report >

drsin331204

Newbie Surfer
Newbie Surfer

Posts : 6
Joined : 2010-11-29
Operating System : windows xp

View user profile

Back to top Go down

otl. txt

Post by drsin331204 on Mon 29 Nov 2010, 12:03 pm

OTL logfile created on: 11/28/2010 6:51:05 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Rick Sinclair\My Documents
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

247.00 Mb Total Physical Memory | 31.00 Mb Available Physical Memory | 12.00% Memory free
956.00 Mb Paging File | 329.00 Mb Available in Paging File | 34.00% Paging File free
Paging file location(s): C:\pagefile.sys 372 744 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.37 Gb Total Space | 33.97 Gb Free Space | 48.97% Space Free | Partition Type: NTFS
Drive D: | 5.14 Gb Total Space | 0.93 Gb Free Space | 18.20% Space Free | Partition Type: FAT32
Unable to calculate disk information.

Computer Name: YOUR-W04GTXLD67 | User Name: Rick Sinclair | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/11/28 18:50:53 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rick Sinclair\My Documents\OTL.exe
PRC - [2010/09/21 16:21:44 | 000,024,424 | ---- | M] () -- C:\Program Files\Veetle\Player\player.exe
PRC - [2010/09/15 03:34:02 | 001,094,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010/08/10 19:45:53 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009/11/30 19:30:14 | 000,386,872 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jucheck.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/06/27 19:04:00 | 001,213,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007/06/27 19:03:40 | 000,152,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2004/05/14 09:42:32 | 000,573,440 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\KEM.exe
PRC - [2004/04/26 07:06:12 | 000,029,696 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint\KHALMNPR.exe
PRC - [2003/07/14 19:52:44 | 000,040,960 | ---- | M] (Agere Systems) -- C:\WINDOWS\ltmsg.exe
PRC - [2003/05/23 04:55:38 | 000,483,328 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon05.exe
PRC - [2002/10/07 09:23:20 | 000,090,112 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\Unload\HpqCmon.exe


========== Modules (SafeList) ==========

MOD - [2010/11/28 18:50:53 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rick Sinclair\My Documents\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/08/10 19:49:34 | 000,040,960 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
MOD - [2004/05/14 09:39:36 | 000,086,016 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\lgscroll.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/03/25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - [2008/04/13 13:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2007/12/05 14:53:44 | 000,110,848 | ---- | M] (MCCI) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\uts_mdm.sys -- (uts_mdm)
DRV - [2007/12/05 14:53:44 | 000,090,880 | ---- | M] (MCCI) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\uts_serd.sys -- (uts_serd) UTStarcom USB Diagnostic Serial Port (WDM)
DRV - [2007/12/05 14:53:44 | 000,084,352 | ---- | M] (MCCI) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\uts_bus.sys -- (uts_bus) UTStarcom USB Composite Device driver (WDM)
DRV - [2007/12/05 14:53:44 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\uts_mdfl.sys -- (uts_mdfl)
DRV - [2004/10/07 20:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/10/01 10:24:02 | 002,279,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/08/03 22:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/08/03 22:29:52 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2003/09/03 01:51:00 | 000,021,120 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2003/07/30 04:15:00 | 000,126,348 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\nvcap.sys -- (nvcap) nVidia WDM Video Capture (universal)
DRV - [2003/07/30 04:15:00 | 000,013,006 | ---- | M] (NVIDIA Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\nvxbar.sys -- (NVXBAR)
DRV - [2003/07/02 13:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2003/07/02 01:33:00 | 000,652,497 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
DRV - [2003/06/19 03:59:00 | 000,140,800 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\fasttx2k.sys -- (fasttx2k)
DRV - [2003/05/06 17:34:56 | 000,394,752 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2003/04/28 08:13:06 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/04/11 10:51:30 | 000,010,624 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2003/02/20 18:18:36 | 000,036,608 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2002/10/04 19:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/07/30 00:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/08/10 19:49:37 | 000,000,000 | ---D | M]

[2010/05/09 20:08:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Sinclair\Application Data\Mozilla\Extensions
[2010/05/09 20:08:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Rick Sinclair\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2008/09/01 19:40:28 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/09/01 19:40:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

O1 HOSTS File: ([2002/08/29 14:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Yahooo Search Protection) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\HpqCmon.exe ()
O4 - HKLM..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe File not found
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LTMSG] C:\WINDOWS\ltmsg.exe (Agere Systems)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [PS2] C:\WINDOWS\system32\ps2.EXE (Hewlett-Packard Company)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKLM..\Run: [VTTimer] File not found
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe File not found
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10h_ActiveX.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\Rick Sinclair\Start Menu\Programs\Startup\spamsubtract.lnk = C:\Program Files\interMute\SpamSubtract\SpamSub.exe (interMute, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.4.2)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/10/11 05:16:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/28 06:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2002/09/11 03:02:32 | 000,000,045 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\Info.exe -- [2002/09/10 21:54:58 | 000,040,960 | -HS- | M] (XSS)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/28 18:50:07 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Rick Sinclair\My Documents\OTL.exe
[2010/11/28 16:46:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Rick Sinclair\Application Data\vShare
[2010/11/28 16:46:35 | 000,000,000 | ---D | C] -- C:\Program Files\vShare
[22 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/28 18:50:53 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Rick Sinclair\My Documents\OTL.exe
[2010/11/28 18:41:14 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/28 18:05:01 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2192709979-22946826-2867544851-1008.job
[2010/11/28 18:04:45 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2192709979-22946826-2867544851-1008.job
[2010/11/28 17:31:02 | 000,000,432 | ---- | M] () -- C:\WINDOWS\tasks\WebReg 20040620173114.job
[2010/11/28 14:41:28 | 000,000,896 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/28 01:31:51 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/11/27 12:53:03 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{5B02CE87-C3DA-4DCD-9FC4-A450862E3B54}.job
[2010/11/26 19:11:15 | 000,000,656 | ---- | M] () -- C:\Documents and Settings\Rick Sinclair\Desktop\Free Porn Videos & Sex Movies - Porno, XXX, Porn Tube and Pussy Porn.url
[2010/11/26 18:16:58 | 000,000,211 | ---- | M] () -- C:\Documents and Settings\Rick Sinclair\Desktop\Google.url
[2010/11/25 12:26:13 | 000,000,492 | ---- | M] () -- C:\Documents and Settings\Rick Sinclair\Desktop\Veetle - Broadcast live streaming video in HD.url
[2010/11/22 17:17:00 | 000,000,312 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Checkpoint.job
[2010/11/13 18:33:35 | 000,000,247 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2010/11/13 08:39:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/13 08:39:15 | 259,575,808 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/07 16:06:32 | 000,384,596 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/07 16:06:32 | 000,054,280 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/06 10:49:04 | 000,001,821 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2010/11/03 13:28:19 | 000,000,256 | ---- | M] () -- C:\Documents and Settings\Rick Sinclair\Desktop\Facebook (13) Login.url
[22 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/28 18:05:00 | 000,000,294 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2192709979-22946826-2867544851-1008.job
[2009/11/18 18:28:05 | 000,170,395 | ---- | C] () -- C:\Documents and Settings\Rick Sinclair\Application Data\tvmknwrd.dll
[2009/11/18 18:28:05 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\Rick Sinclair\Application Data\tvmcwrd.dll
[2009/11/18 18:27:50 | 000,023,552 | ---- | C] () -- C:\Documents and Settings\Rick Sinclair\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/18 18:27:50 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Rick Sinclair\Local Settings\Application Data\fusioncache.dat
[2009/05/14 20:47:43 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008/02/10 21:48:54 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
[2008/02/10 21:39:05 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Caches
[2008/02/10 21:39:05 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLds.DAT
[2008/01/16 23:48:43 | 000,001,759 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/08/06 21:50:35 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
[2006/07/15 19:32:38 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006/07/09 12:12:28 | 000,000,038 | ---- | C] () -- C:\WINDOWS\Pt.dll
[2006/06/23 10:56:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PTWebCam.INI
[2006/06/04 17:31:40 | 000,000,051 | ---- | C] () -- C:\WINDOWS\iTouch.ini
[2006/01/14 12:12:07 | 000,000,092 | ---- | C] () -- C:\WINDOWS\qwimp.ini
[2006/01/14 12:12:06 | 000,001,262 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2005/09/26 15:17:45 | 000,010,752 | ---- | C] () -- C:\Program Files\VALUES.CDX
[2005/09/26 15:17:45 | 000,010,752 | ---- | C] () -- C:\Program Files\CD.CDX
[2005/09/26 15:17:45 | 000,009,216 | ---- | C] () -- C:\Program Files\PLAYLIST.CDX
[2005/09/26 15:17:45 | 000,006,144 | ---- | C] () -- C:\Program Files\TRAKINFO.CDX
[2005/09/26 15:17:45 | 000,006,144 | ---- | C] () -- C:\Program Files\PLAYTRAX.CDX
[2005/09/26 15:17:45 | 000,006,144 | ---- | C] () -- C:\Program Files\PLAYGRPS.CDX
[2005/09/26 15:17:45 | 000,006,144 | ---- | C] () -- C:\Program Files\NAMES.CDX
[2005/09/26 15:17:45 | 000,004,608 | ---- | C] () -- C:\Program Files\CDTRAX.CDX
[2005/09/26 15:17:45 | 000,000,642 | ---- | C] () -- C:\Program Files\TRAKINFO.DBF
[2005/09/26 15:17:45 | 000,000,514 | ---- | C] () -- C:\Program Files\CD.DBF
[2005/09/26 15:17:45 | 000,000,482 | ---- | C] () -- C:\Program Files\CDTRAX.DBF
[2005/09/26 15:17:45 | 000,000,386 | ---- | C] () -- C:\Program Files\PLAYGRPS.DBF
[2005/09/26 15:17:45 | 000,000,194 | ---- | C] () -- C:\Program Files\VALUES.DBF
[2005/09/26 15:17:45 | 000,000,162 | ---- | C] () -- C:\Program Files\PLAYTRAX.DBF
[2005/09/26 15:17:45 | 000,000,130 | ---- | C] () -- C:\Program Files\NAMES.DBF
[2005/09/26 15:17:44 | 000,026,112 | ---- | C] () -- C:\Program Files\TRACKS.CDX
[2005/09/26 15:17:44 | 000,001,154 | ---- | C] () -- C:\Program Files\TRACKS.DBF
[2005/09/26 15:17:44 | 000,000,738 | ---- | C] () -- C:\Program Files\PLAYLIST.DBF
[2005/09/26 15:17:44 | 000,000,512 | ---- | C] () -- C:\Program Files\TRACKS.FPT
[2005/09/26 15:17:44 | 000,000,512 | ---- | C] () -- C:\Program Files\PLAYLIST.FPT
[2005/09/26 10:45:49 | 000,000,000 | ---- | C] () -- C:\Program Files\cpt
[2005/03/21 00:36:44 | 000,000,076 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2005/02/12 19:39:59 | 000,000,036 | ---- | C] () -- C:\WINDOWS\wwwbatch.ini
[2004/07/18 22:35:54 | 000,000,920 | ---- | C] () -- C:\WINDOWS\Solitaire.ini
[2004/07/03 22:26:34 | 000,000,419 | ---- | C] () -- C:\WINDOWS\videomvp.ini
[2004/07/03 22:24:28 | 000,000,021 | ---- | C] () -- C:\WINDOWS\CS_SETUP.ini
[2004/06/30 23:42:16 | 000,000,042 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2004/06/28 20:33:26 | 000,000,154 | ---- | C] () -- C:\WINDOWS\sb_affiliate.ini
[2004/06/24 22:06:54 | 000,000,392 | ---- | C] () -- C:\WINDOWS\ulapi32.dll
[2004/06/20 17:01:54 | 000,000,004 | ---- | C] () -- C:\WINDOWS\usta32a.ini
[2004/06/20 16:59:34 | 000,000,997 | ---- | C] () -- C:\WINDOWS\usta32.ini
[2004/06/13 14:15:40 | 000,000,049 | ---- | C] () -- C:\WINDOWS\upth.ini
[2004/06/13 14:15:40 | 000,000,024 | ---- | C] () -- C:\WINDOWS\atid.ini
[2004/05/16 16:29:56 | 000,000,058 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/02/29 14:47:53 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PMK_setup.ini
[2004/02/28 23:47:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\LiveBilliards.INI
[2004/02/28 23:18:03 | 000,003,490 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2004/02/24 21:46:59 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PI4_setup.ini
[2003/10/14 08:52:37 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/10/14 08:51:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\iAlmcoin.dll
[2003/10/14 08:35:01 | 000,000,051 | ---- | C] () -- C:\WINDOWS\System32\mshrml.ini
[2003/10/11 07:45:41 | 000,167,936 | ---- | C] () -- C:\WINDOWS\System32\PCDrJNI_1_1.dll
[2003/10/11 07:40:57 | 000,029,222 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2003/10/11 07:40:38 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\syscontr.dll
[2003/10/11 07:40:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2003/10/11 07:29:14 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/10/11 07:16:42 | 000,000,889 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2003/10/11 06:25:06 | 000,002,416 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2003/10/11 06:15:11 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/10/11 06:07:05 | 000,126,348 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvcap.sys
[2003/10/11 05:47:37 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/10/11 05:39:21 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2003/10/11 05:39:21 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2003/10/11 05:39:04 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2003/10/11 05:19:00 | 000,000,802 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/10/11 05:06:45 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/10/11 02:10:46 | 000,000,438 | ---- | C] () -- C:\WINDOWS\System32\1_ssetup.ini
[2003/10/11 02:10:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\sunistlog.ini
[2003/10/10 22:10:25 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/11/14 21:58:04 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2002/11/14 21:58:04 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2002/11/14 21:58:02 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2002/11/14 21:58:02 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2002/11/14 21:58:02 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A2947BEA

< End of report >

drsin331204

Newbie Surfer
Newbie Surfer

Posts : 6
Joined : 2010-11-29
Operating System : windows xp

View user profile

Back to top Go down

Re: computer running very slow

Post by Belahzur on Tue 30 Nov 2010, 9:08 am

Hello.

  • Download combofix from here
    Link 1
    Link 2

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See HERE for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: computer running very slow

Post by drsin331204 on Wed 01 Dec 2010, 1:03 pm

ComboFix 10-11-30.02 - Rick Sinclair 11/30/2010 19:45:52.1.1 - x86
Running from: c:\documents and settings\Rick Sinclair\My Documents\Combo-Fix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Administrator.YOUR-W04GTXLD67.003\Local Settings\Temporary Internet Files\Tvm.log
c:\documents and settings\Administrator.YOUR-W04GTXLD67.003\Local Settings\Temporary Internet Files\ZSearch.log
c:\documents and settings\All Users\Application Data\vmss
c:\documents and settings\All Users\Application Data\vmss\dpih.inf
c:\documents and settings\All Users\Application Data\vmss\vmss.inf
c:\documents and settings\Default User\Local Settings\Temporary Internet Files\Tvm.log
c:\documents and settings\Default User\Local Settings\Temporary Internet Files\ZSearch.log
c:\documents and settings\LocalService\Application Data\{2CF0B992-5EEB-4143-99C0-5297EF71F444}
c:\documents and settings\LocalService\Application Data\NetMon
c:\documents and settings\LocalService\Application Data\NetMon\domains.txt
c:\documents and settings\LocalService\Application Data\NetMon\log.txt
c:\program files\BrowsingAdvisor
c:\program files\BrowsingAdvisor\BrowsingAdvisor.dat
c:\program files\BrowsingAdvisor\pcre3.dll
c:\program files\BrowsingAdvisor\uninstall.exe
c:\program files\Common Files\qmof
c:\program files\Common Files\qmof\qmofa.lck
c:\program files\Common Files\qmof\qmofd\class-barrel
c:\program files\Common Files\qmof\qmofd\vocabulary
c:\program files\Common Files\qmof\qmofh
c:\program files\Common Files\qmof\qmofl.lck
c:\program files\Common Files\qmof\qmofm.lck
c:\program files\Common Files\qmof\qmofp.lck
c:\program files\Toolbar
c:\windows\Downloaded Program Files\f3initialsetup1.0.0.8-2.inf
c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf
c:\windows\IA
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2010-11-01 to 2010-12-01 )))))))))))))))))))))))))))))))
.

2010-12-01 00:37 . 2010-12-01 00:37 12568 ----a-w- c:\windows\system32\drivers\PROCEXP113.SYS
2010-12-01 00:37 . 2010-11-10 04:33 6273872 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DFAB9440-8E6D-463A-A11D-26E72DD2DC75}\mpengine.dll
2010-11-30 23:29 . 2001-08-17 18:48 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2010-11-30 23:29 . 2001-08-17 18:48 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2010-11-30 23:27 . 2008-04-13 18:45 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2010-11-30 23:27 . 2008-04-13 18:45 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2010-11-28 21:46 . 2010-11-28 21:47 -------- d-----w- c:\documents and settings\Rick Sinclair\Application Data\vShare
2010-11-28 21:46 . 2010-11-28 21:46 -------- d-----w- c:\program files\vShare

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-10 04:33 . 2010-08-29 06:16 6273872 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2010-10-19 20:51 . 2010-08-27 22:48 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-09-18 16:23 . 2003-11-15 08:23 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2003-11-15 08:23 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2003-11-15 08:23 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2003-11-15 08:23 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:58 . 2003-11-15 07:58 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:58 . 2003-11-15 08:23 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:58 . 2003-11-15 08:22 1469440 ------w- c:\windows\system32\inetcpl.cpl
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2010-06-01 5252408]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-28 152872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LTMSG"="LTMSG.exe 7" [X]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-08-20 118784]
"CamMonitor"="c:\program files\HP\Digital Imaging\Unload\hpqcmon.exe" [2002-10-07 90112]
"HPHmon05"="c:\windows\System32\hphmon05.exe" [2003-05-23 483328]
"KBD"="c:\hp\KBD\KBD.EXE" [2003-02-12 61440]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-14 212992]
"PS2"="c:\windows\system32\ps2.exe" [2002-08-01 81920]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 57344]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-08-20 155648]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-01 149280]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-08-11 202256]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-09-15 1094224]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\YspService.exe" [2010-04-01 243000]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2008-1-11 39792]
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2007-5-10 738968]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2003-7-7 233472]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2006-1-10 196608]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\KEM.exe [2006-1-10 573440]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
"c:\\Program Files\\TVAnts\\Tvants.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-10 136176]
R3 uts_bus;UTStarcom USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\uts_bus.sys [2007-12-05 84352]
R3 uts_mdfl;UTStarcom USB Modem Filter;c:\windows\system32\DRIVERS\uts_mdfl.sys [2007-12-05 14976]
R3 uts_mdm;UTStarcom USB Modem Drivers;c:\windows\system32\DRIVERS\uts_mdm.sys [2007-12-05 110848]
R3 uts_serd;UTStarcom USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\uts_serd.sys [2007-12-05 90880]


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-03-08 08:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder

2010-11-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-10 03:27]

2010-11-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-10 03:27]

2010-12-01 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2010-03-26 01:40]

2010-12-01 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2192709979-22946826-2867544851-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 07:02]

2010-12-01 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2192709979-22946826-2867544851-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 07:02]

2010-11-22 c:\windows\Tasks\Scheduled Checkpoint.job
- c:\program files\VCOM\Recovery Commander\RCSCHED.EXE [2005-03-25 17:20]

2010-12-01 c:\windows\Tasks\User_Feed_Synchronization-{5B02CE87-C3DA-4DCD-9FC4-A450862E3B54}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 08:31]

2010-11-28 c:\windows\Tasks\WebReg 20040620173114.job
- c:\program files\HP\Digital Imaging\bin\hpqwrg.exe [2003-07-07 15:43]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uSearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
mSearch Bar = [You must be registered and logged in to see this link.]
uSearchURL,(Default) = [You must be registered and logged in to see this link.]
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
.
.
------- File Associations -------
.
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-Search Protection - c:\program files\Yahoo!\Search Protection\SearchProtection.exe
HKLM-Run-HPHUPD05 - c:\program files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
HKLM-Run-VTTimer - VTTimer.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2010-11-30 20:39
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2010-11-30 20:56:45
ComboFix-quarantined-files.txt 2010-12-01 01:56

Pre-Run: 36,869,398,528 bytes free
Post-Run: 37,561,208,832 bytes free

- - End Of File - - F15A9B20159B8BB24201B99C29DAD28D

drsin331204

Newbie Surfer
Newbie Surfer

Posts : 6
Joined : 2010-11-29
Operating System : windows xp

View user profile

Back to top Go down

Re: computer running very slow

Post by Belahzur on Thu 02 Dec 2010, 11:49 am

Hello.

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /uninstall

This will also reset your restore points.

Run ESET Online Scan
Please do an online scan with ESET Online Scanner. Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Check (tick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: computer running very slow

Post by drsin331204 on Thu 02 Dec 2010, 4:22 pm

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=90a330a6dac1854d8f5911b96281797d
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-12-02 05:16:31
# local_time=2010-12-02 12:16:31 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=768 16777215 100 0 54635352 54635352 0 0
# compatibility_mode=5891 16776533 100 100 5401 20763418 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=135256
# found=2
# cleaned=2
# scan_time=14959
C:\Program Files\BackWeb\BackWeb Client\6.2.3.66L\Program\runner.exe probably a variant of Win32/Agent.CBFNBEO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Compaq Connections\1940576\Program\BackWeb-1940576.exe probably a variant of Win32/Agent.CBFNBEO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

drsin331204

Newbie Surfer
Newbie Surfer

Posts : 6
Joined : 2010-11-29
Operating System : windows xp

View user profile

Back to top Go down

Re: computer running very slow

Post by Belahzur on Fri 03 Dec 2010, 11:34 am

Hello.
How is the machine running now?


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: computer running very slow

Post by drsin331204 on Fri 03 Dec 2010, 1:06 pm

still running slow might need to add ram to get going faster thanks for all of your help

drsin331204

Newbie Surfer
Newbie Surfer

Posts : 6
Joined : 2010-11-29
Operating System : windows xp

View user profile

Back to top Go down

Re: computer running very slow

Post by Belahzur on Sat 04 Dec 2010, 8:40 am

The slowness is more than likely caused by your crap hardware, 256mb isn't good to be able to run software nowadays.

A hardware upgrade would be a good idea to fix the slowness.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: computer running very slow

Post by Sponsored content Today at 2:33 am


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum