Computer moves at a near glacial pace

View previous topic View next topic Go down

Computer moves at a near glacial pace

Post by SquishedFlat on Wed 02 Mar 2011, 2:37 am

I have had a major problem for over a month with my (older) XP just dragging along. Its everything; internet and working offline. To open MS word, for example, may take 2-5 minutes or even more. Another several minutes if I try to copy/paste. To print a document can take 30 minutes to actually get the printer in gear, which then works just fine. Absolutely painful to use.

I ran Malware Bytes a couple days ago, and it found nothing.

I had another thread going, but SneakyOne seems to have abandoned my cause and I really need some help. I greatly appreciate all the help, but I really need to have this issue resolved.

Thanks much!

SquishedFlat

Newbie Surfer
Newbie Surfer

Posts : 39
Joined : 2010-11-05
Operating System : XP

View user profile

Back to top Go down

Re: Computer moves at a near glacial pace

Post by Belahzur on Wed 02 Mar 2011, 1:04 pm

Hello.

Download OTL by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Computer moves at a near glacial pace

Post by SquishedFlat on Thu 03 Mar 2011, 4:03 am

Here is OTL.txt. Extras.txt was not generated. I searched everywhere. Thank you.

OTL logfile created on: 3/2/2011 10:46:01 AM - Run 4
OTL by OldTimer - Version 3.2.22.2 Folder = C:\Documents and Settings\Scott\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

255.00 Mb Total Physical Memory | 32.00 Mb Available Physical Memory | 12.00% Memory free
617.00 Mb Paging File | 167.00 Mb Available in Paging File | 27.00% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.50 Gb Total Space | 42.46 Gb Free Space | 57.00% Space Free | Partition Type: NTFS

Computer Name: DH7BJP11 | User Name: Scott | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/02 10:44:11 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Scott\Desktop\OTL.exe
PRC - [2011/01/19 11:12:37 | 002,548,552 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2011/01/19 11:12:34 | 001,803,224 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2011/01/13 12:25:29 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/12/13 08:46:37 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/12/13 08:46:28 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/12/13 08:46:27 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/03/17 15:55:42 | 001,565,696 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Verizon\McciTrayApp.exe
PRC - [2010/01/14 21:12:21 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/03/05 15:14:12 | 002,035,712 | ---- | M] (Ascentive LLC) -- C:\Program Files\Ascentive\ActiveSpeed\AS.exe
PRC - [2008/09/30 13:06:50 | 000,485,208 | ---- | M] (Nikon Corporation) -- C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/02/01 17:33:38 | 001,880,064 | ---- | M] (Verizon) -- C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe
PRC - [2006/01/20 13:48:06 | 000,142,416 | R--- | M] (Command Software Systems, Inc.) -- C:\Program Files\Common Files\Command Software\dvpapi.exe
PRC - [2004/09/29 11:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\SYSTEM32\HPZipm12.exe
PRC - [2003/08/11 22:30:09 | 000,126,976 | ---- | M] () -- C:\Program Files\Picasa\PicasaMediaDetector.exe
PRC - [2003/04/13 17:00:23 | 000,052,736 | ---- | M] (Macrovision) -- C:\WINDOWS\SYSTEM32\DRIVERS\CDAC11BA.EXE
PRC - [2002/07/11 15:15:20 | 000,270,336 | ---- | M] () -- C:\Program Files\Dell\Support\Alert\bin\DAMon.exe
PRC - [2002/04/10 16:44:04 | 000,679,936 | ---- | M] (Roxio) -- C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe
PRC - [2002/04/03 15:47:38 | 000,290,816 | ---- | M] (Voyetra Turtle Beach, Inc.) -- C:\WINDOWS\SYSTEM32\tbctray.exe


========== Modules (SafeList) ==========

MOD - [2011/03/02 10:44:11 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Scott\Desktop\OTL.exe
MOD - [2011/01/11 17:29:00 | 000,285,480 | ---- | M] (COMODO) -- C:\WINDOWS\SYSTEM32\guard32.dll
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/03/17 15:53:28 | 000,198,656 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Common Files\Motive\McciContextHook_DSR.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/02/17 04:13:51 | 000,420,520 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011/01/19 11:12:34 | 001,803,224 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010/12/13 08:46:37 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/12/13 08:46:28 | 000,339,624 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2010/12/13 08:46:28 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2008/10/10 04:45:26 | 000,013,088 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2006/01/20 13:48:06 | 000,142,416 | R--- | M] (Command Software Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Command Software\dvpapi.exe -- (dvpapi)
SRV - [2004/09/29 11:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\SYSTEM32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2003/04/13 17:00:23 | 000,052,736 | ---- | M] (Macrovision) [Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\CDAC11BA.EXE -- (C-DillaCdaC11BA)


========== Driver Services (SafeList) ==========

DRV - [2011/01/11 17:29:00 | 000,239,368 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\cmdGuard.sys -- (cmdGuard)
DRV - [2011/01/11 17:29:00 | 000,094,784 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2011/01/11 17:29:00 | 000,027,576 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\cmdhlp.sys -- (cmdHlp)
DRV - [2010/12/13 08:46:49 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avipbb.sys -- (avipbb)
DRV - [2010/12/13 08:46:49 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgntflt.sys -- (avgntflt)
DRV - [2010/06/17 14:30:25 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 14:30:21 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010/03/17 15:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/03/17 15:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008/04/13 13:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2006/01/20 13:40:42 | 000,783,984 | R--- | M] (Command Software Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\css-dvp.sys -- (CSS DVP)
DRV - [2003/08/29 03:59:24 | 001,101,696 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\BCMSM.sys -- (BCMModem)
DRV - [2003/04/13 17:00:22 | 000,011,376 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\CdaC15BA.SYS -- (CdaC15BA)
DRV - [2002/07/24 15:57:38 | 000,059,440 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2002/07/24 15:57:38 | 000,023,724 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2002/04/10 17:01:12 | 000,024,554 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2002/04/10 17:01:00 | 000,029,638 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2002/04/10 17:00:44 | 000,117,898 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2002/04/10 16:48:04 | 000,236,032 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\cdudf_xp.sys -- (cdudf_xp)
DRV - [2002/04/10 16:45:16 | 000,206,336 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\udfreadr_xp.sys -- (UdfReadr_xp)
DRV - [2002/04/03 15:51:16 | 000,545,088 | ---- | M] (Voyetra Turtle Beach) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\tbcwdm.sys -- (tbcwdm)
DRV - [2002/04/03 15:51:12 | 000,144,768 | ---- | M] (Voyetra Turtle Beach) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\tbcspud.sys -- (tbcspud)
DRV - [2002/03/21 19:44:32 | 000,019,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Turtle Beach\Santa Cruz\Control Panel\vtdg46xx.sys -- (vtdg46xx)
DRV - [2001/09/03 17:14:38 | 000,025,454 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\RTL8139.sys -- (rtl8139)
DRV - [2001/08/17 13:52:24 | 000,038,144 | ---- | M] (HighPoint Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\hpt3xx.sys -- (hpt3xx)
DRV - [2001/08/17 12:50:26 | 000,731,648 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\NV4.SYS -- (nv4)
DRV - [2001/08/17 12:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1,localho,t,127.0.0.1,*.local"


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/13 12:26:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/02/18 11:28:52 | 000,000,000 | ---D | M]

[2010/07/15 22:14:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Scott\Application Data\Mozilla\Extensions
[2009/04/14 19:07:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Scott\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/03/02 10:41:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Scott\Application Data\Mozilla\Firefox\Profiles\nglxs7bv.default\extensions
[2011/03/02 10:41:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Scott\Application Data\Mozilla\Firefox\Profiles\nglxs7bv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/02 10:39:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/15 20:51:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/02/17 11:40:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010/12/15 20:50:18 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011/02/06 20:26:16 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - No CLSID value found.
O4 - HKLM..\Run: [ActiveSpeed] C:\Program Files\Ascentive\ActiveSpeed\AS.exe (Ascentive LLC)
O4 - HKLM..\Run: [AdaptecDirectCD] C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe (Roxio)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [Dell|Alert] C:\Program Files\Dell\Support\Alert\bin\DAMon.exe ()
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LifeScape Media Detector] C:\Program Files\Picasa\PicasaMediaDetector.exe ()
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [TraySantaCruz] C:\WINDOWS\SYSTEM32\tbctray.exe (Voyetra Turtle Beach, Inc.)
O4 - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe (Alcatel-Lucent)
O4 - HKLM..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\Servicepoint\VerizonServicepoint.exe (Verizon)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil10k_Plugin.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - File not found
O9 - Extra Button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: //@install.mar@ ([]msni in My Computer)
O15 - HKCU\..Trusted Domains: //@mail.mar@ ([]msni in Local intranet)
O15 - HKCU\..Trusted Domains: ebay.com ([my] http in Trusted sites)
O15 - HKCU\..Trusted Domains: ebay.com ([signin] https in Trusted sites)
O15 - HKCU\..Trusted Domains: eset.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: eset.eu ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: turbotax.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} [You must be registered and logged in to see this link.] (Support.com Configuration Class)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} [You must be registered and logged in to see this link.] (Windows Genuine Advantage Validation Tool)
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} [You must be registered and logged in to see this link.] (LinkedIn ContactFinderControl)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} [You must be registered and logged in to see this link.] (BDSCANONLINE Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} [You must be registered and logged in to see this link.] (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: vzTCPConfig [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.252.0.12
O20 - AppInit_DLLs: (C:\WINDOWS\SYSTEM32\guard32.dll) - C:\WINDOWS\SYSTEM32\guard32.dll (COMODO)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\SYSTEM32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Scott\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Scott\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/11/15 07:31:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/03/02 10:44:39 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Scott\Desktop\OTL.exe
[2011/03/02 10:33:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Scott\Recent
[2011/02/22 08:42:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/02/22 08:42:20 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/02/22 08:41:48 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/02/22 08:41:47 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/02/21 21:32:25 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/02/19 13:26:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/02/19 08:28:39 | 000,000,000 | ---D | C] -- C:\commy23922c
[2011/02/17 11:39:08 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/02/17 11:39:06 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/02/17 11:39:06 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/02/17 11:39:06 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/02/06 17:18:36 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/02/06 17:18:35 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/02/06 17:18:35 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/02/06 17:18:35 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/02/06 15:46:26 | 000,000,000 | ---D | C] -- C:\commy
[2011/02/06 15:38:04 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/02/01 11:29:36 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Scott\Desktop\HijackThis.exe
[2008/11/21 11:44:51 | 002,934,272 | ---- | C] (Piriform Ltd) -- C:\Program Files\ccsetup.exe
[2007/07/26 11:16:59 | 049,943,864 | ---- | C] (Apple Inc.) -- C:\Program Files\iTunesSetup.exe
[2007/07/03 19:58:47 | 609,203,729 | ---- | C] (Nexon ) -- C:\Program Files\MSSetup.exe
[2007/04/08 03:54:46 | 013,287,696 | ---- | C] (Webroot Software, Inc. ) -- C:\Program Files\sspsetup1673_.exe
[2006/06/08 11:44:24 | 008,785,512 | ---- | C] (Webroot Software, Inc. ) -- C:\Program Files\sspsetup1673_en.exe
[2006/05/12 11:35:03 | 011,817,800 | ---- | C] (InstallShield Software Corporation) -- C:\Program Files\GoogleEarth.exe
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/03/02 10:57:00 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{70649BE7-DAF4-4542-A595-8E0468A1A769}.job
[2011/03/02 10:44:11 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Scott\Desktop\OTL.exe
[2011/03/02 10:26:03 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/02 10:20:06 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/03/02 10:17:01 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/02 10:16:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/03/02 10:16:45 | 267,468,800 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/22 08:42:25 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Scott\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/02/22 08:42:25 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/22 08:28:32 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2011/02/19 08:25:15 | 004,271,141 | R--- | M] () -- C:\Documents and Settings\Scott\Desktop\commy.exe
[2011/02/12 04:12:04 | 000,286,112 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/02/06 20:26:16 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts
[2011/02/02 21:40:39 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011/02/02 21:40:38 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011/02/02 21:40:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011/02/02 21:40:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2011/02/02 19:19:39 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2011/02/01 11:26:18 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Scott\Desktop\HijackThis.exe
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/02/22 08:42:25 | 000,000,802 | ---- | C] () -- C:\Documents and Settings\Scott\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/02/22 08:42:25 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/02/06 17:18:36 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/02/06 17:18:36 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/02/06 17:18:35 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/02/06 17:18:35 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/02/06 17:18:35 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/02/06 14:52:11 | 004,271,141 | R--- | C] () -- C:\Documents and Settings\Scott\Desktop\commy.exe
[2010/12/05 23:54:53 | 000,007,015 | ---- | C] () -- C:\Documents and Settings\Scott\Application Data\D4C2.E5F
[2010/09/30 16:42:57 | 000,030,424 | ---- | C] () -- C:\WINDOWS\System32\wrLZMA.dll
[2010/09/28 11:45:36 | 000,001,349 | ---- | C] () -- C:\WINDOWS\Mpcwty02.ini
[2010/09/23 09:17:41 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Scott\Local Settings\Application Data\PUTTY.RND
[2010/03/04 09:37:31 | 000,594,160 | ---- | C] () -- C:\WINDOWS\System32\wodCertificate.dll
[2010/03/04 09:36:44 | 000,589,960 | ---- | C] () -- C:\WINDOWS\System32\brgrt.dll
[2009/10/16 13:17:09 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\All Users\Application Data\Error Handlers
[2009/10/16 13:17:08 | 000,000,268 | RH-- | C] () -- C:\Documents and Settings\Scott\Application Data\Electric Piano
[2009/10/16 13:17:08 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2009/06/01 20:45:46 | 000,223,232 | ---- | C] () -- C:\WINDOWS\System32\sqlite3.dll
[2009/06/01 20:45:26 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\SQLiteWrapper.dll
[2009/01/05 15:44:10 | 000,053,248 | ---- | C] () -- C:\WINDOWS\bdoscandel.exe
[2009/01/05 15:44:10 | 000,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini
[2007/06/02 17:44:02 | 000,000,017 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2007/05/11 15:41:35 | 000,038,400 | ---- | C] () -- C:\WINDOWS\System32\moveex.exe
[2007/03/20 15:22:59 | 000,111,227 | ---- | C] () -- C:\WINDOWS\System32\drivers\dump_wmimmc.sys.OLD.sys
[2007/02/02 16:52:12 | 000,000,051 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI
[2007/01/16 16:25:11 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2007/01/16 16:24:41 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2007/01/16 16:03:01 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2007/01/06 10:22:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\intr32.dll
[2006/12/28 14:15:10 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/09/17 19:30:08 | 000,000,583 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2006/08/07 14:50:27 | 000,000,022 | ---- | C] () -- C:\WINDOWS\kodakpcd.Scott.ini
[2006/06/17 11:23:22 | 000,112,898 | ---- | C] () -- C:\WINDOWS\hpoins07.dat
[2006/06/17 11:23:22 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat
[2006/06/08 11:59:40 | 000,102,912 | ---- | C] () -- C:\WINDOWS\System32\islzma.dll
[2006/06/08 11:59:28 | 000,684,032 | ---- | C] () -- C:\WINDOWS\libeay32.dll
[2006/06/08 11:59:28 | 000,155,648 | ---- | C] () -- C:\WINDOWS\ssleay32.dll
[2006/05/06 02:44:32 | 000,018,432 | ---- | C] () -- C:\WINDOWS\igUninst.exe
[2005/12/25 12:50:54 | 000,000,375 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2005/10/15 17:26:35 | 000,031,776 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/10/15 17:22:57 | 000,000,337 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2005/10/15 17:19:06 | 000,000,076 | ---- | C] () -- C:\WINDOWS\mbjr.ini
[2005/10/15 17:19:01 | 000,094,720 | ---- | C] () -- C:\WINDOWS\System32\SH30W32.DLL
[2005/08/30 19:59:11 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll
[2005/08/30 19:59:11 | 000,023,552 | ---- | C] () -- C:\WINDOWS\xobglu32.dll
[2004/12/31 18:59:07 | 000,000,123 | ---- | C] () -- C:\WINDOWS\disney.ini
[2004/11/22 19:23:32 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/06/26 18:40:12 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004/04/24 19:26:05 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2004/04/12 22:17:23 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\IMPLODE.DLL
[2004/04/12 19:38:13 | 000,000,048 | ---- | C] () -- C:\WINDOWS\PerWin.ini
[2004/04/11 00:57:05 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/02/19 19:21:00 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2004/02/19 19:17:44 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2004/02/14 13:14:22 | 000,000,043 | ---- | C] () -- C:\WINDOWS\Tlcpromo.ini
[2004/01/20 21:28:23 | 005,452,936 | ---- | C] () -- C:\Program Files\DivX511Bundle.exe
[2004/01/19 01:20:58 | 000,128,000 | ---- | C] () -- C:\Documents and Settings\Scott\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/10/06 13:16:00 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\nvcod.dll
[2003/09/10 20:33:28 | 000,000,551 | ---- | C] () -- C:\WINDOWS\DMI.ini
[2003/09/07 17:11:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2003/08/11 22:30:09 | 000,103,303 | ---- | C] () -- C:\WINDOWS\Picasa Uninstaller.exe
[2003/07/13 08:52:06 | 000,000,289 | ---- | C] () -- C:\WINDOWS\rbjr.ini
[2003/06/20 08:24:41 | 000,273,664 | ---- | C] () -- C:\WINDOWS\pptpunin.exe
[2003/06/20 08:22:59 | 000,001,314 | ---- | C] () -- C:\WINDOWS\EReg077.dat
[2003/06/20 07:57:34 | 000,007,284 | ---- | C] () -- C:\WINDOWS\rrm46.dat
[2003/06/20 07:51:23 | 000,000,069 | ---- | C] () -- C:\WINDOWS\TLCAPPS.INI
[2003/06/15 16:05:46 | 000,000,070 | ---- | C] () -- C:\WINDOWS\VSV.INI
[2003/06/10 15:24:54 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2003/05/27 18:42:29 | 000,000,067 | ---- | C] () -- C:\WINDOWS\KA.INI
[2003/05/27 18:39:56 | 000,000,574 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2003/04/13 17:00:24 | 000,202,752 | ---- | C] () -- C:\WINDOWS\CDAC14BA.DLL
[2003/04/13 17:00:24 | 000,020,992 | ---- | C] () -- C:\WINDOWS\CDAC13BA.EXE
[2003/04/13 17:00:22 | 000,011,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\CdaC15BA.SYS
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/07/24 15:59:26 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2002/07/24 15:57:39 | 000,053,248 | ---- | C] () -- C:\WINDOWS\uneng.exe
[2002/07/24 15:50:48 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2002/07/24 15:44:18 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2002/07/24 15:41:50 | 000,286,112 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/07/24 14:32:08 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2001/11/15 08:19:38 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2001/11/15 07:39:06 | 000,435,260 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2001/11/15 07:39:06 | 000,068,156 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2001/11/15 07:31:02 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2001/11/15 07:28:28 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2001/08/23 15:07:14 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.DAT
[2001/08/23 15:07:02 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.BIN
[2001/08/18 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\MLANG.DAT
[2001/08/18 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\PERFI009.DAT
[2001/08/18 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\DSSEC.DAT
[2001/08/18 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\MIB.BIN
[2001/08/18 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\PERFD009.DAT
[2001/08/18 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2001/07/06 14:30:00 | 000,003,399 | ---- | C] () -- C:\WINDOWS\System32\hptcpmon.ini

< End of report >

SquishedFlat

Newbie Surfer
Newbie Surfer

Posts : 39
Joined : 2010-11-05
Operating System : XP

View user profile

Back to top Go down

Re: Computer moves at a near glacial pace

Post by Belahzur on Thu 03 Mar 2011, 1:10 pm

Hello.

  • Download combofix from here
    Link 1

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See HERE for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Computer moves at a near glacial pace

Post by SquishedFlat on Fri 04 Mar 2011, 8:03 am

Hi. It took 5 hours, but it ran.

ComboFix 11-03-02.05 - Scott 03/03/2011 9:23.5.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.255.109 [GMT -5:00]
Running from: c:\documents and settings\Scott\Desktop\Combo-Fix.exe
AV: AntiVir Desktop *Disabled/Updated* {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.

((((((((((((((((((((((((( Files Created from 2011-02-03 to 2011-03-03 )))))))))))))))))))))))))))))))
.

2011-02-22 13:42 . 2010-12-20 23:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-22 13:41 . 2010-12-20 23:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-22 13:41 . 2011-02-22 13:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-17 16:39 . 2011-02-03 00:19 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-02-06 20:46 . 2011-02-06 20:46 -------- d-----w- C:\commy

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-03 02:40 . 2010-12-16 01:50 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-01-29 16:45 . 2011-01-29 16:45 208 ----a-w- C:\~TaxUnin.bat
2011-01-21 14:44 . 2004-04-11 07:48 439296 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-11 22:29 . 2010-09-11 04:41 285480 ----a-w- c:\windows\system32\guard32.dll
2011-01-11 22:29 . 2010-09-11 04:40 94784 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-01-11 22:29 . 2010-09-11 04:40 27576 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-01-11 22:29 . 2010-09-11 04:40 239368 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-01-11 22:29 . 2010-09-11 04:40 15592 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-01-07 14:09 . 2001-08-18 11:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-12-31 13:10 . 2002-02-20 23:46 1854976 ----a-w- c:\windows\system32\win32k.sys
2010-12-22 12:34 . 2004-04-11 06:14 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 23:59 . 2004-08-24 00:32 916480 ----a-w- c:\windows\system32\wininet.dll
2010-12-20 23:59 . 2004-04-11 06:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-20 23:59 . 2004-04-11 06:13 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-12-20 17:26 . 2001-08-18 11:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-20 12:55 . 2004-08-04 05:59 385024 ----a-w- c:\windows\system32\html.iec
2010-12-16 14:11 . 2010-12-16 14:11 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2010-12-13 13:46 . 2011-01-18 23:44 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-12-13 13:46 . 2011-01-18 23:44 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-12-09 15:15 . 2001-08-18 11:00 718336 ----a-w- c:\windows\system32\ntdll.dll
2010-12-09 14:30 . 2001-08-18 11:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2010-12-09 13:38 . 1980-01-01 05:00 2192768 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-12-09 13:07 . 1980-01-01 05:00 2069376 ----a-w- c:\windows\system32\ntkrnlpa.exe
2008-11-21 16:45 . 2008-11-21 16:44 2934272 ----a-w- c:\program files\ccsetup.exe
2007-07-26 16:18 . 2007-07-26 16:16 49943864 ----a-w- c:\program files\iTunesSetup.exe
2007-07-04 01:08 . 2007-07-04 00:58 609203729 ----a-w- c:\program files\MSSetup.exe
2007-04-08 08:54 . 2007-04-08 08:54 13287696 ----a-w- c:\program files\sspsetup1673_.exe
2006-06-08 16:44 . 2006-06-08 16:44 8785512 ----a-w- c:\program files\sspsetup1673_en.exe
2006-05-12 16:35 . 2006-05-12 16:35 11817800 ----a-w- c:\program files\GoogleEarth.exe
2004-01-21 02:28 . 2004-01-21 02:28 5452936 ----a-w- c:\program files\DivX511Bundle.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Works Update Detection"="c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2003-09-14 50688]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-10-06 5058560]
"BCMSMMSG"="c:\windows\BCMSMMSG.exe" [2003-08-29 122880]
"AdaptecDirectCD"="c:\program files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-04-10 679936]
"Dell|Alert"="c:\program files\Dell\Support\Alert\bin\DAMon.exe" [2002-07-11 270336]
"LifeScape Media Detector"="c:\program files\Picasa\PicasaMediaDetector.exe" [2003-08-12 126976]
"nwiz"="c:\windows\system32\nwiz.exe" [2003-10-06 741376]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"VerizonServicepoint.exe"="c:\program files\Verizon\Servicepoint\VerizonServicepoint.exe" [2006-02-01 1880064]
"ActiveSpeed"="c:\program files\Ascentive\ActiveSpeed\AS.exe" [2009-03-05 2035712]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-04 111936]
"Verizon_McciTrayApp"="c:\program files\Verizon\McciTrayApp.exe" [2010-03-17 1565696]
"Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2008-09-30 485208]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2001-08-18 44032]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2002-08-29 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2002-08-29 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2002-08-29 455168]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-18 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-01-19 2548552]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]
"TraySantaCruz"="c:\windows\system32\tbctray.exe" [2002-04-03 290816]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"135:TCP"= 135:TCP:DCOM(135)

R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\SYSTEM32\DRIVERS\cmdGuard.sys [9/10/2010 11:40 PM 239368]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\SYSTEM32\DRIVERS\cmdhlp.sys [9/10/2010 11:40 PM 27576]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [1/18/2011 6:44 PM 135336]
R3 tbcspud;Santa Cruz Driver;c:\windows\SYSTEM32\DRIVERS\tbcspud.sys [1/1/1980 144768]
R3 tbcwdm;Santa Cruz WDM Driver;c:\windows\SYSTEM32\DRIVERS\tbcwdm.sys [1/1/1980 545088]
S2 AntiVirMailService;Avira AntiVir MailGuard;c:\program files\Avira\AntiVir Desktop\avmailc.exe [1/18/2011 6:44 PM 339624]
S2 AntiVirWebService;Avira AntiVir WebGuard;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [1/18/2011 6:44 PM 420520]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [3/3/2010 2:22 AM 135664]
S2 IBBTLOAM;IBBTLOAM;\??\c:\windows\system32\ibbtloam.pel --> c:\windows\system32\ibbtloam.pel [?]
S3 vtdg46xx;vtdg46xx;c:\progra~1\TURTLE~1\SANTAC~1\CONTRO~1\vtdg46xx.sys [7/24/2002 3:54 PM 19232]
.
Contents of the 'Scheduled Tasks' folder

2011-03-02 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2011-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-03 07:21]

2011-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-03 07:21]

2011-03-03 c:\windows\Tasks\User_Feed_Synchronization-{70649BE7-DAF4-4542-A595-8E0468A1A769}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 08:31]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
uInternet Connection Wizard,ShellNext = iexplore
mSearchURL = [You must be registered and logged in to see this link.]
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Scott\Start Menu\Programs\IMVU\Run IMVU.lnk
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
Trusted Zone: ebay.com\my
Trusted Zone: ebay.com\signin
Trusted Zone: eset.com
Trusted Zone: eset.eu\www
Trusted Zone: turbotax.com
TCP: {1AEA0150-77A8-4414-B005-E0E63E541171} = 156.154.70.22,156.154.71.22
DPF: Microsoft XML Parser for Java - [You must be registered and logged in to see this link.]
DPF: vzTCPConfig - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\documents and settings\Scott\Application Data\Mozilla\Firefox\Profiles\nglxs7bv.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: [You must be registered and logged in to see this link.] - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2011-03-03 13:44
Windows 5.1.2600 Service Pack 3 NTFS

detected NTDLL code modification:
ZwClose, ZwOpenFile

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\IBBTLOAM]
"ImagePath"="\??\c:\windows\system32\ibbtloam.pel"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,55,52,75,9a,61,3f,56,48,b4,be,a1,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,55,52,75,9a,61,3f,56,48,b4,be,a1,\

[HKEY_USERS\S-1-5-21-1180395095-4025279379-689279713-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(664)
c:\windows\system32\guard32.dll
c:\program files\Avira\AntiVir Desktop\avsda.dll

- - - - - - - > 'explorer.exe'(3008)
c:\windows\system32\WININET.dll
c:\windows\system32\guard32.dll
c:\progra~1\WINDOW~3\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\System32\drivers\CDAC11BA.EXE
c:\program files\Common Files\Command Software\dvpapi.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\windows\System32\nvsvc32.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Completion time: 2011-03-03 14:21:06 - machine was rebooted
ComboFix-quarantined-files.txt 2011-03-03 19:18
ComboFix2.txt 2011-02-19 18:23
ComboFix3.txt 2011-02-07 01:42
ComboFix4.txt 2010-12-14 17:40

Pre-Run: 45,412,683,776 bytes free
Post-Run: 45,461,311,488 bytes free

- - End Of File - - 692BA37256A4ADDF12EB00007CC4BD98

SquishedFlat

Newbie Surfer
Newbie Surfer

Posts : 39
Joined : 2010-11-05
Operating System : XP

View user profile

Back to top Go down

Re: Computer moves at a near glacial pace

Post by Belahzur on Fri 04 Mar 2011, 12:39 pm

Hello.

Run ESET Online Scan
Please do an online scan with ESET Online Scanner. Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Check (tick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Computer moves at a near glacial pace

Post by SquishedFlat on Mon 07 Mar 2011, 12:48 am

Hi Belahzur. The online scan ran for over 45 hours. Phew!!

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6425
# api_version=3.0.2
# EOSSerial=7ce0f5bb02f19a479fdfd63af4e515e4
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-03-06 04:45:07
# local_time=2011-03-05 11:45:07 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1792 16777175 100 0 3746559 3746559 0 0
# compatibility_mode=3073 16777213 80 75 0 15281220 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=98471
# found=1
# cleaned=1
# scan_time=76739
C:\WINDOWS\SYSTEM32\234.js JS/TrojanDownloader.Agent.NWG trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
DLL:pipe not connected. attempts=120

SquishedFlat

Newbie Surfer
Newbie Surfer

Posts : 39
Joined : 2010-11-05
Operating System : XP

View user profile

Back to top Go down

Re: Computer moves at a near glacial pace

Post by Belahzur on Mon 07 Mar 2011, 12:47 pm

Hello.

Please download the current version of HijackThis from HERE

  • Double click and run the installer.
  • It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  • After installing, you should get the user agreement, press accept and Hijack This will run.
  • When Hijack This opens, click "Open the Misc Tools section"
  • Then select "Open Uninstall Manager"
  • Click on "Save List..." (generates uninstall_list.txt)
  • Click Save, copy and paste the results in your next post.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Computer moves at a near glacial pace

Post by SquishedFlat on Tue 08 Mar 2011, 3:10 am

ActiveSpeed
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.0.1)
Adobe Shockwave Player 11.5
AnswerWorks 4.0 Runtime - English
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Panorama Maker 4
Avira AntiVir Premium
BaboViolent 2.11
Barrow Hill
BCM V.92 56K Modem
Bonjour
Brownstone Equation Editor 5
CCleaner
Classic PhoneTools
COMODO Internet Security
Compatibility Pack for the 2007 Office system
Critical Update for Windows Media Player 11 (KB959772)
Defraggler
Dell | Support
Dell Modem-On-Hold
Dell Picture Studio - Dell Image Expert
Dell Solution Center
Digital Line Detect
Easy CD Creator 5 Basic
ESET Online Scanner v3
File Uploader
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Extended Capabilities 5.3
HP Imaging Device Functions 5.3
HP Photosmart Essential
HP Product Assistant
HP PSC & OfficeJet 5.3.B
HP Solution Center & Imaging Support Tools 5.3
HP Update
igLoader
Intel RSX 3D
iTunes
Java(TM) 6 Update 24
Macromedia Extension Manager
Macromedia Flash Player
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2002
Microsoft Money 2002 System Pack
Microsoft National Language Support Downlevel APIs
Microsoft Office Outlook Connector
Microsoft Office Standard Edition 2003
Microsoft Picture It! Express 2000
Microsoft Picture It! Express 9
Microsoft Picture It! Library 9
Microsoft Picture It! Photo 2002
Microsoft Silverlight
Microsoft Streets and Trips 2002
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works 2002 Setup Launcher
Microsoft Works 6.0
Microsoft Works Suite Add-in for Microsoft Word
MobileMe Control Panel
Modem Helper
Mozilla Firefox (3.6.13)
MSN
MSN Encarta Plus Support Files
MSN Messenger 7.5
MSN Music Assistant
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nebulae Fighter Special Edition
Nikon Message Center
Nikon Transfer
NVIDIA Display Driver
NVIDIA Windows 2000/XP Display Drivers
PC SpeedScan Pro
Picasa
PlayLinc
QuickTime
SafeCast Shared Components
Santa Cruz
Schoolhouse Rock Thinking Games
Security Advisor
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Shockwave
Spellagories
Spelling Dictionaries Support For Adobe Reader 9
TurboTax 2008
TurboTax 2008 WinPerFedFormset
TurboTax 2008 WinPerProgramHelp
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 WinPerTaxSupport
TurboTax 2008 WinPerUserEducation
TurboTax 2008 wmdiper
TurboTax 2008 wrapper
TurboTax Deluxe 2005
TurboTax Deluxe 2007
TurboTax Deluxe Deduction Maximizer 2006
TurboTax ItsDeductible 2005
TurboTax ItsDeductible 2006
Tutor
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB968220)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Verizon Broadband Toolbar
Verizon Help and Support Tool
Verizon PC Security Checkup
Webster's New World Dictionary
Windows Genuine Advantage v1.3.0254.0
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Service Pack 3
Yahoo! Messenger


SquishedFlat

Newbie Surfer
Newbie Surfer

Posts : 39
Joined : 2010-11-05
Operating System : XP

View user profile

Back to top Go down

Re: Computer moves at a near glacial pace

Post by Belahzur on Tue 08 Mar 2011, 12:04 pm

Okay cool, just Firefox needs updating.

Please download Firefox 3.6.15 and install it. It will install over version 3.6.13 you currently have installed, so you won't lose any bookmarked websites.

How is the machine running now?


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Computer moves at a near glacial pace

Post by SquishedFlat on Wed 09 Mar 2011, 7:17 am

Updated Firefox. Much, much better now. THANK YOU so much.

But its still not where I think it should be. You have some links to speeding up PCs in general by making adjustments to auto runs, resetting Winsock settings, etc. Are these worth trying? Some of the linked tutorials are not intuitive to us lay people as to what to change and what not to and what needs to be there ans what could be deleted. I even read something about reloading the OS. Scary!

Suggestions? I truly appreciate your assistance.

SquishedFlat

Newbie Surfer
Newbie Surfer

Posts : 39
Joined : 2010-11-05
Operating System : XP

View user profile

Back to top Go down

Re: Computer moves at a near glacial pace

Post by Belahzur on Wed 09 Mar 2011, 11:27 am

You mean hardrive maintenance. Yes, computer speed can also depend on that, like removing temp files and such.

TFC(Temp File Cleaner):

  • Please download TFC to your desktop,
  • Save any unsaved work. TFC will close all open application windows.
  • Double-click TFC.exe to run the program.
  • If prompted, click "Yes" to reboot.
Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It shouldn't take longer take a couple of minutes, and may only take a few seconds. Only if needed will you be prompted to reboot.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Computer moves at a near glacial pace

Post by SquishedFlat on Sun 13 Mar 2011, 3:58 am

Belahzur,

You da man! I ran TFC and it removed some things CCleaner does not. Great suggestion. All is well on this old PC thanks to your tremendous assistance. I cannot thank you enough.

Squished Flat

SquishedFlat

Newbie Surfer
Newbie Surfer

Posts : 39
Joined : 2010-11-05
Operating System : XP

View user profile

Back to top Go down

Re: Computer moves at a near glacial pace

Post by Belahzur on Sun 13 Mar 2011, 11:01 am

I would also consider a hardware upgrade as this machine only has 256mb of RAM in it.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Computer moves at a near glacial pace

Post by Sponsored content Today at 6:21 am


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum