computer running slow....help

View previous topic View next topic Go down

computer running slow....help

Post by iroll on Thu May 10, 2012 2:27 am

%APPDATA%\Microsoft\*.*
%systemroot%\system32\config\systemprofile\*.dat /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\winn32\*.*
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%PROGRAMFILES%\Mozilla Firefox\*.exe
%ProgramFiles%\TinyProxy.
%systemroot%\system32\*.* /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.* /lockedfiles
%PROGRAMFILES%\*.
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
/md5start
netlogon.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
disk.sys
/md5stop
CREATERESTOREPOINT
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
OTL logfile created on: 5/9/2012 8:30:59 PM - Run 1
OTL by OldTimer - Version 3.2.42.1 Folder = C:\Documents and Settings\J O\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.37 Mb Total Physical Memory | 400.82 Mb Available Physical Memory | 39.51% Memory free
2.38 Gb Paging File | 1.87 Gb Available in Paging File | 78.40% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 73.12 Gb Total Space | 61.55 Gb Free Space | 84.18% Space Free | Partition Type: NTFS

Computer Name: JO | User Name: J O | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/09 20:26:03 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\J O\Desktop\OTL.com
PRC - [2012/03/06 18:20:47 | 006,426,672 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\Setup\avast.setup
PRC - [2012/03/06 18:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/03/06 18:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/01/25 10:40:52 | 001,734,656 | ---- | M] () -- C:\Program Files\Luth Research\SavvyConnectFramework\bin\scservice\SCService.exe
PRC - [2011/11/10 09:14:28 | 000,696,320 | ---- | M] (Luth Research LLC) -- C:\Program Files\Luth Research\SavvyConnectFramework\bin\scui\SavvyConnectUI.exe
PRC - [2011/06/22 20:49:12 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/01 17:55:30 | 000,576,104 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007/11/01 17:55:28 | 001,440,384 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2007/05/10 10:22:32 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
PRC - [2006/10/18 21:04:28 | 000,802,816 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2006/10/18 21:01:34 | 000,290,816 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2006/10/18 20:58:16 | 000,696,320 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2006/10/18 20:53:24 | 000,479,232 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe


========== Modules (No Company Name) ==========

MOD - [2012/03/06 18:20:46 | 000,213,552 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\Setup\setiface.dll
MOD - [2012/03/06 01:01:21 | 001,721,856 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12030600\algo.dll
MOD - [2012/01/25 10:40:52 | 001,734,656 | ---- | M] () -- C:\Program Files\Luth Research\SavvyConnectFramework\bin\scservice\SCService.exe
MOD - [2007/11/01 17:53:34 | 002,842,624 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
MOD - [2007/11/01 17:51:36 | 000,040,960 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2006/10/18 20:51:48 | 000,118,784 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2006/10/18 20:50:22 | 000,348,160 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
MOD - [2006/10/02 16:07:26 | 001,167,360 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\acAuth.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/05/04 18:05:15 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/06 18:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/01/25 10:40:52 | 001,734,656 | ---- | M] () [Auto | Running] -- C:\Program Files\Luth Research\SavvyConnectFramework\bin\scservice\SCService.exe -- (SCService)
SRV - [2006/10/18 21:01:34 | 000,290,816 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel(R)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\AFGSp50.sys -- (AFGSp50)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\AFGMp50.sys -- (AFGMp50)
DRV - [2012/03/06 18:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/06 18:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/06 18:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012/03/06 18:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/06 18:01:39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/03/06 18:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/03/06 17:58:29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/05/24 18:40:10 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)
DRV - [2010/02/11 07:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2007/11/05 17:54:00 | 000,879,528 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2007/11/05 17:53:58 | 000,539,576 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2007/08/27 13:58:18 | 000,074,656 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2007/06/29 12:38:30 | 000,156,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2007/05/10 10:24:34 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/03/31 13:02:40 | 000,055,352 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2007/03/23 10:50:08 | 000,037,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/11/21 05:25:44 | 000,045,568 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/15 00:16:24 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/14 19:42:46 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/14 17:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/10/19 10:29:22 | 000,012,544 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2001/08/22 09:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (OMCI)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {56256A51-B582-467e-B8D4-7786EDA79AE0}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [You must be registered and logged in to see this link.]
IE - HKLM\..\SearchScopes\{34e26447-bf30-4c78-a5b9-61dfa8a55e67}: "URL" = [You must be registered and logged in to see this link.]
IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 36 2E E2 D5 1B 2B CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{34e26447-bf30-4c78-a5b9-61dfa8a55e67}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{B78ED147-9B4F-43D6-8E5A-5397E638FD27}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{c99fdc39-a1ae-4b24-8d71-e5274f8d7c54}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/06/22 20:49:53 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2004/08/04 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (SavvyConnect IE Extension) - {E6C6EC35-C04A-42CD-A3A7-4F09FB0F1B76} - C:\Program Files\Luth Research\SavvyConnectFramework\bin\ieplugin\LuthIEPlugin.dll (Luth Research, LLC)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [SavvyConnectMenu] C:\Program Files\Luth Research\SavvyConnectFramework\bin\scui\SavvyConnectUI.exe (Luth Research LLC)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_29.dll (Sun Microsystems, Inc.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} Reg Error: Key error. (GameTap Player)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} [You must be registered and logged in to see this link.] (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [You must be registered and logged in to see this link.] (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{549165E2-E6B2-437B-85A7-6DD8E277C264}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\J O\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\J O\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/12/18 18:56:11 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm - File not found
SafeBootNet: nm.sys - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Security Update for Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: >{8ADB2D55-EC58-4962-BB75-5F6D1E5C0F01} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: Microsoft Base Smart Card Crypto Provider Package -

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1056

========== Files/Folders - Created Within 30 Days ==========

[2012/05/09 20:26:13 | 000,020,696 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/05/09 20:26:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\avast! Free Antivirus
[2012/05/09 20:26:12 | 000,337,880 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/05/09 20:26:09 | 000,035,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/05/09 20:26:08 | 000,053,848 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/05/09 20:26:07 | 000,612,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/05/09 20:26:06 | 000,095,704 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/05/09 20:26:06 | 000,089,048 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/05/09 20:26:05 | 000,024,920 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/05/09 20:26:03 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\J O\Desktop\OTL.com
[2012/05/09 20:25:42 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/05/09 20:25:40 | 000,201,352 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/05/09 20:25:21 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/05/09 20:25:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVAST Software
[2012/05/04 18:13:51 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\J O\Recent
[2012/05/02 21:09:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J O\My Documents\e-Sword
[2012/05/02 21:05:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\e-Sword
[2012/05/02 21:05:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EzTools
[2012/05/02 21:05:29 | 000,000,000 | ---D | C] -- C:\Program Files\e-Sword
[2012/05/02 21:04:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J O\Local Settings\Application Data\Downloaded Installations
[2012/05/02 20:17:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Documents\Online Bible
[2012/05/02 20:17:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\J O\My Documents\Bible
[2012/05/02 20:17:27 | 000,000,000 | ---D | C] -- C:\Program Files\Bible
[2012/04/11 23:08:23 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\*.tmp files -> C:\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/09 20:26:13 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\avast! Free Antivirus.lnk
[2012/05/04 18:16:16 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/05/02 21:05:40 | 000,001,676 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\e-Sword.lnk
[2012/04/25 18:58:10 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/04/11 23:08:24 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/02/21 16:25:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2012/02/14 20:16:45 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/12/20 20:10:28 | 000,114,968 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/14 07:28:07 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/12/14 07:28:07 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/12/04 07:46:02 | 000,020,312 | ---- | C] () -- C:\WINDOWS\System32\RegistryDefragBootTime.exe
[2011/08/24 15:31:08 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\QSLLPSVCShare
[2011/04/19 23:46:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\J O\Local Settings\Application Data\prvlcl.dat
[2011/04/08 15:23:22 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4814.dll
[2011/04/08 15:21:06 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2011/04/06 18:32:19 | 000,000,263 | ---- | C] () -- C:\WINDOWS\LEXSTAT.INI
[2011/04/01 18:07:55 | 000,057,395 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2011/03/20 17:17:55 | 000,061,440 | ---- | C] () -- C:\WINDOWS\uninstall.exe
[2011/03/20 12:16:57 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/03/19 14:07:31 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/03/18 15:15:28 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/03/18 14:58:50 | 000,319,488 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2011/03/18 12:47:38 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/03/18 12:40:46 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/03/18 06:32:13 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/01/23 17:22:02 | 001,121,408 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

========== Custom Scans ==========

< %APPDATA%\Microsoft\*.* >
[2011/03/18 13:00:39 | 000,001,506 | -H-- | M] () -- C:\Documents and Settings\J O\Application Data\Microsoft\LastFlashConfig.WFC

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2011/03/21 18:54:35 | 000,000,000 | ---D | M] -- C:\Program Files\4WARN
[2012/03/07 15:08:15 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2011/08/24 18:16:31 | 000,000,000 | ---D | M] -- C:\Program Files\AppGraffiti
[2012/03/15 13:56:15 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2012/05/09 20:25:21 | 000,000,000 | ---D | M] -- C:\Program Files\AVAST Software
[2011/09/27 10:41:22 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
[2011/02/05 04:21:35 | 000,000,000 | ---D | M] -- C:\Program Files\Bass Audio Decoder
[2012/05/02 20:42:13 | 000,000,000 | ---D | M] -- C:\Program Files\Bible
[2011/02/10 17:33:31 | 000,000,000 | ---D | M] -- C:\Program Files\Bing Bar Installer
[2011/02/05 21:27:15 | 000,000,000 | ---D | M] -- C:\Program Files\Brand Thunder
[2011/02/09 20:31:38 | 000,000,000 | ---D | M] -- C:\Program Files\Broadcom
[2012/05/04 18:09:13 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2011/02/05 04:21:40 | 000,000,000 | ---D | M] -- C:\Program Files\CD Audio Reader Filter
[2012/05/02 21:05:29 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2011/01/25 19:58:14 | 000,000,000 | ---D | M] -- C:\Program Files\Comodo
[2010/12/18 18:52:55 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2010/12/18 20:07:28 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2010/12/20 00:43:29 | 000,000,000 | ---D | M] -- C:\Program Files\Creative
[2011/01/25 19:22:02 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2011/08/31 21:34:05 | 000,000,000 | ---D | M] -- C:\Program Files\DailyBibleGuideEI
[2011/02/05 04:21:45 | 000,000,000 | ---D | M] -- C:\Program Files\DCoder Image Source
[2011/08/24 15:23:17 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2011/01/22 20:21:49 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Support Center
[2010/12/20 00:16:06 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2011/02/05 04:21:48 | 000,000,000 | ---D | M] -- C:\Program Files\DirectVobSub
[2012/05/04 13:04:50 | 000,000,000 | ---D | M] -- C:\Program Files\e-Sword
[2011/02/05 04:13:41 | 000,000,000 | ---D | M] -- C:\Program Files\Easy DVD Player
[2011/02/05 04:21:51 | 000,000,000 | ---D | M] -- C:\Program Files\FFMPEG Core Files
[2011/01/25 18:38:32 | 000,000,000 | ---D | M] -- C:\Program Files\FreeApps
[2011/04/20 21:30:34 | 000,000,000 | ---D | M] -- C:\Program Files\FreePDFTablet
[2012/05/04 18:10:18 | 000,000,000 | ---D | M] -- C:\Program Files\FunWebProducts
[2011/02/05 04:21:54 | 000,000,000 | ---D | M] -- C:\Program Files\Gabest MPEG Splitter
[2011/01/24 12:47:23 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2011/02/05 03:55:40 | 000,000,000 | ---D | M] -- C:\Program Files\Haali
[2010/12/20 01:05:23 | 000,000,000 | ---D | M] -- C:\Program Files\IDT
[2010/12/19 22:24:06 | 000,000,000 | ---D | M] -- C:\Program Files\InboxAce_1gEI
[2011/08/24 15:29:44 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2010/12/20 00:45:24 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2012/03/15 22:42:05 | 000,000,000 | ---D | M] -- C:\Program Files\InterActual
[2012/04/11 23:01:16 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011/12/04 07:31:46 | 000,000,000 | ---D | M] -- C:\Program Files\IObit
[2011/11/04 17:14:00 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2011/08/24 17:08:42 | 000,000,000 | ---D | M] -- C:\Program Files\Lexmark Skins
[2012/03/13 17:33:11 | 000,000,000 | ---D | M] -- C:\Program Files\Luth Research
[2011/03/18 19:24:39 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2011/01/20 21:35:30 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2011/02/09 20:01:19 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Fix it Center
[2011/03/20 12:12:55 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2011/03/20 12:13:10 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2012/05/09 18:55:11 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2011/02/10 16:49:11 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2011/08/24 17:07:37 | 000,000,000 | ---D | M] -- C:\Program Files\Modem Helper
[2011/02/05 04:21:56 | 000,000,000 | ---D | M] -- C:\Program Files\MONOGRAM AMR SplitterDecoder
[2011/03/18 21:02:24 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/12/25 04:05:29 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2010/12/18 18:51:22 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2010/12/18 18:52:07 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2011/02/10 17:32:14 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Toolbar
[2010/12/19 21:44:53 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2011/03/18 18:40:35 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2011/03/22 18:50:07 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2011/03/18 10:43:51 | 000,000,000 | ---D | M] -- C:\Program Files\OpenOffice.org 3
[2011/02/05 04:21:59 | 000,000,000 | ---D | M] -- C:\Program Files\OpenSource AVI Splitter
[2011/02/05 04:22:01 | 000,000,000 | ---D | M] -- C:\Program Files\OpenSource DTSAC3DD+ Source Filter
[2011/02/05 04:22:04 | 000,000,000 | ---D | M] -- C:\Program Files\OpenSource Flash Video Splitter
[2011/03/18 21:04:06 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2012/03/15 13:58:13 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2011/06/22 20:50:10 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2011/02/05 04:22:09 | 000,000,000 | ---D | M] -- C:\Program Files\RealMedia
[2010/12/25 04:05:19 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2012/01/13 17:11:55 | 000,000,000 | ---D | M] -- C:\Program Files\Retrogamer_4wEI
[2011/02/05 04:22:12 | 000,000,000 | ---D | M] -- C:\Program Files\SHOUTcast Source
[2011/02/03 17:59:17 | 000,000,000 | ---D | M] -- C:\Program Files\SigmaTel
[2012/02/21 21:54:57 | 000,000,000 | ---D | M] -- C:\Program Files\Softland
[2010/12/19 18:55:23 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2011/02/06 21:33:28 | 000,000,000 | ---D | M] -- C:\Program Files\TurboTax
[2010/12/18 19:02:17 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2011/09/12 11:23:13 | 000,000,000 | ---D | M] -- C:\Program Files\VideoLAN
[2012/02/10 19:47:11 | 000,000,000 | ---D | M] -- C:\Program Files\WIDCOMM
[2011/02/11 13:20:41 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Desktop Search
[2011/02/10 17:27:52 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2011/08/26 15:55:22 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2012/05/04 18:18:37 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2010/12/18 18:54:55 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2010/12/18 18:56:44 | 000,000,000 | ---D | M] -- C:\Program Files\xerox

< MD5 for: AGP440.SYS >
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2011/03/18 18:31:58 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2011/03/18 18:31:58 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011/03/18 18:31:58 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2011/03/18 18:31:58 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 05:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: DISK.SYS >
[2004/08/04 05:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2011/03/18 18:31:58 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2011/03/18 18:31:58 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2004/08/04 05:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: IASTOR.SYS >
[2007/07/12 16:35:02 | 000,305,176 | ---- | M] (Intel Corporation) MD5=2358C53F30CB9DCD1D3843C4E2F299B2 -- C:\WINDOWS\dell\iastor\iastor.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009/02/06 13:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 13:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/04 05:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2012-05-10 00:25:26

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/02/29 07:17:40 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/02/29 07:17:40 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/02/29 07:17:40 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/02/29 07:17:40 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/02/29 07:17:40 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/02/29 07:17:40 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\J O\My Documents\tax amen 2012.pdf:SummaryInformation
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:0B4227B4

< End of report >
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-05-09 21:18:15
-----------------------------
21:18:15.783 OS Version: Windows 5.1.2600 Service Pack 3
21:18:15.783 Number of processors: 2 586 0xE08
21:18:15.783 ComputerName: JO UserName:
21:18:17.892 Initialize success
21:18:18.986 AVAST engine defs: 12050901
21:18:28.546 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
21:18:28.546 Disk 0 Vendor: TOSHIBA_MK8032GSX AS112D Size: 74881MB BusType: 3
21:18:28.561 Disk 0 MBR read successfully
21:18:28.561 Disk 0 MBR scan
21:18:28.624 Disk 0 Windows XP default MBR code
21:18:28.639 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 74873 MB offset 63
21:18:28.639 Disk 0 scanning sectors +153340425
21:18:28.733 Disk 0 scanning C:\WINDOWS\system32\drivers
21:18:42.792 Service scanning
21:19:01.365 Modules scanning
21:19:07.786 Disk 0 trace - called modules:
21:19:07.801 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
21:19:07.801 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86543ab8]
21:19:07.801 3 CLASSPNP.SYS[f761dfd7] -> nt!IofCallDriver -> \Device\0000006a[0x86548198]
21:19:07.817 5 ACPI.sys[f7494620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8657f940]
21:19:08.286 AVAST engine scan C:\WINDOWS
21:19:12.081 AVAST engine scan C:\WINDOWS\system32
21:21:31.391 AVAST engine scan C:\WINDOWS\system32\drivers
21:21:45.185 AVAST engine scan C:\Documents and Settings\J O
21:23:27.211 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\J O\Desktop\MBR.dat"
21:23:27.226 The log file has been saved successfully to "C:\Documents and Settings\J O\Desktop\aswMBR.txt"

iroll
Novice
Novice

Status :
Online
Offline

Posts Posts : 6
Joined Joined : 2012-05-10
Gender Gender : Male
OS OS : windows xp

View user profile

Back to top Go down

Re: computer running slow....help

Post by Superdave on Thu May 10, 2012 5:26 pm

Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.

*****************************************************************
Please do not start multiple threads for the same problem. If a log is too large you may have to break it into two or more posts.

SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!


Download [You must be registered and logged in to see this link.]
* Double-click the icon on your desktop to run the installer.
* When asked to Update the program definitions, click Yes
* If you encounter any problems while downloading the updates, manually download and unzip them from [You must be registered and logged in to see this link.]
* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
* Click the Scanning Control tab.
* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning
•Scan for tracking cookies
•Terminate memory threats before quarantining
Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer
* On the left check the box for the drive you are scanning.
* On the right choose Perform Complete Scan
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK
* Make sure everything in the white box has a check next to it, then click Next
* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:
•After reboot, double-click the SUPERAntiSpyware icon on your desktop.
•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).
•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
*Copy and Paste the log in your post.
*********************************************
Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.]
Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
*******************************************************
Update Your Java (JRE)

Old versions of Java have vulnerabilities that malware can use to infect your system.


First [You must be registered and logged in to see this link.]

If there are any other version(s) installed then update now.

Get the new version (if needed)

If your version is out of date install the newest version of the [You must be registered and logged in to see this link.].

Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Be sure to close ALL open web browsers before starting the installation.

Remove any old versions

1. Download [You must be registered and logged in to see this link.] and unzip the file to your Desktop.
2. Open JavaRA.exe and choose Remove Older Versions
3. Once complete exit JavaRA.

Additional Note: [You must be registered and logged in to see this link.] adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer.

Superdave
Captain
Captain

Status :
Online
Offline

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: computer running slow....help

Post by iroll on Fri May 11, 2012 2:56 am

SUPERAntiSpyware Scan Log
[You must be registered and logged in to see this link.]

Generated 05/10/2012 at 08:05 PM

Application Version : 5.0.1148

Core Rules Database Version : 8585
Trace Rules Database Version: 6397

Scan type : Quick Scan
Total Scan Time : 00:00:13

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 7
Memory threats detected : 0
Registry items scanned : 28234
Registry threats detected : 0
File items scanned : 3630
File threats detected : 4

PUP.MyWebSearch/FunWebProducts
C:\Program Files\FunWebProducts\Installr\1.bin\chrome
C:\Program Files\FunWebProducts\Installr\1.bin
C:\Program Files\FunWebProducts\Installr
C:\Program Files\FunWebProducts
SUPERAntiSpyware Scan Log
[You must be registered and logged in to see this link.]

Generated 05/10/2012 at 09:40 PM

Application Version : 5.0.1148

Core Rules Database Version : 8585
Trace Rules Database Version: 6397

Scan type : Complete Scan
Total Scan Time : 01:06:01

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 531
Memory threats detected : 0
Registry items scanned : 33747
Registry threats detected : 0
File items scanned : 64377
File threats detected : 110

PUP.MyWebSearch/FunWebProducts
C:\Program Files\FunWebProducts\Installr\1.bin\chrome
C:\Program Files\FunWebProducts\Installr\1.bin
C:\Program Files\FunWebProducts\Installr
C:\Program Files\FunWebProducts

Adware.Tracking Cookie
C:\Documents and Settings\J O\Cookies\OPPL5P27.txt [ /www.googleadservices.com ]
C:\Documents and Settings\J O\Cookies\TL1CTD4I.txt [ /statcounter.com ]
C:\Documents and Settings\J O\Cookies\XQECLHXU.txt [ /ads2.zeusclicks.com ]
C:\Documents and Settings\J O\Cookies\PBC8JYS2.txt [ /www.youporn.com ]
C:\Documents and Settings\J O\Cookies\P34L332E.txt [ /ad.yieldmanager.com ]
C:\Documents and Settings\J O\Cookies\A0R21C99.txt [ /lfstmedia.com ]
C:\Documents and Settings\J O\Cookies\G9MV74G6.txt [ /ads.pubmatic.com ]
C:\Documents and Settings\J O\Cookies\9YMXRI0H.txt [ /youporn.com ]
C:\Documents and Settings\J O\Cookies\UM73ZZ2Y.txt [ /lucidmedia.com ]
C:\Documents and Settings\J O\Cookies\3BK4M77Y.txt [ /ads.undertone.com ]
C:\Documents and Settings\J O\Cookies\BEYCSLFW.txt [ /kanoodle.com ]
C:\Documents and Settings\J O\Cookies\PVO04CSC.txt [ /collective-media.net ]
C:\Documents and Settings\J O\Cookies\JP22G0ZR.txt [ /2o7.net ]
C:\Documents and Settings\J O\Cookies\MZ99LOPR.txt [ /ads.al.com ]
C:\Documents and Settings\J O\Cookies\8QX28T0V.txt [ /atwola.com ]
C:\Documents and Settings\J O\Cookies\ORMCE93U.txt [ /msnbc.112.2o7.net ]
C:\Documents and Settings\J O\Cookies\J4E1MS2X.txt [ /dc.tremormedia.com ]
C:\Documents and Settings\J O\Cookies\HZR2MUTS.txt [ /a1.interclick.com ]
C:\Documents and Settings\J O\Cookies\LE9JIXGE.txt [ /xiti.com ]
C:\Documents and Settings\J O\Cookies\630QU672.txt [ /amazon-adsystem.com ]
C:\Documents and Settings\J O\Cookies\G4SEL627.txt [ /exoclick.com ]
C:\Documents and Settings\J O\Cookies\9BQUCBT2.txt [ /api.moviepilot.com ]
C:\Documents and Settings\J O\Cookies\KDYIVNWG.txt [ /ar.atwola.com ]
C:\Documents and Settings\J O\Cookies\KMIMM2V9.txt [ /at.atwola.com ]
C:\Documents and Settings\J O\Cookies\456SJKGB.txt [ /legolas-media.com ]
C:\Documents and Settings\J O\Cookies\0EQOBVWU.txt [ /xmedia.live.advance.net ]
C:\Documents and Settings\J O\Cookies\Y26TS2ZX.txt [ /moviepilot.com ]
C:\Documents and Settings\J O\Cookies\E4YAT1WG.txt [ /nextag.com ]
C:\Documents and Settings\J O\Cookies\LLBM2QKH.txt [ /estat.com ]
C:\Documents and Settings\J O\Cookies\JLD34R0R.txt [ /in.getclicky.com ]
C:\Documents and Settings\J O\Cookies\J10W0MWS.txt [ /interclick.com ]
C:\Documents and Settings\J O\Cookies\CT2VHQON.txt [ /adultfriendfinder.com ]
C:\Documents and Settings\J O\Cookies\FRPEA7DP.txt [ /tacoda.at.atwola.com ]
C:\Documents and Settings\J O\Cookies\GCEGY3D5.txt [ /invitemedia.com ]
C:\Documents and Settings\J O\Cookies\8ME6O9D1.txt [ /realmedia.com ]
C:\Documents and Settings\J O\Cookies\2Q5VDHTL.txt [ /media6degrees.com ]
C:\Documents and Settings\J O\Cookies\1WBQ5P6F.txt [ /msnportal.112.2o7.net ]
C:\DOCUMENTS AND SETTINGS\FREINDS\Cookies\freinds@youporn[1].txt [ Cookie:freinds@youporn.com/ ]
C:\DOCUMENTS AND SETTINGS\FREINDS\Cookies\freinds@ad.yieldmanager[2].txt [ Cookie:freinds@ad.yieldmanager.com/ ]
C:\DOCUMENTS AND SETTINGS\FREINDS\Cookies\freinds@[You must be registered and logged in to see this link.] [ Cookie:freinds@[You must be registered and logged in to see this link.] ]
C:\DOCUMENTS AND SETTINGS\FREINDS\Cookies\freinds@questionmarket[2].txt [ Cookie:freinds@questionmarket.com/ ]
C:\DOCUMENTS AND SETTINGS\FREINDS\Cookies\freinds@adultfriendfinder[2].txt [ Cookie:freinds@adultfriendfinder.com/ ]
C:\DOCUMENTS AND SETTINGS\FREINDS\Cookies\H2INNHR4.txt [ Cookie:freinds@atdmt.com/ ]
C:\DOCUMENTS AND SETTINGS\FREINDS\Cookies\freinds@interclick[2].txt [ Cookie:freinds@interclick.com/ ]
C:\DOCUMENTS AND SETTINGS\FREINDS\Cookies\freinds@doubleclick[1].txt [ Cookie:freinds@doubleclick.net/ ]
C:\DOCUMENTS AND SETTINGS\FREINDS\Cookies\freinds@ero-advertising[1].txt [ Cookie:freinds@ero-advertising.com/ ]
C:\DOCUMENTS AND SETTINGS\FREINDS\Cookies\freinds@content.yieldmanager[3].txt [ Cookie:freinds@content.yieldmanager.com/ak/ ]
C:\DOCUMENTS AND SETTINGS\FREINDS\Cookies\freinds@bs.serving-sys[1].txt [ Cookie:freinds@bs.serving-sys.com/ ]
C:\DOCUMENTS AND SETTINGS\FREINDS\Cookies\freinds@yieldmanager[1].txt [ Cookie:freinds@yieldmanager.net/ ]
C:\DOCUMENTS AND SETTINGS\FREINDS\Cookies\freinds@a1.interclick[2].txt [ Cookie:freinds@a1.interclick.com/ ]
C:\DOCUMENTS AND SETTINGS\JPO\Cookies\jpo@content2.kitnmedia[1].txt [ Cookie:jpo@content2.kitnmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\JPO\Cookies\jpo@invitemedia[3].txt [ Cookie:jpo@invitemedia.com/ ]
C:\DOCUMENTS AND SETTINGS\JPO\Cookies\jpo@counters.gigya[1].txt [ Cookie:jpo@counters.gigya.com/ ]
C:\DOCUMENTS AND SETTINGS\JPO\Cookies\jpo@adecn[2].txt [ Cookie:jpo@adecn.com/ ]
C:\DOCUMENTS AND SETTINGS\JPO\Cookies\jpo@ads.youporn[1].txt [ Cookie:jpo@ads.youporn.com/ ]
C:\DOCUMENTS AND SETTINGS\JPO\Cookies\jpo@mediabrandsww[1].txt [ Cookie:jpo@mediabrandsww.com/ ]
C:\DOCUMENTS AND SETTINGS\JPO\Cookies\jpo@tacoda.at.atwola[4].txt [ Cookie:jpo@tacoda.at.atwola.com/ ]
C:\DOCUMENTS AND SETTINGS\JPO\Cookies\jpo@track.rewards-confirmation[2].txt [ Cookie:jpo@track.rewards-confirmation.info/ ]
C:\DOCUMENTS AND SETTINGS\JPO\Cookies\jpo@adinterax[2].txt [ Cookie:jpo@adinterax.com/ ]
C:\DOCUMENTS AND SETTINGS\JPO\Cookies\jpo@[You must be registered and logged in to see this link.] [ Cookie:jpo@[You must be registered and logged in to see this link.] ]
C:\DOCUMENTS AND SETTINGS\JPO\Cookies\jpo@collective-media[1].txt [ Cookie:jpo@collective-media.net/ ]
C:\DOCUMENTS AND SETTINGS\JPO\Cookies\jpo@ar.atwola[1].txt [ Cookie:jpo@ar.atwola.com/ ]
C:\DOCUMENTS AND SETTINGS\JPO\Cookies\jpo@[You must be registered and logged in to see this link.] [ Cookie:jpo@[You must be registered and logged in to see this link.] ]
C:\DOCUMENTS AND SETTINGS\JPO\Cookies\jpo@ero-advertising[1].txt [ Cookie:jpo@ero-advertising.com/ ]
C:\DOCUMENTS AND SETTINGS\JPO\Cookies\jpo@lfstmedia[2].txt [ Cookie:jpo@lfstmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\JPO\Cookies\jpo@adultfriendfinder[2].txt [ Cookie:jpo@adultfriendfinder.com/ ]
C:\DOCUMENTS AND SETTINGS\JPO\Cookies\jpo@trafficregenerator[2].txt [ Cookie:jpo@trafficregenerator.com/ ]
C:\DOCUMENTS AND SETTINGS\JPO\Cookies\jpo@content.yieldmanager[5].txt [ Cookie:jpo@content.yieldmanager.com/ak/ ]
C:\DOCUMENTS AND SETTINGS\JPO\Cookies\jpo@in.getclicky[1].txt [ Cookie:jpo@in.getclicky.com/ ]
C:\DOCUMENTS AND SETTINGS\JPO\Cookies\jpo@ads.crakmedia[2].txt [ Cookie:jpo@ads.crakmedia.com/ ]
C:\DOCUMENTS AND SETTINGS\JPO\Cookies\jpo@youporn[1].txt [ Cookie:jpo@youporn.com/ ]
C:\DOCUMENTS AND SETTINGS\JPO\Cookies\jpo@msnportal.112.2o7[1].txt [ Cookie:jpo@msnportal.112.2o7.net/ ]
C:\DOCUMENTS AND SETTINGS\JPO\Cookies\jpo@at.atwola[4].txt [ Cookie:jpo@at.atwola.com/ ]
C:\DOCUMENTS AND SETTINGS\JPO\Cookies\jpo@media6degrees[2].txt [ Cookie:jpo@media6degrees.com/ ]
C:\DOCUMENTS AND SETTINGS\JPO\Cookies\jpo@s.clickability[2].txt [ Cookie:jpo@s.clickability.com/ ]
C:\DOCUMENTS AND SETTINGS\FREINDS\COOKIES\FREINDS@ADVERTISING[2].TXT [ /ADVERTISING ]
C:\DOCUMENTS AND SETTINGS\FREINDS\COOKIES\FREINDS@AVGTECHNOLOGIES.112.2O7[1].TXT [ /AVGTECHNOLOGIES.112.2O7 ]
C:\DOCUMENTS AND SETTINGS\FREINDS\COOKIES\FREINDS@EYEWONDER[2].TXT [ /EYEWONDER ]
C:\DOCUMENTS AND SETTINGS\FREINDS\COOKIES\FREINDS@INVITEMEDIA[2].TXT [ /INVITEMEDIA ]
C:\DOCUMENTS AND SETTINGS\FREINDS\COOKIES\FREINDS@SERVING-SYS[1].TXT [ /SERVING-SYS ]
cdn1.static.youporn.phncdn.com [ C:\DOCUMENTS AND SETTINGS\J O\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VXJJD6GQ ]
objects.tremormedia.com [ C:\DOCUMENTS AND SETTINGS\J O\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VXJJD6GQ ]
a.ads2.msads.net [ C:\DOCUMENTS AND SETTINGS\JPO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\CA8AGYX3 ]
ads2.msads.net [ C:\DOCUMENTS AND SETTINGS\JPO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\CA8AGYX3 ]
secure-us.imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\JPO\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\CA8AGYX3 ]
C:\DOCUMENTS AND SETTINGS\JPO\COOKIES\JPO@AD.WSOD[2].TXT [ /AD.WSOD ]
C:\DOCUMENTS AND SETTINGS\JPO\COOKIES\JPO@AD.YIELDMANAGER[1].TXT [ /AD.YIELDMANAGER ]
C:\DOCUMENTS AND SETTINGS\JPO\COOKIES\JPO@AD.YIELDMANAGER[3].TXT [ /AD.YIELDMANAGER ]
C:\DOCUMENTS AND SETTINGS\JPO\COOKIES\JPO@ADS.ADVANCE[1].TXT [ /ADS.ADVANCE ]
C:\DOCUMENTS AND SETTINGS\JPO\COOKIES\JPO@ADS.ADVANCE[2].TXT [ /ADS.ADVANCE ]
C:\DOCUMENTS AND SETTINGS\JPO\COOKIES\JPO@ADS.AL[1].TXT [ /ADS.AL ]
C:\DOCUMENTS AND SETTINGS\JPO\COOKIES\JPO@ADS.AL[2].TXT [ /ADS.AL ]
C:\DOCUMENTS AND SETTINGS\JPO\COOKIES\JPO@AT.ATWOLA[2].TXT [ /AT.ATWOLA ]
C:\DOCUMENTS AND SETTINGS\JPO\COOKIES\JPO@AT.ATWOLA[3].TXT [ /AT.ATWOLA ]
C:\DOCUMENTS AND SETTINGS\JPO\COOKIES\JPO@CONTENT.YIELDMANAGER[2].TXT [ /CONTENT.YIELDMANAGER ]
C:\DOCUMENTS AND SETTINGS\JPO\COOKIES\JPO@CONTENT.YIELDMANAGER[3].TXT [ /CONTENT.YIELDMANAGER ]
C:\DOCUMENTS AND SETTINGS\JPO\COOKIES\JPO@CONTENT.YIELDMANAGER[4].TXT [ /CONTENT.YIELDMANAGER ]
C:\DOCUMENTS AND SETTINGS\JPO\COOKIES\JPO@INVITEMEDIA[2].TXT [ /INVITEMEDIA ]
C:\DOCUMENTS AND SETTINGS\JPO\COOKIES\JPO@MEDIA6DEGREES[1].TXT [ /MEDIA6DEGREES ]
C:\DOCUMENTS AND SETTINGS\JPO\COOKIES\JPO@MYWEATHER.112.2O7[1].TXT [ /MYWEATHER.112.2O7 ]
C:\DOCUMENTS AND SETTINGS\JPO\COOKIES\JPO@S.CLICKABILITY[1].TXT [ /S.CLICKABILITY ]
C:\DOCUMENTS AND SETTINGS\JPO\COOKIES\JPO@STATCOUNTER[1].TXT [ /STATCOUNTER ]
C:\DOCUMENTS AND SETTINGS\JPO\COOKIES\JPO@TACODA.AT.ATWOLA[1].TXT [ /TACODA.AT.ATWOLA ]
C:\DOCUMENTS AND SETTINGS\JPO\COOKIES\JPO@TACODA.AT.ATWOLA[2].TXT [ /TACODA.AT.ATWOLA ]
C:\DOCUMENTS AND SETTINGS\JPO\COOKIES\JPO@TRACKING.MOON-RAY[2].TXT [ /TRACKING.MOON-RAY ]
C:\DOCUMENTS AND SETTINGS\JPO\COOKIES\JPO@[You must be registered and logged in to see this link.] [ /WWW.CLICKFLN ]

iroll
Novice
Novice

Status :
Online
Offline

Posts Posts : 6
Joined Joined : 2012-05-10
Gender Gender : Male
OS OS : windows xp

View user profile

Back to top Go down

Re: computer running slow....help

Post by iroll on Fri May 11, 2012 3:02 am

Malwarebytes Anti-Malware 1.61.0.1400
[You must be registered and logged in to see this link.]

Database version: v2012.05.10.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
J O :: JO [administrator]

5/9/2012 10:47:25 PM
mbam-log-2012-05-09 (22-47-25).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 75390
Time elapsed: 27 minute(s), 32 second(s) [aborted]

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 13
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

iroll
Novice
Novice

Status :
Online
Offline

Posts Posts : 6
Joined Joined : 2012-05-10
Gender Gender : Male
OS OS : windows xp

View user profile

Back to top Go down

Re: computer running slow....help

Post by Superdave on Fri May 11, 2012 6:33 pm

Download Security Check by screen317 from one of the following links and save it to your desktop.

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
******************************************************
Download Combofix from any of the links below, and save it to your DESKTOP.

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

To prevent your anti-virus application interfering with ComboFix we need to disable it. See [You must be registered and logged in to see this link.] for a tutorial regarding how to do so if you are unsure.

  • Close any open windows and double click ComboFix.exe to run it.

    You will see the following image:



Click I Agree to start the program.

ComboFix will then extract the necessary files and you will see this:



As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

If you did not have it installed, you will see the prompt below. Choose YES.



Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.

Superdave
Captain
Captain

Status :
Online
Offline

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum