Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

freezes and SLOW startup on NEW computer

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

freezes and SLOW startup on NEW computer

Unread postby kitneyes » March 6th, 2008, 8:44 pm

This is my first attempt at using one of these forums to ask for help myself ... I've only checked them out before to find people with similar problems. I'm not even sure if this is a malware problem, but I just know that the computer seems to stall alot (with CPU jumping from the 40's to as high as the 90's - although a lot of this is "idle process" which apparently is a good thing anyway?) and takes FOREVER to start up. I've been trying to go through the startup stuff and disable what I didn't need, but that has been a long process. I'm about halfway through the windows stuff, and then I plan to get rid of all the extra HP things I don't need (I have a HP Pavilion dv6736nr laptop with 2GB DDR2 SDRAM and 250 GB Hard drive), which seems to be a lot. Oh, and for the second time, the computer totally froze and a static type picture overtook the whole screen, the only option I had was to physically hold the power button to get it to cut off and restart. I currently use ESET Smart Security Firewall and Anti-virus, as well as having AVG and Avaste for backup, really only using them to scan individual downloaded files, etc. and keeping them "manual" in startup. I also have Ad-aware and PC Tools Spyware Doctor ( which is the one I generally use). I'm not sure what else you might need, if I missed something please let me know, and thanks in advance for all your help ... I know I'm lost. Below is my HJT log. Oh, and ps, I just bought this laptop less than a month ago.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:20:22 PM, on 3/6/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe
C:\Program Files\TiVo\Desktop\TiVoServer.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Windows\System32\svchost.exe
C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\explorer.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\TiVo\Desktop\TiVoDesktop.exe
C:\Program Files\BillP Studios\WinPatrol\WinPatrolEx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\mmc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [egui.lnk] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [TivoTransfer] C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe /service /registry /auto:TivoTransfer
O4 - HKCU\..\Run: [TivoServer] C:\Program Files\TiVo\Desktop\TiVoServer.exe /service /registry /auto:TivoServer
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: avgwlntf - C:\Windows\
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: TiVo Beacon (TivoBeacon2) - TiVo Inc. - C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe
O23 - Service: Vongo Service - Starz Entertainment Group LLC - C:\Program Files\Vongo\VongoService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11031 bytes
kitneyes
Regular Member
 
Posts: 29
Joined: March 6th, 2008, 8:25 pm
Advertisement
Register to Remove

Re: freezes and SLOW startup on NEW computer

Unread postby ndmmxiaomayi » March 10th, 2008, 8:33 am

Hi,

really only using them to scan individual downloaded files, etc. and keeping them "manual" in startup.


Did you disable them via MSConfig?

  1. Please download Deckard's System Scanner from Tech Support Forum and save it to your desktop.
  2. Save all your work and close all opened programs.
  3. Right click on dss.exe and select Run As Administrator. You will receive a prompt. Click on Allow.
  4. Read the disclaimer and click OK. The scan will start.
  5. When the scan is complete, two log files will be produced. The first one, main.txt, will be maximized, the second one, extra.txt, will be minimized.
  6. Please post the contents of the 2 log files in your next reply. 1 log per reply please.
ndmmxiaomayi
MRU Emeritus
MRU Emeritus
 
Posts: 9708
Joined: July 17th, 2006, 9:22 am

Re: freezes and SLOW startup on NEW computer

Unread postby kitneyes » March 11th, 2008, 1:34 am

Sorry i didn't reply earlier, I've been busy all day trying to uninstall and reinstall my antivirus and registry cleaners, which starting today will no longer load (all except AVG). They all say something like the program is "no longer working" or "is not working". Also, this showed up in my task manager ... HPKBDAPP.EXE ... along with this new startup up in WinPatrol ... "Startup Location: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows AppInit_DLLs" which I read might be a virus that is blocking all the antivirus attempts. sorry to kinda change subjects on you but I've been rather stressed out all day trying to find out what's wrong. Oh, and I disabled them (as per your question about how I only use the anti's to scan individual files manually) via "services" under "Administrative Tools", but have since changed them to automatic. Well, I won't keep ramblin on so here is the first log main.txt

Deckard's System Scanner v20071014.68
Run by Wes & Amanda on 2008-03-11 02:22:02
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
12: 2008-03-11 01:53:21 UTC - RP99 - Restore Operation
11: 2008-03-11 01:51:53 UTC - RP98 - Windows Update
10: 2008-03-11 00:39:51 UTC - RP96 - Restore Operation
9: 2008-03-10 23:20:21 UTC - RP95 - Restore Operation
8: 2008-03-10 19:35:54 UTC - RP94 - Made by Registry Mechanic


-- First Restore Point --
1: 2008-03-06 23:16:17 UTC - RP84 - Installed Windows Media Player Firefox Plugin


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Wes & Amanda.exe) ----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:24:42 AM, on 3/11/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\Common Files\TiVo Shared\Transfer\TiVoTransfer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Users\Wes & Amanda\Desktop\dss.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Wes & Amanda.exe
C:\Windows\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SynTPStart] "C:\Program Files\Synaptics\SynTP\SynTPStart.exe"
O4 - HKLM\..\Run: [OnScreenDisplay] "C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
O4 - HKLM\..\Run: [WAWifiMessage] "C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe"
O4 - HKLM\..\Run: [WinPatrol] "C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe" -expressboot
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [TivoTransfer] "C:\PROGRAM FILES\COMMON FILES\TIVO SHARED\Transfer\TIVOTRANSFER.EXE" /service /registry /auto:TivoTransfer
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} -
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O20 - Winlogon Notify: avgwlntf - C:\Windows\
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: TiVo Beacon (TivoBeacon2) - TiVo Inc. - C:\Program Files\Common Files\TiVo Shared\Beacon\TiVoBeacon.exe
O23 - Service: Vongo Service - Starz Entertainment Group LLC - C:\Program Files\Vongo\VongoService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10303 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20080227-190132-558 O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)

-- File Associations -----------------------------------------------------------

.js - JSFile - DefaultIcon - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe",2


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 ElRawDisk - \??\c:\windows\system32\drivers\elrawdsk.sys

S3 RegGuard - \??\c:\windows\system32\drivers\regguard.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 HP Health Check Service - "c:\program files\hewlett-packard\hp health check\hphc_service.exe" <Not Verified; Hewlett-Packard; HP Health Check Service>

S3 Com4Qlb - "c:\program files\hewlett-packard\hp quick launch buttons\com4qlb.exe" <Not Verified; Hewlett-Packard Development Company, L.P.; HP Quick Launch Buttons>
S3 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
S3 Vongo Service - "c:\program files\vongo\vongoservice.exe" <Not Verified; Starz Entertainment Group LLC; Vongo>
S4 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
S4 Bonjour Service - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-03-10 12:23:31 432 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{C6ED93B1-991F-4EF5-8EC1-09C5B3AE5EC0}.job


-- Files created between 2008-02-11 and 2008-03-11 -----------------------------

2008-03-10 23:55:55 0 d-------- C:\Program Files\MySetups
2008-03-10 23:12:38 0 d-------- C:\Program Files\Enigma Software Group
2008-03-10 18:34:02 0 d-------- C:\Program Files\Spyware Doctor
2008-03-10 18:34:02 0 d-------- C:\Program Files\Spyware Doctor(21)
2008-03-09 17:34:46 0 d-------- C:\Users\All Users\comodo
2008-03-09 17:34:43 0 d-------- C:\Program Files\COMODO
2008-03-09 17:24:38 12800 --a------ C:\Windows\system32\drivers\elrawdsk.sys <Not Verified; EldoS Corporation; RawDisk>
2008-03-08 16:43:16 39424 --a------ C:\Windows\zipinst.exe <Not Verified; NirSoft; ZipInstaller>
2008-03-08 16:43:15 0 d-------- C:\Program Files\IPNetInfo
2008-03-04 17:08:51 0 d-------- C:\Users\All Users\PC Tools
2008-03-04 17:07:08 0 d-------- C:\Program Files\Common Files\PC Tools
2008-03-03 01:41:21 0 d-------- C:\Program Files\Windows Media Components
2008-03-02 21:08:02 0 d-------- C:\Users\All Users\AOL
2008-03-02 05:05:53 0 d-------- C:\Program Files\GSpot Codec Test
2008-03-02 05:03:52 765952 --a------ C:\Windows\system32\xvidcore.dll
2008-03-02 05:03:51 180224 --a------ C:\Windows\system32\xvidvfw.dll
2008-03-02 03:53:07 0 d-------- C:\Windows\RegisteredPackages
2008-03-02 03:53:07 0 d--h----- C:\Windows\msdownld.tmp
2008-03-02 02:50:54 0 d-------- C:\Program Files\WinAVI Video Converter
2008-03-01 23:27:49 0 d-------- C:\Program Files\Xvid
2008-02-28 22:27:33 0 d-------- C:\Program Files\Alwil Software
2008-02-28 20:41:23 0 d-a------ C:\Users\All Users\TEMP
2008-02-28 16:41:17 0 d-------- C:\Program Files\Uniblue
2008-02-28 16:05:24 0 d-------- C:\Users\All Users\SecTaskMan
2008-02-28 16:05:05 0 d-------- C:\Program Files\Security Task Manager
2008-02-28 15:26:00 0 d-------- C:\Program Files\Microsoft Silverlight
2008-02-27 20:03:56 0 d-------- C:\Users\All Users\Yahoo! Companion
2008-02-27 19:53:32 0 d-------- C:\Program Files\Trend Micro
2008-02-27 03:36:08 0 d-------- C:\Program Files\Winamp
2008-02-26 15:03:54 0 d--hs---- C:\Users\Mcx1\Templates
2008-02-26 15:03:54 0 d--hs---- C:\Users\Mcx1\Start Menu
2008-02-26 15:03:54 0 d--hs---- C:\Users\Mcx1\SendTo
2008-02-26 15:03:54 0 d--hs---- C:\Users\Mcx1\Recent
2008-02-26 15:03:54 0 d--hs---- C:\Users\Mcx1\PrintHood
2008-02-26 15:03:54 0 d--hs---- C:\Users\Mcx1\Local Settings
2008-02-26 15:03:53 0 dr------- C:\Users\Mcx1\Videos
2008-02-26 15:03:53 0 d-------- C:\Users\Mcx1\Saved Games
2008-02-26 15:03:53 0 dr------- C:\Users\Mcx1\Pictures
2008-02-26 15:03:53 0 d--hs---- C:\Users\Mcx1\NetHood
2008-02-26 15:03:53 0 d--hs---- C:\Users\Mcx1\My Documents
2008-02-26 15:03:53 0 dr------- C:\Users\Mcx1\Music
2008-02-26 15:03:53 0 dr------- C:\Users\Mcx1\Links
2008-02-26 15:03:53 0 dr------- C:\Users\Mcx1\Favorites
2008-02-26 15:03:53 0 dr------- C:\Users\Mcx1\Downloads
2008-02-26 15:03:53 0 dr------- C:\Users\Mcx1\Documents
2008-02-26 15:03:53 0 dr------- C:\Users\Mcx1\Desktop
2008-02-26 15:03:53 0 d--hs---- C:\Users\Mcx1\Cookies
2008-02-26 15:03:53 0 d--hs---- C:\Users\Mcx1\Application Data
2008-02-26 15:03:53 0 d--h----- C:\Users\Mcx1\AppData
2008-02-26 15:03:52 524288 --a------ C:\Users\Mcx1\ntuser.dat
2008-02-25 00:09:18 0 d-------- C:\Windows\WinAVI Video Converter 9.0
2008-02-24 16:47:38 7882 --a------ C:\Windows\system32\GTKCMOS.sys <Not Verified; Gteko Ltd.; Gteko Diagnostics>
2008-02-24 16:47:38 5120 --a------ C:\Windows\system32\GTKCMO64.sys <Not Verified; Gteko Ltd.; Gteko Diagnostics>
2008-02-24 16:47:38 7626 --a------ C:\Windows\system32\GPCIEnum.sys <Not Verified; Gteko Ltd.; Gteko Diagnostics>
2008-02-24 16:47:38 5632 --a------ C:\Windows\system32\GPCIEn64.sys <Not Verified; Gteko Ltd.; Gteko Diagnostics>
2008-02-24 16:47:38 1900681 --a------ C:\Windows\system32\gdql_ls.dll <Not Verified; Gteko Ltd.; QDiagLib Module>
2008-02-24 16:47:38 7168 --a------ C:\Windows\system32\DLPT64.sys <Not Verified; Gteko Ltd.; QDiag>
2008-02-24 16:47:38 6656 --a------ C:\Windows\system32\DLPT2.sys <Not Verified; GTek Technologies Ltd.; QDiag>
2008-02-24 16:47:38 4608 --a------ C:\Windows\system32\DDMI64.sys <Not Verified; Gteko Ltd.; DDMI>
2008-02-24 16:47:38 6977 --a------ C:\Windows\system32\DDMI2.sys <Not Verified; Gteko Ltd.; DDMI>
2008-02-24 05:03:10 506368 --a------ C:\Windows\system32\msxml.dll <Not Verified; Microsoft Corporation; Microsoft XML Core Services>
2008-02-24 03:31:04 25773 --a------ C:\Windows\system32\drivers\regguard.sys <Not Verified; Greatis Software; RegRun Security Suite>
2008-02-24 03:23:30 0 d-------- C:\Program Files\RegRunSuite
2008-02-24 03:08:06 0 d-------- C:\Program Files\Lavasoft
2008-02-24 03:02:32 0 d-------- C:\Users\All Users\Lavasoft
2008-02-24 02:24:08 0 d-------- C:\Users\All Users\vsosdk
2008-02-24 01:58:00 74703 --a------ C:\Windows\system32\mfc45.dll
2008-02-24 01:56:02 0 d-------- C:\Users\All Users\iolo
2008-02-24 00:51:14 352 --ah----- C:\Windows\nod32fixtemdono.reg
2008-02-24 00:43:01 0 d-------- C:\Users\All Users\ESET
2008-02-24 00:35:00 217127 --a------ C:\Windows\system32\drv43260.dll <Not Verified; RealNetworks, Inc.; RealVideo 9 (32-bit)>
2008-02-24 00:35:00 208935 --a------ C:\Windows\system32\drv33260.dll <Not Verified; RealNetworks, Inc.; RealVideo 8 (32-bit)>
2008-02-24 00:35:00 176165 --a------ C:\Windows\system32\drv23260.dll <Not Verified; RealNetworks, Inc.; RealVideo G2 (32-bit)>
2008-02-24 00:34:59 0 d-------- C:\Program Files\VSO
2008-02-23 15:59:33 0 d-------- C:\Program Files\BillP Studios
2008-02-23 15:31:18 0 dr-h----- C:\$VAULT$.AVG
2008-02-23 00:34:32 0 d-------- C:\Program Files\MagicISO
2008-02-22 22:57:37 0 d-------- C:\Windows\Caps
2008-02-22 21:59:33 0 d-------- C:\Program Files\uTorrent
2008-02-22 00:09:42 0 d-------- C:\Users\All Users\WinZip
2008-02-21 22:38:46 0 d-------- C:\Users\All Users\Nero
2008-02-21 22:38:46 0 d-------- C:\Program Files\Nero
2008-02-21 22:38:46 0 d-------- C:\Program Files\Common Files\Nero
2008-02-21 21:43:20 0 d-------- C:\Program Files\Microsoft Visual Studio 8
2008-02-20 22:01:01 0 d-------- C:\Users\All Users\Macromedia
2008-02-20 21:59:55 0 d-------- C:\Program Files\Macromedia
2008-02-20 21:59:55 0 d-------- C:\Program Files\Common Files\Macromedia
2008-02-20 20:04:19 0 d-------- C:\Program Files\MediaMonkey
2008-02-20 19:53:59 0 d-------- C:\Program Files\Burn and Delete
2008-02-20 18:33:08 0 d-------- C:\Users\All Users\InstallShield
2008-02-20 18:32:18 0 d-------- C:\Program Files\Common Files\Sonic Shared
2008-02-20 18:31:58 0 d-------- C:\Users\All Users\Sonic
2008-02-20 18:30:47 0 d-------- C:\Users\All Users\Roxio
2008-02-20 18:29:24 0 d-------- C:\Program Files\Roxio
2008-02-20 18:29:24 0 d-------- C:\Program Files\Common Files\Roxio Shared
2008-02-20 16:40:13 0 d-------- C:\Users\All Users\SlySoft
2008-02-20 16:39:53 0 d-------- C:\Program Files\SlySoft
2008-02-20 02:34:54 0 d-------- C:\Program Files\Music Rescue
2008-02-17 03:41:59 0 d-------- C:\Program Files\LightScribeTemplateLabeler
2008-02-17 03:28:04 0 d-------- C:\Users\All Users\Grisoft
2008-02-17 03:28:04 0 d-------- C:\Users\All Users\avg7
2008-02-17 03:26:53 0 d-------- C:\Program Files\Common Files\SWF Studio
2008-02-16 04:05:27 0 d-------- C:\Program Files\MSXML 4.0
2008-02-16 02:02:25 0 d-------- C:\Program Files\iPod
2008-02-16 02:02:13 0 d-------- C:\Program Files\iTunes
2008-02-16 02:01:46 0 d-------- C:\Program Files\Bonjour
2008-02-16 02:01:06 0 d-------- C:\Program Files\QuickTime
2008-02-16 02:01:03 0 d-------- C:\Users\All Users\Apple Computer
2008-02-16 02:00:32 0 d-------- C:\Program Files\Apple Software Update
2008-02-16 01:59:49 0 d-------- C:\Program Files\Common Files\Apple
2008-02-16 01:59:48 0 d-------- C:\Users\All Users\Apple
2008-02-16 01:33:18 0 d-------- C:\Program Files\CoreFTP
2008-02-15 23:35:36 0 d-------- C:\Program Files\Common Files\Adobe
2008-02-15 22:19:56 0 d-------- C:\Program Files\LimeWire
2008-02-15 13:01:31 0 d--hs---- C:\System Volume Information
2008-02-15 04:14:03 0 d-------- C:\Users\All Users\TiVo
2008-02-15 04:14:03 0 d-------- C:\Program Files\TiVo
2008-02-15 04:14:03 0 d-------- C:\Program Files\Common Files\TiVo Shared
2008-02-15 04:11:14 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-02-15 04:09:10 0 d-------- C:\Users\All Users\LightScribe
2008-02-15 01:39:12 0 d-------- C:\Windows\Sun
2008-02-15 01:11:59 0 --a------ C:\Windows\nsreg.dat
2008-02-14 23:51:26 0 d-------- C:\Users\All Users\Gtek
2008-02-14 21:29:15 0 dr------- C:\Users\Wes & Amanda\Searches
2008-02-14 21:29:03 0 dr------- C:\Users\Wes & Amanda\Contacts
2008-02-14 21:28:53 81 --a------ C:\Windows\system32\LOG
2008-02-14 21:28:50 44 --a------ C:\Windows\system\hpsysdrv.dat
2008-02-14 21:24:04 0 d-------- C:\Program Files\Yahoo!
2008-02-14 21:22:40 0 d-------- C:\Users\All Users\Electronic Arts
2008-02-14 21:17:55 0 d-------- C:\Program Files\Electronic Arts
2008-02-14 21:15:32 0 d-------- C:\Program Files\Common Files\LightScribe
2008-02-14 21:13:52 0 d--hs---- C:\Users\Wes & Amanda\Templates
2008-02-14 21:13:52 0 d--hs---- C:\Users\Wes & Amanda\Start Menu
2008-02-14 21:13:52 0 d--hs---- C:\Users\Wes & Amanda\SendTo
2008-02-14 21:13:52 0 d--hs---- C:\Users\Wes & Amanda\Recent
2008-02-14 21:13:52 0 d--hs---- C:\Users\Wes & Amanda\PrintHood
2008-02-14 21:13:52 0 d--hs---- C:\Users\Wes & Amanda\NetHood
2008-02-14 21:13:52 0 d--hs---- C:\Users\Wes & Amanda\My Documents
2008-02-14 21:13:52 0 d--hs---- C:\Users\Wes & Amanda\Local Settings
2008-02-14 21:13:52 0 d--hs---- C:\Users\Wes & Amanda\Cookies
2008-02-14 21:13:52 0 d--hs---- C:\Users\Wes & Amanda\Application Data
2008-02-14 21:13:51 0 d-------- C:\Users\Wes & Amanda\Videos
2008-02-14 21:13:51 0 dr------- C:\Users\Wes & Amanda\Saved Games
2008-02-14 21:13:51 0 dr------- C:\Users\Wes & Amanda\Pictures
2008-02-14 21:13:51 2883584 --a------ C:\Users\Wes & Amanda\ntuser.dat
2008-02-14 21:13:51 0 dr------- C:\Users\Wes & Amanda\Music
2008-02-14 21:13:51 0 dr------- C:\Users\Wes & Amanda\Links
2008-02-14 21:13:51 0 dr------- C:\Users\Wes & Amanda\Favorites
2008-02-14 21:13:51 0 d-------- C:\Users\Wes & Amanda\Downloads
2008-02-14 21:13:51 0 dr------- C:\Users\Wes & Amanda\Documents
2008-02-14 21:13:51 0 dr------- C:\Users\Wes & Amanda\Desktop
2008-02-14 21:13:51 0 d--h----- C:\Users\Wes & Amanda\AppData


-- Find3M Report ---------------------------------------------------------------

2008-03-11 01:07:03 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Roxio
2008-03-10 22:22:52 28504 --a------ C:\Users\Wes & Amanda\AppData\Roaming\nvModes.001
2008-03-10 21:56:18 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Winamp
2008-03-10 21:56:17 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\AVG7
2008-03-10 20:45:01 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\uTorrent
2008-03-10 18:34:02 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\PC Tools
2008-03-09 22:59:22 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\LimeWire
2008-03-09 17:34:47 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Comodo
2008-03-04 17:07:08 0 d-------- C:\Program Files\Common Files
2008-02-28 18:14:15 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Help
2008-02-28 16:59:23 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Uniblue
2008-02-28 14:35:31 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Vso
2008-02-27 20:03:56 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Yahoo!
2008-02-26 20:47:38 28000 --a------ C:\Users\Wes & Amanda\AppData\Roaming\nvModes.dat
2008-02-24 19:42:14 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\GTek
2008-02-24 03:29:03 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Regrun
2008-02-24 01:56:02 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\iolo
2008-02-24 01:14:03 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\ESET
2008-02-24 00:35:43 34 --a------ C:\Users\Wes & Amanda\AppData\Roaming\pcouffin.log
2008-02-24 00:35:02 7887 --a------ C:\Users\Wes & Amanda\AppData\Roaming\pcouffin.cat
2008-02-23 23:53:04 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-02-23 23:51:05 0 d-------- C:\Program Files\Symantec
2008-02-23 15:59:46 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\WinPatrol
2008-02-22 00:36:38 648 --a------ C:\Users\Wes & Amanda\AppData\Roaming\com.kennettnet.MusicRescueProfiles.plist
2008-02-22 00:36:38 3253 --a------ C:\Users\Wes & Amanda\AppData\Roaming\com.kennettnet.MusicRescue.plist
2008-02-21 23:29:37 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\NeroDigital™
2008-02-21 23:03:53 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\NeroDCTemplates
2008-02-21 22:41:49 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Nero
2008-02-21 21:47:03 0 d-------- C:\Program Files\MSBuild
2008-02-20 22:09:33 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Macromedia
2008-02-20 18:31:02 0 d-------- C:\Program Files\Common Files\InstallShield
2008-02-20 00:39:11 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\CyberLink
2008-02-17 01:49:14 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\CoreFTP
2008-02-16 23:40:23 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Adobe
2008-02-16 23:33:12 0 d-------- C:\Program Files\Java
2008-02-16 14:40:16 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\WinRAR
2008-02-16 04:23:41 0 d-------- C:\Program Files\Windows Mail
2008-02-16 04:23:39 0 d-------- C:\Program Files\Windows Sidebar
2008-02-16 02:02:42 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Apple Computer
2008-02-15 01:11:55 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Mozilla
2008-02-14 21:52:47 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\HP
2008-02-14 21:49:22 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\WildTangent
2008-02-14 21:30:40 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Hewlett-Packard
2008-02-14 21:29:06 0 d-------- C:\Users\Wes & Amanda\AppData\Roaming\Identities
2008-02-14 21:24:28 0 dr------- C:\Program Files\Online Services
2008-02-14 21:23:05 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-02-14 21:15:46 0 d-------- C:\Program Files\HPQ
2008-01-14 14:15:03 0 d-------- C:\Program Files\HP Games
2008-01-14 14:11:37 0 d-------- C:\Program Files\CyberLink
2008-01-14 14:07:58 0 d-------- C:\Program Files\Hewlett-Packard
2008-01-14 14:05:02 0 d-------- C:\Program Files\HP
2008-01-14 14:03:41 0 d-------- C:\Program Files\Sling Media
2008-01-14 14:00:59 0 d-------- C:\Program Files\WinTV
2008-01-14 14:00:36 0 d-------- C:\Program Files\Atheros
2008-01-14 14:00:04 0 d-------- C:\Program Files\CONEXANT
2008-01-14 13:58:27 0 d-------- C:\Program Files\NetWaiting
2008-01-14 13:57:02 0 d-------- C:\Program Files\Synaptics


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7}]
08/31/2007 03:32 PM 177504 --a------ c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [09/15/2007 04:29 AM]
"OnScreenDisplay"="C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [09/04/2007 05:54 PM]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [09/13/2007 12:47 PM]
"WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [01/08/2007 07:53 PM]
"@"="" []
"WinPatrol"="C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe" [01/27/2008 01:38 AM]
"NvCplDaemon"="RUNDLL32.exe" [11/02/2006 05:45 AM C:\Windows\System32\rundll32.exe]
"COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [03/09/2008 05:34 PM]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [02/17/2008 03:31 AM]
"RegistryMechanic"="" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TivoTransfer"="C:\PROGRAM FILES\COMMON FILES\TIVO SHARED\Transfer\TIVOTRANSFER.exe" [09/25/2007 11:33 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)
"EnableLUA"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"= C:\Windows\system32\guard32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



-- End of Deckard's System Scanner: finished at 2008-03-11 02:26:06 ------------
kitneyes
Regular Member
 
Posts: 29
Joined: March 6th, 2008, 8:25 pm

Re: freezes and SLOW startup on NEW computer

Unread postby kitneyes » March 11th, 2008, 1:36 am

Oh, one more thing that changed since my original post, I got rid of ESET Firewall (which was acting funny and very suspicious) and installed Comodo instead. Now here's the extra.txt log

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Home Premium (build 6000)
Architecture: X86; Language: English

CPU 0: AMD Turion(tm) 64 X2 Mobile Technology TL-60
Percentage of Memory in Use: 44%
Physical Memory (total/avail): 1982.31 MiB / 1108.86 MiB
Pagefile Memory (total/avail): 4185.28 MiB / 3092.61 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1905.78 MiB

C: is Fixed (NTFS) - 220.95 GiB total, 101.8 GiB free.
D: is Fixed (NTFS) - 11.93 GiB total, 1.86 GiB free.
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - WDC WD2500BEVS-60UST0 ATA Device - 232.88 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 220.95 GiB - C:
\PARTITION1 - Installable File System - 11.93 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FW: COMODO Firewall Pro v3.0 (COMODO)
AV: AVG 7.5.516 v7.5.516 (Grisoft)
AS: Spyware Doctor v5.5.0.204 (PC Tools) Disabled
AS: AVG Anti-Spyware v7, 5, 1, 36 (GRISOFT s.r.o.) Disabled Outdated
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
""=""
"C:\\Program Files\\Vongo\\VongoService.exe"="C:\\Program Files\\Vongo\\VongoService.exe:*:enabled:VongoService"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"="C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe:*:Enabled:Earthlink"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Wes & Amanda\AppData\Roaming
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=THELOOKINGGLASS
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Wes & Amanda
LOCALAPPDATA=C:\Users\Wes & Amanda\AppData\Local
LOGONSERVER=\\THELOOKINGGLASS
NUMBER_OF_PROCESSORS=2
OnlineServices=Online Services
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\CyberLink\Power2Go\;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Nero\Lib\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PCBRAND=Pavilion
PLATFORM=MCD
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 104 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=6802
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files\Java\jre1.6.0_02\lib\ext\QTJava.zip
RoxioCentral=C:\Program Files\Common Files\Roxio Shared\Roxio Central\
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\WES&AM~1\AppData\Local\Temp
TMP=C:\Users\WES&AM~1\AppData\Local\Temp
USERDOMAIN=THELOOKINGGLASS
USERNAME=Wes & Amanda
USERPART=E:
USERPROFILE=C:\Users\Wes & Amanda
windir=C:\Windows


-- User Profiles ---------------------------------------------------------------

Wes & Amanda (admin)
Mcx1 (admin)


-- Add/Remove Programs ---------------------------------------------------------



-- Application Event Log -------------------------------------------------------

Event Record #/Type4886 / Error
Event Submitted/Written: 03/11/2008 02:18:15 AM
Event ID/Source: 3024 / Windows Search Service
Event Description:
The update cannot be started because the content sources cannot be accessed. Fix the errors and try the update again.

Context: Windows Application, SystemIndex Catalog

Event Record #/Type4885 / Warning
Event Submitted/Written: 03/11/2008 02:18:15 AM
Event ID/Source: 3036 / Windows Search Service
Event Description:
The content source <mapi://{s-1-5-21-3382365644-1707238206-1353470732-1000}/> cannot be accessed.

Context: Windows Application, SystemIndex Catalog

Details:
A server error occurred. Check that the server is available. (0x80041206)

Event Record #/Type4878 / Error
Event Submitted/Written: 03/11/2008 00:04:34 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application is-KU37V.tmp, version 51.47.0.0, time stamp 0x2a425e19, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000096, fault offset 0x00e134ea,
process id 0x988, application start time 0xis-KU37V.tmp0.

Event Record #/Type4877 / Error
Event Submitted/Written: 03/10/2008 11:49:30 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application RegMech.exe, version 7.0.0.1010, time stamp 0x469c7102, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000096, fault offset 0x0036312f,
process id 0x17f4, application start time 0xRegMech.exe0.

Event Record #/Type4876 / Error
Event Submitted/Written: 03/10/2008 11:48:24 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application is-140AM.tmp, version 51.47.0.0, time stamp 0x2a425e19, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000096, fault offset 0x017734ea,
process id 0x16f4, application start time 0xis-140AM.tmp0.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type16857 / Error
Event Submitted/Written: 03/10/2008 10:06:52 PM
Event ID/Source: 14344 / WMPNetworkSvc
Event Description:
0xc00d2711

Event Record #/Type16856 / Error
Event Submitted/Written: 03/10/2008 10:06:52 PM
Event ID/Source: 14344 / WMPNetworkSvc
Event Description:
0xc00d2711

Event Record #/Type16827 / Error
Event Submitted/Written: 03/10/2008 10:06:02 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
PC Tools Security Service%%1053

Event Record #/Type16826 / Error
Event Submitted/Written: 03/10/2008 10:06:02 PM
Event ID/Source: 7009 / Service Control Manager
Event Description:
30000PC Tools Security Service

Event Record #/Type16825 / Error
Event Submitted/Written: 03/10/2008 10:06:02 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
PC Tools Auxiliary Service%%1053



-- End of Deckard's System Scanner: finished at 2008-03-11 02:26:06 ------------
kitneyes
Regular Member
 
Posts: 29
Joined: March 6th, 2008, 8:25 pm

Re: freezes and SLOW startup on NEW computer

Unread postby kitneyes » March 11th, 2008, 1:47 am

THANKYOU so much for helping me and keeping me from going crazy. I truly do appreciate it.
kitneyes
Regular Member
 
Posts: 29
Joined: March 6th, 2008, 8:25 pm

Re: freezes and SLOW startup on NEW computer

Unread postby ndmmxiaomayi » March 11th, 2008, 10:39 am

Hi,

  1. Please download and install CCleaner Slim.
  2. Once installed, double click on the desktop shortcut created.
  3. On the leftmost column, click on Tools.
  4. On the middle column, click on Uninstall.
  5. At the bottom right hand corner, click on the Save to text file... button.
  6. By default, it saves this file to C:\Program Files\CCleaner named install.txt. You may want to save it to your desktop to find it easily. Click Save.
  7. Close CCleaner.

Note: Doing this will not uninstall any programs. It will only produce a log of installed programs on your computer.

Please also disable either avast! Antivirus or AVG Antivirus. Running two antivirus not only cause a system to slow down, it may also cause problems.

Next...

Open Notepad and copy and paste the following into Notepad:

Code: Select all
notepad C:\Windows\nod32fixtemdono.reg


Click on File > Save As....

In the File Name box, copy and paste in peek.bat

In the Save As Type box, select All Files from the drop-down list.

Click Save.

Right click on peek.bat and select Run As Administrator. Notepad will open afterwards.

Please post the contents of this Notepad file in your next reply.

In your next reply, please post:

  1. CCleaner install.txt file
  2. Contents of Notepad file
ndmmxiaomayi
MRU Emeritus
MRU Emeritus
 
Posts: 9708
Joined: July 17th, 2006, 9:22 am

Re: freezes and SLOW startup on NEW computer

Unread postby kitneyes » March 11th, 2008, 2:40 pm

Thankyou again for helping me with this, I was getting ready to go back to BestBuy to see if I had something set wrong .... not too familiar with Vista yet. Okay, so here is the install log from ccleaner ...

µTorrent
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Reader 8.1.2
Adobe Shockwave Player
Apple Mobile Device Support
Apple Software Update
Atheros Driver Installation Program
avast! Antivirus
AVG 7.5
Bonjour
Cards_Calendar_OrderGift_DoMorePlugout
CCleaner (remove only)
COMODO Firewall Pro
Compatibility Pack for the 2007 Office system
Conexant HD Audio
Core FTP LE 2.1
CyberLink YouCam
DVD Suite
EA Link
ESU for Microsoft Vista
Hauppauge MCE XP/Vista Software Encoder (2.0.25149)
HDAUDIO Soft Data Fax Modem with SmartCP
Hewlett-Packard Active Check
Hewlett-Packard Asset Agent for Health Check
HijackThis 2.0.2
Hotfix for Windows Media Encoder (KB929182)
HP Active Support Library
HP Customer Experience Enhancements
HP Easy Setup - Frontend
HP Help and Support
HP Photosmart Essential 2.5
HP Quick Launch Buttons 6.30 E1
HP QuickPlay 3.6
HP QuickTouch 1.00 C4
HP Smart Web Printing
HP Total Care Advisor
HP Update
HP Wireless Assistant
HPNetworkAssistant
HPPhotoSmartDiscLabel_PaperLabel
HPPhotoSmartDiscLabel_PrintOnDisc
HPPhotoSmartDiscLabel_Tattoo
HPPhotoSmartDiscLabelContent1
hpphotosmartdisclabelplugin
HPPhotoSmartPhotobookHolidayPack1
HPPhotoSmartPhotobookModernPack1
HPPhotoSmartPhotobookPlayfulPack1
HPPhotoSmartPhotobookScrapbookPack1
HPPhotoSmartPhotobookWebPack1
HPSU306Stub
IPNetInfo
iTunes
Java(TM) 6 Update 2
Java(TM) 6 Update 3
LabelPrint
LightScribe System Software 1.10.13.1
LightScribeTemplateLabeler
LimeWire 4.16.6
LiveUpdate (Symantec Corporation)
Macromedia Dreamweaver 8
Macromedia Extension Manager
Magic ISO Maker v5.4 (build 0256)
MediaMonkey 3.0
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Microsoft XML Parser
Mozilla Firefox (2.0.0.12)
MSCU for Microsoft Vista
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
Music Rescue 3.1.6
muvee autoProducer 6.1
My HP Games
Nero 8
neroxml
NetWaiting
NOD32 v3.x FiX 1.1 by TemDono (Free Updates - Expire in 2050)
NVIDIA Drivers
Power2Go
PowerDirector
PSSWCORE
QuickPlay SlingPlayer 0.4.4
QuickTime
Registry Mechanic 7.0
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
Roxio EasyArchive
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Roxio RecordNow Premier
Roxio RecordNow Tools
Security Task Manager 1.7e
Slingbox Flash Tour
SlingPlayer
Spyware Doctor 5.5
Synaptics Pointing Device Driver
The Sims™ Life Stories
TiVo Desktop 2.5.1
Uniblue RegistryBooster 2
Uniblue SpeedUpMyPC 3
Update for Outlook 2007 Junk Email Filter (kb944965)
VCRedistSetup
VideoToolkit01
Viewpoint Media Player
Vongo
VSO ConvertXtoDVD 2.2.3.258h Licensed by AxMan
Winamp
WinAVI Video Converter
Windows Media Encoder 9 Series
Windows Media Player Firefox Plugin
WinPatrol 2007
WinRAR archiver
WinZip
Xvid 1.1.3 final uninstall
Yahoo! Toolbar
YouCam




As for the peek.bat file thing, it wouldn't open (atleast long enough that I could read it) using "run as admin", a black screen popped up briefly and then went away. When I however just clicked on it like normal, this showed up in the notepad file ...

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\ESET\ESET Security\CurrentVersion\Info]
"EditionName"="TemDono FiX 1.1 (Free Updates - Expire in 2050)"

And the black screen showed up as well and it said ...

C:\Windows\System32>notepad C:\Windows\nod32fixtemdono.reg

This was the program I was worried about and it's why I unistalled it a couple days ago, right after which all the new problems came about. I used IPnet (I think that's what it's called) to find out what and the "whois" info on some of the outgoing connections for my ESET/NOD32, and several went to random people in England (one being a carphone warehouse place I think), which was one of several reasons I found it suspicious. Is it causing the problems? Thankyou again, I realize now that I really don't know what I'm doing ...
kitneyes
Regular Member
 
Posts: 29
Joined: March 6th, 2008, 8:25 pm

Re: freezes and SLOW startup on NEW computer

Unread postby ndmmxiaomayi » March 12th, 2008, 3:48 am

Hi,

Please read this - viewtopic.php?t=550
ndmmxiaomayi
MRU Emeritus
MRU Emeritus
 
Posts: 9708
Joined: July 17th, 2006, 9:22 am

Re: freezes and SLOW startup on NEW computer

Unread postby Gary R » March 12th, 2008, 4:33 am

This topic is now closed.

If you have been helped and wish to donate to help with the costs of this volunteer site, please read Donations For Malware Removal

Gary R
User avatar
Gary R
Administrator
Administrator
 
Posts: 21872
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 91 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware