Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Painfully Slow

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Painfully Slow

Unread postby steve111 » February 15th, 2011, 10:04 pm

Hi,

I have a 70G HD with 20G free space. When using MS office applications the computer performs as it should, but when on the Internet, it is Painfully Slow. Your advice is greatly appreciated.


Thanks


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:50, on 2011-02-15
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17095)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\AVG\AVG9\avgfws9.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\BellCanada\McciTrayApp.exe
C:\WINDOWS\system32\RunDll32.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\HiJack\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.theweathernetwork.com/weathe ... f=homecity
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ALOT Toolbar Helper - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files\alot\bin\alot.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [BISA.exe] "C:\Program Files\Bell\Internet Service Advisor\BISA.exe" /AUTORUN
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BellCanada_McciTrayApp] "C:\Program Files\BellCanada\McciTrayApp.exe"
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - Startup: Seagate Product Registration.lnk = C:\Documents and Settings\Steve\Application Data\Leadertech\PowerRegister\Seagate Product Registration.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Windows Desktop Search.lnk.disabled
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {08496B45-6BB1-4F92-A8E6-B9E7978634CB} (Trustsite Control) - https://remote.rbc.com/nortel_cacheable/TrustSite.cab
O16 - DPF: {2D72C39D-53F6-4AEA-A9DB-1298429DA975} (3DVista Viewer Control) - http://www.3dvista.com/downloads/viewer3dv2.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se6886.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 3120838250
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab
O16 - DPF: {78AEEDE8-7345-4FB5-A8FE-4BFF16EF25FC} - http://us-download.mcafee.com/products/ ... vt/mvt.cab
O16 - DPF: {ACDB1787-986D-434D-9857-2172CDB2108D} (popupunblk Class) - https://remote-gcc.rbc.com/nortel_cache ... nblock.cab
O16 - DPF: {D9CDEFE3-51BB-4737-A12C-53D9814A148C} (DAX Control) - https://owa.bmofg.com/exchweb/controls/DAX.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://inet.bmofg.com/dana-cached/setu ... tupSP1.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/ph ... NPUpld.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/Juni ... Client.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Seagate Dashboard Service (SeagateDashboardService) - Memeo - C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe

--
End of file - 12249 bytes



32 Bit HP CIO Components Installer
7-Zip 4.65
Abexo Free Registry Cleaner
Acapela Synthèse de la Parole pour le WordQ 2 Fr (français canadien)
Acapela Synthèse de la Parole pour le WordQ 2 Fr (Noyau)
Action Replay Code Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.3
Adobe Shockwave Player 11.5
ALOT Toolbar
AOL You've Got Pictures Screensaver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ares 2.0.9
AVG 9.0
Battle X Game
Bell Internet Check-up
Bell Internet Service Advisor 2.1.7
BlackBerry Desktop Software 6.0
BlackBerry Desktop Software 6.0
Bonjour
Canon Camera Access Library
Canon Camera Support Core Library
Canon EOS 5D WIA Driver
Canon MovieEdit Task for ZoomBrowser EX
Canon PhotoRecord
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities Digital Photo Professional 3.4
Canon Utilities EOS Utility
Canon Utilities MyCamera
Canon Utilities Original Data Security Tools
Canon Utilities PhotoStitch
Canon Utilities Picture Style Editor
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities WFT-E1/E2/E3 Utility
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Classic PhoneTools
Clear Cache feature for Internet Explorer
Compatibility Pack for the 2007 Office system
Defraggler (remove only)
DelinvFile - 2.02
Dell Driver Reset Tool
Dell Picture Studio v3.0
Dell Support Center
DellSupport
Diamond Xtreme Audio
DivX Converter
DivX Plus DirectShow Filters
DivX Setup
Driver Detective
FLV Player 2.0 (build 25)
FUJIFILM FinePixViewer S Ver.2.1
Google Earth
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
GoToAssist 8.0.0.480
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
HiJackThis
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 8.0
HP Deskjet All-In-One Software 8.0
HP Imaging Device Functions 8.0
HP Photosmart Essential
HP Product Assistant
HP Solution Center 8.0
HP Update
HPSSupply
Indeo® Software
Intel(R) 537EP V9x DFV PCI Modem
Intel(R) Extreme Graphics 2 Driver
Intel(R) PRO Network Adapters and Drivers
Intel(R) PROSet for Wired Connections
iTunes
Jasc Paint Shop Photo Album 5
Jasc Paint Shop Pro 9
Jasc Paint Shop Pro Studio, Dell Editon
Java(TM) 6 Update 22
Juniper Networks Setup Client Activex Control
jZip
LiveUpdate BVRP Software
Lizardtech DjVu Control (autoinstall)
Mavis Beacon Teaches Typing Deluxe 17
Messageware AttachView Add-in for Saving Files
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Bootvis
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Premium
Microsoft Phishing Filter Add-in for MSN Search Toolbar
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Silverlight
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Windows XP Video Decoder Checkup Utility
mobile PhoneTools
Modem Event Monitor
Modem Helper
Modem On Hold
Motorola Handset USB Driver
MP3 Player Utilities
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Musicmatch® Jukebox
Nancy Drew Dossier: Resorting to Danger
Nero - Burning Rom (Web installer)
PCI Audio Driver
PowerDVD 5.3
QuickTime
SD Formatter
Seagate Dashboard
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Sonic DLA
Sonic MyDVD
Sonic RecordNow!
Sonic Update Manager
Sorry
Spelling Dictionaries Support For Adobe Reader 8
Spybot - Search & Destroy
Stop the Morbuzakh (remove only)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VC80CRTRedist - 8.0.50727.4053
VLC media player 1.0.0
Windows Defender
Windows Defender Signatures
Windows Installer Clean Up
Windows Live installer
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Sign-in Assistant
Windows Media Connect
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 10
Windows XP Service Pack 3
WinZip 11.2
Yahoo! Toolbar
Zoo Tycoon 2
steve111
Regular Member
 
Posts: 16
Joined: February 15th, 2011, 9:37 pm
Advertisement
Register to Remove

Re: Painfully Slow

Unread postby askey127 » February 19th, 2011, 1:59 pm

Hi Steve111,
We are going to remove your AVG 9 antivirus and replace it with an antivirus called Avira Antivir.
This is necessary to for all our tools to work corrrectly.

Then we will have Antivir run a scan and give us a report without removing anything.
You may want to print this out ahead of time, so the sequence will be easier to follow.
-----------------------------------------------
Please Note Our Policy on the Use of P2P (Person to Person / Peer to Peer) file sharing programs
It is posted here: http://malwareremoval.com/forum/viewtopic.php?p=491394#p491394
As a condition of receiving our help, I have included the P2P program Ares 2.0.9 in the removal instructions below, so we are not wasting our time.
If you have used this, you can be fairly confident this is a principal reason your computer is infected

It's really important, if you value your PC at all, to stay away from P2P file sharing programs, like Ares, utorrent, Bittorrent, Azureus, Frostwire, Limewire, Vuze, Shareaza, Bitlord.
(Limewire has just been shut down by the courts).
Criminals have "planted" thousands upon thousands of infections in the "free" shared files. Some of the recent infections can turn your machine into a doorstop.
-----------------------------------------------------------
Remove Registry items with HijackThis. Start HijackThis.
Click Do System Scan Only. When the Scan is complete, Check the following entries:
(Some of these lines may be missing)

O2 - BHO: ALOT Toolbar Helper - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files\alot\bin\alot.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe

Make sure Every other window except HJT is closed (No other tabs showing in the bottom tray), and Click Fix Checked
Click the "X" in the upper right corner of the HiJackThis window to close it.
-----------------------------------------------
Download Antivir Free
This program is free for personal, non-business use.
Download AntiVir Free from here : http://www.softpedia.com/get/Antivirus/AntiVir-Personal-Edition.shtml
Click the Download button. Then when the "Download Locations" page comes up, choose the first External Mirror (exe)
Save the Installer to your desktop, but don't run it yet. The installer file will be named avira_antivir_personal_en.exe
Double check to be sure you know where to find it.
------------------------------------------------
Remove AVG Antivirus and Other Programs Using the Control Panel
From Start, Settings, Control Panel or Start, Control Panel, click Add/Remove Programs.
Highlight each Entry, as follows, one by one, if it exists, and choose Remove :

Adobe Reader 8.1.3
ALOT Toolbar
Ares 2.0.9
AVG 9.0
Abexo Free Registry Cleaner

Take extra care in answering questions posed by any Uninstaller.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
-----------------------------------------------
Install Antivir
Double Click the Avira Antivir Installer you saved on your desktop, and let it Install Antivir.
-----------------------------------------------
Update and Scan with Antivir
Right click the red umbrella icon and choose Start Antivir.
When the window comes up click Start Update.
When the update is complete, click on Scan System Now.
This full scan could take a hour or more.
It will ask what to do with any items it finds.
IMPORTANT >> For Now, tell it to IGNORE any items it finds. Do not choose Quarantine or Delete.
-----------------------------------------------
Get Last Avira Report
Right click the red umbrella icon in the system tray and click Start Antivir
In the left pane, click Overview, then click Reports
There wil be reports titled Update and reports titled Scan. Find the most recent report in the list titled Scan
Click on the Report File button, or Right click the report and choose Display Report.
The report contents will come up in Notepad. Highlight the entire report (Ctrl+A) and copy to the clipboard (Ctrl+C).
Paste the contents (Ctrl+V) into your next reply.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Painfully Slow

Unread postby steve111 » February 20th, 2011, 10:48 am

Here you are...

Should external drives be connected while the scan is running?


Thanks for your help


Avira AntiVir Personal
Report file date: 2011-02-19 23:30

Scanning for 2415455 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : Steve
Computer name : SNL

Version information:
BUILD.DAT : 10.0.0.611 31824 Bytes 1/14/2011 13:42:00
AVSCAN.EXE : 10.0.3.5 435368 Bytes 1/10/2011 19:23:31
AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/1/2010 17:57:04
LUKE.DLL : 10.0.3.2 104296 Bytes 1/10/2011 19:23:40
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 04:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 14:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 12/14/2010 19:23:50
VBASE002.VDF : 7.11.3.0 1950720 Bytes 2/9/2011 04:29:09
VBASE003.VDF : 7.11.3.1 2048 Bytes 2/9/2011 04:29:10
VBASE004.VDF : 7.11.3.2 2048 Bytes 2/9/2011 04:29:10
VBASE005.VDF : 7.11.3.3 2048 Bytes 2/9/2011 04:29:10
VBASE006.VDF : 7.11.3.4 2048 Bytes 2/9/2011 04:29:10
VBASE007.VDF : 7.11.3.5 2048 Bytes 2/9/2011 04:29:10
VBASE008.VDF : 7.11.3.6 2048 Bytes 2/9/2011 04:29:10
VBASE009.VDF : 7.11.3.7 2048 Bytes 2/9/2011 04:29:11
VBASE010.VDF : 7.11.3.8 2048 Bytes 2/9/2011 04:29:11
VBASE011.VDF : 7.11.3.9 2048 Bytes 2/9/2011 04:29:11
VBASE012.VDF : 7.11.3.10 2048 Bytes 2/9/2011 04:29:11
VBASE013.VDF : 7.11.3.59 157184 Bytes 2/14/2011 04:29:12
VBASE014.VDF : 7.11.3.97 120320 Bytes 2/16/2011 04:29:12
VBASE015.VDF : 7.11.3.148 128000 Bytes 2/19/2011 04:29:13
VBASE016.VDF : 7.11.3.149 2048 Bytes 2/19/2011 04:29:13
VBASE017.VDF : 7.11.3.150 2048 Bytes 2/19/2011 04:29:13
VBASE018.VDF : 7.11.3.151 2048 Bytes 2/19/2011 04:29:14
VBASE019.VDF : 7.11.3.152 2048 Bytes 2/19/2011 04:29:14
VBASE020.VDF : 7.11.3.153 2048 Bytes 2/19/2011 04:29:14
VBASE021.VDF : 7.11.3.154 2048 Bytes 2/19/2011 04:29:14
VBASE022.VDF : 7.11.3.155 2048 Bytes 2/19/2011 04:29:14
VBASE023.VDF : 7.11.3.156 2048 Bytes 2/19/2011 04:29:14
VBASE024.VDF : 7.11.3.157 2048 Bytes 2/19/2011 04:29:14
VBASE025.VDF : 7.11.3.158 2048 Bytes 2/19/2011 04:29:15
VBASE026.VDF : 7.11.3.159 2048 Bytes 2/19/2011 04:29:15
VBASE027.VDF : 7.11.3.160 2048 Bytes 2/19/2011 04:29:15
VBASE028.VDF : 7.11.3.161 2048 Bytes 2/19/2011 04:29:15
VBASE029.VDF : 7.11.3.162 2048 Bytes 2/19/2011 04:29:15
VBASE030.VDF : 7.11.3.163 2048 Bytes 2/19/2011 04:29:16
VBASE031.VDF : 7.11.3.164 2048 Bytes 2/19/2011 04:29:16
Engineversion : 8.2.4.170
AEVDF.DLL : 8.1.2.1 106868 Bytes 1/10/2011 19:23:26
AESCRIPT.DLL : 8.1.3.53 1282427 Bytes 2/20/2011 04:29:25
AESCN.DLL : 8.1.7.2 127349 Bytes 1/10/2011 19:23:26
AESBX.DLL : 8.1.3.2 254324 Bytes 1/10/2011 19:23:26
AERDL.DLL : 8.1.9.2 635252 Bytes 1/10/2011 19:23:25
AEPACK.DLL : 8.2.4.9 512374 Bytes 2/20/2011 04:29:24
AEOFFICE.DLL : 8.1.1.16 205179 Bytes 2/20/2011 04:29:23
AEHEUR.DLL : 8.1.2.78 3277175 Bytes 2/20/2011 04:29:22
AEHELP.DLL : 8.1.16.1 246134 Bytes 2/20/2011 04:29:18
AEGEN.DLL : 8.1.5.2 397683 Bytes 2/20/2011 04:29:18
AEEMU.DLL : 8.1.3.0 393589 Bytes 1/10/2011 19:23:18
AECORE.DLL : 8.1.19.2 196983 Bytes 2/20/2011 04:29:17
AEBB.DLL : 8.1.1.0 53618 Bytes 1/10/2011 19:23:18
AVWINLL.DLL : 10.0.0.0 19304 Bytes 1/10/2011 19:23:32
AVPREF.DLL : 10.0.0.0 44904 Bytes 1/10/2011 19:23:30
AVREP.DLL : 10.0.0.8 62209 Bytes 6/17/2010 19:27:13
AVREG.DLL : 10.0.3.2 53096 Bytes 1/10/2011 19:23:31
AVSCPLR.DLL : 10.0.3.2 84328 Bytes 1/10/2011 19:23:31
AVARKT.DLL : 10.0.22.6 231784 Bytes 1/10/2011 19:23:27
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 1/10/2011 19:23:28
SQLITE3.DLL : 3.6.19.0 355688 Bytes 6/17/2010 19:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 1/10/2011 19:23:31
NETNT.DLL : 10.0.0.0 11624 Bytes 6/17/2010 19:27:21
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 18:10:20
RCTEXT.DLL : 10.0.58.0 97128 Bytes 1/10/2011 19:23:52

Configuration settings for the scan:
Jobname.............................: Short system scan after installation
Configuration file..................: c:\program files\avira\antivir desktop\setupprf.dat
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: Intelligent file selection
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: 2011-02-19 23:30

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'jucheck.exe' - '1' Module(s) have been scanned
Scan process 'regedit.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avconfig.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avshadow.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'setup.exe' - '1' Module(s) have been scanned
Scan process 'msiexec.exe' - '1' Module(s) have been scanned
Scan process 'presetup.exe' - '1' Module(s) have been scanned
Scan process 'avira_antivir_personal_en.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'MemeoDashboard.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'MSASCui.exe' - '1' Module(s) have been scanned
Scan process 'DDmService.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'RunDll32.exe' - '1' Module(s) have been scanned
Scan process 'McciTrayApp.exe' - '1' Module(s) have been scanned
Scan process 'Mixer.exe' - '1' Module(s) have been scanned
Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
Scan process 'igfxpers.exe' - '1' Module(s) have been scanned
Scan process 'tfswctrl.exe' - '1' Module(s) have been scanned
Scan process 'IntelMEM.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SeagateDashboardService.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'MsMpEng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:

Starting to scan executable files (registry).
The registry was scanned ( '1795' files ).



End of the scan: 2011-02-19 23:31
Used time: 01:00 Minute(s)

The scan has been done completely.

0 Scanned directories
2279 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
2279 Files not concerned
5 Archives were scanned
0 Warnings
0 Notes
steve111
Regular Member
 
Posts: 16
Joined: February 15th, 2011, 9:37 pm

Re: Painfully Slow

Unread postby steve111 » February 20th, 2011, 10:56 am

Please ignore previous report...

This is the correct one.

Thanks



Avira AntiVir Personal
Report file date: 2011-02-19 23:32

Scanning for 2415455 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : SNL

Version information:
BUILD.DAT : 10.0.0.611 31824 Bytes 1/14/2011 13:42:00
AVSCAN.EXE : 10.0.3.5 435368 Bytes 1/10/2011 19:23:31
AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/1/2010 17:57:04
LUKE.DLL : 10.0.3.2 104296 Bytes 1/10/2011 19:23:40
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 04:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 14:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 12/14/2010 19:23:50
VBASE002.VDF : 7.11.3.0 1950720 Bytes 2/9/2011 04:29:09
VBASE003.VDF : 7.11.3.1 2048 Bytes 2/9/2011 04:29:10
VBASE004.VDF : 7.11.3.2 2048 Bytes 2/9/2011 04:29:10
VBASE005.VDF : 7.11.3.3 2048 Bytes 2/9/2011 04:29:10
VBASE006.VDF : 7.11.3.4 2048 Bytes 2/9/2011 04:29:10
VBASE007.VDF : 7.11.3.5 2048 Bytes 2/9/2011 04:29:10
VBASE008.VDF : 7.11.3.6 2048 Bytes 2/9/2011 04:29:10
VBASE009.VDF : 7.11.3.7 2048 Bytes 2/9/2011 04:29:11
VBASE010.VDF : 7.11.3.8 2048 Bytes 2/9/2011 04:29:11
VBASE011.VDF : 7.11.3.9 2048 Bytes 2/9/2011 04:29:11
VBASE012.VDF : 7.11.3.10 2048 Bytes 2/9/2011 04:29:11
VBASE013.VDF : 7.11.3.59 157184 Bytes 2/14/2011 04:29:12
VBASE014.VDF : 7.11.3.97 120320 Bytes 2/16/2011 04:29:12
VBASE015.VDF : 7.11.3.148 128000 Bytes 2/19/2011 04:29:13
VBASE016.VDF : 7.11.3.149 2048 Bytes 2/19/2011 04:29:13
VBASE017.VDF : 7.11.3.150 2048 Bytes 2/19/2011 04:29:13
VBASE018.VDF : 7.11.3.151 2048 Bytes 2/19/2011 04:29:14
VBASE019.VDF : 7.11.3.152 2048 Bytes 2/19/2011 04:29:14
VBASE020.VDF : 7.11.3.153 2048 Bytes 2/19/2011 04:29:14
VBASE021.VDF : 7.11.3.154 2048 Bytes 2/19/2011 04:29:14
VBASE022.VDF : 7.11.3.155 2048 Bytes 2/19/2011 04:29:14
VBASE023.VDF : 7.11.3.156 2048 Bytes 2/19/2011 04:29:14
VBASE024.VDF : 7.11.3.157 2048 Bytes 2/19/2011 04:29:14
VBASE025.VDF : 7.11.3.158 2048 Bytes 2/19/2011 04:29:15
VBASE026.VDF : 7.11.3.159 2048 Bytes 2/19/2011 04:29:15
VBASE027.VDF : 7.11.3.160 2048 Bytes 2/19/2011 04:29:15
VBASE028.VDF : 7.11.3.161 2048 Bytes 2/19/2011 04:29:15
VBASE029.VDF : 7.11.3.162 2048 Bytes 2/19/2011 04:29:15
VBASE030.VDF : 7.11.3.163 2048 Bytes 2/19/2011 04:29:16
VBASE031.VDF : 7.11.3.164 2048 Bytes 2/19/2011 04:29:16
Engineversion : 8.2.4.170
AEVDF.DLL : 8.1.2.1 106868 Bytes 1/10/2011 19:23:26
AESCRIPT.DLL : 8.1.3.53 1282427 Bytes 2/20/2011 04:29:25
AESCN.DLL : 8.1.7.2 127349 Bytes 1/10/2011 19:23:26
AESBX.DLL : 8.1.3.2 254324 Bytes 1/10/2011 19:23:26
AERDL.DLL : 8.1.9.2 635252 Bytes 1/10/2011 19:23:25
AEPACK.DLL : 8.2.4.9 512374 Bytes 2/20/2011 04:29:24
AEOFFICE.DLL : 8.1.1.16 205179 Bytes 2/20/2011 04:29:23
AEHEUR.DLL : 8.1.2.78 3277175 Bytes 2/20/2011 04:29:22
AEHELP.DLL : 8.1.16.1 246134 Bytes 2/20/2011 04:29:18
AEGEN.DLL : 8.1.5.2 397683 Bytes 2/20/2011 04:29:18
AEEMU.DLL : 8.1.3.0 393589 Bytes 1/10/2011 19:23:18
AECORE.DLL : 8.1.19.2 196983 Bytes 2/20/2011 04:29:17
AEBB.DLL : 8.1.1.0 53618 Bytes 1/10/2011 19:23:18
AVWINLL.DLL : 10.0.0.0 19304 Bytes 1/10/2011 19:23:32
AVPREF.DLL : 10.0.0.0 44904 Bytes 1/10/2011 19:23:30
AVREP.DLL : 10.0.0.8 62209 Bytes 6/17/2010 19:27:13
AVREG.DLL : 10.0.3.2 53096 Bytes 1/10/2011 19:23:31
AVSCPLR.DLL : 10.0.3.2 84328 Bytes 1/10/2011 19:23:31
AVARKT.DLL : 10.0.22.6 231784 Bytes 1/10/2011 19:23:27
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 1/10/2011 19:23:28
SQLITE3.DLL : 3.6.19.0 355688 Bytes 6/17/2010 19:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 1/10/2011 19:23:31
NETNT.DLL : 10.0.0.0 11624 Bytes 6/17/2010 19:27:21
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 18:10:20
RCTEXT.DLL : 10.0.58.0 97128 Bytes 1/10/2011 19:23:52

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: 2011-02-19 23:32

Starting search for hidden objects.
HKEY_USERS\S-1-5-21-2334556719-3874955787-783063412-1006\Software\Microsoft\Protected Storage System Provider\S-1-5-21-2334556719-3874955787-783063412-1006\data
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Intel\PROSetWired\NCS\WMI\providers
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\RNG\seed
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Prefetcher\tracesprocessed
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Prefetcher\tracessuccessful
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtmsSvc\Config\Standalone\drivelist
[NOTE] The registry entry is invisible.
c:\program files\citrix\gotoassist\480\g2aprocessfactory.exe
c:\program files\citrix\gotoassist\480\g2aprocessfactory.exe
[NOTE] The process is not visible.

The scan of running processes will be started
Scan process 'rsmsink.exe' - '33' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '30' Module(s) have been scanned
Scan process 'msdtc.exe' - '44' Module(s) have been scanned
Scan process 'dllhost.exe' - '65' Module(s) have been scanned
Scan process 'dllhost.exe' - '49' Module(s) have been scanned
Scan process 'vssvc.exe' - '52' Module(s) have been scanned
Scan process 'avscan.exe' - '71' Module(s) have been scanned
Scan process 'avcenter.exe' - '64' Module(s) have been scanned
Scan process 'jucheck.exe' - '62' Module(s) have been scanned
Scan process 'avgnt.exe' - '48' Module(s) have been scanned
Scan process 'sched.exe' - '50' Module(s) have been scanned
Scan process 'avshadow.exe' - '28' Module(s) have been scanned
Scan process 'avguard.exe' - '58' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '46' Module(s) have been scanned
Scan process 'MemeoDashboard.exe' - '63' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '59' Module(s) have been scanned
Scan process 'ctfmon.exe' - '30' Module(s) have been scanned
Scan process 'MSASCui.exe' - '36' Module(s) have been scanned
Scan process 'DDmService.exe' - '26' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '65' Module(s) have been scanned
Scan process 'jusched.exe' - '33' Module(s) have been scanned
Scan process 'RunDll32.exe' - '43' Module(s) have been scanned
Scan process 'McciTrayApp.exe' - '34' Module(s) have been scanned
Scan process 'Mixer.exe' - '40' Module(s) have been scanned
Scan process 'hkcmd.exe' - '24' Module(s) have been scanned
Scan process 'igfxpers.exe' - '25' Module(s) have been scanned
Scan process 'tfswctrl.exe' - '31' Module(s) have been scanned
Scan process 'IntelMEM.exe' - '26' Module(s) have been scanned
Scan process 'alg.exe' - '37' Module(s) have been scanned
Scan process 'Explorer.EXE' - '120' Module(s) have been scanned
Scan process 'svchost.exe' - '43' Module(s) have been scanned
Scan process 'SeagateDashboardService.exe' - '64' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'jqs.exe' - '35' Module(s) have been scanned
Scan process 'svchost.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'spoolsv.exe' - '63' Module(s) have been scanned
Scan process 'svchost.exe' - '41' Module(s) have been scanned
Scan process 'svchost.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'svchost.exe' - '173' Module(s) have been scanned
Scan process 'MsMpEng.exe' - '40' Module(s) have been scanned
Scan process 'svchost.exe' - '43' Module(s) have been scanned
Scan process 'svchost.exe' - '57' Module(s) have been scanned
Scan process 'lsass.exe' - '62' Module(s) have been scanned
Scan process 'services.exe' - '38' Module(s) have been scanned
Scan process 'winlogon.exe' - '73' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '1795' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\Documents and Settings\All\Local Settings\Application Data\Temp\{215C9840-B800-4223-8C59-48F5C96A074E}
[WARNING] The file could not be read!
C:\Documents and Settings\Lorraine\Desktop\Copy of Lorraine This Is Your Folder_Copiedmarch312005\Steve1---Need\TEMP\CometU.EXE
[DETECTION] Is the TR/Downloader.Gen Trojan
C:\Documents and Settings\Lorraine\Lorraine This Is Your Folder_Copiedmarch312005\Steve1---Need\TEMP\CometU.EXE
[DETECTION] Is the TR/Downloader.Gen Trojan
C:\Documents and Settings\Steve\Application Data\Sun\Java\Deployment\cache\6.0\53\7be40975-53317397
[0] Archive type: ZIP
[DETECTION] Contains recognition pattern of the JAVA/OpenConnect.CF Java virus
--> bpac/a.class
[DETECTION] Contains recognition pattern of the JAVA/OpenConnect.CF Java virus
C:\Program Files\Bell\Internet Service Advisor\resources\shared\tools\SystemRestart.exe
[DETECTION] Contains recognition pattern of the ADSPY/AdSpy.Gen adware or spyware
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1610\A0321673.EXE
[DETECTION] Is the TR/Downloader.Gen Trojan

Beginning disinfection:
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP1610\A0321673.EXE
[DETECTION] Is the TR/Downloader.Gen Trojan
[WARNING] The file was ignored!
C:\Program Files\Bell\Internet Service Advisor\resources\shared\tools\SystemRestart.exe
[DETECTION] Contains recognition pattern of the ADSPY/AdSpy.Gen adware or spyware
[WARNING] The file was ignored!
C:\Documents and Settings\Steve\Application Data\Sun\Java\Deployment\cache\6.0\53\7be40975-53317397
[DETECTION] Contains recognition pattern of the JAVA/OpenConnect.CF Java virus
[WARNING] The file was ignored!
C:\Documents and Settings\Lorraine\Lorraine This Is Your Folder_Copiedmarch312005\Steve1---Need\TEMP\CometU.EXE
[DETECTION] Is the TR/Downloader.Gen Trojan
[WARNING] The file was ignored!
C:\Documents and Settings\Lorraine\Desktop\Copy of Lorraine This Is Your Folder_Copiedmarch312005\Steve1---Need\TEMP\CometU.EXE
[DETECTION] Is the TR/Downloader.Gen Trojan
[WARNING] The file was ignored!


End of the scan: 2011-02-20 09:33
Used time: 1:43:19 Hour(s)

The scan has been done completely.

21091 Scanned directories
465739 Files were scanned
5 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
465734 Files not concerned
9759 Archives were scanned
6 Warnings
0 Notes
890573 Objects were scanned with rootkit scan
7 Hidden objects were found
steve111
Regular Member
 
Posts: 16
Joined: February 15th, 2011, 9:37 pm

Re: Painfully Slow

Unread postby askey127 » February 21st, 2011, 7:56 am

Steve111,
---------------------------------------------
Run a Scan with OTL
Please download OTL.exe by OldTimer and save it to your desktop.
  • Double click on the icon to run it. For Vista or Win7, right click the icon and choose "Run as administrator".
  • Make sure all other windows are closed to let it run uninterrupted.
  • Copy the text from the code box below and paste it into the Custom Scans/Fixes box. Do not copy the word "Code:"
    Code: Select all
    netsvcs
    drivers32 
    %SYSTEMDRIVE%\*.*
    /md5start
    explorer.exe
    winlogon.exe
    wininit.exe 
    userinit.exe
    sfc.dll   
    /md5stop
    C:\|CometU /FP
    
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. (desktop)
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them as a reply. Use separate replies if more convenient.

askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Painfully Slow

Unread postby steve111 » February 22nd, 2011, 9:28 pm

Thank you



OTL logfile created on: 2011-02-22 19:38:08 - Run 1
OTL by OldTimer - Version 3.2.21.0 Folder = C:\Documents and Settings\Steve\Desktop\Hijack\OTL
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: yyyy-MM-dd

1,022.00 Mb Total Physical Memory | 534.00 Mb Available Physical Memory | 52.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 68.00% Paging File free
Paging file location(s): C:\pagefile.sys 500 1531 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.53 Gb Total Space | 20.93 Gb Free Space | 29.27% Space Free | Partition Type: NTFS

Computer Name: SNL | User Name: Steve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-02-22 19:36:59 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Steve\Desktop\Hijack\OTL\OTL.exe
PRC - [2011-01-10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011-01-10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011-01-10 14:23:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010-12-08 16:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
PRC - [2010-07-06 14:32:04 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2010-07-06 14:32:02 | 000,069,896 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
PRC - [2010-05-14 10:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010-01-19 10:17:16 | 001,565,696 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\BellCanada\McciTrayApp.exe
PRC - [2010-01-14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2008-09-21 22:01:33 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008-04-13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006-11-03 19:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006-11-03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2002-10-15 18:00:20 | 001,818,624 | ---- | M] (C-Media Electronic Inc. (www.cmedia.com.tw)) -- C:\WINDOWS\mixer.exe


========== Modules (SafeList) ==========

MOD - [2011-02-22 19:36:59 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Steve\Desktop\Hijack\OTL\OTL.exe
MOD - [2010-08-23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010-01-19 10:06:34 | 000,198,656 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Common Files\Motive\McciContextHook_DSR.dll


========== Win32 Services (SafeList) ==========

SRV - [2011-01-10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011-01-10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010-07-06 14:32:04 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2008-02-12 22:09:48 | 000,016,936 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe -- (GoToAssist)
SRV - [2007-10-25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007-03-07 14:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007-01-31 13:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [On_Demand | Stopped] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2006-11-03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2005-10-06 18:12:30 | 000,855,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Connect 2\wmccds.exe -- (WMConnectCDS)


========== Driver Services (SafeList) ==========

DRV - [2011-01-10 14:23:53 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avipbb.sys -- (avipbb)
DRV - [2011-01-10 14:23:53 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgntflt.sys -- (avgntflt)
DRV - [2010-06-17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssmdrv.sys -- (ssmdrv)
DRV - [2010-06-17 14:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010-01-19 10:06:44 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010-01-19 10:06:38 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009-04-14 06:27:50 | 001,519,424 | R--- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\cmudax3.sys -- (cmuda3)
DRV - [2008-04-13 14:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2008-04-13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008-04-13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008-02-11 00:04:35 | 000,085,713 | ---- | M] (GMER) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\gmer.sys -- (gmer)
DRV - [2007-02-25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys -- (dsunidrv)
DRV - [2006-10-05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2004-12-01 03:22:00 | 000,087,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004-11-23 02:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\drvnddm.sys -- (drvnddm)
DRV - [2004-11-16 01:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004-11-16 01:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004-11-16 01:05:00 | 000,086,554 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004-11-16 01:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004-11-16 01:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004-11-16 01:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004-11-16 01:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004-11-16 01:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004-11-16 01:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004-09-17 09:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\senfilt.sys -- (senfilt)
DRV - [2004-08-03 22:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS -- (nv)
DRV - [2004-07-14 11:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004-07-14 11:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssrtln.sys -- (ssrtln)
DRV - [2004-06-15 22:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53)
DRV - [2004-03-05 22:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52)
DRV - [2004-03-05 22:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51)
DRV - [2004-03-05 22:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys -- (mohfilt)
DRV - [2002-11-18 15:51:40 | 000,377,358 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\cmaudio.sys -- (cmpci) C-Media PCI Audio Driver (WDM)
DRV - [2001-08-17 14:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001-08-17 14:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001-08-17 14:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001-08-17 14:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001-08-17 14:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001-08-17 13:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001-08-17 13:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001-08-17 13:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001-08-17 13:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001-08-17 13:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001-08-17 13:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001-08-17 13:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001-08-17 13:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001-08-17 13:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001-08-17 13:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001-05-07 05:56:02 | 000,019,805 | R--- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbio.sys -- (USBIO) USBIO Driver (usbio.sys)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.theweathernetwork.com/weathe ... f=homecity
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011-01-06 20:20:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011-01-06 20:20:35 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009-05-14 22:25:32 | 000,306,829 | R--- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 10567 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - SITEguard - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BellCanada_McciTrayApp] C:\Program Files\BellCanada\McciTrayApp.exe (Alcatel-Lucent)
O4 - HKLM..\Run: [BISA.exe] C:\Program Files\Bell\Internet Service Advisor\BISA.exe (Bell)
O4 - HKLM..\Run: [C-Media Mixer] C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
O4 - HKLM..\Run: [CmPCIaudio] File not found
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Desktop Search.lnk.disabled ()
O4 - Startup: C:\Documents and Settings\Steve\Start Menu\Programs\Startup\Seagate Product Registration.lnk = C:\Documents and Settings\Steve\Application Data\Leadertech\PowerRegister\Seagate Product Registration.exe (Leader Technologies/Seagate)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: rbc.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: rbc.com ([rbcts.fg] https in Trusted sites)
O15 - HKCU\..Trusted Domains: rbc.com ([remote] https in Trusted sites)
O16 - DPF: {08496B45-6BB1-4F92-A8E6-B9E7978634CB} https://remote.rbc.com/nortel_cacheable/TrustSite.cab (Trustsite Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/sh ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2D72C39D-53F6-4AEA-A9DB-1298429DA975} http://www.3dvista.com/downloads/viewer3dv2.cab (3DVista Viewer Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resour ... se6886.cab (Windows Live Safety Center Base Module)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/Shar ... /cabsa.cab (Reg Error: Key error.)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 3120838250 (MUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab (HP Download Manager)
O16 - DPF: {78AEEDE8-7345-4FB5-A8FE-4BFF16EF25FC} http://us-download.mcafee.com/products/ ... vt/mvt.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {ACDB1787-986D-434D-9857-2172CDB2108D} https://remote-gcc.rbc.com/nortel_cache ... nblock.cab (popupunblk Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {D9CDEFE3-51BB-4737-A12C-53D9814A148C} https://owa.bmofg.com/exchweb/controls/DAX.cab (DAX Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://inet.bmofg.com/dana-cached/setu ... tupSP1.cab (JuniperSetupSP1 Control)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/ph ... NPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/Juni ... Client.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\480\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Steve\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Steve\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-02-14 16:30:21 | 000,000,067 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004-08-10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.NAV -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (SsiEfr.e) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\SYSTEM32\iac25_32.ax (Ligos Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\SYSTEM32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\TSSOFT32.ACM (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll (Ligos Corporation)
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll (Ligos Corporation)
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Ligos Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.yvu9 - C:\WINDOWS\System32\iyvu9_32.dll ()
Drivers32: wave - C:\WINDOWS\System32\SERWVDRV.DLL (Microsoft Corporation)

========== Files/Folders - Created Within 30 Days ==========

[2011-02-20 10:06:07 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Steve\Recent
[2011-02-20 00:46:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011-02-19 23:32:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve\Application Data\Avira
[2011-02-19 23:28:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2011-02-19 23:28:03 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011-02-19 23:28:00 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011-02-19 23:28:00 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011-02-19 23:28:00 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2011-02-19 23:28:00 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2011-02-19 23:27:59 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011-02-15 20:46:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve\Start Menu\Programs\HiJackThis
[2011-02-15 20:46:49 | 000,000,000 | ---D | C] -- C:\Program Files\HiJack
[2011-02-15 20:45:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve\Desktop\Hijack
[2011-02-12 19:32:25 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2011-02-12 19:30:53 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2011-02-07 22:04:10 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Documents and Settings\Steve\My Documents\*.tmp files -> C:\Documents and Settings\Steve\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011-02-22 19:31:52 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011-02-22 19:31:51 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011-02-22 19:14:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011-02-22 19:00:00 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\RMSchedule.job
[2011-02-22 16:30:35 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011-02-22 16:27:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011-02-22 16:27:27 | 1071,697,920 | -HS- | M] () -- C:\hiberfil.sys
[2011-02-14 20:00:00 | 000,000,772 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Steve.job
[2011-02-09 22:13:33 | 000,161,936 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-02-09 20:16:43 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011-02-09 18:42:05 | 002,384,896 | ---- | M] () -- C:\Documents and Settings\Steve\Desktop\Monaco_Yacht_d'Albert_de_Monaco.pps
[2011-02-08 22:35:09 | 000,030,208 | ---- | M] () -- C:\Documents and Settings\Steve\Desktop\Noranda Book.doc
[2011-02-07 21:39:07 | 000,001,274 | ---- | M] () -- C:\WINDOWS\System\Cmicnfg3.ini
[2011-02-03 19:02:59 | 000,039,936 | ---- | M] () -- C:\Documents and Settings\Steve\Desktop\Business Account.xls
[2011-02-02 17:11:20 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2011-01-31 07:19:43 | 000,001,154 | ---- | M] () -- C:\Documents and Settings\Steve\Start Menu\Programs\Startup\Seagate Product Registration.lnk
[2011-01-24 22:37:56 | 000,055,296 | ---- | M] () -- C:\Documents and Settings\Steve\Desktop\Ministry Release Form_FSL_ Student - John English.doc
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Documents and Settings\Steve\My Documents\*.tmp files -> C:\Documents and Settings\Steve\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011-02-13 00:25:40 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011-02-12 19:30:59 | 000,000,955 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Defender.lnk
[2011-02-09 18:42:04 | 002,384,896 | ---- | C] () -- C:\Documents and Settings\Steve\Desktop\Monaco_Yacht_d'Albert_de_Monaco.pps
[2011-02-08 22:34:43 | 000,030,208 | ---- | C] () -- C:\Documents and Settings\Steve\Desktop\Noranda Book.doc
[2011-02-02 22:17:48 | 000,039,936 | ---- | C] () -- C:\Documents and Settings\Steve\Desktop\Business Account.xls
[2011-01-24 22:37:56 | 000,055,296 | ---- | C] () -- C:\Documents and Settings\Steve\Desktop\Ministry Release Form_FSL_ Student - John English.doc
[2010-08-28 01:59:41 | 000,000,759 | ---- | C] () -- C:\Documents and Settings\Steve\Application Data\Rim.Desktop.HttpServerSetup.log
[2010-05-02 19:30:29 | 000,000,066 | ---- | C] () -- C:\WINDOWS\Cmicnfg3.ini.cfl
[2010-05-02 19:29:46 | 000,001,480 | R--- | C] () -- C:\WINDOWS\Cmicnfg3.ini.cfg
[2010-05-02 19:29:33 | 000,002,378 | R--- | C] () -- C:\WINDOWS\cmudax3.ini
[2010-01-05 21:51:32 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old
[2009-12-07 14:58:27 | 000,000,101 | ---- | C] () -- C:\WINDOWS\CMMIXER.INI
[2009-12-07 14:38:49 | 000,039,279 | ---- | C] () -- C:\WINDOWS\cmijack.ini
[2009-12-07 14:38:47 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2009-12-07 14:38:46 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2009-11-17 22:10:09 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2009-03-21 20:43:26 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2008-03-07 23:47:54 | 000,281,874 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Svclog.log
[2008-02-11 00:04:36 | 000,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini
[2008-02-11 00:04:35 | 000,819,200 | ---- | C] () -- C:\WINDOWS\gmer.dll
[2008-02-08 23:27:44 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2008-02-08 23:27:44 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2008-02-08 23:27:44 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2008-02-08 23:27:42 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2008-02-08 23:27:42 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2008-02-06 18:40:33 | 000,004,296 | ---- | C] () -- C:\Program Files\INSTALL.LOG
[2008-01-26 16:13:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2008-01-13 11:34:38 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
[2007-12-30 13:28:26 | 000,011,608 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007-11-02 18:31:40 | 000,006,850 | R--- | C] () -- C:\WINDOWS\Disktool.INI
[2007-11-02 18:31:40 | 000,005,633 | R--- | C] () -- C:\WINDOWS\fwupgrade.ini
[2007-11-02 18:31:40 | 000,003,677 | R--- | C] () -- C:\WINDOWS\PlaySnd.INI
[2007-03-05 19:08:40 | 000,000,394 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2007-01-06 12:56:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2006-12-28 10:41:52 | 000,000,029 | ---- | C] () -- C:\WINDOWS\PControl.ini
[2006-12-16 00:09:17 | 000,000,030 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006-05-23 08:24:56 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2006-05-07 23:12:34 | 000,684,032 | ---- | C] () -- C:\WINDOWS\libeay32.dll
[2006-05-07 23:12:34 | 000,155,648 | ---- | C] () -- C:\WINDOWS\ssleay32.dll
[2006-04-30 22:02:15 | 000,000,022 | ---- | C] () -- C:\WINDOWS\ICDESK.INI
[2006-02-07 21:22:01 | 000,000,027 | ---- | C] () -- C:\WINDOWS\WS_FTP.INI
[2006-01-14 11:58:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005-08-20 00:29:07 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005-05-25 21:41:39 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\6895752858.sys
[2005-05-25 21:41:38 | 000,006,686 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005-05-22 21:50:57 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2005-05-15 00:17:34 | 000,153,088 | ---- | C] () -- C:\Documents and Settings\Steve\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005-05-14 21:13:53 | 000,000,747 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005-05-14 19:27:47 | 000,000,559 | ---- | C] () -- C:\WINDOWS\VTruck1.ini
[2005-05-09 11:53:54 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005-05-09 11:46:49 | 000,000,390 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005-05-09 11:15:00 | 000,000,370 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004-10-26 17:39:05 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004-09-22 13:47:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004-08-10 13:13:12 | 000,000,883 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004-08-10 13:03:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004-08-04 05:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2003-11-13 13:28:02 | 000,012,570 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2003-11-13 13:28:02 | 000,012,570 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2002-04-17 07:15:22 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\appc18iv.dll
[1999-01-22 13:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998-03-22 13:50:02 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[1980-01-01 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2006-05-09 22:29:24 | 000,000,030 | ---- | M] () -- C:\AHBDG.log
[2006-05-09 22:47:50 | 000,001,537 | ---- | M] () -- C:\APIHook.log
[2001-11-22 23:08:20 | 000,712,704 | R--- | M] (Sensaura Ltd) -- C:\AUDIO3D.DLL
[2006-02-14 16:30:21 | 000,000,067 | ---- | M] () -- C:\AUTOEXEC.BAT
[2004-08-10 13:04:08 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.NAV
[2009-12-02 00:13:06 | 000,000,212 | -HS- | M] () -- C:\BOOT.INI
[2003-04-07 20:21:02 | 000,050,794 | R--- | M] () -- C:\CMAUDIO.CAT
[2003-04-03 05:37:32 | 000,023,041 | R--- | M] () -- C:\cmaudio.dat
[2003-04-03 04:44:44 | 000,064,443 | R--- | M] () -- C:\CMAUDIO.INF
[2010-01-04 12:57:27 | 000,076,024 | ---- | M] () -- C:\CMAUDIO.PNF
[2002-11-18 02:51:40 | 000,377,358 | R--- | M] (C-Media Inc) -- C:\cmaudio.sys
[2002-06-24 02:46:58 | 000,003,360 | R--- | M] () -- C:\cmiainfo.sys
[2003-03-28 01:19:12 | 000,039,279 | R--- | M] () -- C:\cmijack.dat
[2003-04-10 22:16:28 | 000,039,279 | R--- | M] () -- C:\cmijack.ini
[2002-10-08 20:38:24 | 000,032,768 | R--- | M] (C-Media Corporation) -- C:\CMNPROP.DLL
[2002-07-10 23:13:26 | 000,135,168 | R--- | M] (C-Media Electronics Inc.) -- C:\CMUNINST.DAT
[2002-07-10 22:24:50 | 000,139,264 | R--- | M] (C-Media Electronics Inc.) -- C:\CMUNINST.EXE
[2004-08-10 13:04:08 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2000-10-20 05:28:00 | 000,765,952 | R--- | M] (Sensaura Ltd) -- C:\CRLDS3D.DLL
[2006-04-23 22:38:33 | 000,000,000 | ---- | M] () -- C:\DBS.TXT
[2005-05-09 11:18:12 | 000,004,815 | RH-- | M] () -- C:\DELL.SDR
[2010-01-04 11:09:40 | 000,000,360 | ---- | M] () -- C:\drmHeader.bin
[2007-11-07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007-11-07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007-11-07 07:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007-11-07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007-11-07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007-11-07 07:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007-11-07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007-11-07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007-11-07 07:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007-11-07 07:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2011-02-22 16:27:27 | 1071,697,920 | -HS- | M] () -- C:\hiberfil.sys
[2010-01-04 12:57:27 | 000,038,120 | ---- | M] () -- C:\INFCACHE.1
[2007-11-07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2007-11-07 07:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007-11-07 07:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007-11-07 07:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007-11-07 07:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007-11-07 07:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007-11-07 07:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007-11-07 07:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007-11-07 07:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007-11-07 07:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007-11-07 07:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2004-08-10 13:04:08 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2005-05-24 22:50:35 | 000,165,376 | ---- | M] () -- C:\Mail Set.doc
[2003-03-20 01:21:00 | 001,855,488 | R--- | M] (C-Media Electronic Inc. (www.cmedia.com.tw)) -- C:\MIXER.EXE
[2004-08-10 13:04:08 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2007-06-29 00:01:16 | 000,061,436 | ---- | M] () -- C:\newfiles.txt
[2005-12-14 00:55:26 | 000,001,024 | ---- | M] () -- C:\nop.exe
[2004-08-04 05:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008-09-17 18:03:12 | 000,250,048 | RHS- | M] () -- C:\NTLDR
[2011-02-22 16:27:25 | 524,288,000 | -HS- | M] () -- C:\pagefile.sys
[2005-09-12 02:19:55 | 000,013,030 | ---- | M] () -- C:\PDOXUSRS.NET
[2007-07-11 22:32:26 | 000,001,253 | ---- | M] () -- C:\rapport.txt
[2007-06-28 23:58:11 | 000,024,352 | ---- | M] () -- C:\runkeys.txt
[2010-07-26 20:44:06 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2010-07-28 23:52:03 | 000,000,268 | -H-- | M] () -- C:\sqmdata01.sqm
[2010-07-30 16:15:13 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2010-07-30 18:13:09 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm
[2010-08-03 08:09:24 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
[2010-08-03 16:06:33 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm
[2010-08-06 13:26:26 | 000,000,268 | -H-- | M] () -- C:\sqmdata06.sqm
[2010-08-09 06:14:08 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm
[2010-08-09 11:40:39 | 000,000,268 | -H-- | M] () -- C:\sqmdata08.sqm
[2010-08-09 15:12:10 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm
[2010-08-10 21:37:20 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm
[2010-08-13 06:45:39 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
[2010-08-14 10:40:03 | 000,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
[2010-08-17 07:00:25 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm
[2010-08-22 11:32:20 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm
[2010-08-22 19:17:14 | 000,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
[2010-07-14 21:17:32 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm
[2010-07-15 18:52:57 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm
[2010-07-15 20:16:17 | 000,000,268 | -H-- | M] () -- C:\sqmdata18.sqm
[2010-07-16 06:04:56 | 000,000,268 | -H-- | M] () -- C:\sqmdata19.sqm
[2010-07-26 20:44:06 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2010-07-28 23:52:03 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2010-07-30 16:15:13 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2010-07-30 18:13:09 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2010-08-03 08:09:23 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2010-08-03 16:06:33 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2010-08-06 13:26:25 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2010-08-09 06:14:08 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2010-08-09 11:40:39 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2010-08-09 15:12:09 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2010-08-10 21:37:20 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2010-08-13 06:45:39 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2010-08-14 10:40:03 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2010-08-17 07:00:25 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2010-08-22 11:32:19 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2010-08-22 19:17:13 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2010-07-14 21:17:32 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2010-07-15 18:52:57 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2010-07-15 20:16:17 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2010-07-16 06:04:55 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2005-08-26 15:55:32 | 000,692,224 | ---- | M] (LimeWire) -- C:\StubInstaller.exe
[2006-05-07 23:04:04 | 000,352,137 | ---- | M] () -- C:\swlist.reg
[2006-06-05 21:54:11 | 000,000,000 | ---- | M] () -- C:\taskList.txt
[2007-11-07 07:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007-11-07 07:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007-11-07 07:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
[2006-12-14 01:13:46 | 000,001,364 | ---- | M] () -- C:\VideoEditor.log
[2008-06-19 01:13:32 | 000,074,298 | ---- | M] () -- C:\winzip.log
[2007-10-26 20:50:17 | 000,140,936 | ---- | M] () -- C:\winzip_.log
[2008-03-18 10:09:35 | 000,000,048 | ---- | M] () -- C:\xmp.bat


< MD5 for: EXPLORER.EXE >
[2008-04-13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008-04-13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007-06-13 06:26:03 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=7712DF0CDDE3A5AC89843E61CD5B3658 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007-06-13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) MD5=97BD6515465659FF8F3B7BE375B2EA87 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004-08-04 05:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe

< MD5 for: SFC.DLL >
[2008-04-13 19:12:05 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=96E1C926F22EE1BFBAE82901A35F6BF3 -- C:\WINDOWS\ServicePackFiles\i386\sfc.dll
[2008-04-13 19:12:05 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=96E1C926F22EE1BFBAE82901A35F6BF3 -- C:\WINDOWS\SYSTEM32\sfc.dll
[2004-08-04 05:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=E8A12A12EA9088B4327D49EDCA3ADD3E -- C:\I386\SFC.DLL
[2004-08-04 05:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=E8A12A12EA9088B4327D49EDCA3ADD3E -- C:\WINDOWS\$NtServicePackUninstall$\sfc.dll

< MD5 for: USERINIT.EXE >
[2004-08-04 05:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\I386\USERINIT.EXE
[2004-08-04 05:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008-04-13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008-04-13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\SYSTEM32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004-08-04 05:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\I386\WINLOGON.EXE
[2004-08-04 05:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008-04-13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008-04-13 19:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\SYSTEM32\winlogon.exe

< C:\|CometU /FP >

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >


OTL Extras logfile created on: 2011-02-22 19:38:08 - Run 1
OTL by OldTimer - Version 3.2.21.0 Folder = C:\Documents and Settings\Steve\Desktop\Hijack\OTL
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: yyyy-MM-dd

1,022.00 Mb Total Physical Memory | 534.00 Mb Available Physical Memory | 52.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 68.00% Paging File free
Paging file location(s): C:\pagefile.sys 500 1531 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.53 Gb Total Space | 20.93 Gb Free Space | 29.27% Space Free | Partition Type: NTFS

Computer Name: SNL | User Name: Steve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.com [@ = comfile] -- Reg Error: Key error. File not found
.cpl [@ = cplfile] -- Reg Error: Key error. File not found
.exe [@ = exefile] -- Reg Error: Key error. File not found
.hta [@ = htafile] -- Reg Error: Key error. File not found
.html [@ = htmlfile] -- Reg Error: Key error. File not found
.inf [@ = inffile] -- Reg Error: Key error. File not found
.ini [@ = inifile] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- Reg Error: Key error. File not found
.js [@ = JSFile] -- Reg Error: Key error. File not found
.reg [@ = regfile] -- Reg Error: Key error. File not found
.txt [@ = txtfile] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"22396:TCP" = 22396:TCP:*:Disabled:BitComet 22396 TCP
"22396:UDP" = 22396:UDP:*:Disabled:BitComet 22396 UDP
"4481:TCP" = 4481:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software music sync service data transfer
"4481:UDP" = 4481:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software music sync service discovery
"4482:TCP" = 4482:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software music sync service data transfer
"4482:UDP" = 4482:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software music sync service discovery
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe" = C:\Program Files\Microsoft Games\Zoo Tycoon 2\zt.exe:*:Enabled:Zoo Tycoon 2 Executable -- (Microsoft Corporation)
"C:\Program Files\Replay\Replay Video Suite 10.2\crack\WMR90.exe" = C:\Program Files\Replay\Replay Video Suite 10.2\crack\WMR90.exe:*:Enabled:Windows Media (TM) Stream Recorder -- (NetFor2 and Applian Technologies Inc.)
"C:\WINDOWS\SYSTEM32\MMC.EXE" = C:\WINDOWS\SYSTEM32\MMC.EXE:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Program Files\Shiva\Shiva VPN Client\ICDESK.EXE" = C:\Program Files\Shiva\Shiva VPN Client\ICDESK.EXE:*:Enabled:VPN Client Windows Application
"C:\StubInstaller.exe" = C:\StubInstaller.exe:*:Disabled:LimeWire swarmed installer -- (LimeWire)
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Disabled:BitComet - a BitTorrent Client
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe" = C:\Program Files\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe:*:Enabled:BlackBerry Desktop Software -- (Research In Motion)
"C:\Program Files\Ares\Ares.exe" = C:\Program Files\Ares\Ares.exe:*:Disabled:Ares p2p for windows


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{06CE9412-6714-44AE-A035-F4E9930009E1}" = Advanced Network Diagramming Help
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0878E100-C0BB-41E8-B4C6-C486B61FDA7B}" = Canon PhotoRecord
"{0993A7DC-5616-4DBA-A538-E6BFE0C94C1D}" = Directory Services Help
"{09DA4F91-2A09-4232-AB8C-6BC740096DE3}" = Sonic Update Manager
"{0B5E0886-BC91-4E83-BB29-A664ED8F0285}" = Project Schedules Help
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{0F9196C6-58B4-445B-B56E-B1200FECC151}" = Microsoft Bootvis
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{121634B0-2F4A-11D3-ADA3-00C04F52DD53}" = Windows Installer Clean Up
"{136498DE-6FBD-4F6F-B065-8E24118D351E}" = Internet Diagrams Help
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{16C586A1-4ACB-11D3-8662-00C04F8DBAD9}" = Release Notes
"{172ED890-6982-4CCF-BD23-6949E553B860}" = Save as HTML
"{17334AAF-C9E7-483B-9F45-E3FCAF07FFA7}" = Intel(R) PROSet for Wired Connections
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19B29943-2A85-11D3-8F74-00C04F8DD7E3}" = Solutions
"{1D66C1EB-9FC0-4363-A4B9-E44DDCBACD00}" = Organization Charts
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{241957BD-4436-42B1-ADCF-AE18144358D7}" = Office Layout
"{24557DC0-0839-496f-82F9-C4EB72EFE4FA}" = HP Deskjet All-In-One Software 8.0
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{268FC299-C0BD-4230-9D00-FD7BBB71A2C7}" = Organization Charts Help
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{2D329298-7BDD-476B-8F68-AE3F66EB6F8F}" = Flowcharts
"{3379BB86-49C2-11D3-80AC-00C04F6B854D}" = Network Diagrams Help
"{3388E964-4C4F-11D3-9F66-006008A88EC8}" = Microsoft Visio 2000 (IE)
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{380E3211-4549-42B3-8EE8-2B0561530061}" = Custom Properties Editor
"{390927CA-7D1F-44EB-95FF-FBB4B20822B4}" = Borders and Backgrounds Help
"{39CB30DB-27F8-4dd4-A294-CB4AE3B584FD}" = Copy
"{3A71AF7E-705C-40D3-9024-B63C00AB1772}" = Program Files Help
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = Modem On Hold
"{3F9FB449-93DB-4C47-BB5B-7334C4D1736E}" = SD Formatter
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{403EF592-953B-4794-BCEF-ECAB835C2095}" =
"{4192EAC0-6B36-4723-B216-D0E86E7757AC}" = Jasc Paint Shop Photo Album 5
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{44B3522B-195C-488D-84AC-9526FA99CB73}" = Motorola Handset USB Driver
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46D2CC82-BEAE-4E47-A153-008E60E67BA2}" = Release Notes Professional
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E901875-0F15-44BA-89DE-94AA41A7F507}" = Clear Cache feature for Internet Explorer
"{4F31302F-A77C-4759-9803-E02696185089}" = Program Files Professional
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{51196320-99A0-4737-AE71-5BAF9489A855}" = Database Wizard
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{55B39A89-795A-4E9F-AB38-15AB66125914}" = Borders and Backgrounds
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5BBFB0E4-2250-49C3-A8A3-65BE2197D13B}" = MP3 Player Utilities
"{5BF9AE5B-D635-4BB6-9229-F863B28F9107}" = Graphics Filters
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60692A39-4C61-11D3-A339-006097B6ECD2}" = Program Files
"{60692A40-4C61-11D3-A339-006097B6ECD2}" = Visio
"{60C8D1EA-CB39-44FF-BECA-9B1457898C9B}" = Office Layout Help
"{621C02EA-AAFF-4026-A903-165D59529A16}" = Driver Detective
"{62E98CB2-2B1E-4E7D-8C3B-F6E7A3CB14E0}" = Network Diagrams
"{639B050E-9ADC-44C4-B7FE-BA7DB59D4E4B}" = Forms and Charts
"{63A0A66B-3A50-4D3E-9B88-6459D699C700}" = Internet Diagrams
"{657F8B33-CBBB-45F4-9087-274F22C89400}" = DJ_AIO_ProductContext
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FC7B0F-E59D-418B-A007-13F02DBB002E}" = Advanced Network Diagramming
"{6A4EABDC-B3AA-421D-AB8B-5678293C9235}" = Callouts and Connectors Help
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74096E43-C712-4DED-A530-719CA2E0DE80}" = Nancy Drew Dossier: Resorting to Danger
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = LiveUpdate BVRP Software
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}" = Jasc Paint Shop Pro Studio, Dell Editon
"{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}" = Modem Event Monitor
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{88B32652-CAE0-4909-A463-5840D2689D93}" = FUJIFILM FinePixViewer S Ver.2.1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8AF1E098-1A5C-4336-BBE2-D047ABB401ED}" = MovieEdit Task
"{8C1D906C-D2DA-4E26-B0CF-EB79EEB1F946}" = Software Design Help
"{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}" = Musicmatch® Jukebox
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90A38975-8780-41EB-8483-5FFE82526859}" = Microsoft Phishing Filter Add-in for MSN Search Toolbar
"{93D1FE53-905C-4EE7-AE18-4B13AC0069AD}" = Shape Explorer Help
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9C3576AC-61CA-4A61-8D39-9502AF46F8B6}" = Acapela Synthèse de la Parole pour le WordQ 2 Fr (français canadien)
"{9D25D3FD-A1DE-4CA0-BE6F-B5F65545DDB6}" = Directory Services
"{9EC41026-8399-47E4-9FE9-CFCCCB71F8C3}" = Property Reporting Wizard
"{9ECB4705-B9CB-405A-B6D4-33BDF707308E}" = DJ_AIO_Software
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A4DF8034-28B1-4967-9216-2B2BB435A7C1}" = Program Files Professional Help
"{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures
"{A7016C76-6B65-428F-A2E8-F8A8007BECAF}" = Database Design
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{A8323532-49A2-4055-B424-EEB547E3D02E}" = Project Schedules
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ACE22C48-49D7-4531-BE20-5C3D03393AB6}" = F4100_Help
"{AF06CAE4-C134-44B1-B699-14FBDB63BD37}" = Dell Picture Studio v3.0
"{B06E51F3-D04E-4898-9700-2E48788D5274}" = Clip Art and Symbols
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B80DA153-D56F-4D80-AC29-CEBC8BB263B9}" = Callouts and Connectors
"{B9EF1B56-2E87-11D3-80A5-00C04F6B854D}" = Maps
"{BA04FFF0-F3A5-4D48-BD32-003D7E901178}" = Page Layout Wizard
"{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}" = Canon Camera WIA Driver
"{BBE93891-6608-11d3-9F6A-006008A88EC8}" = Help for Visio 2000 (HTML Help)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C0C26E52-D52C-41ED-8F1C-D3D0DC941955}" = Software Design
"{C3A11907-930D-41AC-A135-CC3B12F92011}" = Seagate Dashboard
"{C5E69312-4354-11D3-B0BC-00C04FC2B1B9}" = CAD Drawing Display
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C8A6BD64-0FB7-4AE5-82DF-09B5C6161486}" = Database Design Help
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B2}" = WinZip 11.2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE}" = BlackBerry Desktop Software 6.0
"{D2D89191-1BB5-42BF-863D-991347B36641}" = Block Diagrams
"{D537C817-BF8E-4746-9E1E-E2A67DAECE4E}" = Add-ons
"{D982E7B4-4C62-11D3-A339-006097B6ECD2}" = Visio Core Files
"{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}" = iTunes
"{DC83F417-8068-4074-BA2F-C4F8AB872556}" = DJ_AIO_Software_min
"{DFB8D937-5CC3-4555-9150-90E57459AF00}" = Block Diagrams Help
"{DFE81EB6-0287-4DFF-AE7D-14E664586905}" = Clip Art and Symbols Help
"{E2057EE6-A559-40E3-AF8B-437866E0EDA9}" = Flowcharts Help
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E3436EE2-D5CB-4249-840B-3A0140CC34C3}" = Classic PhoneTools
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E44BD710-B71A-11d3-9F79-006008A88EC8}" = VBA
"{E7DE3D60-3FB8-11D3-8F79-00C04F8DD7E3}" = Developing Visio Solutions Help
"{E8814A8F-3B06-11D3-8CD7-00C04F72C04D}" = Microsoft Visual Studio Service Pack 3
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{F18E8A0F-BE99-4305-96A5-6C0FD9D7D999}" = mobile PhoneTools
"{F28D0D4C-D522-43B1-9700-C896A76C6130}" = Maps Help
"{F843C6A3-224D-4615-94F8-3C461BD9AEA0}" = Jasc Paint Shop Pro 9
"{F8653A81-1A97-4A2A-8ECE-D2B895B4D796}" = Acapela Synthèse de la Parole pour le WordQ 2 Fr (Noyau)
"{FC588207-9B40-4800-92AD-EB4D48FB7726}" = Forms and Charts Help
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Action Replay Code Manager_is1" = Action Replay Code Manager
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BellCanada" = Bell Internet Check-up
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0
"BugOff" = BugOff 1.10
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CleanUp!" = CleanUp!
"C-Media PCI Sound" = Diamond Xtreme Audio
"CSCLIB" = Canon Camera Support Core Library
"DECCHECK" = Microsoft Windows XP Video Decoder Checkup Utility
"Defraggler" = Defraggler (remove only)
"DelinvFile_is1" = DelinvFile - 2.02
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"DjVu" = Lizardtech DjVu Control (autoinstall)
"DPP" = Canon Utilities Digital Photo Professional 3.4
"DVDXCopyPlatinum" = DVD X Copy Platinum 4.0.3
"EOS Utility" = Canon Utilities EOS Utility
"FLV Player" = FLV Player 2.0 (build 25)
"GoToAssist" = GoToAssist 8.0.0.480
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Indeo® Software" = Indeo® Software
"InstallShield_{621C02EA-AAFF-4026-A903-165D59529A16}" = Driver Detective
"InstallShield_{8AF1E098-1A5C-4336-BBE2-D047ABB401ED}" = Canon MovieEdit Task for ZoomBrowser EX
"InstallShield_{BB3AB664-D92B-4CB5-8B3E-D841841F4E68}" = Canon EOS 5D WIA Driver
"Intel(R) 537EP V9x DFV PCI Modem" = Intel(R) 537EP V9x DFV PCI Modem
"Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control
"jZip" = jZip
"LiveUpdate1.6" = LiveUpdate 1.6 (Symantec Corporation)
"Mavis Beacon Teaches Typing Deluxe 17" = Mavis Beacon Teaches Typing Deluxe 17
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"MWAREDATT" = Messageware AttachView Add-in for Saving Files
"MyCamera" = Canon Utilities MyCamera
"Nero - Burning Rom!UninstallKey" = Nero - Burning Rom (Web installer)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Original Data Security Tools" = Canon Utilities Original Data Security Tools
"PCI Audio Driver" = PCI Audio Driver
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"PROSet" = Intel(R) PRO Network Adapters and Drivers
"RadialpointClientGateway_is1" = Bell Internet Service Advisor 2.1.7
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Sorry" = Sorry
"Stop_the_Morbuzakh" = Stop the Morbuzakh (remove only)
"VLC media player" = VLC media player 1.0.0
"WFTK" = Canon Utilities WFT-E1/E2/E3 Utility
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"Zoo Tycoon 2" = Zoo Tycoon 2
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Juniper_Term_Services" = Juniper Terminal Services Client
"Neoteris_Host_Checker" = Juniper Networks Host Checker
"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2011-01-02 00:16:21 | Computer Name = SNL | Source = Application Hang | ID = 1001
Description = Fault bucket -2087263879.

Error - 2011-01-04 22:25:58 | Computer Name = SNL | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 2011-01-04 22:25:58 | Computer Name = SNL | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 2011-01-07 01:00:06 | Computer Name = SNL | Source = Application Error | ID = 1000
Description = Faulting application divx plus player.exe, version 10.2.1.20, faulting
module divx plus player.exe, version 10.2.1.20, fault address 0x0000bac1.

Error - 2011-01-07 01:00:11 | Computer Name = SNL | Source = Application Error | ID = 1001
Description = Fault bucket -2112980242.

Error - 2011-01-07 01:01:06 | Computer Name = SNL | Source = Application Error | ID = 1000
Description = Faulting application divx plus player.exe, version 10.2.1.20, faulting
module qtcore4.dll, version 4.5.0.0, fault address 0x000e1b16.

Error - 2011-01-07 01:01:10 | Computer Name = SNL | Source = Application Error | ID = 1001
Description = Fault bucket -2113035927.

Error - 2011-01-15 20:01:00 | Computer Name = SNL | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.17093, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 2011-01-15 20:06:42 | Computer Name = SNL | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.17093, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 2011-01-17 22:55:50 | Computer Name = SNL | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.17093, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 2011-02-22 20:29:27 | Computer Name = SNL | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service hpqcxs08 with
arguments "" in order to run the server: {1DAEDD8A-30ED-4585-9CF1-13BDF7791DDE}

Error - 2011-02-22 20:29:50 | Computer Name = SNL | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service hpqcxs08 with
arguments "" in order to run the server: {1DAEDD8A-30ED-4585-9CF1-13BDF7791DDE}

Error - 2011-02-22 20:31:06 | Computer Name = SNL | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service hpqcxs08 with
arguments "" in order to run the server: {1DAEDD8A-30ED-4585-9CF1-13BDF7791DDE}

Error - 2011-02-22 20:31:06 | Computer Name = SNL | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service hpqcxs08 with
arguments "" in order to run the server: {1DAEDD8A-30ED-4585-9CF1-13BDF7791DDE}

Error - 2011-02-22 20:33:40 | Computer Name = SNL | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service hpqcxs08 with
arguments "" in order to run the server: {1DAEDD8A-30ED-4585-9CF1-13BDF7791DDE}

Error - 2011-02-22 20:36:59 | Computer Name = SNL | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service hpqcxs08 with
arguments "" in order to run the server: {1DAEDD8A-30ED-4585-9CF1-13BDF7791DDE}

Error - 2011-02-22 20:36:59 | Computer Name = SNL | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service hpqcxs08 with
arguments "" in order to run the server: {1DAEDD8A-30ED-4585-9CF1-13BDF7791DDE}

Error - 2011-02-22 20:43:02 | Computer Name = SNL | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service hpqcxs08 with
arguments "" in order to run the server: {1DAEDD8A-30ED-4585-9CF1-13BDF7791DDE}

Error - 2011-02-22 20:45:13 | Computer Name = SNL | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service hpqcxs08 with
arguments "" in order to run the server: {1DAEDD8A-30ED-4585-9CF1-13BDF7791DDE}

Error - 2011-02-22 20:45:13 | Computer Name = SNL | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service hpqcxs08 with
arguments "" in order to run the server: {1DAEDD8A-30ED-4585-9CF1-13BDF7791DDE}


< End of report >
steve111
Regular Member
 
Posts: 16
Joined: February 15th, 2011, 9:37 pm

Re: Painfully Slow

Unread postby askey127 » February 23rd, 2011, 7:58 am

steve111,
---------------------------------------------------------------
Check the Status of the DNS Client Service.
From Start, or Start, Run
Type services.msc in the box and hit <Enter>
Give permission to continue if necessary.
Scroll down to DNS Client on the list, Right Click it and choose Properties.
Note what it reports for Service Status and Startup Type.
Then click OK and exit.
--------------------------------------------------------
Download and Install the newest version of Adobe Reader for reading pdf files, due to the vulnerabilities in earlier versions.
All versions numbered lower than 10.0 are vulnerable.
Go HERE and click on AdbeRdr1000_en_US.exe to download the latest version of Adobe Acrobat Reader.
Save this file to your desktop and run it to install the latest version of Adobe Reader.

After the new Reader is installed, Open Adobe Reader X. (Right click and Run as administrator in Visat/Win7)
OK the license.
Click on Edit and select Preferences.
On the Left, click on the Javascript category and Uncheck Enable Acrobat Javascript.
Click on the Security (Enhanced) category and Uncheck Automatically trust sites from my Win OS security zones.
Click on the Trust Manager category and Uncheck Allow opening of non-PDF file attachments with external applications.
Click the OK button

Download OTL from here http://oldtimer.geekstogo.com/OTL.exe and save it to your desktop.
----------------------------------------------
Perform a Custom Fix with OTL
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:
    Code: Select all
    :processes
    killallprocesses
    
    :OTL
    @Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
    @Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
    @Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
    
    :Reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
    "DisableMonitoring" = 0
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirewallDisableNotify" = 1
    "UpdatesDisableNotify" = 1
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "22396:TCP" =-
    "22396:UDP" =-
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\StubInstaller.exe" =-
    "C:\Program Files\BitComet\BitComet.exe" =-
    "C:\Program Files\Ares\Ares.exe" =-
    
    :Files
    C:\StubInstaller.exe
    C:\Program Files\BitComet
    C:\Program Files\Ares
    
    :Commands
    [EMPTYTEMP]
    [Reboot]
    
  • Then click the Run Fix button at the top.
  • Let the program run unhindered and reboot the PC when it is done.
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Also include what you found about the DNS Client Service.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Painfully Slow

Unread postby steve111 » February 23rd, 2011, 10:07 pm

Thanks for your help

Service Status: Started
StartUpType: Automatic

OTL logfile created on: 2011-02-23 20:54:51 - Run 2
OTL by OldTimer - Version 3.2.21.0 Folder = C:\Documents and Settings\Steve\Desktop\Hijack\OLT Feb 23
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: yyyy-MM-dd

1,022.00 Mb Total Physical Memory | 505.00 Mb Available Physical Memory | 49.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): C:\pagefile.sys 500 1531 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.53 Gb Total Space | 21.63 Gb Free Space | 30.24% Space Free | Partition Type: NTFS

Computer Name: SNL | User Name: Steve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-02-23 20:34:49 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Steve\Desktop\Hijack\OLT Feb 23\OTL.exe
PRC - [2011-01-10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011-01-10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011-01-10 14:23:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010-12-08 16:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
PRC - [2010-07-06 14:32:04 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2010-07-06 14:32:02 | 000,069,896 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
PRC - [2010-01-19 10:17:16 | 001,565,696 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\BellCanada\McciTrayApp.exe
PRC - [2010-01-14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2008-09-21 22:01:33 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008-04-13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006-11-03 19:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006-11-03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2002-10-15 18:00:20 | 001,818,624 | ---- | M] (C-Media Electronic Inc. (www.cmedia.com.tw)) -- C:\WINDOWS\mixer.exe


========== Modules (SafeList) ==========

MOD - [2011-02-23 20:34:49 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Steve\Desktop\Hijack\OLT Feb 23\OTL.exe
MOD - [2010-08-23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010-01-19 10:06:34 | 000,198,656 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Common Files\Motive\McciContextHook_DSR.dll


========== Win32 Services (SafeList) ==========

SRV - [2011-01-10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011-01-10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010-07-06 14:32:04 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2008-02-12 22:09:48 | 000,016,936 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe -- (GoToAssist)
SRV - [2007-10-25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007-03-07 14:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007-01-31 13:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [On_Demand | Stopped] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2006-11-03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2005-10-06 18:12:30 | 000,855,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Connect 2\wmccds.exe -- (WMConnectCDS)


========== Driver Services (SafeList) ==========

DRV - [2011-01-10 14:23:53 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avipbb.sys -- (avipbb)
DRV - [2011-01-10 14:23:53 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgntflt.sys -- (avgntflt)
DRV - [2010-06-17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssmdrv.sys -- (ssmdrv)
DRV - [2010-06-17 14:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010-01-19 10:06:44 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010-01-19 10:06:38 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009-04-14 06:27:50 | 001,519,424 | R--- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\cmudax3.sys -- (cmuda3)
DRV - [2008-04-13 14:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2008-04-13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008-04-13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008-02-11 00:04:35 | 000,085,713 | ---- | M] (GMER) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\gmer.sys -- (gmer)
DRV - [2007-02-25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys -- (dsunidrv)
DRV - [2006-10-05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2004-12-01 03:22:00 | 000,087,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004-11-23 02:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\drvnddm.sys -- (drvnddm)
DRV - [2004-11-16 01:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004-11-16 01:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004-11-16 01:05:00 | 000,086,554 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004-11-16 01:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004-11-16 01:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004-11-16 01:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004-11-16 01:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004-11-16 01:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004-11-16 01:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004-09-17 09:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\senfilt.sys -- (senfilt)
DRV - [2004-08-03 22:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS -- (nv)
DRV - [2004-07-14 11:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004-07-14 11:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssrtln.sys -- (ssrtln)
DRV - [2004-06-15 22:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53)
DRV - [2004-03-05 22:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52)
DRV - [2004-03-05 22:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51)
DRV - [2004-03-05 22:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys -- (mohfilt)
DRV - [2002-11-18 15:51:40 | 000,377,358 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\cmaudio.sys -- (cmpci) C-Media PCI Audio Driver (WDM)
DRV - [2001-08-17 14:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001-08-17 14:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001-08-17 14:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001-08-17 14:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001-08-17 14:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001-08-17 13:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001-08-17 13:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001-08-17 13:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001-08-17 13:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001-08-17 13:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001-08-17 13:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001-08-17 13:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001-08-17 13:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001-08-17 13:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001-08-17 13:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001-05-07 05:56:02 | 000,019,805 | R--- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbio.sys -- (USBIO) USBIO Driver (usbio.sys)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.theweathernetwork.com/weathe ... f=homecity
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011-01-06 20:20:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011-01-06 20:20:35 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009-05-14 22:25:32 | 000,306,829 | R--- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 10567 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - SITEguard - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BellCanada_McciTrayApp] C:\Program Files\BellCanada\McciTrayApp.exe (Alcatel-Lucent)
O4 - HKLM..\Run: [BISA.exe] C:\Program Files\Bell\Internet Service Advisor\BISA.exe (Bell)
O4 - HKLM..\Run: [C-Media Mixer] C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
O4 - HKLM..\Run: [CmPCIaudio] File not found
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Desktop Search.lnk.disabled ()
O4 - Startup: C:\Documents and Settings\Steve\Start Menu\Programs\Startup\Seagate Product Registration.lnk = C:\Documents and Settings\Steve\Application Data\Leadertech\PowerRegister\Seagate Product Registration.exe (Leader Technologies/Seagate)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: rbc.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: rbc.com ([rbcts.fg] https in Trusted sites)
O15 - HKCU\..Trusted Domains: rbc.com ([remote] https in Trusted sites)
O16 - DPF: {08496B45-6BB1-4F92-A8E6-B9E7978634CB} https://remote.rbc.com/nortel_cacheable/TrustSite.cab (Trustsite Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/sh ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2D72C39D-53F6-4AEA-A9DB-1298429DA975} http://www.3dvista.com/downloads/viewer3dv2.cab (3DVista Viewer Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resour ... se6886.cab (Windows Live Safety Center Base Module)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/Shar ... /cabsa.cab (Reg Error: Key error.)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 3120838250 (MUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab (HP Download Manager)
O16 - DPF: {78AEEDE8-7345-4FB5-A8FE-4BFF16EF25FC} http://us-download.mcafee.com/products/ ... vt/mvt.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {ACDB1787-986D-434D-9857-2172CDB2108D} https://remote-gcc.rbc.com/nortel_cache ... nblock.cab (popupunblk Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {D9CDEFE3-51BB-4737-A12C-53D9814A148C} https://owa.bmofg.com/exchweb/controls/DAX.cab (DAX Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://inet.bmofg.com/dana-cached/setu ... tupSP1.cab (JuniperSetupSP1 Control)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/ph ... NPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/Juni ... Client.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\480\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Steve\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Steve\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-02-14 16:30:21 | 000,000,067 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004-08-10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.NAV -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (SsiEfr.e) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2011-02-23 20:37:26 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-02-22 20:39:55 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Steve\Recent
[2011-02-20 00:46:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011-02-19 23:32:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve\Application Data\Avira
[2011-02-19 23:28:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2011-02-19 23:28:03 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011-02-19 23:28:00 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011-02-19 23:28:00 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011-02-19 23:28:00 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2011-02-19 23:28:00 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2011-02-19 23:27:59 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011-02-15 20:46:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve\Start Menu\Programs\HiJackThis
[2011-02-15 20:46:49 | 000,000,000 | ---D | C] -- C:\Program Files\HiJack
[2011-02-15 20:45:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve\Desktop\Hijack
[2011-02-12 19:30:53 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2011-02-07 22:04:10 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2 C:\Documents and Settings\Steve\My Documents\*.tmp files -> C:\Documents and Settings\Steve\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011-02-23 20:55:12 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011-02-23 20:52:34 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011-02-23 20:52:17 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011-02-23 20:52:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011-02-23 20:52:00 | 1071,697,920 | -HS- | M] () -- C:\hiberfil.sys
[2011-02-23 20:16:22 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011-02-23 20:14:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011-02-23 19:00:00 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\RMSchedule.job
[2011-02-14 20:00:00 | 000,000,772 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Steve.job
[2011-02-09 22:13:33 | 000,161,936 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-02-09 20:16:43 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011-02-09 18:42:05 | 002,384,896 | ---- | M] () -- C:\Documents and Settings\Steve\Desktop\Monaco_Yacht_d'Albert_de_Monaco.pps
[2011-02-08 22:35:09 | 000,030,208 | ---- | M] () -- C:\Documents and Settings\Steve\Desktop\Noranda Book.doc
[2011-02-07 21:39:07 | 000,001,274 | ---- | M] () -- C:\WINDOWS\System\Cmicnfg3.ini
[2011-02-03 19:02:59 | 000,039,936 | ---- | M] () -- C:\Documents and Settings\Steve\Desktop\Business Account.xls
[2011-01-31 07:19:43 | 000,001,154 | ---- | M] () -- C:\Documents and Settings\Steve\Start Menu\Programs\Startup\Seagate Product Registration.lnk
[2011-01-24 22:37:56 | 000,055,296 | ---- | M] () -- C:\Documents and Settings\Steve\Desktop\Ministry Release Form_FSL_ Student - John English.doc
[2 C:\Documents and Settings\Steve\My Documents\*.tmp files -> C:\Documents and Settings\Steve\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011-02-23 20:16:22 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011-02-23 20:16:22 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011-02-13 00:25:40 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011-02-12 19:30:59 | 000,000,955 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Defender.lnk
[2011-02-09 18:42:04 | 002,384,896 | ---- | C] () -- C:\Documents and Settings\Steve\Desktop\Monaco_Yacht_d'Albert_de_Monaco.pps
[2011-02-08 22:34:43 | 000,030,208 | ---- | C] () -- C:\Documents and Settings\Steve\Desktop\Noranda Book.doc
[2011-02-02 22:17:48 | 000,039,936 | ---- | C] () -- C:\Documents and Settings\Steve\Desktop\Business Account.xls
[2011-01-24 22:37:56 | 000,055,296 | ---- | C] () -- C:\Documents and Settings\Steve\Desktop\Ministry Release Form_FSL_ Student - John English.doc
[2010-08-28 01:59:41 | 000,000,759 | ---- | C] () -- C:\Documents and Settings\Steve\Application Data\Rim.Desktop.HttpServerSetup.log
[2010-05-02 19:30:29 | 000,000,066 | ---- | C] () -- C:\WINDOWS\Cmicnfg3.ini.cfl
[2010-05-02 19:29:46 | 000,001,480 | R--- | C] () -- C:\WINDOWS\Cmicnfg3.ini.cfg
[2010-05-02 19:29:33 | 000,002,378 | R--- | C] () -- C:\WINDOWS\cmudax3.ini
[2010-01-05 21:51:32 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old
[2009-12-07 14:58:27 | 000,000,101 | ---- | C] () -- C:\WINDOWS\CMMIXER.INI
[2009-12-07 14:38:49 | 000,039,279 | ---- | C] () -- C:\WINDOWS\cmijack.ini
[2009-12-07 14:38:47 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2009-12-07 14:38:46 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2009-11-17 22:10:09 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2009-03-21 20:43:26 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2008-03-07 23:47:54 | 000,281,874 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Svclog.log
[2008-02-11 00:04:36 | 000,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini
[2008-02-11 00:04:35 | 000,819,200 | ---- | C] () -- C:\WINDOWS\gmer.dll
[2008-02-08 23:27:44 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2008-02-08 23:27:44 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2008-02-08 23:27:44 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2008-02-08 23:27:42 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2008-02-08 23:27:42 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2008-02-06 18:40:33 | 000,004,296 | ---- | C] () -- C:\Program Files\INSTALL.LOG
[2008-01-26 16:13:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2008-01-13 11:34:38 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
[2007-12-30 13:28:26 | 000,011,608 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007-11-02 18:31:40 | 000,006,850 | R--- | C] () -- C:\WINDOWS\Disktool.INI
[2007-11-02 18:31:40 | 000,005,633 | R--- | C] () -- C:\WINDOWS\fwupgrade.ini
[2007-11-02 18:31:40 | 000,003,677 | R--- | C] () -- C:\WINDOWS\PlaySnd.INI
[2007-03-05 19:08:40 | 000,000,394 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2007-01-06 12:56:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2006-12-28 10:41:52 | 000,000,029 | ---- | C] () -- C:\WINDOWS\PControl.ini
[2006-12-16 00:09:17 | 000,000,030 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006-05-23 08:24:56 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2006-05-07 23:12:34 | 000,684,032 | ---- | C] () -- C:\WINDOWS\libeay32.dll
[2006-05-07 23:12:34 | 000,155,648 | ---- | C] () -- C:\WINDOWS\ssleay32.dll
[2006-04-30 22:02:15 | 000,000,022 | ---- | C] () -- C:\WINDOWS\ICDESK.INI
[2006-02-07 21:22:01 | 000,000,027 | ---- | C] () -- C:\WINDOWS\WS_FTP.INI
[2006-01-14 11:58:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005-08-20 00:29:07 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005-05-25 21:41:39 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\6895752858.sys
[2005-05-25 21:41:38 | 000,006,686 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005-05-22 21:50:57 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2005-05-15 00:17:34 | 000,153,088 | ---- | C] () -- C:\Documents and Settings\Steve\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005-05-14 21:13:53 | 000,000,747 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005-05-14 19:27:47 | 000,000,559 | ---- | C] () -- C:\WINDOWS\VTruck1.ini
[2005-05-09 11:53:54 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005-05-09 11:46:49 | 000,000,390 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005-05-09 11:15:00 | 000,000,370 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004-10-26 17:39:05 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004-09-22 13:47:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004-08-10 13:13:12 | 000,000,883 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004-08-10 13:03:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004-08-04 05:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2003-11-13 13:28:02 | 000,012,570 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2003-11-13 13:28:02 | 000,012,570 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2002-04-17 07:15:22 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\appc18iv.dll
[1999-01-22 13:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998-03-22 13:50:02 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[1980-01-01 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== LOP Check ==========

[2011-02-19 23:17:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009-08-14 15:23:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bell
[2007-01-06 12:57:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund
[2006-04-23 22:39:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2008-02-12 22:11:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2005-08-22 00:45:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GoldMine
[2008-02-21 00:24:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2009-05-21 15:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Juniper Networks
[2006-05-03 22:07:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MVTLogs
[2010-07-12 20:50:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panasonic
[2009-02-17 00:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008-10-17 22:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2010-08-28 02:01:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2007-12-29 22:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2008-01-02 10:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SITEguard
[2008-01-02 11:35:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2007-12-20 12:52:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010-12-15 21:53:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008-10-07 23:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009-03-31 22:47:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009-10-28 09:26:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009-06-23 22:45:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2007-10-20 13:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Acapela Group
[2010-10-25 23:19:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\AVG9
[2009-08-15 08:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Bell
[2010-02-11 22:59:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Blackberry Desktop
[2009-06-11 09:24:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Canon
[2008-11-06 22:04:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\FUJIFILM
[2010-08-17 05:55:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Image Zone Express
[2009-07-17 11:33:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Juniper Networks
[2005-08-20 21:12:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Leadertech
[2009-12-01 23:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\MSNInstaller
[2010-07-12 20:50:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Panasonic
[2009-05-12 18:38:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Printer Info Cache
[2006-05-20 09:58:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Registry Booster
[2010-08-28 02:02:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Research In Motion
[2011-01-16 21:27:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Seagate
[2008-02-08 22:49:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Uniblue
[2006-03-01 11:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Visio
[2011-02-23 20:55:12 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2011-02-23 19:00:00 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\RMSchedule.job
[2010-11-01 21:38:00 | 000,000,270 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
[2008-02-08 22:38:26 | 000,000,392 | ---- | M] () -- C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job

========== Purity Check ==========



< End of report >
steve111
Regular Member
 
Posts: 16
Joined: February 15th, 2011, 9:37 pm

Re: Painfully Slow

Unread postby askey127 » February 24th, 2011, 7:57 am

steve111,
-----------------------------------------------------------
Like a lot of "RegistryCleaners", Cleanup! has broken machines in the past.
Don't ever use a registry cleaner, optimizer, booster, etc. They don't work and they can wreck your machine.
I will give you a safe temp file cleaner you can use.
Remove Programs Using Control Panel
From Start, Settings, Control Panel or Start, Control Panel, click Add/Remove Programs.
Highlight each Entry, as follows, one by one, if it exists, and choose Remove :

Cleanup!

Take extra care in answering questions posed by any Uninstaller.
----------------------------------------------
Perform a Custom Scan or Fix with OTL
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:
    Code: Select all
    :processes
    killallprocesses
    
    :OTL
    
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
    O3 - HKLM\..\Toolbar: (no name) - SITEguard - No CLSID value found.
    O4 - HKLM..\Run: [CmPCIaudio] File not found
    O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
    O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\480\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O34 - HKLM BootExecute: (SsiEfr.e) - File not found
    
    :Files
    C:\Documents and Settings\All Users\Application Data\Grisoft
    C:\Documents and Settings\Steve\Application Data\AVG9
    C:\Documents and Settings\Steve\Application Data\Registry Booster
    C:\Documents and Settings\Steve\Application Data\Uniblue
    C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job
    C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job
    C:\Documents and Settings\All Users\Application Data\avg9
    
    :Commands
    [EMPTYTEMP]
    [Reboot]
    
  • Then click the Run Fix button at the top.
  • Let the program run unhindered and reboot the PC when it is done.
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Were you able to check the status of the DNS Client Service?
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Painfully Slow

Unread postby steve111 » February 24th, 2011, 11:00 pm

Hi,

On OLT there is a check box for scan all users. We have 5 logons on the computer. Should that box be checked?

I liked CleanUp. It removed many temp files. What can you suggest I replace it with?

Thanks for your help



OTL logfile created on: 2011-02-24 21:50:16 - Run 3
OTL by OldTimer - Version 3.2.21.0 Folder = C:\Documents and Settings\Steve\Desktop\Hijack\OTL
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: yyyy-MM-dd

1,022.00 Mb Total Physical Memory | 549.00 Mb Available Physical Memory | 54.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 68.00% Paging File free
Paging file location(s): C:\pagefile.sys 500 1531 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.53 Gb Total Space | 21.58 Gb Free Space | 30.18% Space Free | Partition Type: NTFS

Computer Name: SNL | User Name: Steve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-02-22 19:36:59 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Steve\Desktop\Hijack\OTL\OTL.exe
PRC - [2011-01-10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011-01-10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011-01-10 14:23:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010-12-08 16:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
PRC - [2010-07-06 14:32:04 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2010-07-06 14:32:02 | 000,069,896 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
PRC - [2010-01-19 10:17:16 | 001,565,696 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\BellCanada\McciTrayApp.exe
PRC - [2010-01-14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2008-09-21 22:01:33 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008-04-13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006-11-03 19:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006-11-03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2002-10-15 18:00:20 | 001,818,624 | ---- | M] (C-Media Electronic Inc. (www.cmedia.com.tw)) -- C:\WINDOWS\mixer.exe


========== Modules (SafeList) ==========

MOD - [2011-02-22 19:36:59 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Steve\Desktop\Hijack\OTL\OTL.exe
MOD - [2010-08-23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010-01-19 10:06:34 | 000,198,656 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Common Files\Motive\McciContextHook_DSR.dll


========== Win32 Services (SafeList) ==========

SRV - [2011-01-10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011-01-10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010-07-06 14:32:04 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2008-02-12 22:09:48 | 000,016,936 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe -- (GoToAssist)
SRV - [2007-10-25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007-03-07 14:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007-01-31 13:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [On_Demand | Stopped] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2006-11-03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2005-10-06 18:12:30 | 000,855,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Connect 2\wmccds.exe -- (WMConnectCDS)


========== Driver Services (SafeList) ==========

DRV - [2011-01-10 14:23:53 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avipbb.sys -- (avipbb)
DRV - [2011-01-10 14:23:53 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgntflt.sys -- (avgntflt)
DRV - [2010-06-17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssmdrv.sys -- (ssmdrv)
DRV - [2010-06-17 14:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010-01-19 10:06:44 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010-01-19 10:06:38 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009-04-14 06:27:50 | 001,519,424 | R--- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\cmudax3.sys -- (cmuda3)
DRV - [2008-04-13 14:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2008-04-13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008-04-13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008-02-11 00:04:35 | 000,085,713 | ---- | M] (GMER) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\gmer.sys -- (gmer)
DRV - [2007-02-25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys -- (dsunidrv)
DRV - [2006-10-05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2004-12-01 03:22:00 | 000,087,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004-11-23 02:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\drvnddm.sys -- (drvnddm)
DRV - [2004-11-16 01:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004-11-16 01:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004-11-16 01:05:00 | 000,086,554 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004-11-16 01:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004-11-16 01:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004-11-16 01:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004-11-16 01:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004-11-16 01:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004-11-16 01:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004-09-17 09:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\senfilt.sys -- (senfilt)
DRV - [2004-08-03 22:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS -- (nv)
DRV - [2004-07-14 11:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004-07-14 11:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssrtln.sys -- (ssrtln)
DRV - [2004-06-15 22:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53)
DRV - [2004-03-05 22:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52)
DRV - [2004-03-05 22:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51)
DRV - [2004-03-05 22:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys -- (mohfilt)
DRV - [2002-11-18 15:51:40 | 000,377,358 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\cmaudio.sys -- (cmpci) C-Media PCI Audio Driver (WDM)
DRV - [2001-08-17 14:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001-08-17 14:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001-08-17 14:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001-08-17 14:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001-08-17 14:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001-08-17 13:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001-08-17 13:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001-08-17 13:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001-08-17 13:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001-08-17 13:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001-08-17 13:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001-08-17 13:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001-08-17 13:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001-08-17 13:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001-08-17 13:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001-05-07 05:56:02 | 000,019,805 | R--- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbio.sys -- (USBIO) USBIO Driver (usbio.sys)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.theweathernetwork.com/weathe ... f=homecity
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011-01-06 20:20:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011-01-06 20:20:35 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009-05-14 22:25:32 | 000,306,829 | R--- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 10567 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BellCanada_McciTrayApp] C:\Program Files\BellCanada\McciTrayApp.exe (Alcatel-Lucent)
O4 - HKLM..\Run: [BISA.exe] C:\Program Files\Bell\Internet Service Advisor\BISA.exe (Bell)
O4 - HKLM..\Run: [C-Media Mixer] C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Desktop Search.lnk.disabled ()
O4 - Startup: C:\Documents and Settings\Steve\Start Menu\Programs\Startup\Seagate Product Registration.lnk = C:\Documents and Settings\Steve\Application Data\Leadertech\PowerRegister\Seagate Product Registration.exe (Leader Technologies/Seagate)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: rbc.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: rbc.com ([rbcts.fg] https in Trusted sites)
O15 - HKCU\..Trusted Domains: rbc.com ([remote] https in Trusted sites)
O16 - DPF: {08496B45-6BB1-4F92-A8E6-B9E7978634CB} https://remote.rbc.com/nortel_cacheable/TrustSite.cab (Trustsite Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/sh ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2D72C39D-53F6-4AEA-A9DB-1298429DA975} http://www.3dvista.com/downloads/viewer3dv2.cab (3DVista Viewer Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resour ... se6886.cab (Windows Live Safety Center Base Module)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/Shar ... /cabsa.cab (Reg Error: Key error.)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 3120838250 (MUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab (HP Download Manager)
O16 - DPF: {78AEEDE8-7345-4FB5-A8FE-4BFF16EF25FC} http://us-download.mcafee.com/products/ ... vt/mvt.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {ACDB1787-986D-434D-9857-2172CDB2108D} https://remote-gcc.rbc.com/nortel_cache ... nblock.cab (popupunblk Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {D9CDEFE3-51BB-4737-A12C-53D9814A148C} https://owa.bmofg.com/exchweb/controls/DAX.cab (DAX Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://inet.bmofg.com/dana-cached/setu ... tupSP1.cab (JuniperSetupSP1 Control)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/ph ... NPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/Juni ... Client.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Steve\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Steve\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-02-14 16:30:21 | 000,000,067 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004-08-10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.NAV -- [ NTFS ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2011-02-24 21:12:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Steve\Recent
[2011-02-23 20:37:26 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-02-20 00:46:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011-02-19 23:32:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve\Application Data\Avira
[2011-02-19 23:28:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2011-02-19 23:28:03 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011-02-19 23:28:00 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011-02-19 23:28:00 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011-02-19 23:28:00 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2011-02-19 23:28:00 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2011-02-19 23:27:59 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011-02-15 20:46:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve\Start Menu\Programs\HiJackThis
[2011-02-15 20:46:49 | 000,000,000 | ---D | C] -- C:\Program Files\HiJack
[2011-02-15 20:45:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve\Desktop\Hijack
[2011-02-12 19:30:53 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2011-02-07 22:04:10 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2 C:\Documents and Settings\Steve\My Documents\*.tmp files -> C:\Documents and Settings\Steve\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011-02-24 21:49:47 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011-02-24 21:49:46 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011-02-24 21:14:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011-02-24 20:42:44 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011-02-24 20:39:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011-02-24 20:39:37 | 1071,697,920 | -HS- | M] () -- C:\hiberfil.sys
[2011-02-24 19:00:00 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\RMSchedule.job
[2011-02-14 20:00:00 | 000,000,772 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Steve.job
[2011-02-09 22:13:33 | 000,161,936 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-02-09 20:16:43 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011-02-09 18:42:05 | 002,384,896 | ---- | M] () -- C:\Documents and Settings\Steve\Desktop\Monaco_Yacht_d'Albert_de_Monaco.pps
[2011-02-08 22:35:09 | 000,030,208 | ---- | M] () -- C:\Documents and Settings\Steve\Desktop\Noranda Book.doc
[2011-02-07 21:39:07 | 000,001,274 | ---- | M] () -- C:\WINDOWS\System\Cmicnfg3.ini
[2011-02-03 19:02:59 | 000,039,936 | ---- | M] () -- C:\Documents and Settings\Steve\Desktop\Business Account.xls
[2011-01-31 07:19:43 | 000,001,154 | ---- | M] () -- C:\Documents and Settings\Steve\Start Menu\Programs\Startup\Seagate Product Registration.lnk
[2 C:\Documents and Settings\Steve\My Documents\*.tmp files -> C:\Documents and Settings\Steve\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011-02-23 20:16:22 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011-02-13 00:25:40 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011-02-12 19:30:59 | 000,000,955 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Defender.lnk
[2011-02-09 18:42:04 | 002,384,896 | ---- | C] () -- C:\Documents and Settings\Steve\Desktop\Monaco_Yacht_d'Albert_de_Monaco.pps
[2011-02-08 22:34:43 | 000,030,208 | ---- | C] () -- C:\Documents and Settings\Steve\Desktop\Noranda Book.doc
[2011-02-02 22:17:48 | 000,039,936 | ---- | C] () -- C:\Documents and Settings\Steve\Desktop\Business Account.xls
[2010-08-28 01:59:41 | 000,000,759 | ---- | C] () -- C:\Documents and Settings\Steve\Application Data\Rim.Desktop.HttpServerSetup.log
[2010-05-02 19:30:29 | 000,000,066 | ---- | C] () -- C:\WINDOWS\Cmicnfg3.ini.cfl
[2010-05-02 19:29:46 | 000,001,480 | R--- | C] () -- C:\WINDOWS\Cmicnfg3.ini.cfg
[2010-05-02 19:29:33 | 000,002,378 | R--- | C] () -- C:\WINDOWS\cmudax3.ini
[2010-01-05 21:51:32 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old
[2009-12-07 14:58:27 | 000,000,101 | ---- | C] () -- C:\WINDOWS\CMMIXER.INI
[2009-12-07 14:38:49 | 000,039,279 | ---- | C] () -- C:\WINDOWS\cmijack.ini
[2009-12-07 14:38:47 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2009-12-07 14:38:46 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2009-11-17 22:10:09 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2009-03-21 20:43:26 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2008-03-07 23:47:54 | 000,281,874 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Svclog.log
[2008-02-11 00:04:36 | 000,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini
[2008-02-11 00:04:35 | 000,819,200 | ---- | C] () -- C:\WINDOWS\gmer.dll
[2008-02-08 23:27:44 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2008-02-08 23:27:44 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2008-02-08 23:27:44 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2008-02-08 23:27:42 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2008-02-08 23:27:42 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2008-02-06 18:40:33 | 000,004,296 | ---- | C] () -- C:\Program Files\INSTALL.LOG
[2008-01-26 16:13:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2008-01-13 11:34:38 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
[2007-12-30 13:28:26 | 000,011,608 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007-11-02 18:31:40 | 000,006,850 | R--- | C] () -- C:\WINDOWS\Disktool.INI
[2007-11-02 18:31:40 | 000,005,633 | R--- | C] () -- C:\WINDOWS\fwupgrade.ini
[2007-11-02 18:31:40 | 000,003,677 | R--- | C] () -- C:\WINDOWS\PlaySnd.INI
[2007-03-05 19:08:40 | 000,000,394 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2007-01-06 12:56:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2006-12-28 10:41:52 | 000,000,029 | ---- | C] () -- C:\WINDOWS\PControl.ini
[2006-12-16 00:09:17 | 000,000,030 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006-05-23 08:24:56 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2006-05-07 23:12:34 | 000,684,032 | ---- | C] () -- C:\WINDOWS\libeay32.dll
[2006-05-07 23:12:34 | 000,155,648 | ---- | C] () -- C:\WINDOWS\ssleay32.dll
[2006-04-30 22:02:15 | 000,000,022 | ---- | C] () -- C:\WINDOWS\ICDESK.INI
[2006-02-07 21:22:01 | 000,000,027 | ---- | C] () -- C:\WINDOWS\WS_FTP.INI
[2006-01-14 11:58:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005-08-20 00:29:07 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005-05-25 21:41:39 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\6895752858.sys
[2005-05-25 21:41:38 | 000,006,686 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005-05-22 21:50:57 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2005-05-15 00:17:34 | 000,153,088 | ---- | C] () -- C:\Documents and Settings\Steve\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005-05-14 21:13:53 | 000,000,747 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005-05-14 19:27:47 | 000,000,559 | ---- | C] () -- C:\WINDOWS\VTruck1.ini
[2005-05-09 11:53:54 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005-05-09 11:46:49 | 000,000,390 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005-05-09 11:15:00 | 000,000,370 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004-10-26 17:39:05 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004-09-22 13:47:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004-08-10 13:13:12 | 000,000,883 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004-08-10 13:03:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004-08-04 05:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2003-11-13 13:28:02 | 000,012,570 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2003-11-13 13:28:02 | 000,012,570 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2002-04-17 07:15:22 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\appc18iv.dll
[1999-01-22 13:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998-03-22 13:50:02 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[1980-01-01 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== LOP Check ==========

[2009-08-14 15:23:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bell
[2007-01-06 12:57:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broderbund
[2006-04-23 22:39:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2008-02-12 22:11:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2005-08-22 00:45:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GoldMine
[2009-05-21 15:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Juniper Networks
[2006-05-03 22:07:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MVTLogs
[2010-07-12 20:50:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panasonic
[2009-02-17 00:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2008-10-17 22:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2010-08-28 02:01:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Research In Motion
[2007-12-29 22:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2008-01-02 10:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SITEguard
[2008-01-02 11:35:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2007-12-20 12:52:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010-12-15 21:53:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2008-10-07 23:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009-03-31 22:47:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009-10-28 09:26:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009-06-23 22:45:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2007-10-20 13:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Acapela Group
[2009-08-15 08:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Bell
[2010-02-11 22:59:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Blackberry Desktop
[2009-06-11 09:24:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Canon
[2008-11-06 22:04:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\FUJIFILM
[2010-08-17 05:55:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Image Zone Express
[2009-07-17 11:33:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Juniper Networks
[2005-08-20 21:12:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Leadertech
[2009-12-01 23:35:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\MSNInstaller
[2010-07-12 20:50:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Panasonic
[2009-05-12 18:38:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Printer Info Cache
[2010-08-28 02:02:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Research In Motion
[2011-01-16 21:27:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Seagate
[2006-03-01 11:07:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Steve\Application Data\Visio
[2011-02-24 20:42:44 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2011-02-24 19:00:00 | 000,000,260 | ---- | M] () -- C:\WINDOWS\Tasks\RMSchedule.job

========== Purity Check ==========



< End of report >
steve111
Regular Member
 
Posts: 16
Joined: February 15th, 2011, 9:37 pm

Re: Painfully Slow

Unread postby askey127 » February 25th, 2011, 8:12 am

steve111,
Yes, that's a good idea.
Go ahead and click the "Scan All Users" box, then "Run Scan" and post the results.

----------------------------------------------
This is the most thorough Temp file cleaner available. It is made by the same developer as OTL.
It does require a reboot, since some temp files can't be removed with Windows running.

Download and Run Temp File Cleaner (TFC.exe)
Download Temp File Cleaner and save it to your desktop.
Save any unsaved work. TFC will close ALL open programs... including your browser!
Double click to run it. (Right click and choose Run as Administrator in Vista or Win7)
If you have a lot of junk files to remove, it could take a while, so please be patient and let it finish.
When it's done, it will report the total size of files removed. If it asks to Reboot, choose to do so. This will remove files that could not be removed while Windows was running.

Your machine looks quite good.
Tell me how it's running.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Painfully Slow

Unread postby steve111 » February 26th, 2011, 1:53 am

Hi,

I recently purchased a Seagate external drive and since then when I log in I get a popup that says new hardware found. An install disk was not included but some software was included on the drive, which I ran. If I uninstall the dashboard associated with Seagate do I have to have the drive connected? Will removing the dashboard affect data I have on the drive? Can you tell by the logs if the message is from something else? Have you heard of this in the past? I rarely attach the drive to my computer.


In the log file under section - O1 HOSTS File: there are lists of many websites that do not look very friendly. I just zipped them up for safekeeping.

As you can guess by my comments the computer is still running very slowly.



OTL logfile created on: 2011-02-25 21:47:27 - Run 4
OTL by OldTimer - Version 3.2.21.0 Folder = C:\Documents and Settings\Steve\Desktop\Hijack\OTL
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: yyyy-MM-dd

1,022.00 Mb Total Physical Memory | 581.00 Mb Available Physical Memory | 57.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): C:\pagefile.sys 500 1531 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.53 Gb Total Space | 21.36 Gb Free Space | 29.87% Space Free | Partition Type: NTFS

Computer Name: SNL | User Name: Steve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-02-22 19:36:59 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Steve\Desktop\Hijack\OTL\OTL.exe
PRC - [2011-01-10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011-01-10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011-01-10 14:23:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010-12-08 16:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
PRC - [2010-07-06 14:32:04 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2010-07-06 14:32:02 | 000,069,896 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
PRC - [2010-05-14 10:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010-01-19 10:17:16 | 001,565,696 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\BellCanada\McciTrayApp.exe
PRC - [2010-01-14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2008-09-21 22:01:33 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008-04-13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006-11-03 19:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006-11-03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2002-10-15 18:00:20 | 001,818,624 | ---- | M] (C-Media Electronic Inc. (www.cmedia.com.tw)) -- C:\WINDOWS\mixer.exe


========== Modules (SafeList) ==========

MOD - [2011-02-22 19:36:59 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Steve\Desktop\Hijack\OTL\OTL.exe
MOD - [2010-08-23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010-01-19 10:06:34 | 000,198,656 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Common Files\Motive\McciContextHook_DSR.dll


========== Win32 Services (SafeList) ==========

SRV - [2011-01-10 14:23:41 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011-01-10 14:23:30 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010-07-06 14:32:04 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2008-02-12 22:09:48 | 000,016,936 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe -- (GoToAssist)
SRV - [2007-10-25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007-03-07 14:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007-01-31 13:55:42 | 000,096,370 | ---- | M] (Canon Inc.) [On_Demand | Stopped] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2006-11-03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2005-10-06 18:12:30 | 000,855,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Connect 2\wmccds.exe -- (WMConnectCDS)


========== Driver Services (SafeList) ==========

DRV - [2011-01-10 14:23:53 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avipbb.sys -- (avipbb)
DRV - [2011-01-10 14:23:53 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgntflt.sys -- (avgntflt)
DRV - [2010-06-17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssmdrv.sys -- (ssmdrv)
DRV - [2010-06-17 14:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010-01-19 10:06:44 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010-01-19 10:06:38 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009-04-14 06:27:50 | 001,519,424 | R--- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\cmudax3.sys -- (cmuda3)
DRV - [2008-04-13 14:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2008-04-13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008-04-13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008-02-11 00:04:35 | 000,085,713 | ---- | M] (GMER) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\gmer.sys -- (gmer)
DRV - [2007-02-25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys -- (dsunidrv)
DRV - [2006-10-05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2004-12-01 03:22:00 | 000,087,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004-11-23 02:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\drvnddm.sys -- (drvnddm)
DRV - [2004-11-16 01:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004-11-16 01:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004-11-16 01:05:00 | 000,086,554 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004-11-16 01:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004-11-16 01:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004-11-16 01:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004-11-16 01:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004-11-16 01:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004-11-16 01:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004-09-17 09:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\senfilt.sys -- (senfilt)
DRV - [2004-08-03 22:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS -- (nv)
DRV - [2004-07-14 11:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004-07-14 11:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssrtln.sys -- (ssrtln)
DRV - [2004-06-15 22:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53)
DRV - [2004-03-05 22:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52)
DRV - [2004-03-05 22:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51)
DRV - [2004-03-05 22:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys -- (mohfilt)
DRV - [2002-11-18 15:51:40 | 000,377,358 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\cmaudio.sys -- (cmpci) C-Media PCI Audio Driver (WDM)
DRV - [2001-08-17 14:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001-08-17 14:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001-08-17 14:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001-08-17 14:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001-08-17 14:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001-08-17 13:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001-08-17 13:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001-08-17 13:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001-08-17 13:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001-08-17 13:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001-08-17 13:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001-08-17 13:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001-08-17 13:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001-08-17 13:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001-08-17 13:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001-05-07 05:56:02 | 000,019,805 | R--- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbio.sys -- (USBIO) USBIO Driver (usbio.sys)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell.com
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2334556719-3874955787-783063412-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\S-1-5-21-2334556719-3874955787-783063412-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-2334556719-3874955787-783063412-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.theweathernetwork.com/weathe ... f=homecity
IE - HKU\S-1-5-21-2334556719-3874955787-783063412-1006\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-2334556719-3874955787-783063412-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011-01-06 20:20:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011-01-06 20:20:35 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009-05-14 22:25:32 | 000,306,829 | R--- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 10567 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-2334556719-3874955787-783063412-1006\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-2334556719-3874955787-783063412-1006\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BellCanada_McciTrayApp] C:\Program Files\BellCanada\McciTrayApp.exe (Alcatel-Lucent)
O4 - HKLM..\Run: [BISA.exe] C:\Program Files\Bell\Internet Service Advisor\BISA.exe (Bell)
O4 - HKLM..\Run: [C-Media Mixer] C:\WINDOWS\mixer.exe (C-Media Electronic Inc. (www.cmedia.com.tw))
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2334556719-3874955787-783063412-1006..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Desktop Search.lnk.disabled ()
O4 - Startup: C:\Documents and Settings\Steve\Start Menu\Programs\Startup\Seagate Product Registration.lnk = C:\Documents and Settings\Steve\Application Data\Leadertech\PowerRegister\Seagate Product Registration.exe (Leader Technologies/Seagate)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2334556719-3874955787-783063412-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2334556719-3874955787-783063412-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-2334556719-3874955787-783063412-1006\..Trusted Domains: rbc.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-2334556719-3874955787-783063412-1006\..Trusted Domains: rbc.com ([rbcts.fg] https in Trusted sites)
O15 - HKU\S-1-5-21-2334556719-3874955787-783063412-1006\..Trusted Domains: rbc.com ([remote] https in Trusted sites)
O16 - DPF: {08496B45-6BB1-4F92-A8E6-B9E7978634CB} https://remote.rbc.com/nortel_cacheable/TrustSite.cab (Trustsite Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/sh ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2D72C39D-53F6-4AEA-A9DB-1298429DA975} http://www.3dvista.com/downloads/viewer3dv2.cab (3DVista Viewer Control)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resour ... se6886.cab (Windows Live Safety Center Base Module)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/Shar ... /cabsa.cab (Reg Error: Key error.)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 3120838250 (MUWebControl Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab (HP Download Manager)
O16 - DPF: {78AEEDE8-7345-4FB5-A8FE-4BFF16EF25FC} http://us-download.mcafee.com/products/ ... vt/mvt.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {ACDB1787-986D-434D-9857-2172CDB2108D} https://remote-gcc.rbc.com/nortel_cache ... nblock.cab (popupunblk Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {D9CDEFE3-51BB-4737-A12C-53D9814A148C} https://owa.bmofg.com/exchweb/controls/DAX.cab (DAX Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} https://inet.bmofg.com/dana-cached/setu ... tupSP1.cab (JuniperSetupSP1 Control)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/ph ... NPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/Juni ... Client.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Steve\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Steve\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-02-14 16:30:21 | 000,000,067 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004-08-10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.NAV -- [ NTFS ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-2334556719-3874955787-783063412-1006\...com [@ = comfile] -- Reg Error: Key error. File not found
O37 - HKU\S-1-5-21-2334556719-3874955787-783063412-1006\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2011-02-25 21:31:19 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Steve\Recent
[2011-02-23 20:37:26 | 000,000,000 | ---D | C] -- C:\_OTL
[2011-02-20 00:46:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011-02-19 23:32:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve\Application Data\Avira
[2011-02-19 23:28:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2011-02-19 23:28:03 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011-02-19 23:28:00 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011-02-19 23:28:00 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011-02-19 23:28:00 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2011-02-19 23:28:00 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2011-02-19 23:27:59 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011-02-15 20:46:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve\Start Menu\Programs\HiJackThis
[2011-02-15 20:46:49 | 000,000,000 | ---D | C] -- C:\Program Files\HiJack
[2011-02-15 20:45:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Steve\Desktop\Hijack
[2011-02-12 19:32:25 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2011-02-12 19:30:53 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2011-02-07 22:04:10 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2 C:\Documents and Settings\Steve\My Documents\*.tmp files -> C:\Documents and Settings\Steve\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011-02-25 21:35:12 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011-02-25 21:33:45 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011-02-25 21:33:43 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011-02-25 21:32:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011-02-25 21:32:06 | 1071,697,920 | -HS- | M] () -- C:\hiberfil.sys
[2011-02-25 21:30:48 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011-02-25 20:14:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011-02-25 19:00:00 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\RMSchedule.job
[2011-02-14 20:00:00 | 000,000,772 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Steve.job
[2011-02-09 22:13:33 | 000,161,936 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011-02-09 20:16:43 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011-02-09 18:42:05 | 002,384,896 | ---- | M] () -- C:\Documents and Settings\Steve\Desktop\Monaco_Yacht_d'Albert_de_Monaco.pps
[2011-02-08 22:35:09 | 000,030,208 | ---- | M] () -- C:\Documents and Settings\Steve\Desktop\Noranda Book.doc
[2011-02-07 21:39:07 | 000,001,274 | ---- | M] () -- C:\WINDOWS\System\Cmicnfg3.ini
[2011-02-03 19:02:59 | 000,039,936 | ---- | M] () -- C:\Documents and Settings\Steve\Desktop\Business Account.xls
[2011-02-02 17:11:20 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2011-01-31 07:19:43 | 000,001,154 | ---- | M] () -- C:\Documents and Settings\Steve\Start Menu\Programs\Startup\Seagate Product Registration.lnk
[2 C:\Documents and Settings\Steve\My Documents\*.tmp files -> C:\Documents and Settings\Steve\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011-02-25 21:30:48 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011-02-23 20:16:22 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011-02-13 00:25:40 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011-02-12 19:30:59 | 000,000,955 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Defender.lnk
[2011-02-09 18:42:04 | 002,384,896 | ---- | C] () -- C:\Documents and Settings\Steve\Desktop\Monaco_Yacht_d'Albert_de_Monaco.pps
[2011-02-08 22:34:43 | 000,030,208 | ---- | C] () -- C:\Documents and Settings\Steve\Desktop\Noranda Book.doc
[2011-02-02 22:17:48 | 000,039,936 | ---- | C] () -- C:\Documents and Settings\Steve\Desktop\Business Account.xls
[2010-08-28 01:59:41 | 000,000,759 | ---- | C] () -- C:\Documents and Settings\Steve\Application Data\Rim.Desktop.HttpServerSetup.log
[2010-05-02 19:30:29 | 000,000,066 | ---- | C] () -- C:\WINDOWS\Cmicnfg3.ini.cfl
[2010-05-02 19:29:46 | 000,001,480 | R--- | C] () -- C:\WINDOWS\Cmicnfg3.ini.cfg
[2010-05-02 19:29:33 | 000,002,378 | R--- | C] () -- C:\WINDOWS\cmudax3.ini
[2010-01-05 21:51:32 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll.old
[2009-12-07 14:58:27 | 000,000,101 | ---- | C] () -- C:\WINDOWS\CMMIXER.INI
[2009-12-07 14:38:49 | 000,039,279 | ---- | C] () -- C:\WINDOWS\cmijack.ini
[2009-12-07 14:38:47 | 000,000,092 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2009-12-07 14:38:46 | 000,000,026 | ---- | C] () -- C:\WINDOWS\CMCDPLAY.INI
[2009-11-17 22:10:09 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2009-03-21 20:43:26 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2008-03-07 23:47:54 | 000,281,874 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Svclog.log
[2008-02-11 00:04:36 | 000,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini
[2008-02-11 00:04:35 | 000,819,200 | ---- | C] () -- C:\WINDOWS\gmer.dll
[2008-02-08 23:27:44 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2008-02-08 23:27:44 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2008-02-08 23:27:44 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2008-02-08 23:27:42 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2008-02-08 23:27:42 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2008-02-06 18:40:33 | 000,004,296 | ---- | C] () -- C:\Program Files\INSTALL.LOG
[2008-01-26 16:13:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2008-01-13 11:34:38 | 000,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\addr_file.html
[2007-12-30 13:28:26 | 000,011,608 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2007-11-02 18:31:40 | 000,006,850 | R--- | C] () -- C:\WINDOWS\Disktool.INI
[2007-11-02 18:31:40 | 000,005,633 | R--- | C] () -- C:\WINDOWS\fwupgrade.ini
[2007-11-02 18:31:40 | 000,003,677 | R--- | C] () -- C:\WINDOWS\PlaySnd.INI
[2007-03-05 19:08:40 | 000,000,394 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2007-01-06 12:56:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2006-12-28 10:41:52 | 000,000,029 | ---- | C] () -- C:\WINDOWS\PControl.ini
[2006-12-16 00:09:17 | 000,000,030 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006-05-23 08:24:56 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2006-05-07 23:12:34 | 000,684,032 | ---- | C] () -- C:\WINDOWS\libeay32.dll
[2006-05-07 23:12:34 | 000,155,648 | ---- | C] () -- C:\WINDOWS\ssleay32.dll
[2006-04-30 22:02:15 | 000,000,022 | ---- | C] () -- C:\WINDOWS\ICDESK.INI
[2006-02-07 21:22:01 | 000,000,027 | ---- | C] () -- C:\WINDOWS\WS_FTP.INI
[2006-01-14 11:58:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005-08-20 00:29:07 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005-05-25 21:41:39 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\6895752858.sys
[2005-05-25 21:41:38 | 000,006,686 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005-05-22 21:50:57 | 000,056,320 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[2005-05-15 00:17:34 | 000,153,088 | ---- | C] () -- C:\Documents and Settings\Steve\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005-05-14 21:13:53 | 000,000,747 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005-05-14 19:27:47 | 000,000,559 | ---- | C] () -- C:\WINDOWS\VTruck1.ini
[2005-05-09 11:53:54 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005-05-09 11:46:49 | 000,000,390 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005-05-09 11:15:00 | 000,000,370 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004-10-26 17:39:05 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004-09-22 13:47:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004-08-10 13:13:12 | 000,000,883 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004-08-10 13:03:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004-08-04 05:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2003-11-13 13:28:02 | 000,012,570 | ---- | C] () -- C:\WINDOWS\System32\drivers\ADFUUD.SYS
[2003-11-13 13:28:02 | 000,012,570 | ---- | C] () -- C:\WINDOWS\ADFUUD.SYS
[2002-04-17 07:15:22 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\appc18iv.dll
[1999-01-22 13:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998-03-22 13:50:02 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[1980-01-01 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

< End of report >
steve111
Regular Member
 
Posts: 16
Joined: February 15th, 2011, 9:37 pm

Re: Painfully Slow

Unread postby steve111 » February 26th, 2011, 1:55 am

Hi

Every web page I open has the message "Error on page" in the bottom left corner. Even the Google search page.

Thanks
Steve
steve111
Regular Member
 
Posts: 16
Joined: February 15th, 2011, 9:37 pm

Re: Painfully Slow

Unread postby askey127 » February 26th, 2011, 9:14 am

steve111,
I believe the Dashboard is an application to facilitate connecting the external drive and to create (automated) backups.
Removing it should not effect data stored on the drive, but it may stop any backups you now do automatically.
If you have a CD with the Dashboard software on it, you can try uninstalling it if you wish.
This would mean that the Seagate drive would just become another drive letter in "My Computer" and you would have to save things there yourself.
I would have the drive connected when you uninstall Dashboard, but I don't think it matters.

What did you "zip up" exactly?
The HOSTS file is SUPPOSED TO contain a large list of malicious websites.
The 127.0.0.1 IP address in front of each entry ensures that any request to access any of them gets shortcircuited and stopped.


Do you need to have the DivX Web Player starting automatically at boot up?
It has had known slow-down problems. Let's remove it and install a new one:
-----------------------------------------------------------
Remove Programs Using Control Panel
From Start, Settings, Control Panel or Start, Control Panel, click Add/Remove Programs.
Highlight each Entry, as follows, one by one, if it exists, and choose Remove :

DivX Converter
DivX Plus DirectShow Filters
DivX Setup

Take extra care in answering questions posed by any Uninstaller.

---------------------------------------------------------------
Disable DNS Client Service.
From Start, or Start, Run
Type services.msc in the box and hit <Enter>
This should pop up a dialog titled Services
Scroll down to DNS Client on the list. Click the entry with the Right mouse button and choose Properties.
Under Service Status, click Stop. Wait until it reports the service stopped.
Under Startup Type, choose Disabled.
Then click Apply, OK
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
---------------------------------------------------------------
Download IE8 and install it (you can use either Firefox or IE7 for the download):
http://www.microsoft.com/windows/intern ... sites.aspx
---------------------------------------------------------------

Check to see whether the machine is much faster.

You can reinstall a new DivX set of applications from here:
http://www.divx.com/en/software/divx-plus

Let me know how it goes
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Painfully Slow

Unread postby steve111 » February 27th, 2011, 9:14 pm

Hi,

Registry Mechanic downloaded automatically with DivX and found all sorts of things wrong but will not 'fix' anything without payment. Is this a worth while tool?

Can you suggest a registry cleaning tool?

Where is the setting to start DivX on startup? I want to make sure it is not turned on.

What is the DNS service?

I put the HOST files back where they were.

I did not install ie8.

My computer is back to it's old self again. Thank you for your help.
steve111
Regular Member
 
Posts: 16
Joined: February 15th, 2011, 9:37 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 334 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware