Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Slow OS and internet

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Slow OS and internet

Unread postby w2w » May 22nd, 2011, 6:38 pm

I had previously posted in the "Painfully Slow OS and web" thread that was answered and then archived: viewtopic.php?f=12&t=56823

No I don't use the Logitech remote so I have uninstalled that program.

Can you recommend me a free antivirus program (I know it won't be as good as one I pay for probably)?

Here's my DDS logs and Avira Antivir logs:



Avira AntiVir Personal
Report file date: Sunday, May 22, 2011 17:36

Scanning for 2751780 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : MURDOCH

Version information:
BUILD.DAT : 10.0.0.648 31823 Bytes 4/1/2011 18:36:00
AVSCAN.EXE : 10.0.4.2 442024 Bytes 4/1/2011 22:07:43
AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/1/2011 22:07:57
LUKE.DLL : 10.0.3.2 104296 Bytes 4/1/2011 22:07:53
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 05:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 15:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 12/14/2010 21:15:47
VBASE002.VDF : 7.11.3.0 1950720 Bytes 2/9/2011 21:15:47
VBASE003.VDF : 7.11.5.225 1980416 Bytes 4/7/2011 22:31:09
VBASE004.VDF : 7.11.5.226 2048 Bytes 4/7/2011 22:31:09
VBASE005.VDF : 7.11.5.227 2048 Bytes 4/7/2011 22:31:09
VBASE006.VDF : 7.11.5.228 2048 Bytes 4/7/2011 22:31:09
VBASE007.VDF : 7.11.5.229 2048 Bytes 4/7/2011 22:31:09
VBASE008.VDF : 7.11.5.230 2048 Bytes 4/7/2011 22:31:10
VBASE009.VDF : 7.11.5.231 2048 Bytes 4/7/2011 22:31:10
VBASE010.VDF : 7.11.5.232 2048 Bytes 4/7/2011 22:31:10
VBASE011.VDF : 7.11.5.233 2048 Bytes 4/7/2011 22:31:10
VBASE012.VDF : 7.11.5.234 2048 Bytes 4/7/2011 22:31:10
VBASE013.VDF : 7.11.6.28 158208 Bytes 4/11/2011 22:31:12
VBASE014.VDF : 7.11.6.74 116224 Bytes 4/13/2011 22:31:13
VBASE015.VDF : 7.11.6.113 137728 Bytes 4/14/2011 22:31:15
VBASE016.VDF : 7.11.6.150 146944 Bytes 4/18/2011 22:31:16
VBASE017.VDF : 7.11.6.192 138240 Bytes 4/20/2011 22:31:17
VBASE018.VDF : 7.11.6.237 156160 Bytes 4/22/2011 22:31:19
VBASE019.VDF : 7.11.7.45 427520 Bytes 4/27/2011 22:31:23
VBASE020.VDF : 7.11.7.64 192000 Bytes 4/28/2011 22:31:25
VBASE021.VDF : 7.11.7.97 182272 Bytes 5/2/2011 22:31:27
VBASE022.VDF : 7.11.7.127 467968 Bytes 5/4/2011 22:31:32
VBASE023.VDF : 7.11.7.183 185856 Bytes 5/9/2011 22:31:34
VBASE024.VDF : 7.11.7.218 133120 Bytes 5/11/2011 22:31:35
VBASE025.VDF : 7.11.7.234 139776 Bytes 5/11/2011 22:31:37
VBASE026.VDF : 7.11.8.16 147456 Bytes 5/13/2011 22:31:38
VBASE027.VDF : 7.11.8.46 169472 Bytes 5/17/2011 22:31:40
VBASE028.VDF : 7.11.8.47 2048 Bytes 5/17/2011 22:31:40
VBASE029.VDF : 7.11.8.48 2048 Bytes 5/17/2011 22:31:40
VBASE030.VDF : 7.11.8.49 2048 Bytes 5/17/2011 22:31:40
VBASE031.VDF : 7.11.8.93 126976 Bytes 5/22/2011 22:31:41
Engineversion : 8.2.4.242
AEVDF.DLL : 8.1.2.1 106868 Bytes 3/28/2011 21:15:27
AESCRIPT.DLL : 8.1.3.64 1606011 Bytes 5/22/2011 22:32:09
AESCN.DLL : 8.1.7.2 127349 Bytes 3/28/2011 21:15:27
AESBX.DLL : 8.1.3.2 254324 Bytes 3/28/2011 21:15:26
AERDL.DLL : 8.1.9.9 639347 Bytes 3/25/2011 17:21:38
AEPACK.DLL : 8.2.6.8 557430 Bytes 5/22/2011 22:32:05
AEOFFICE.DLL : 8.1.1.22 205178 Bytes 5/22/2011 22:32:02
AEHEUR.DLL : 8.1.2.119 3481976 Bytes 5/22/2011 22:32:01
AEHELP.DLL : 8.1.17.2 246135 Bytes 5/22/2011 22:31:47
AEGEN.DLL : 8.1.5.6 401780 Bytes 5/22/2011 22:31:46
AEEMU.DLL : 8.1.3.0 393589 Bytes 3/28/2011 21:15:19
AECORE.DLL : 8.1.20.5 196983 Bytes 5/22/2011 22:31:44
AEBB.DLL : 8.1.1.0 53618 Bytes 3/28/2011 21:15:19
AVWINLL.DLL : 10.0.0.0 19304 Bytes 3/28/2011 21:15:31
AVPREF.DLL : 10.0.0.0 44904 Bytes 4/1/2011 22:07:42
AVREP.DLL : 10.0.0.10 174120 Bytes 5/22/2011 22:32:10
AVREG.DLL : 10.0.3.2 53096 Bytes 4/1/2011 22:07:42
AVSCPLR.DLL : 10.0.4.2 84840 Bytes 4/1/2011 22:07:43
AVARKT.DLL : 10.0.22.6 231784 Bytes 4/1/2011 22:07:38
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 4/1/2011 22:07:41
SQLITE3.DLL : 3.6.19.0 355688 Bytes 6/17/2010 20:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 3/28/2011 21:15:30
NETNT.DLL : 10.0.0.0 11624 Bytes 3/28/2011 21:15:39
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 4/1/2011 22:07:58
RCTEXT.DLL : 10.0.58.0 97128 Bytes 3/28/2011 21:15:52

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: Sunday, May 22, 2011 17:36

Starting search for hidden objects.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtmsSvc\Config\Standalone\drivelist
[NOTE] The registry entry is invisible.

The scan of running processes will be started
Scan process 'msdtc.exe' - '40' Module(s) have been scanned
Scan process 'dllhost.exe' - '60' Module(s) have been scanned
Scan process 'dllhost.exe' - '45' Module(s) have been scanned
Scan process 'vssvc.exe' - '48' Module(s) have been scanned
Scan process 'avscan.exe' - '70' Module(s) have been scanned
Scan process 'avcenter.exe' - '67' Module(s) have been scanned
Scan process 'avgnt.exe' - '56' Module(s) have been scanned
Scan process 'sched.exe' - '53' Module(s) have been scanned
Scan process 'avshadow.exe' - '26' Module(s) have been scanned
Scan process 'avguard.exe' - '55' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '54' Module(s) have been scanned
Scan process 'iexplore.exe' - '128' Module(s) have been scanned
Scan process 'ctfmon.exe' - '25' Module(s) have been scanned
Scan process 'stsystra.exe' - '37' Module(s) have been scanned
Scan process 'issch.exe' - '11' Module(s) have been scanned
Scan process 'quickset.exe' - '58' Module(s) have been scanned
Scan process 'igfxpers.exe' - '23' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '23' Module(s) have been scanned
Scan process 'hkcmd.exe' - '22' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '27' Module(s) have been scanned
Scan process 'alg.exe' - '33' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '41' Module(s) have been scanned
Scan process 'Explorer.EXE' - '94' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'NICCONFIGSVC.exe' - '42' Module(s) have been scanned
Scan process 'MDM.EXE' - '21' Module(s) have been scanned
Scan process 'jqs.exe' - '33' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'spoolsv.exe' - '56' Module(s) have been scanned
Scan process 'bcmwltry.exe' - '46' Module(s) have been scanned
Scan process 'wltrysvc.exe' - '13' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '161' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'svchost.exe' - '53' Module(s) have been scanned
Scan process 'lsass.exe' - '58' Module(s) have been scanned
Scan process 'services.exe' - '36' Module(s) have been scanned
Scan process 'winlogon.exe' - '67' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '1706' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\WINDOWS\system32\caches2\kitedrv4.exe
[DETECTION] Contains recognition pattern of the ADSPY/Katzu.A adware or spyware

Beginning disinfection:
C:\WINDOWS\system32\caches2\kitedrv4.exe
[DETECTION] Contains recognition pattern of the ADSPY/Katzu.A adware or spyware
[NOTE] The file was moved to the quarantine directory under the name '44c8385c.qua'.


End of the scan: Sunday, May 22, 2011 18:29
Used time: 50:30 Minute(s)

The scan has been done completely.

6478 Scanned directories
243567 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
243566 Files not concerned
2864 Archives were scanned
0 Warnings
2 Notes
343628 Objects were scanned with rootkit scan
1 Hidden objects were found



.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Jennifer Parr at 18:37:09.43 on Sun 05/22/2011
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_24
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.503.256 [GMT -5:00]
.
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Documents and Settings\Jennifer Parr\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig?hl=en
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [Dell QuickSet] c:\program files\dell\quickset\quickset.exe
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
dRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
Trusted Zone: musicmatch.com\online
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?LinkID=39204
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://photos.walmart.com/WalmartActivia.cab
DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - hxxp://picasaweb.google.com/s/v/25.24/uploader2.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftup ... 1818753640
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/products/plugin/aut ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/aut ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\jennif~1\applic~1\mozilla\firefox\profiles\8f8fbsa0.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://en-us.start.mozilla.com/firefox? ... S:official
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Fast Dial: fastdial@telega.phpnet.us - %profile%\extensions\fastdial@telega.phpnet.us
FF - Ext: Gradient iCool: {de5809e0-2b07-11dd-bd0b-0800200c9a66} - %profile%\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
FF - Ext: Yahoo! Toolbar: {635abd67-4fe9-1b23-4f01-e679fa7484c1} - %profile%\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
.
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2011-5-22 11608]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-5-22 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-5-22 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-5-22 61960]
.
=============== Created Last 30 ================
.
2011-05-22 22:37:14 -------- d-----w- c:\windows\system32\NtmsData
2011-05-22 22:34:12 -------- d-----w- c:\docume~1\jennif~1\applic~1\Avira
2011-05-22 22:29:25 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-05-22 22:29:23 -------- d-----w- c:\program files\Avira
2011-05-22 22:29:23 -------- d-----w- c:\docume~1\alluse~1\applic~1\Avira
2011-05-16 23:25:30 -------- d-----w- c:\docume~1\jennif~1\applic~1\WinPatrol
2011-05-16 23:25:21 -------- d-----w- c:\program files\BillP Studios
2011-05-16 23:25:21 -------- d-----w- c:\docume~1\alluse~1\applic~1\InstallMate
2011-05-04 21:18:08 -------- d-----w- C:\567418583ea638cbaf3c601d994aa7
.
==================== Find3M ====================
.
2011-03-07 05:33:50 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:45:07 434176 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21:11 1857920 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 18:38:25.03 ===============



.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 12/21/2005 2:43:32 PM
System Uptime: 5/22/2011 5:18:54 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 0GD366
Processor: Intel(R) Pentium(R) M processor 1.73GHz | Microprocessor | 1729/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 34 GiB total, 19.362 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP273: 5/16/2011 5:44:07 PM - Software Distribution Service 3.0
RP274: 5/22/2011 5:06:06 PM - Removed Adobe Acrobat - Reader 6.0.2 Update
RP275: 5/22/2011 5:08:53 PM - Removed Adobe Reader 6.0.1
RP276: 5/22/2011 5:09:59 PM - Removed Java 2 Runtime Environment, SE v1.4.2_03
RP277: 5/22/2011 5:14:13 PM - Removed Logitech Harmony Remote Software 7
.
==== Installed Programs ======================
.
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
AOLIcon
Avira AntiVir Personal - Free Antivirus
Broadcom Management Programs
Canon Utilities PhotoStitch 3.1
Conexant HDA D110 MDC V.92 Modem
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Support Center
Dell System Restore
Dell Wireless WLAN Card
DellSupport
Digital Content Portal
Digital Line Detect
DV Network Software
EarthLink setup files
High Definition Audio Driver Package - KB835221
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Intel(R) Graphics Media Accelerator Driver for Mobile
Internal Network Card Power Management
Internet Explorer Default Page
Java Auto Updater
Java(TM) 6 Update 24
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Encarta Encyclopedia Deluxe 2005
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Standard Edition 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Modem Helper
Mozilla Firefox (3.0.8)
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
Musicmatch for Windows Media Player
Musicmatch® Jukebox
NetWaiting
PowerDVD 5.5
QuickSet
QuickTime
RealPlayer
Remote Control USB Driver
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SigmaTel Audio
Sonic DLA
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Synaptics Pointing Device Driver
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Viewpoint Media Player
WebCyberCoach 3.2 Dell
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows Movie Maker 2.0
Windows XP Creativity Fun Packs - Windows Movie Maker 2
Windows XP Creativity Fun Packs - Windows Movie Maker 2 - Audio
Windows XP Creativity Fun Packs - Windows Movie Maker 2 - Titles
Windows XP Service Pack 3
WinPatrol
.
==== Event Viewer Messages From Past Week ========
.
5/22/2011 5:28:37 PM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC90.CRT. Reference error message: The referenced assembly is not installed on your system. .
5/22/2011 5:28:37 PM, error: SideBySide [59] - Generate Activation Context failed for C:\DOCUME~1\JENNIF~1\LOCALS~1\Temp\RarSFX0\redist.dll. Reference error message: The operation completed successfully. .
5/22/2011 5:28:37 PM, error: SideBySide [32] - Dependent Assembly Microsoft.VC90.CRT could not be found and Last Error was The referenced assembly is not installed on your system.
5/22/2011 5:17:40 PM, error: Service Control Manager [7034] - The NICCONFIGSVC service terminated unexpectedly. It has done this 1 time(s).
5/22/2011 5:17:40 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
5/22/2011 5:17:40 PM, error: Service Control Manager [7034] - The Dell Wireless WLAN Tray Service service terminated unexpectedly. It has done this 1 time(s).
5/22/2011 5:09:23 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
.
==== End Of File ===========================
w2w
Active Member
 
Posts: 7
Joined: May 16th, 2011, 6:13 pm
Advertisement
Register to Remove

Re: Slow OS and internet

Unread postby askey127 » May 24th, 2011, 7:26 am

w2w,
If you have to go away for more than 72 hours without response, please let us know so your thread can be preserved.
-----------------------------------------------
Get Last Avira Report
Right click the red umbrella icon in the system tray and click Start Antivir
In the left pane, click Overview, then click Reports
There wil be reports titled Update and reports titled Scan. Find the most recent report in the list titled Scan
Click on the Report File button, or Right click the report and choose Display Report.
The report contents will come up in Notepad. Highlight the entire report (Ctrl+A) and copy to the clipboard (Ctrl+C).
Paste the contents (Ctrl+V) into your next reply.
---------------------------------------------
Run a Scan with OTL
  1. Please download OTL.exe by OldTimer and save it to your desktop.
  2. Double click OTL.exe
  3. Check the boxes labeled :
    • Scan All Users
    • LOP check
    • Purity check
  4. Copy the text in the code box below and paste it into the Custom Scans/Fixes box (under the cyan line at the bottom of the window)
    Code: Select all
    c:|caches2;true;true;true; /FP
    caches2 /RS
    

  5. Click on the Run Scan button at the top left hand corner.
  6. OTL will start running. When done, 2 Notepad files will open; OTL.txt and Extras.txt.
    They will be saved on your desktop.
Please post the contents of these files.
You may use separate replies if you wish.
If any of the files are too large to post, you can split the oversize one(s) into multiple replies

So we are looking for the Antivir report, and the two logs from OTL.
The Extras.txt log will only appear the very first time OTL is run.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Slow OS and internet

Unread postby w2w » May 26th, 2011, 7:07 pm

Avira AntiVir Personal
Report file date: Sunday, May 22, 2011 17:36

Scanning for 2751780 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : MURDOCH

Version information:
BUILD.DAT : 10.0.0.648 31823 Bytes 4/1/2011 18:36:00
AVSCAN.EXE : 10.0.4.2 442024 Bytes 4/1/2011 22:07:43
AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/1/2011 22:07:57
LUKE.DLL : 10.0.3.2 104296 Bytes 4/1/2011 22:07:53
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 05:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 15:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 12/14/2010 21:15:47
VBASE002.VDF : 7.11.3.0 1950720 Bytes 2/9/2011 21:15:47
VBASE003.VDF : 7.11.5.225 1980416 Bytes 4/7/2011 22:31:09
VBASE004.VDF : 7.11.5.226 2048 Bytes 4/7/2011 22:31:09
VBASE005.VDF : 7.11.5.227 2048 Bytes 4/7/2011 22:31:09
VBASE006.VDF : 7.11.5.228 2048 Bytes 4/7/2011 22:31:09
VBASE007.VDF : 7.11.5.229 2048 Bytes 4/7/2011 22:31:09
VBASE008.VDF : 7.11.5.230 2048 Bytes 4/7/2011 22:31:10
VBASE009.VDF : 7.11.5.231 2048 Bytes 4/7/2011 22:31:10
VBASE010.VDF : 7.11.5.232 2048 Bytes 4/7/2011 22:31:10
VBASE011.VDF : 7.11.5.233 2048 Bytes 4/7/2011 22:31:10
VBASE012.VDF : 7.11.5.234 2048 Bytes 4/7/2011 22:31:10
VBASE013.VDF : 7.11.6.28 158208 Bytes 4/11/2011 22:31:12
VBASE014.VDF : 7.11.6.74 116224 Bytes 4/13/2011 22:31:13
VBASE015.VDF : 7.11.6.113 137728 Bytes 4/14/2011 22:31:15
VBASE016.VDF : 7.11.6.150 146944 Bytes 4/18/2011 22:31:16
VBASE017.VDF : 7.11.6.192 138240 Bytes 4/20/2011 22:31:17
VBASE018.VDF : 7.11.6.237 156160 Bytes 4/22/2011 22:31:19
VBASE019.VDF : 7.11.7.45 427520 Bytes 4/27/2011 22:31:23
VBASE020.VDF : 7.11.7.64 192000 Bytes 4/28/2011 22:31:25
VBASE021.VDF : 7.11.7.97 182272 Bytes 5/2/2011 22:31:27
VBASE022.VDF : 7.11.7.127 467968 Bytes 5/4/2011 22:31:32
VBASE023.VDF : 7.11.7.183 185856 Bytes 5/9/2011 22:31:34
VBASE024.VDF : 7.11.7.218 133120 Bytes 5/11/2011 22:31:35
VBASE025.VDF : 7.11.7.234 139776 Bytes 5/11/2011 22:31:37
VBASE026.VDF : 7.11.8.16 147456 Bytes 5/13/2011 22:31:38
VBASE027.VDF : 7.11.8.46 169472 Bytes 5/17/2011 22:31:40
VBASE028.VDF : 7.11.8.47 2048 Bytes 5/17/2011 22:31:40
VBASE029.VDF : 7.11.8.48 2048 Bytes 5/17/2011 22:31:40
VBASE030.VDF : 7.11.8.49 2048 Bytes 5/17/2011 22:31:40
VBASE031.VDF : 7.11.8.93 126976 Bytes 5/22/2011 22:31:41
Engineversion : 8.2.4.242
AEVDF.DLL : 8.1.2.1 106868 Bytes 3/28/2011 21:15:27
AESCRIPT.DLL : 8.1.3.64 1606011 Bytes 5/22/2011 22:32:09
AESCN.DLL : 8.1.7.2 127349 Bytes 3/28/2011 21:15:27
AESBX.DLL : 8.1.3.2 254324 Bytes 3/28/2011 21:15:26
AERDL.DLL : 8.1.9.9 639347 Bytes 3/25/2011 17:21:38
AEPACK.DLL : 8.2.6.8 557430 Bytes 5/22/2011 22:32:05
AEOFFICE.DLL : 8.1.1.22 205178 Bytes 5/22/2011 22:32:02
AEHEUR.DLL : 8.1.2.119 3481976 Bytes 5/22/2011 22:32:01
AEHELP.DLL : 8.1.17.2 246135 Bytes 5/22/2011 22:31:47
AEGEN.DLL : 8.1.5.6 401780 Bytes 5/22/2011 22:31:46
AEEMU.DLL : 8.1.3.0 393589 Bytes 3/28/2011 21:15:19
AECORE.DLL : 8.1.20.5 196983 Bytes 5/22/2011 22:31:44
AEBB.DLL : 8.1.1.0 53618 Bytes 3/28/2011 21:15:19
AVWINLL.DLL : 10.0.0.0 19304 Bytes 3/28/2011 21:15:31
AVPREF.DLL : 10.0.0.0 44904 Bytes 4/1/2011 22:07:42
AVREP.DLL : 10.0.0.10 174120 Bytes 5/22/2011 22:32:10
AVREG.DLL : 10.0.3.2 53096 Bytes 4/1/2011 22:07:42
AVSCPLR.DLL : 10.0.4.2 84840 Bytes 4/1/2011 22:07:43
AVARKT.DLL : 10.0.22.6 231784 Bytes 4/1/2011 22:07:38
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 4/1/2011 22:07:41
SQLITE3.DLL : 3.6.19.0 355688 Bytes 6/17/2010 20:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 3/28/2011 21:15:30
NETNT.DLL : 10.0.0.0 11624 Bytes 3/28/2011 21:15:39
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 4/1/2011 22:07:58
RCTEXT.DLL : 10.0.58.0 97128 Bytes 3/28/2011 21:15:52

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: Sunday, May 22, 2011 17:36

Starting search for hidden objects.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtmsSvc\Config\Standalone\drivelist
[NOTE] The registry entry is invisible.

The scan of running processes will be started
Scan process 'msdtc.exe' - '40' Module(s) have been scanned
Scan process 'dllhost.exe' - '60' Module(s) have been scanned
Scan process 'dllhost.exe' - '45' Module(s) have been scanned
Scan process 'vssvc.exe' - '48' Module(s) have been scanned
Scan process 'avscan.exe' - '70' Module(s) have been scanned
Scan process 'avcenter.exe' - '67' Module(s) have been scanned
Scan process 'avgnt.exe' - '56' Module(s) have been scanned
Scan process 'sched.exe' - '53' Module(s) have been scanned
Scan process 'avshadow.exe' - '26' Module(s) have been scanned
Scan process 'avguard.exe' - '55' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '54' Module(s) have been scanned
Scan process 'iexplore.exe' - '128' Module(s) have been scanned
Scan process 'ctfmon.exe' - '25' Module(s) have been scanned
Scan process 'stsystra.exe' - '37' Module(s) have been scanned
Scan process 'issch.exe' - '11' Module(s) have been scanned
Scan process 'quickset.exe' - '58' Module(s) have been scanned
Scan process 'igfxpers.exe' - '23' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '23' Module(s) have been scanned
Scan process 'hkcmd.exe' - '22' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '27' Module(s) have been scanned
Scan process 'alg.exe' - '33' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '41' Module(s) have been scanned
Scan process 'Explorer.EXE' - '94' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'NICCONFIGSVC.exe' - '42' Module(s) have been scanned
Scan process 'MDM.EXE' - '21' Module(s) have been scanned
Scan process 'jqs.exe' - '33' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'spoolsv.exe' - '56' Module(s) have been scanned
Scan process 'bcmwltry.exe' - '46' Module(s) have been scanned
Scan process 'wltrysvc.exe' - '13' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '161' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'svchost.exe' - '53' Module(s) have been scanned
Scan process 'lsass.exe' - '58' Module(s) have been scanned
Scan process 'services.exe' - '36' Module(s) have been scanned
Scan process 'winlogon.exe' - '67' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '1706' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\WINDOWS\system32\caches2\kitedrv4.exe
[DETECTION] Contains recognition pattern of the ADSPY/Katzu.A adware or spyware

Beginning disinfection:
C:\WINDOWS\system32\caches2\kitedrv4.exe
[DETECTION] Contains recognition pattern of the ADSPY/Katzu.A adware or spyware
[NOTE] The file was moved to the quarantine directory under the name '44c8385c.qua'.


End of the scan: Sunday, May 22, 2011 18:29
Used time: 50:30 Minute(s)

The scan has been done completely.

6478 Scanned directories
243567 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
243566 Files not concerned
2864 Archives were scanned
0 Warnings
2 Notes
343628 Objects were scanned with rootkit scan
1 Hidden objects were found



OTL logfile created on: 5/26/2011 7:06:13 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\Jennifer Parr\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.37 Mb Total Physical Memory | 278.40 Mb Available Physical Memory | 55.31% Memory free
1.20 Gb Paging File | 0.88 Gb Available in Paging File | 73.46% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.10 Gb Total Space | 19.35 Gb Free Space | 56.75% Space Free | Partition Type: NTFS

Computer Name: MURDOCH | User Name: Jennifer Parr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/26 18:46:06 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jennifer Parr\Desktop\OTL.exe
PRC - [2011/05/15 14:53:20 | 000,325,512 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2011/03/28 16:15:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/03/28 16:15:40 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/28 16:15:30 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/03/28 16:15:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/10 11:22:32 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\stsystra.exe
PRC - [2005/08/01 17:00:00 | 000,610,304 | ---- | M] () -- C:\Program Files\Dell\QuickSet\quickset.exe


========== Modules (SafeList) ==========

MOD - [2011/05/26 18:46:06 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jennifer Parr\Desktop\OTL.exe
MOD - [2011/05/15 14:53:34 | 000,064,600 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/03/28 16:15:40 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/03/28 16:15:30 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)


========== Driver Services (SafeList) ==========

DRV - [2011/04/01 17:07:59 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/04/01 17:07:59 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/06/17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 15:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2007/05/10 11:24:34 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/08/05 04:32:16 | 000,045,312 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2005/07/22 04:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/22 04:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/22 04:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/12/06 22:09:58 | 000,369,024 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004/08/18 16:53:54 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3614252324-1245835010-2861505330-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-3614252324-1245835010-2861505330-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-3614252324-1245835010-2861505330-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig?hl=en
IE - HKU\S-1-5-21-3614252324-1245835010-2861505330-1007\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-3614252324-1245835010-2861505330-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official"
FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..extensions.enabledItems: {de5809e0-2b07-11dd-bd0b-0800200c9a66}:1.0.9


FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/06/25 07:38:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/06 22:59:23 | 000,000,000 | ---D | M]

[2008/11/18 17:58:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jennifer Parr\Application Data\Mozilla\Extensions
[2010/12/18 14:09:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jennifer Parr\Application Data\Mozilla\Firefox\Profiles\8f8fbsa0.default\extensions
[2010/12/18 14:09:18 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Jennifer Parr\Application Data\Mozilla\Firefox\Profiles\8f8fbsa0.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/06/22 16:07:20 | 000,000,000 | ---D | M] (Gradient iCool) -- C:\Documents and Settings\Jennifer Parr\Application Data\Mozilla\Firefox\Profiles\8f8fbsa0.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
[2008/11/18 18:01:33 | 000,000,000 | ---D | M] (Fast Dial) -- C:\Documents and Settings\Jennifer Parr\Application Data\Mozilla\Firefox\Profiles\8f8fbsa0.default\extensions\fastdial@telega.phpnet.us
[2011/03/20 15:28:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/09/06 22:59:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/12/18 13:22:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/20 15:28:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010/09/06 22:58:27 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2004/08/04 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - No CLSID value found.
O3 - HKU\S-1-5-21-3614252324-1245835010-2861505330-1007\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-3614252324-1245835010-2861505330-1007\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe ()
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3614252324-1245835010-2861505330-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3614252324-1245835010-2861505330-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?LinkID=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photos.walmart.com/WalmartActivia.cab (Snapfish Activia)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.google.com/s/v/25.24/uploader2.cab (UploadListView Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 1818753640 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/aut ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Jennifer Parr\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jennifer Parr\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/10/26 16:19:36 | 000,000,000 | ---D | M] - C:\Autoruns -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/26 18:45:40 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jennifer Parr\Desktop\OTL.exe
[2011/05/22 17:37:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011/05/22 17:34:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jennifer Parr\Application Data\Avira
[2011/05/22 17:29:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2011/05/22 17:29:28 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011/05/22 17:29:25 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011/05/22 17:29:25 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011/05/22 17:29:25 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2011/05/22 17:29:25 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2011/05/22 17:29:23 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/05/22 17:29:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2011/05/22 17:15:55 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jennifer Parr\Desktop\TFC.exe
[2011/05/16 18:25:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jennifer Parr\Application Data\WinPatrol
[2011/05/16 18:25:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinPatrol
[2011/05/16 18:25:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2011/05/16 18:25:21 | 000,000,000 | ---D | C] -- C:\Program Files\BillP Studios
[2011/05/16 18:25:01 | 000,821,832 | ---- | C] (BillP Studios) -- C:\Documents and Settings\Jennifer Parr\Desktop\wpsetup.exe
[2011/05/04 16:43:53 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jennifer Parr\Recent
[2011/05/04 16:18:08 | 000,000,000 | ---D | C] -- C:\567418583ea638cbaf3c601d994aa7

========== Files - Modified Within 30 Days ==========

[2011/05/26 18:46:06 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jennifer Parr\Desktop\OTL.exe
[2011/05/26 18:43:20 | 000,385,164 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/05/26 18:43:19 | 000,054,682 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/05/26 18:38:55 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/26 18:37:38 | 527,892,480 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/26 18:37:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/22 17:29:47 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2011/05/22 17:28:23 | 052,676,424 | ---- | M] () -- C:\Documents and Settings\Jennifer Parr\Desktop\avira_antivir_personal_en.exe
[2011/05/22 17:16:00 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jennifer Parr\Desktop\TFC.exe
[2011/05/16 18:25:17 | 000,821,832 | ---- | M] (BillP Studios) -- C:\Documents and Settings\Jennifer Parr\Desktop\wpsetup.exe
[2011/05/16 18:05:27 | 000,625,664 | ---- | M] () -- C:\Documents and Settings\Jennifer Parr\Desktop\dds.scr
[2011/05/11 15:47:40 | 000,069,632 | ---- | M] () -- C:\Documents and Settings\Jennifer Parr\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/11 15:30:42 | 000,159,544 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/05/04 16:57:31 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK

========== Files Created - No Company Name ==========

[2011/05/22 17:29:47 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2011/05/22 17:28:05 | 052,676,424 | ---- | C] () -- C:\Documents and Settings\Jennifer Parr\Desktop\avira_antivir_personal_en.exe
[2011/05/16 18:05:26 | 000,625,664 | ---- | C] () -- C:\Documents and Settings\Jennifer Parr\Desktop\dds.scr
[2010/12/18 13:57:24 | 000,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE
[2007/11/13 10:22:33 | 000,000,410 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2007/11/13 10:22:33 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\BD2040.DAT
[2007/10/30 20:07:33 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/10/30 19:21:34 | 000,141,824 | ---- | C] () -- C:\WINDOWS\catchme.exe
[2007/10/30 19:21:34 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\VFind.exe
[2007/10/24 16:09:26 | 000,693,490 | -HS- | C] () -- C:\WINDOWS\System32\xogjbaic.ini
[2007/09/11 06:25:24 | 000,003,171 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/08/14 15:09:32 | 000,000,114 | ---- | C] () -- C:\WINDOWS\HOSTK100.DAT
[2007/03/17 07:27:36 | 000,001,503 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2006/11/14 21:30:17 | 000,000,024 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/11/14 21:23:34 | 000,003,424 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/11/04 10:36:23 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2006/11/04 10:00:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2006/06/18 09:34:17 | 000,069,632 | ---- | C] () -- C:\Documents and Settings\Jennifer Parr\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/04/03 22:12:08 | 000,000,028 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/03/30 23:07:08 | 000,003,766 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/03/30 23:07:08 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\4D1F5E9C63.sys
[2005/12/11 20:48:32 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/12/11 20:40:48 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/12/11 20:35:06 | 000,000,304 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/12/11 20:33:06 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/12/11 20:29:42 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/12/11 20:25:55 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2005/12/11 20:25:12 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2005/12/11 20:25:12 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2005/12/11 20:00:34 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/12/11 20:00:04 | 000,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/04/09 18:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 14:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 14:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 14:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 14:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 13:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 13:57:15 | 000,159,544 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 13:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 13:51:20 | 000,385,164 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 13:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 13:51:20 | 000,054,682 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 13:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 13:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 13:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 13:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 13:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 13:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 13:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 13:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/05/29 09:55:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\CSUninstall.exe
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2011/05/16 18:25:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2006/11/04 10:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2008/02/03 19:29:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2007/10/30 20:22:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2007/02/26 17:18:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/06/21 18:12:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2006/04/03 22:18:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\acccore
[2007/05/23 11:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\BFGTOOLBAR
[2006/01/04 18:50:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\Leadertech
[2006/11/13 22:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\Nikon
[2006/09/03 18:10:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\Publish Providers
[2006/11/13 22:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\Snapfish
[2006/09/03 18:11:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\Sony
[2006/11/04 10:42:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\Ulead Systems
[2007/02/26 17:18:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\Viewpoint
[2008/06/17 13:21:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\W Photo Studio
[2008/06/17 13:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\W Photo Studio Viewer
[2008/06/17 13:20:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\Walgreens
[2011/05/16 18:25:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\WinPatrol
[2007/10/23 06:54:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\BFGTOOLBAR

========== Purity Check ==========



< End of report >



OTL Extras logfile created on: 5/26/2011 7:06:13 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\Jennifer Parr\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.37 Mb Total Physical Memory | 278.40 Mb Available Physical Memory | 55.31% Memory free
1.20 Gb Paging File | 0.88 Gb Available in Paging File | 73.46% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.10 Gb Total Space | 19.35 Gb Free Space | 56.75% Space Free | Partition Type: NTFS

Computer Name: MURDOCH | User Name: Jennifer Parr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-3614252324-1245835010-2861505330-1007\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007811BF-E310-4285-BFC6-55DB29B3EDDE}" = WinPatrol
"{05410000-64A6-4248-A026-9745C1E9E159}" = Microsoft Encarta Encyclopedia Deluxe 2005
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F528948-0E80-4C96-B455-DE4167CB1DF7}" = Internal Network Card Power Management
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 24
"{26E1BFB0-E87E-4696-9F89-B467F01F81E5}" = Broadcom Management Programs
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{3C26E039-BE18-4B5E-A723-45390C451819}" = Windows XP Creativity Fun Packs - Windows Movie Maker 2 - Titles
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE}" = EarthLink setup files
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{85D3CC30-8859-481A-9654-FD9B74310BEF}" = Musicmatch® Jukebox
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A6264FF6-C49D-4533-AF42-4875C38BB24C}" = Windows XP Creativity Fun Packs - Windows Movie Maker 2 - Audio
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AB85A4DB-357F-41B5-94A6-C9A4CBBD791B}" = DV Network Software
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DA2D4D11-1811-4A24-B719-BF9F048C6106}" = Windows XP Creativity Fun Packs - Windows Movie Maker 2
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{AB85A4DB-357F-41B5-94A6-C9A4CBBD791B}" = DV Network Software
"InstallShield_{C05E2D43-A05F-4835-A15C-CD0AD1576506}" = Canon Utilities PhotoStitch 3.1
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.8)" = Mozilla Firefox (3.0.8)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"RealPlayer 6.0" = RealPlayer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ViewpointMediaPlayer" = Viewpoint Media Player
"WebCyberCoach_wtrb" = WebCyberCoach 3.2 Dell
"WIC" = Windows Imaging Component
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ System Events ]
Error - 5/22/2011 6:10:33 PM | Computer Name = MURDOCH | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 5/22/2011 6:10:33 PM | Computer Name = MURDOCH | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 5/22/2011 6:10:33 PM | Computer Name = MURDOCH | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 5/22/2011 6:10:33 PM | Computer Name = MURDOCH | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 5/22/2011 6:17:40 PM | Computer Name = MURDOCH | Source = Service Control Manager | ID = 7034
Description = The Dell Wireless WLAN Tray Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 5/22/2011 6:17:40 PM | Computer Name = MURDOCH | Source = Service Control Manager | ID = 7034
Description = The NICCONFIGSVC service terminated unexpectedly. It has done this
1 time(s).

Error - 5/22/2011 6:17:40 PM | Computer Name = MURDOCH | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly. It has done
this 1 time(s).

Error - 5/22/2011 6:28:37 PM | Computer Name = MURDOCH | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC90.CRT could not be found and Last
Error was The referenced assembly is not installed on your system.

Error - 5/22/2011 6:28:37 PM | Computer Name = MURDOCH | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC90.CRT. Reference error
message: The referenced assembly is not installed on your system. .

Error - 5/22/2011 6:28:37 PM | Computer Name = MURDOCH | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\DOCUME~1\JENNIF~1\LOCALS~1\Temp\RarSFX0\redist.dll.
Reference
error message: The operation completed successfully. .


< End of report >
w2w
Active Member
 
Posts: 7
Joined: May 16th, 2011, 6:13 pm

Re: Slow OS and internet

Unread postby askey127 » May 26th, 2011, 7:22 pm

w2w,
----------------------------------------------
Perform a Custom Scan or Fix with OTL
Run OTL (Right click and choose "Run as administrator" in Vista/Win7)
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:
    Code: Select all
    :processes
    killallprocesses
    
    :OTL
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
    O3 - HKU\S-1-5-21-3614252324-1245835010-2861505330-1007\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O3 - HKU\S-1-5-21-3614252324-1245835010-2861505330-1007\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-86BD-FD60BB9AAE3A} - No CLSID value found.
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-3614252324-1245835010-2861505330-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    
    :Commands
    [EMPTYTEMP]
    [CLEARALLRESTOREPOINTS]
    [Reboot]
    
  • Then click the Run Fix button at the top.
  • Let the program run unhindered and reboot the PC when it is done.
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Tell me how it's running.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Slow OS and internet

Unread postby w2w » May 29th, 2011, 6:43 pm

Here ya go. Still seems slow.

OTL logfile created on: 5/29/2011 6:34:04 PM - Run 2
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\Jennifer Parr\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.37 Mb Total Physical Memory | 164.20 Mb Available Physical Memory | 32.62% Memory free
1.20 Gb Paging File | 0.90 Gb Available in Paging File | 74.81% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.10 Gb Total Space | 19.67 Gb Free Space | 57.67% Space Free | Partition Type: NTFS

Computer Name: MURDOCH | User Name: Jennifer Parr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/26 18:46:06 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jennifer Parr\Desktop\OTL.exe
PRC - [2011/05/15 14:53:20 | 000,325,512 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2011/03/28 16:15:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/03/28 16:15:40 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/28 16:15:30 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/03/28 16:15:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/10 11:22:32 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\stsystra.exe
PRC - [2005/08/01 17:00:00 | 000,610,304 | ---- | M] () -- C:\Program Files\Dell\QuickSet\quickset.exe


========== Modules (SafeList) ==========

MOD - [2011/05/26 18:46:06 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jennifer Parr\Desktop\OTL.exe
MOD - [2011/05/15 14:53:34 | 000,064,600 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/03/28 16:15:40 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/03/28 16:15:30 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)


========== Driver Services (SafeList) ==========

DRV - [2011/04/01 17:07:59 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/04/01 17:07:59 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/06/17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 15:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2007/05/10 11:24:34 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/08/05 04:32:16 | 000,045,312 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2005/07/22 04:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/22 04:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/22 04:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/12/06 22:09:58 | 000,369,024 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004/08/18 16:53:54 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig?hl=en
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official"
FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.11
FF - prefs.js..extensions.enabledItems: ""
FF - prefs.js..extensions.enabledItems: ""
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..extensions.enabledItems: {de5809e0-2b07-11dd-bd0b-0800200c9a66}:1.0.9


FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/06/25 07:38:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/06 22:59:23 | 000,000,000 | ---D | M]

[2008/11/18 17:58:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jennifer Parr\Application Data\Mozilla\Extensions
[2010/12/18 14:09:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jennifer Parr\Application Data\Mozilla\Firefox\Profiles\8f8fbsa0.default\extensions
[2010/12/18 14:09:18 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Jennifer Parr\Application Data\Mozilla\Firefox\Profiles\8f8fbsa0.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/06/22 16:07:20 | 000,000,000 | ---D | M] (Gradient iCool) -- C:\Documents and Settings\Jennifer Parr\Application Data\Mozilla\Firefox\Profiles\8f8fbsa0.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
[2008/11/18 18:01:33 | 000,000,000 | ---D | M] (Fast Dial) -- C:\Documents and Settings\Jennifer Parr\Application Data\Mozilla\Firefox\Profiles\8f8fbsa0.default\extensions\fastdial@telega.phpnet.us
[2011/03/20 15:28:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/09/06 22:59:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/12/18 13:22:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/20 15:28:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010/09/06 22:58:27 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2004/08/04 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe ()
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?LinkID=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photos.walmart.com/WalmartActivia.cab (Snapfish Activia)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.google.com/s/v/25.24/uploader2.cab (UploadListView Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 1818753640 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/aut ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Jennifer Parr\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jennifer Parr\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/10/26 16:19:36 | 000,000,000 | ---D | M] - C:\Autoruns -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/29 18:30:05 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/26 19:48:49 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jennifer Parr\Recent
[2011/05/26 18:45:40 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jennifer Parr\Desktop\OTL.exe
[2011/05/22 17:37:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011/05/22 17:34:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jennifer Parr\Application Data\Avira
[2011/05/22 17:29:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2011/05/22 17:29:28 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011/05/22 17:29:25 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011/05/22 17:29:25 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011/05/22 17:29:25 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2011/05/22 17:29:25 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2011/05/22 17:29:23 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/05/22 17:29:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2011/05/22 17:15:55 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jennifer Parr\Desktop\TFC.exe
[2011/05/16 18:25:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jennifer Parr\Application Data\WinPatrol
[2011/05/16 18:25:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinPatrol
[2011/05/16 18:25:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2011/05/16 18:25:21 | 000,000,000 | ---D | C] -- C:\Program Files\BillP Studios
[2011/05/16 18:25:01 | 000,821,832 | ---- | C] (BillP Studios) -- C:\Documents and Settings\Jennifer Parr\Desktop\wpsetup.exe
[2011/05/04 16:18:08 | 000,000,000 | ---D | C] -- C:\567418583ea638cbaf3c601d994aa7

========== Files - Modified Within 30 Days ==========

[2011/05/29 18:38:13 | 000,385,164 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/05/29 18:38:13 | 000,054,682 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/05/29 18:33:56 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/29 18:33:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/29 18:33:07 | 527,892,480 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/26 19:49:39 | 000,071,168 | ---- | M] () -- C:\Documents and Settings\Jennifer Parr\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/26 18:46:06 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jennifer Parr\Desktop\OTL.exe
[2011/05/22 17:29:47 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2011/05/22 17:28:23 | 052,676,424 | ---- | M] () -- C:\Documents and Settings\Jennifer Parr\Desktop\avira_antivir_personal_en.exe
[2011/05/22 17:16:00 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jennifer Parr\Desktop\TFC.exe
[2011/05/16 18:25:17 | 000,821,832 | ---- | M] (BillP Studios) -- C:\Documents and Settings\Jennifer Parr\Desktop\wpsetup.exe
[2011/05/16 18:05:27 | 000,625,664 | ---- | M] () -- C:\Documents and Settings\Jennifer Parr\Desktop\dds.scr
[2011/05/11 15:30:42 | 000,159,544 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/05/04 16:57:31 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK

========== Files Created - No Company Name ==========

[2011/05/22 17:29:47 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2011/05/22 17:28:05 | 052,676,424 | ---- | C] () -- C:\Documents and Settings\Jennifer Parr\Desktop\avira_antivir_personal_en.exe
[2011/05/16 18:05:26 | 000,625,664 | ---- | C] () -- C:\Documents and Settings\Jennifer Parr\Desktop\dds.scr
[2010/12/18 13:57:24 | 000,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE
[2007/11/13 10:22:33 | 000,000,410 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2007/11/13 10:22:33 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\BD2040.DAT
[2007/10/30 20:07:33 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/10/30 19:21:34 | 000,141,824 | ---- | C] () -- C:\WINDOWS\catchme.exe
[2007/10/30 19:21:34 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\VFind.exe
[2007/10/24 16:09:26 | 000,693,490 | -HS- | C] () -- C:\WINDOWS\System32\xogjbaic.ini
[2007/09/11 06:25:24 | 000,003,171 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/08/14 15:09:32 | 000,000,114 | ---- | C] () -- C:\WINDOWS\HOSTK100.DAT
[2007/03/17 07:27:36 | 000,001,503 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2006/11/14 21:30:17 | 000,000,024 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/11/14 21:23:34 | 000,003,424 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/11/04 10:36:23 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2006/11/04 10:00:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2006/06/18 09:34:17 | 000,071,168 | ---- | C] () -- C:\Documents and Settings\Jennifer Parr\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/04/03 22:12:08 | 000,000,028 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/03/30 23:07:08 | 000,003,766 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/03/30 23:07:08 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\4D1F5E9C63.sys
[2005/12/11 20:48:32 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/12/11 20:40:48 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/12/11 20:35:06 | 000,000,304 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/12/11 20:33:06 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/12/11 20:29:42 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/12/11 20:25:55 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2005/12/11 20:25:12 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2005/12/11 20:25:12 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2005/12/11 20:00:34 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/12/11 20:00:04 | 000,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/04/09 18:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 14:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 14:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 14:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 14:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 13:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 13:57:15 | 000,159,544 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 13:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 13:51:20 | 000,385,164 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 13:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 13:51:20 | 000,054,682 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 13:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 13:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 13:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 13:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 13:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 13:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 13:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 13:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/05/29 09:55:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\CSUninstall.exe
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2011/05/16 18:25:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2006/11/04 10:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2008/02/03 19:29:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2007/10/30 20:22:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2007/02/26 17:18:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/06/21 18:12:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2006/04/03 22:18:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\acccore
[2007/05/23 11:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\BFGTOOLBAR
[2006/01/04 18:50:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\Leadertech
[2006/11/13 22:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\Nikon
[2006/09/03 18:10:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\Publish Providers
[2006/11/13 22:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\Snapfish
[2006/09/03 18:11:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\Sony
[2006/11/04 10:42:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\Ulead Systems
[2007/02/26 17:18:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\Viewpoint
[2008/06/17 13:21:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\W Photo Studio
[2008/06/17 13:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\W Photo Studio Viewer
[2008/06/17 13:20:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\Walgreens
[2011/05/16 18:25:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\WinPatrol

========== Purity Check ==========



< End of report >
w2w
Active Member
 
Posts: 7
Joined: May 16th, 2011, 6:13 pm

Re: Slow OS and internet

Unread postby askey127 » May 30th, 2011, 5:57 am

w2w,
A few things to do here, but they each should be fairly straightforward.
---------------------------------------------
If you don't have it already, please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    Code: Select all
    :dir
    C:\WINDOWS\system32\caches2
    
    :folderfind
    caches2
    
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
--------------------------------------------
Disallow Indexing on the C: Drive
Go to Start, My Computer
Right click on the C: Drive and choose Properties.
At the bottom, UNCHECK the box labeled "Allow Indexing to Index this disk for fast file searching".
Click Apply, and OK.
CHECK the button to apply to all folders and subfolders.
Click Apply.
Go for a coffee.
When it's done, click OK.
--------------------------------------------------------
Download and Install the newest version of Adobe Reader for reading pdf files, due to the vulnerabilities in earlier versions.
All versions numbered lower than 10.0 are vulnerable.
Go HERE and click on AdbeRdr1001_en_US.exe to download the latest version of Adobe Acrobat Reader.
Save this file to your desktop and run it to install the latest version of Adobe Reader.

After the new Reader is installed, Open Adobe Reader X. (Right click and Run as administrator in Vista/Win7)
OK the license.
Click on Edit and select Preferences.
On the Left, click on the Javascript category and Uncheck Enable Acrobat Javascript.
Click on the Security (Enhanced) category and Uncheck Automatically trust sites from my Win OS security zones.
Click on the Trust Manager category and Uncheck Allow opening of non-PDF file attachments with external applications.
Click the OK button
When it finishes, you can remove the Installer from your desktop.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine
-----------------------------------------------------------
Defragment your C: drive
Go to Start, All Programs, Accessories, System Tools, Disk Defragmenter
Highlight C: drive and click Defragment
It may take a while. Wait until it's done.
--------------------------------------------
TDSSKiller - Rootkit Removal Tool
Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!
  1. Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com).
    If you don't see file extensions, please see: How to change the file extension.
  2. Click the Start Scan button. Do not use the computer during the scan!
  3. If the scan completes with nothing found, click Close to exit.
  4. If malicious objects are found, they will show in the "Scan results - Select action for found objects" and offer 3 options.
    • Ensure Cure (default) is selected... then click Continue > Reboot now to finish the cleaning process.
    • If Cure is not offered as an option, choose Skip.
  5. A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the main directory of C:
    (the dd.mm.yyyy_hh.mm.ss numbers in the filename represent the time/date stamp)
  6. Copy and paste the contents of that file in your next reply.
If, for some reason,you can't locate the text file to paste into your reply, just tell me, but DO NOT run the program a second time.

So we will be looking for the contents of Systemlook.txt, and the log from TDSSKiller.
Let me know how it goes.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Slow OS and internet

Unread postby w2w » May 30th, 2011, 4:39 pm

SystemLook 04.09.10 by jpshortstuff
Log created at 14:21 on 30/05/2011 by Jennifer Parr
Administrator - Elevation successful

========== dir ==========

C:\WINDOWS\system32\caches2 - Parameters: "(none)"

---Files---
None found.

---Folders---
None found.

========== folderfind ==========

Searching for "caches2"
C:\WINDOWS\system32\caches2 d------ [01:24 23/10/2007]

-= EOF =-


2011/05/30 16:38:20.0156 2180 TDSS rootkit removing tool 2.5.3.0 May 25 2011 07:09:24
2011/05/30 16:38:22.0171 2180 ================================================================================
2011/05/30 16:38:22.0171 2180 SystemInfo:
2011/05/30 16:38:22.0171 2180
2011/05/30 16:38:22.0171 2180 OS Version: 5.1.2600 ServicePack: 3.0
2011/05/30 16:38:22.0171 2180 Product type: Workstation
2011/05/30 16:38:22.0171 2180 ComputerName: MURDOCH
2011/05/30 16:38:22.0171 2180 UserName: Jennifer Parr
2011/05/30 16:38:22.0171 2180 Windows directory: C:\WINDOWS
2011/05/30 16:38:22.0171 2180 System windows directory: C:\WINDOWS
2011/05/30 16:38:22.0171 2180 Processor architecture: Intel x86
2011/05/30 16:38:22.0171 2180 Number of processors: 1
2011/05/30 16:38:22.0171 2180 Page size: 0x1000
2011/05/30 16:38:22.0171 2180 Boot type: Normal boot
2011/05/30 16:38:22.0171 2180 ================================================================================
2011/05/30 16:38:24.0203 2180 Initialize success
2011/05/30 16:38:29.0781 0140 ================================================================================
2011/05/30 16:38:29.0781 0140 Scan started
2011/05/30 16:38:29.0781 0140 Mode: Manual;
2011/05/30 16:38:29.0781 0140 ================================================================================
2011/05/30 16:38:31.0296 0140 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2011/05/30 16:38:31.0453 0140 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/05/30 16:38:31.0546 0140 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/05/30 16:38:31.0671 0140 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2011/05/30 16:38:31.0937 0140 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/05/30 16:38:32.0109 0140 AegisP (2c5c22990156a1063e19ad162191dc1d) C:\WINDOWS\system32\DRIVERS\AegisP.sys
2011/05/30 16:38:32.0250 0140 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys
2011/05/30 16:38:32.0359 0140 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/05/30 16:38:32.0500 0140 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2011/05/30 16:38:32.0656 0140 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2011/05/30 16:38:32.0796 0140 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2011/05/30 16:38:32.0953 0140 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2011/05/30 16:38:33.0093 0140 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2011/05/30 16:38:33.0234 0140 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2011/05/30 16:38:33.0359 0140 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2011/05/30 16:38:33.0484 0140 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2011/05/30 16:38:33.0640 0140 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
2011/05/30 16:38:33.0781 0140 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2011/05/30 16:38:33.0906 0140 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2011/05/30 16:38:34.0062 0140 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2011/05/30 16:38:34.0234 0140 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/05/30 16:38:34.0406 0140 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/05/30 16:38:34.0562 0140 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/05/30 16:38:34.0796 0140 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/05/30 16:38:34.0968 0140 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2011/05/30 16:38:35.0109 0140 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2011/05/30 16:38:35.0218 0140 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2011/05/30 16:38:35.0359 0140 BCM43XX (c3ab2d6954c7b5103770832a3a6a591b) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
2011/05/30 16:38:35.0468 0140 bcm4sbxp (c768c8a463d32c219ce291645a0621a4) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
2011/05/30 16:38:35.0593 0140 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/05/30 16:38:35.0859 0140 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2011/05/30 16:38:35.0984 0140 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/05/30 16:38:36.0109 0140 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2011/05/30 16:38:36.0218 0140 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/05/30 16:38:36.0343 0140 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/05/30 16:38:36.0453 0140 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/05/30 16:38:36.0656 0140 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/05/30 16:38:36.0796 0140 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2011/05/30 16:38:36.0953 0140 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/05/30 16:38:37.0093 0140 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2011/05/30 16:38:37.0250 0140 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2011/05/30 16:38:37.0375 0140 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2011/05/30 16:38:37.0515 0140 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/05/30 16:38:37.0671 0140 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/05/30 16:38:37.0890 0140 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/05/30 16:38:38.0031 0140 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/05/30 16:38:38.0187 0140 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/05/30 16:38:38.0343 0140 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2011/05/30 16:38:38.0468 0140 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/05/30 16:38:38.0625 0140 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
2011/05/30 16:38:38.0703 0140 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
2011/05/30 16:38:38.0843 0140 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
2011/05/30 16:38:39.0000 0140 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
2011/05/30 16:38:39.0140 0140 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2011/05/30 16:38:39.0328 0140 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/05/30 16:38:39.0500 0140 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/05/30 16:38:39.0609 0140 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/05/30 16:38:39.0812 0140 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/05/30 16:38:39.0968 0140 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/05/30 16:38:40.0046 0140 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/05/30 16:38:40.0171 0140 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/05/30 16:38:40.0390 0140 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/05/30 16:38:40.0546 0140 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/05/30 16:38:40.0687 0140 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/05/30 16:38:41.0062 0140 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2011/05/30 16:38:41.0250 0140 HSFHWAZL (1c8caa80e91fb71864e9426f9eed048d) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
2011/05/30 16:38:41.0421 0140 HSF_DPV (698204d9c2832e53633e53a30a53fc3d) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
2011/05/30 16:38:41.0609 0140 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/05/30 16:38:41.0750 0140 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2011/05/30 16:38:41.0906 0140 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2011/05/30 16:38:42.0031 0140 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/05/30 16:38:42.0250 0140 ialm (240d0f5d7caafd87bd8d801a97bbe041) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
2011/05/30 16:38:42.0546 0140 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/05/30 16:38:42.0718 0140 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2011/05/30 16:38:42.0843 0140 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/05/30 16:38:42.0906 0140 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/05/30 16:38:43.0015 0140 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/05/30 16:38:43.0171 0140 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/05/30 16:38:43.0328 0140 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/05/30 16:38:43.0437 0140 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/05/30 16:38:43.0546 0140 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/05/30 16:38:43.0671 0140 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/05/30 16:38:43.0828 0140 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/05/30 16:38:43.0968 0140 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/05/30 16:38:44.0078 0140 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/05/30 16:38:44.0218 0140 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/05/30 16:38:44.0312 0140 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/05/30 16:38:44.0562 0140 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2011/05/30 16:38:44.0781 0140 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/05/30 16:38:44.0921 0140 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/05/30 16:38:45.0046 0140 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/05/30 16:38:45.0203 0140 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/05/30 16:38:45.0328 0140 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/05/30 16:38:45.0453 0140 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2011/05/30 16:38:45.0656 0140 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/05/30 16:38:45.0828 0140 MRxSmb (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/05/30 16:38:45.0937 0140 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/05/30 16:38:46.0031 0140 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/05/30 16:38:46.0187 0140 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/05/30 16:38:46.0343 0140 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/05/30 16:38:46.0484 0140 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/05/30 16:38:46.0609 0140 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/05/30 16:38:46.0734 0140 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/05/30 16:38:46.0859 0140 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/05/30 16:38:47.0000 0140 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/05/30 16:38:47.0109 0140 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/05/30 16:38:47.0281 0140 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/05/30 16:38:47.0343 0140 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/05/30 16:38:47.0468 0140 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/05/30 16:38:47.0640 0140 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/05/30 16:38:47.0796 0140 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/05/30 16:38:47.0937 0140 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/05/30 16:38:48.0140 0140 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/05/30 16:38:48.0375 0140 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/05/30 16:38:48.0500 0140 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/05/30 16:38:48.0671 0140 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/05/30 16:38:48.0812 0140 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/05/30 16:38:48.0906 0140 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/05/30 16:38:49.0046 0140 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/05/30 16:38:49.0234 0140 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/05/30 16:38:49.0343 0140 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/05/30 16:38:49.0812 0140 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2011/05/30 16:38:49.0937 0140 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2011/05/30 16:38:50.0109 0140 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/05/30 16:38:50.0250 0140 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/05/30 16:38:50.0375 0140 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/05/30 16:38:50.0531 0140 PxHelp20 (86724469cd077901706854974cd13c3e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/05/30 16:38:50.0625 0140 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2011/05/30 16:38:50.0796 0140 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2011/05/30 16:38:50.0984 0140 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2011/05/30 16:38:51.0109 0140 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2011/05/30 16:38:51.0250 0140 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2011/05/30 16:38:51.0390 0140 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/05/30 16:38:51.0546 0140 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/05/30 16:38:51.0687 0140 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/05/30 16:38:51.0828 0140 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/05/30 16:38:51.0937 0140 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/05/30 16:38:52.0046 0140 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/05/30 16:38:52.0187 0140 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/05/30 16:38:52.0375 0140 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/05/30 16:38:52.0500 0140 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/05/30 16:38:52.0687 0140 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/05/30 16:38:52.0875 0140 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/05/30 16:38:53.0015 0140 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/05/30 16:38:53.0171 0140 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
2011/05/30 16:38:53.0390 0140 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2011/05/30 16:38:53.0562 0140 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
2011/05/30 16:38:53.0703 0140 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2011/05/30 16:38:53.0859 0140 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/05/30 16:38:53.0984 0140 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/05/30 16:38:54.0093 0140 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/05/30 16:38:54.0234 0140 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
2011/05/30 16:38:54.0343 0140 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2011/05/30 16:38:54.0468 0140 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
2011/05/30 16:38:54.0640 0140 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS\system32\drivers\sthda.sys
2011/05/30 16:38:54.0843 0140 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/05/30 16:38:54.0984 0140 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/05/30 16:38:55.0171 0140 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2011/05/30 16:38:55.0296 0140 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2011/05/30 16:38:55.0421 0140 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2011/05/30 16:38:55.0546 0140 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2011/05/30 16:38:55.0750 0140 SynTP (643b3e821a00b2b6a35cc099cb9653a1) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2011/05/30 16:38:55.0921 0140 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/05/30 16:38:56.0093 0140 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/05/30 16:38:56.0187 0140 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/05/30 16:38:56.0328 0140 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/05/30 16:38:56.0468 0140 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/05/30 16:38:56.0640 0140 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
2011/05/30 16:38:56.0796 0140 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
2011/05/30 16:38:56.0906 0140 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
2011/05/30 16:38:56.0984 0140 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
2011/05/30 16:38:57.0078 0140 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
2011/05/30 16:38:57.0250 0140 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
2011/05/30 16:38:57.0359 0140 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
2011/05/30 16:38:57.0453 0140 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
2011/05/30 16:38:57.0562 0140 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
2011/05/30 16:38:57.0734 0140 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2011/05/30 16:38:57.0953 0140 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/05/30 16:38:58.0078 0140 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2011/05/30 16:38:58.0250 0140 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/05/30 16:38:58.0500 0140 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/05/30 16:38:58.0671 0140 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/05/30 16:38:58.0984 0140 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/05/30 16:38:59.0125 0140 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/05/30 16:38:59.0281 0140 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/05/30 16:38:59.0406 0140 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/05/30 16:38:59.0531 0140 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/05/30 16:38:59.0718 0140 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/05/30 16:38:59.0859 0140 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2011/05/30 16:38:59.0984 0140 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2011/05/30 16:39:00.0093 0140 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/05/30 16:39:00.0234 0140 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/05/30 16:39:00.0390 0140 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/05/30 16:39:00.0578 0140 winachsf (74cf3f2e4e40c4a2e18d39d6300a5c24) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2011/05/30 16:39:00.0859 0140 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/05/30 16:39:01.0015 0140 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/05/30 16:39:01.0125 0140 MBR (0x1B8) (b16a2359f4962b0c622d81a1c1f4b703) \Device\Harddisk0\DR0
2011/05/30 16:39:01.0125 0140 ================================================================================
2011/05/30 16:39:01.0125 0140 Scan finished
2011/05/30 16:39:01.0125 0140 ================================================================================
2011/05/30 16:39:01.0140 0580 Detected object count: 0
2011/05/30 16:39:01.0140 0580 Actual detected object count: 0
2011/05/30 16:39:29.0593 3212 Deinitialize success
w2w
Active Member
 
Posts: 7
Joined: May 16th, 2011, 6:13 pm

Re: Slow OS and internet

Unread postby askey127 » May 31st, 2011, 7:21 am

w2w,
----------------------------------------------
Perform a Custom Fix with OTL
Run OTL (Right click and choose "Run as administrator" in Vista/Win7)
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:
    Code: Select all
    :processes
    killallprocesses
    
    :Files
    C:\WINDOWS\system32\caches2
    
    [EMPTYTEMP]
    [RESETHOSTS]
    [CLEARALLRESTOREPOINTS]
    [Reboot]
    
  • Then click the Run Fix button at the top.
  • Let the program run unhindered and reboot the PC when it is done.
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Running any better?
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Slow OS and internet

Unread postby w2w » May 31st, 2011, 5:03 pm

still sluggish, am i supposed to keep Avira running?

OTL logfile created on: 5/31/2011 4:55:42 PM - Run 3
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\Jennifer Parr\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.37 Mb Total Physical Memory | 202.77 Mb Available Physical Memory | 40.28% Memory free
1.20 Gb Paging File | 0.94 Gb Available in Paging File | 78.18% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.10 Gb Total Space | 19.23 Gb Free Space | 56.38% Space Free | Partition Type: NTFS

Computer Name: MURDOCH | User Name: Jennifer Parr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/26 18:46:06 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jennifer Parr\Desktop\OTL.exe
PRC - [2011/05/15 14:53:20 | 000,325,512 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2011/03/28 16:15:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/03/28 16:15:40 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/28 16:15:30 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/03/28 16:15:29 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/01/30 10:45:14 | 000,035,736 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/10 11:22:32 | 000,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\stsystra.exe
PRC - [2005/08/01 17:00:00 | 000,610,304 | ---- | M] () -- C:\Program Files\Dell\QuickSet\quickset.exe


========== Modules (SafeList) ==========

MOD - [2011/05/26 18:46:06 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jennifer Parr\Desktop\OTL.exe
MOD - [2011/05/15 14:53:34 | 000,064,600 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/03/28 16:15:40 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/03/28 16:15:30 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)


========== Driver Services (SafeList) ==========

DRV - [2011/04/01 17:07:59 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/04/01 17:07:59 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/06/17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 15:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2007/05/10 11:24:34 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/08/05 04:32:16 | 000,045,312 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2005/07/22 04:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/22 04:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/22 04:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/12/06 22:09:58 | 000,369,024 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004/08/18 16:53:54 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig?hl=en
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official"
FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:2.11
FF - prefs.js..extensions.enabledItems: ""
FF - prefs.js..extensions.enabledItems: ""
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..extensions.enabledItems: {de5809e0-2b07-11dd-bd0b-0800200c9a66}:1.0.9


FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/06/25 07:38:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/30 14:40:26 | 000,000,000 | ---D | M]

[2008/11/18 17:58:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jennifer Parr\Application Data\Mozilla\Extensions
[2010/12/18 14:09:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jennifer Parr\Application Data\Mozilla\Firefox\Profiles\8f8fbsa0.default\extensions
[2010/12/18 14:09:18 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Jennifer Parr\Application Data\Mozilla\Firefox\Profiles\8f8fbsa0.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/06/22 16:07:20 | 000,000,000 | ---D | M] (Gradient iCool) -- C:\Documents and Settings\Jennifer Parr\Application Data\Mozilla\Firefox\Profiles\8f8fbsa0.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
[2008/11/18 18:01:33 | 000,000,000 | ---D | M] (Fast Dial) -- C:\Documents and Settings\Jennifer Parr\Application Data\Mozilla\Firefox\Profiles\8f8fbsa0.default\extensions\fastdial@telega.phpnet.us
[2011/03/20 15:28:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/09/06 22:59:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/12/18 13:22:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/20 15:28:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010/09/06 22:58:27 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2004/08/04 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe ()
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?LinkID=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photos.walmart.com/WalmartActivia.cab (Snapfish Activia)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://picasaweb.google.com/s/v/25.24/uploader2.cab (UploadListView Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 1818753640 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/aut ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Jennifer Parr\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jennifer Parr\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2007/10/26 16:19:36 | 000,000,000 | ---D | M] - C:\Autoruns -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/31 16:53:06 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jennifer Parr\Recent
[2011/05/30 16:38:03 | 001,431,344 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Jennifer Parr\Desktop\tdsskiller.exe
[2011/05/30 14:41:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jennifer Parr\Local Settings\Application Data\Temp
[2011/05/30 14:37:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2011/05/29 18:30:05 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/26 18:45:40 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jennifer Parr\Desktop\OTL.exe
[2011/05/22 17:37:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011/05/22 17:34:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jennifer Parr\Application Data\Avira
[2011/05/22 17:29:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2011/05/22 17:29:28 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011/05/22 17:29:25 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011/05/22 17:29:25 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011/05/22 17:29:25 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2011/05/22 17:29:25 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2011/05/22 17:29:23 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/05/22 17:29:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2011/05/22 17:15:55 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jennifer Parr\Desktop\TFC.exe
[2011/05/16 18:25:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jennifer Parr\Application Data\WinPatrol
[2011/05/16 18:25:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinPatrol
[2011/05/16 18:25:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2011/05/16 18:25:21 | 000,000,000 | ---D | C] -- C:\Program Files\BillP Studios
[2011/05/16 18:25:01 | 000,821,832 | ---- | C] (BillP Studios) -- C:\Documents and Settings\Jennifer Parr\Desktop\wpsetup.exe
[2011/05/04 16:18:08 | 000,000,000 | ---D | C] -- C:\567418583ea638cbaf3c601d994aa7

========== Files - Modified Within 30 Days ==========

[2011/05/31 16:59:55 | 000,385,164 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/05/31 16:59:55 | 000,054,682 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/05/31 16:56:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/31 16:55:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/31 16:55:03 | 527,892,480 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/31 16:52:55 | 000,070,656 | ---- | M] () -- C:\Documents and Settings\Jennifer Parr\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/30 16:38:19 | 001,431,344 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Jennifer Parr\Desktop\tdsskiller.exe
[2011/05/30 14:40:28 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/05/30 14:21:19 | 000,075,264 | ---- | M] () -- C:\Documents and Settings\Jennifer Parr\Desktop\SystemLook.exe
[2011/05/26 18:46:06 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jennifer Parr\Desktop\OTL.exe
[2011/05/22 17:29:47 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2011/05/22 17:28:23 | 052,676,424 | ---- | M] () -- C:\Documents and Settings\Jennifer Parr\Desktop\avira_antivir_personal_en.exe
[2011/05/22 17:16:00 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jennifer Parr\Desktop\TFC.exe
[2011/05/16 18:25:17 | 000,821,832 | ---- | M] (BillP Studios) -- C:\Documents and Settings\Jennifer Parr\Desktop\wpsetup.exe
[2011/05/16 18:05:27 | 000,625,664 | ---- | M] () -- C:\Documents and Settings\Jennifer Parr\Desktop\dds.scr
[2011/05/11 15:30:42 | 000,159,544 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/05/04 16:57:31 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK

========== Files Created - No Company Name ==========

[2011/05/30 14:40:27 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/05/30 14:40:27 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/05/30 14:21:16 | 000,075,264 | ---- | C] () -- C:\Documents and Settings\Jennifer Parr\Desktop\SystemLook.exe
[2011/05/22 17:29:47 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2011/05/22 17:28:05 | 052,676,424 | ---- | C] () -- C:\Documents and Settings\Jennifer Parr\Desktop\avira_antivir_personal_en.exe
[2011/05/16 18:05:26 | 000,625,664 | ---- | C] () -- C:\Documents and Settings\Jennifer Parr\Desktop\dds.scr
[2010/12/18 13:57:24 | 000,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE
[2007/11/13 10:22:33 | 000,000,410 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2007/11/13 10:22:33 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\BD2040.DAT
[2007/10/30 20:07:33 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/10/30 19:21:34 | 000,141,824 | ---- | C] () -- C:\WINDOWS\catchme.exe
[2007/10/30 19:21:34 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\VFind.exe
[2007/10/24 16:09:26 | 000,693,490 | -HS- | C] () -- C:\WINDOWS\System32\xogjbaic.ini
[2007/09/11 06:25:24 | 000,003,171 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/08/14 15:09:32 | 000,000,114 | ---- | C] () -- C:\WINDOWS\HOSTK100.DAT
[2007/03/17 07:27:36 | 000,001,503 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2006/11/14 21:30:17 | 000,000,024 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2006/11/14 21:23:34 | 000,003,424 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/11/04 10:36:23 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2006/11/04 10:00:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2006/06/18 09:34:17 | 000,070,656 | ---- | C] () -- C:\Documents and Settings\Jennifer Parr\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/04/03 22:12:08 | 000,000,028 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/03/30 23:07:08 | 000,003,766 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/03/30 23:07:08 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\4D1F5E9C63.sys
[2005/12/11 20:48:32 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/12/11 20:40:48 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2005/12/11 20:35:06 | 000,000,304 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/12/11 20:33:06 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/12/11 20:29:42 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/12/11 20:25:55 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2005/12/11 20:25:12 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2005/12/11 20:25:12 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2005/12/11 20:00:34 | 000,049,152 | ---- | C] () -- C:\WINDOWS\setpwrcg.exe
[2005/12/11 20:00:04 | 000,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/04/09 18:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 14:12:05 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 14:07:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/08/10 14:02:15 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/10 14:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 13:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/10 13:57:15 | 000,159,544 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/10 13:51:21 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 13:51:20 | 000,385,164 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/10 13:51:20 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 13:51:20 | 000,054,682 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/10 13:51:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 13:51:18 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/10 13:51:17 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/10 13:51:16 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/08/10 13:51:12 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 13:51:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 13:51:05 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 13:50:56 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2003/05/29 09:55:18 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\CSUninstall.exe
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2011/05/16 18:25:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2006/11/04 10:30:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2008/02/03 19:29:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2007/10/30 20:22:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2007/02/26 17:18:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/06/21 18:12:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2006/04/03 22:18:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\acccore
[2007/05/23 11:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\BFGTOOLBAR
[2006/01/04 18:50:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\Leadertech
[2006/11/13 22:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\Nikon
[2006/09/03 18:10:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\Publish Providers
[2006/11/13 22:57:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\Snapfish
[2006/09/03 18:11:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\Sony
[2006/11/04 10:42:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\Ulead Systems
[2007/02/26 17:18:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\Viewpoint
[2008/06/17 13:21:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\W Photo Studio
[2008/06/17 13:19:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\W Photo Studio Viewer
[2008/06/17 13:20:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\Walgreens
[2011/05/16 18:25:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jennifer Parr\Application Data\WinPatrol

========== Purity Check ==========



< End of report >
w2w
Active Member
 
Posts: 7
Joined: May 16th, 2011, 6:13 pm

Re: Slow OS and internet

Unread postby askey127 » May 31st, 2011, 5:58 pm

When you turn on your computer, and it finally boots up, hit Ctrl-Alt-Del simultaneously to bring up the Task manager.
Take a look under the Processes tab, and see if anything is using more than a few percent of the CPU time.
System Idle Process should be using 98-99% of CPU.
If not, please note the name of the process (image name) using some unexpected time.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Slow OS and internet

Unread postby w2w » June 2nd, 2011, 6:44 pm

Only System Idle - it's at 99%.

Anyway, still very sluggish like too many things are running. Seems to work a little better when I disable Avira. Should that program be taking up so much memory?

What else can we do?
w2w
Active Member
 
Posts: 7
Joined: May 16th, 2011, 6:13 pm

Re: Slow OS and internet

Unread postby askey127 » June 2nd, 2011, 7:03 pm

Use Winpatrol and reduce the number of startups, one at a time, until you find the magic one that is causing the problem.
DO NOT choose to disable start of your Antivirus, or Microsoft processes.
They are not the cause of the problem.
I would start with removing the Google toolbar notifier, and the Dell applications.
Then defragment your hard drive.
If you don't know how, I will help.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: Slow OS and internet

Unread postby askey127 » June 5th, 2011, 6:28 pm

Due to Lack of Response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 137 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware