Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Computer slow and freezes

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Computer slow and freezes

Unread postby Missy_Trouble » March 28th, 2012, 9:01 pm

I ran Malwarebtyes and found some "ad-ware". Here is my HJT log.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:59:45 PM, on 3/28/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\Rising\RSD\popwndexe.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\igfxpers.exe
D:\Program Files\ZuneLauncher.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
D:\Program Files\Rising\RAV\RsTray.exe
D:\D Downloads\Ashampoo WinOptimizer 8\LiveTuner.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Users\Melissa\AppData\Local\Temp\RtkBtMnt.exe
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\trend micro\Melissa.exe
D:\Program Files\opera.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.mc1215.mail.yahoo.com/mc/welc ... nd=8871525
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\D Downloads\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [Zune Launcher] "D:\Program Files\ZuneLauncher.exe"
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "D:\Program Files\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [RavTRAY] "D:\Program Files\Rising\RAV\RSTRAY.EXE" -system
O4 - HKLM\..\Run: [Ashampoo WinOptimizer Live-Tuner] "D:\D Downloads\Ashampoo WinOptimizer 8\LiveTuner.exe" -TRAY
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Melissa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: eNetHook.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Rsd Service (RsMgrSvc) - Beijing Rising Information Technology Co., Ltd. - C:\Program Files\Rising\RSD\RsMgrSvc.exe
O23 - Service: Rav Service (RsRavMon) - Beijing Rising Information Technology Co., Ltd. - D:\Program Files\Rising\RAV\RavMonD.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: Ashampoo LiveTuner Service (WO_LiveService) - Unknown owner - D:\D Downloads\Ashampoo WinOptimizer 8\LiveTunerService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 6391 bytes
Missy_Trouble
Active Member
 
Posts: 12
Joined: March 28th, 2012, 8:55 pm
Advertisement
Register to Remove

Re: Computer slow and freezes

Unread postby maxi » March 29th, 2012, 3:37 pm

Hi Missy_Trouble :)

Welcome to the forum!

My name is maxi and I'll be helping you with any malware problems.

Currently I am working under the guidance of the MRU teachers and everything I post to you, must first be approved by them.
This additional review process can add some extra time to my responses, but I will post back with instructions for you as soon as possible.


Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!"
    Absence of symptoms does not mean that everything is clear.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf, you have any questions or problems, executing these instructions, <<STOP>> do not proceed, post back with the question or problem.


DDS
Please download DDS by sUBs from one of the links below, save it to your Desktop (Note: It must be in this location).
Please disable any anti-malware program that will block scripts from running before running DDS.

  • Right-Click on dds.scr And select " Run as administrator "... and a command window will appear. This is normal.
  • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

In your next reply please include:
Both logs from DDS.


Regards maxi :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: Computer slow and freezes

Unread postby Missy_Trouble » March 30th, 2012, 1:22 pm

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18865
Run by Melissa at 10:17:22 on 2012-03-30
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.1013.161 [GMT -7:00]
.
AV: Rising Antivirus *Enabled/Updated* {C0AEEC5C-BBDB-2745-3E22-21BEC65323A5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Rising Antivirus *Enabled/Updated* {7BCF0DB8-9DE1-28CB-0492-1ACCBDD46918}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Program Files\Rising\RSD\RsMgrSvc.exe
D:\Program Files\Rising\RAV\RavMonD.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
D:\Program Files\ZuneLauncher.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
D:\Program Files\Rising\RAV\RsTray.exe
D:\D Downloads\Ashampoo WinOptimizer 8\LiveTuner.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Rising\RSD\popwndexe.exe
C:\Acer\ALaunch\ALaunchSvc.exe
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Acer\Empowering Technology\eNet\eNet Service.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Acer\Mobility Center\MobilityService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
D:\D Downloads\Ashampoo WinOptimizer 8\LiveTunerService.exe
C:\Users\Melissa\AppData\Local\Temp\RtkBtMnt.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
C:\Windows\system32\iashost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\wuauclt.exe
D:\Program Files\opera.exe
C:\Windows\system32\DllHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://us.mc1215.mail.yahoo.com/mc/welc ... nd=8871525
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://en.us.acer.yahoo.com
mDefault_Page_URL = hxxp://en.us.acer.yahoo.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\d downloads\bin\jp2ssv.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\windows\system32\eDStoolbar.dll
TB: {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {A057A204-BACC-4D26-B7F5-48F8CCAB3ED4} - No File
TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
{cccc7d2d-9a4c-4c9a-9bd4-cc4815b28ccc}
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ISUSPM] c:\programdata\flexnet\connect\11\ISUSPM.exe -scheduler
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [eDataSecurity Loader] c:\acer\empowering technology\edatasecurity\eDSloader.exe
mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Skytel] Skytel.exe
mRun: [Zune Launcher] "d:\program files\ZuneLauncher.exe"
mRun: [Nuance PDF Reader-reminder] "d:\program files\ereg\ereg.exe" -r "c:\programdata\nuance\pdf reader\ereg\Ereg.ini"
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [CanonSolutionMenuEx] c:\program files\canon\solution menu ex\CNSEMAIN.EXE /logon
mRun: [RavTRAY] "d:\program files\rising\rav\RSTRAY.EXE" -system
mRun: [Ashampoo WinOptimizer Live-Tuner] "d:\d downloads\ashampoo winoptimizer 8\LiveTuner.exe" -TRAY
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\empowe~1.lnk - c:\acer\empowering technology\eAPLauncher.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Free YouTube to MP3 Converter - c:\users\melissa\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{8F41FBDF-8FE1-4D56-90D2-827F712969D4} : DhcpNameServer = 192.168.0.1
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: eNetHook.dll
.
============= SERVICES / DRIVERS ===============
.
R1 hooksys;hooksys;c:\windows\system32\drivers\Hooksys.sys [2011-5-16 173336]
R1 HookTdi;HookTdi;c:\windows\system32\drivers\HookTdi.sys [2011-5-16 23576]
R1 HyperVM;HyperVM;c:\windows\system32\drivers\hvm.sys [2011-5-16 31896]
R2 ALaunchService;ALaunch Service;c:\acer\alaunch\ALaunchSvc.exe [2007-9-3 50688]
R2 LiveTunerPM;Ashampoo LiveTuner ProcessMonitor Driver;d:\d downloads\ashampoo winoptimizer 8\LiveTunerProcessMonitor32.sys [2012-3-16 12696]
R2 rsdsys;rsd protect;c:\windows\system32\drivers\protreg.sys [2011-6-2 17336]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2007-9-3 179712]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-5-2 22216]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2007-10-10 42112]
.
=============== Created Last 30 ================
.
2012-03-29 00:22:50 388096 ----a-r- c:\users\melissa\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-03-28 18:42:03 -------- d-----w- c:\users\melissa\appdata\roaming\DVDVideoSoftIEHelpers
2012-03-28 18:41:26 80024 ----a-w- c:\windows\system32\mfcm100u.dll
2012-03-28 18:41:26 136344 ----a-w- c:\windows\system32\atl100.dll
2012-03-28 18:41:24 4421272 ----a-w- c:\windows\system32\mfc100u.dll
2012-03-28 18:41:05 -------- d-----w- c:\program files\common files\DVDVideoSoft
2012-03-27 16:42:47 -------- d-----w- c:\users\melissa\appdata\roaming\com.amazon.music.uploader
2012-03-27 14:47:45 -------- d-----w- c:\users\melissa\appdata\local\Amazon
2012-03-27 12:18:27 6582328 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{b6a403e3-1adf-457b-a081-a91d1c193999}\mpengine.dll
2012-03-17 23:45:30 -------- d-----w- c:\users\melissa\appdata\roaming\Digiarty
2012-03-16 18:00:19 28160 ----a-w- c:\windows\system32\DfSdkBt.exe
2012-03-15 17:39:28 772248 ----a-w- c:\windows\system32\msvcr100.dll
2012-03-15 17:39:28 419480 ----a-w- c:\windows\system32\msvcp100.dll
2012-03-11 15:19:17 -------- d-----w- c:\users\melissa\appdata\roaming\tiger-k
2012-03-11 15:19:15 -------- d-----w- c:\users\melissa\appdata\roaming\Leawo
2012-03-11 15:17:56 606208 ----a-w- c:\windows\system32\xvidcore.dll
.
==================== Find3M ====================
.
2012-02-23 16:18:36 237072 ------w- c:\windows\system32\MpSigStub.exe
.
============= FINISH: 10:19:50.55 ===============
Missy_Trouble
Active Member
 
Posts: 12
Joined: March 28th, 2012, 8:55 pm

Re: Computer slow and freezes

Unread postby Missy_Trouble » March 30th, 2012, 1:23 pm

.
Missy_Trouble
Active Member
 
Posts: 12
Joined: March 28th, 2012, 8:55 pm

Re: Computer slow and freezes

Unread postby maxi » March 30th, 2012, 1:37 pm

Hi maxi,

I don't know how to zip a folder so i'm sending you my attach.txt. I hope that's ok.

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume2
Install Date: 9/25/2007 2:03:00 PM
System Uptime: 3/30/2012 7:40:35 AM (3 hours ago)
.
Motherboard: Acer | | Acadia
Processor: Intel(R) Celeron(R) CPU 530 @ 1.73GHz | uPGA-478 | 1729/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 33 GiB total, 12.702 GiB free.
D: is FIXED (NTFS) - 32 GiB total, 20.311 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0002
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #3
PNP Device ID: ROOT\*6TO4MP\0002
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0008
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #4
PNP Device ID: ROOT\*ISATAP\0008
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0023
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #8
PNP Device ID: ROOT\*ISATAP\0023
Service: tunnel
.
==== System Restore Points ===================
.
RP1088: 3/24/2012 3:32:53 PM - Windows Update
RP1089: 3/27/2012 5:17:07 AM - Windows Update
RP1090: 3/28/2012 5:19:54 PM - Installed HiJackThis
.
==== Installed Programs ======================
.
.
Leawo DVD to MP4 Converter version 4.3.0.0
32 Bit HP CIO Components Installer
AC3Filter (remove only)
Acer eDataSecurity Management
Acer Empowering Technology
Acer eNet Management
Acer ePower Management
Acer ePresentation Management
Acer eSettings Management
Acer Mobility Center Plug-In
Acer ScreenSaver
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
ALPS Touch Pad Driver
Amazon MP3 Uploader
Ashampoo Burning Studio 6 FREE v.6.80
Ashampoo WinOptimizer 8 v.8.13
AviSynth 2.5
BlazeDVD 6.0
BPD_Scan
Canon Easy-PhotoPrint EX
Canon MP Navigator EX 4.0
Canon MP280 series MP Drivers
Canon MP280 series User Registration
Canon My Printer
Canon Solution Menu EX
Coupon Printer for Windows
DVDFab 8.0.9.2 (12/05/2011) Qt
eMusic Download Manager
File Type Assistant
Free YouTube to MP3 Converter version 3.11.17.319
Freemake Video Converter version 2.3.4
HDAUDIO Soft Data Fax Modem with SmartCP
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Graphics Media Accelerator Driver
Java(TM) 6 Update 25
LightScribe 1.4.142.1
Malwarebytes' Anti-Malware version 1.51.2.1300
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
MIKSOFT Mobile Media Converter
Monopoly Star Wars
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
NTI Backup NOW! 4.7
Nuance PDF Reader
Opera 11.61
RealNetworks - Microsoft Visual C++ 2008 Runtime
Realtek High Definition Audio Driver
RealUpgrade 1.1
Rising Antivirus
SpywareBlaster 4.4
Ulead Photo Explorer 8.0 SE Basic
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Windows Mobile Device Updater Component
WinX DVD Ripper Platinum Streamer Edition 6.8.2
Wise Registry Cleaner 6.14
Zune
Zune Language Pack (DEU)
Zune Language Pack (ESP)
Zune Language Pack (FRA)
Zune Language Pack (ITA)
Zune Language Pack (NLD)
Zune Language Pack (PTB)
Zune Language Pack (PTG)
.
==== Event Viewer Messages From Past Week ========
.
3/30/2012 7:50:58 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.64 for the Network Card with network address 001B385B6C43 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
3/30/2012 7:44:02 AM, Error: Microsoft-Windows-Dhcp-Client [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 001DD90F972B. The following error occurred: Element not found.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
3/30/2012 7:43:26 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.100 for the Network Card with network address 001B385B6C43 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
3/30/2012 7:41:35 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BTHidMgr
3/30/2012 7:41:22 AM, Error: Microsoft-Windows-Dhcp-Client [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 001DD90F972B. The following error occurred: The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
3/30/2012 7:41:14 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.103 for the Network Card with network address 001DD90F972B has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
3/29/2012 3:46:17 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.106 for the Network Card with network address 001B385B6C43 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
3/29/2012 3:36:42 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 69.232.118.152 for the Network Card with network address 001B385B6C43 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
3/29/2012 2:22:52 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 69.106.191.173 for the Network Card with network address 001B385B6C43 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
3/29/2012 10:42:43 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.102 for the Network Card with network address 001DD90F972B has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
3/28/2012 5:50:19 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 69.106.133.214 for the Network Card with network address 001B385B6C43 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
3/28/2012 5:12:02 PM, Error: netbt [4307] - Initialization failed because the transport refused to open initial addresses.
3/28/2012 3:58:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
3/28/2012 3:57:36 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
3/28/2012 2:42:55 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BTHidMgr DfsC HookTdi NetBIOS netbt nsiproxy PSched RasAcd rdbss Smb spldr tdx Wanarpv6
3/28/2012 2:42:55 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
3/28/2012 2:42:55 PM, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
3/28/2012 2:42:55 PM, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start.
3/28/2012 2:42:55 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
3/28/2012 2:42:55 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
3/28/2012 2:42:55 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
3/28/2012 2:42:55 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
3/28/2012 2:42:55 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.
3/28/2012 2:42:55 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
3/28/2012 2:42:55 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
3/28/2012 2:42:55 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
3/28/2012 2:42:55 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
3/28/2012 2:42:55 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
3/28/2012 2:42:53 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
3/28/2012 2:42:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
3/28/2012 2:42:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
3/28/2012 2:42:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/28/2012 2:42:07 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
3/27/2012 9:53:40 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 68.127.120.81 for the Network Card with network address 001B385B6C43 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
3/27/2012 5:05:52 AM, Error: Microsoft-Windows-PrintSpooler [6161] - The document eStmt_03_19_2012.pdf, owned by Melissa, failed to print on printer Canon MP280 series Printer. Try to print the document again, or restart the print spooler. Data type: NT EMF 1.008. Size of the spool file in bytes: 458752. Number of bytes printed: 276604. Total number of pages in the document: 2. Number of pages printed: 0. Client computer: \\MISSY-TROUBLE. Win32 error code returned by the print processor: 1. Incorrect function.
3/27/2012 4:57:21 AM, Error: Microsoft-Windows-Dhcp-Client [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 001B385B6C43. The following error occurred: Element not found.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
3/27/2012 4:51:53 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.64 for the Network Card with network address 001DD90F972B has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
3/24/2012 7:01:13 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
3/24/2012 5:02:06 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
3/24/2012 5:02:06 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).
3/24/2012 5:01:20 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.100 for the Network Card with network address 001DD90F972B has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
3/23/2012 8:49:17 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 0.0.0.0 for the Network Card with network address 001DD90F972B has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
3/23/2012 6:36:22 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.101 for the Network Card with network address 001B385B6C43 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
3/23/2012 6:29:29 PM, Error: Microsoft-Windows-Dhcp-Client [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 001DD90F972B. The following error occurred: The semaphore timeout period has expired.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
3/23/2012 1:47:11 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 68.127.115.215 for the Network Card with network address 001B385B6C43 has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
.
==== End Of File ===========================
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: Computer slow and freezes

Unread postby maxi » March 31st, 2012, 9:54 am

Hi Missy_Trouble,
Step 1
Uninstall programs
  • Click on Start.
  • All programs.
  • Accessories.
  • Run.
  • In the open text box copy/paste appwiz.cpl Then click Ok.
  • Uninstall the following if present.
Wise Registry Cleaner 6.14 (see note below)
Coupon Printer for Windows (see note below)


Note re Coupon Printer:
You currently have Coupon Printer for Windows installed. You may find the article below to be of value when deciding whether to retain this application. My recommendation is that you remove it unless you find it to be useful and are willing to accept the associated issues raised in the article.
http://www.benedelman.org/news/082807-1.html

Note re registry cleaners:
Registry Cleaners

I don't personally recommend the use of ANY registry cleaners. Here is an excerpt from a discussion on regcleaners
Most reg cleaners aren't bad as such, but they aren't perfect and even the best have been known to cause problems. The point we are trying to make is that the risk of using one far outweighs any benefit. If it does work perfectly you will not see any difference. If it doesn't work properly you may end up with an expensive doorstop.


This post by Bill Castner is veryinformative: WhatTheTech Forum

Step 2
Please download OTL by Old Timer and save it to your Desktop.
  • Right click on OTL.exe And select Run as administrator to run it.
  • Under Output, ensure that Standard Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
      Extra.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.

Step 3
Please download aswMBR and save it to your Desktop.
  • Right click aswMBR.exe & choose "Run as Administrator" to run it.
  • Click Yes to the prompt to download Avast! virus definitions.
    (Please be patient whilst the virus definitions download)
  • With the AVscan set to Quick Scan, click the Scan button.
    (Please be patient whilst your computer is scanned.)
  • After a while when the scan reports "Scan finished successfully", click Save log & save the log to your desktop.
  • Click OK > Exit.
  • Note: Do not attempt to fix anything at this stage!
  • Two files will be created, aswMBR.txt & a file named MBR.dat.
  • MBR.dat is a backup of the MBR(master boot record), do not delete it..
  • I strongly suggest you keep a copy of this backup stored on an external device.
  • Copy & Paste the contents of aswMBR.txt into your next reply.

In your next reply please include:
The TWO logs produced by OTL.
The aswMBR log.
Any problems you had with my instructions.


Regards maxi :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: Computer slow and freezes

Unread postby Missy_Trouble » March 31st, 2012, 5:11 pm

OTL logfile created on: 3/31/2012 1:49:34 PM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Melissa\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.27 Mb Total Physical Memory | 117.29 Mb Available Physical Memory | 11.58% Memory free
2.23 Gb Paging File | 0.71 Gb Available in Paging File | 31.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 32.51 Gb Total Space | 12.42 Gb Free Space | 38.20% Space Free | Partition Type: NTFS
Drive D: | 32.26 Gb Total Space | 20.31 Gb Free Space | 62.97% Space Free | Partition Type: NTFS

Computer Name: MISSY-TROUBLE | User Name: Melissa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/31 13:47:15 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Melissa\Desktop\OTL.exe
PRC - [2012/01/30 12:26:51 | 000,949,104 | ---- | M] (Opera Software) -- D:\Program Files\opera.exe
PRC - [2011/12/05 18:20:06 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Melissa\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2011/11/30 16:48:13 | 000,150,168 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) -- C:\Program Files\Rising\RSD\RsMgrSvc.exe
PRC - [2011/11/18 09:54:25 | 000,123,856 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) -- C:\Program Files\Rising\RSD\popwndexe.exe
PRC - [2011/09/28 08:45:12 | 000,885,160 | ---- | M] () -- D:\D Downloads\Ashampoo WinOptimizer 8\LiveTunerService.exe
PRC - [2011/09/28 08:45:10 | 002,656,680 | ---- | M] (Ashampoo Development GmbH & Co. KG) -- D:\D Downloads\Ashampoo WinOptimizer 8\LiveTuner.exe
PRC - [2011/09/07 10:35:16 | 000,178,840 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) -- D:\Program Files\Rising\RAV\RsTray.exe
PRC - [2011/05/16 12:50:33 | 000,264,448 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) -- D:\Program Files\Rising\RAV\RavMonD.exe
PRC - [2010/11/11 13:55:46 | 000,159,472 | ---- | M] (Microsoft Corporation) -- D:\Program Files\ZuneLauncher.exe
PRC - [2010/04/02 10:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010/03/24 19:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009/05/05 16:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/19 00:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/19 00:38:32 | 000,319,544 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe
PRC - [2008/01/19 00:33:11 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
PRC - [2007/07/05 20:06:00 | 004,669,440 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/05/22 15:00:02 | 000,135,168 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe
PRC - [2007/05/16 22:15:22 | 000,163,840 | ---- | M] (acer) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
PRC - [2007/05/16 18:37:26 | 000,528,384 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2007/05/10 14:05:36 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
PRC - [2007/04/25 16:34:30 | 000,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
PRC - [2007/04/25 16:33:36 | 000,457,216 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
PRC - [2007/04/25 11:35:56 | 000,323,584 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
PRC - [2007/02/13 06:26:50 | 000,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007/02/09 06:35:54 | 000,397,312 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
PRC - [2007/01/26 14:24:42 | 000,050,688 | ---- | M] () -- C:\Acer\ALaunch\ALaunchSvc.exe
PRC - [2006/11/24 12:57:54 | 000,107,008 | ---- | M] () -- C:\Acer\Mobility Center\MobilityService.exe


========== Modules (No Company Name) ==========

MOD - [2011/05/06 12:34:11 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\a3a76226460de2153a62bdbfed9228b9\System.Management.ni.dll
MOD - [2011/05/06 12:32:21 | 011,800,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\27b0a88bfa56a9390f516b0fa55f3dcb\System.Web.ni.dll
MOD - [2011/05/06 12:31:57 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e515919524c6be56f55ad12fbdd23c19\System.Runtime.Remoting.ni.dll
MOD - [2011/05/06 12:09:24 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\b0be4ac8da47fbf783dabd1505e6c55e\System.Windows.Forms.ni.dll
MOD - [2011/05/06 12:08:51 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\07e39e61fd6133a92333a2c98f2ffeb7\System.Drawing.ni.dll
MOD - [2011/05/06 12:08:23 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\49431ce6d568de0bafdb1b25d3942723\System.Xml.ni.dll
MOD - [2011/05/06 12:08:01 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\207b1e1e2254c7a308efe4f903e52ce2\System.Configuration.ni.dll
MOD - [2011/05/06 12:07:59 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\35f20a6b69d5c7033b4b1873456e5074\System.ServiceProcess.ni.dll
MOD - [2011/05/06 12:07:23 | 007,868,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\34942db56010e4225825bfae8a27559f\System.ni.dll
MOD - [2011/05/06 12:06:48 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\3aac7b97549d4ccf0c7dca3d1777f9b4\mscorlib.ni.dll
MOD - [2007/05/22 15:00:04 | 000,249,856 | ---- | M] () -- C:\Acer\Empowering Technology\eNet\eNetPlugin.dll
MOD - [2007/05/10 14:05:40 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings.Plugin.dll
MOD - [2007/05/10 14:05:24 | 000,143,360 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings.Presenter.dll
MOD - [2007/05/10 14:05:14 | 000,983,040 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings\eSettings.View.dll
MOD - [2007/05/10 14:05:08 | 000,032,768 | ---- | M] () -- C:\Acer\Empowering Technology\eSettings.Model.ComputerInterfaces.dll
MOD - [2007/04/25 16:31:00 | 000,028,672 | ---- | M] () -- C:\Windows\System32\BatchCrypto.dll
MOD - [2007/04/25 16:30:44 | 000,063,488 | ---- | M] () -- C:\Windows\System32\ShowErrMsg.dll
MOD - [2007/04/25 11:35:34 | 000,057,344 | ---- | M] () -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.DialogManager.dll
MOD - [2007/04/25 11:35:10 | 000,024,576 | ---- | M] () -- C:\Acer\Empowering Technology\Acer.Empowering.Framework.PasswordSetting.dll
MOD - [2007/04/11 16:42:40 | 000,307,200 | ---- | M] () -- C:\Acer\Empowering Technology\ePresentation\ePresentationCTL.dll
MOD - [2007/02/13 06:26:30 | 000,016,384 | ---- | M] () -- C:\Acer\Empowering Technology\eRecovery\ServiceInterface.dll
MOD - [2007/02/07 09:25:00 | 000,208,896 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\SysHook.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/11/30 16:48:13 | 000,150,168 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) [Auto | Running] -- C:\Program Files\Rising\RSD\RsMgrSvc.exe -- (RsMgrSvc)
SRV - [2011/09/28 08:45:12 | 000,885,160 | ---- | M] () [Auto | Running] -- D:\D Downloads\Ashampoo WinOptimizer 8\LiveTunerService.exe -- (WO_LiveService)
SRV - [2011/08/31 18:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- D:\D Downloads\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/05/16 12:50:33 | 000,264,448 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) [Auto | Running] -- D:\Program Files\Rising\RAV\RavMonD.exe -- (RsRavMon)
SRV - [2010/11/11 13:57:04 | 000,268,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\WMZuneComm.exe -- (WMZuneComm)
SRV - [2010/11/11 13:57:02 | 000,444,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2010/11/11 13:55:56 | 006,351,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/22 15:00:02 | 000,135,168 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eNet\eNet Service.exe -- (eNet Service)
SRV - [2007/05/16 22:15:22 | 000,163,840 | ---- | M] (acer) [Auto | Running] -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe -- (WMIService)
SRV - [2007/05/10 14:05:36 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007/04/25 16:34:30 | 000,457,512 | ---- | M] (HiTRSUT) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service)
SRV - [2007/02/13 06:26:50 | 000,053,248 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2007/01/26 14:24:42 | 000,050,688 | ---- | M] () [Auto | Running] -- C:\Acer\ALaunch\ALaunchSvc.exe -- (ALaunchService)
SRV - [2006/11/24 12:57:54 | 000,107,008 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\VcommMgr.sys -- (VcommMgr)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VComm.sys -- (VComm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | System | Stopped] -- C:\PROGRA~1\LAUNCH~1\DPortIO.sys -- (DritekPortIO)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwdndis.sys -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btkrnl.sys -- (BTKRNL)
DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\vbtenum.sys -- (BTHidEnum)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btport.sys -- (BTDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btcusb.sys -- (Btcsrusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btaudio.sys -- (btaudio)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btnetdrv.sys -- (BT)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\blueletaudio.sys -- (BlueletAudio)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\Afc.sys -- (Afc)
DRV - [2011/12/12 10:08:19 | 000,173,336 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Hooksys.sys -- (hooksys)
DRV - [2011/09/03 15:24:32 | 000,017,336 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\protreg.sys -- (rsdsys)
DRV - [2011/08/31 18:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/05/16 12:50:35 | 000,031,896 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\hvm.sys -- (HyperVM)
DRV - [2011/05/16 12:50:33 | 000,023,576 | ---- | M] (Beijing Rising Information Technology Co., Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\HookTdi.sys -- (HookTdi)
DRV - [2011/03/08 05:01:06 | 000,012,696 | ---- | M] () [Kernel | Auto | Running] -- D:\D Downloads\Ashampoo WinOptimizer 8\LiveTunerProcessMonitor32.sys -- (LiveTunerPM)
DRV - [2009/04/10 21:42:54 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2009/01/23 11:49:06 | 000,038,816 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2008/12/05 18:44:52 | 000,022,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbsermpt.sys -- (usbsermpt)
DRV - [2008/05/07 10:55:22 | 000,767,488 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/10/10 18:41:50 | 000,042,112 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motodrv.sys -- (MotDev)
DRV - [2007/06/18 16:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/06/13 19:33:26 | 000,154,624 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/01/29 22:23:30 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/12/07 18:12:02 | 000,076,584 | ---- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2260173

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.mc1215.mail.yahoo.com/mc/welc ... nd=8871525
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {61ADF1A8-459C-4A3D-A986-48A11192B116}
IE - HKCU\..\SearchScopes\{61ADF1A8-459C-4A3D-A986-48A11192B116}: "URL" = http://swagbucks.com/?t=w&p=1&q={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear
IE - HKCU\..\SearchScopes\{74950BD7-E589-4322-8A0D-7D70A8FA2355}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2260173
IE - HKCU\..\SearchScopes\{ED4FF558-40C7-4122-8C26-69092795A090}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: D:\D Downloads\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\D Downloads\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: D:\Program Files\bin\nppdf.dll (Zeon Corporation)


[2010/05/10 13:50:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Melissa\AppData\Roaming\Mozilla\Extensions

O1 HOSTS File: ([2011/05/20 22:30:19 | 000,000,054 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\D Downloads\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O4 - HKLM..\Run: [Ashampoo WinOptimizer Live-Tuner] D:\D Downloads\Ashampoo WinOptimizer 8\LiveTuner.exe (Ashampoo Development GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe (HiTRUST)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] D:\Program Files\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RavTRAY] D:\Program Files\Rising\RAV\RSTRAY.EXE (Beijing Rising Information Technology Co., Ltd.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Zune Launcher] D:\Program Files\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Melissa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (Intertrust Technologies, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{05DBC8C6-5315-4E99-AA36-CB889E98D544}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F41FBDF-8FE1-4D56-90D2-827F712969D4}: DhcpNameServer = 192.168.0.1 192.168.0.1
O20 - AppInit_DLLs: (eNetHook.dll) - C:\Windows\System32\eNetHook.dll (acer)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: D:\Pictures\Babies\Cheeky.jpg
O24 - Desktop BackupWallPaper: D:\Pictures\Babies\Cheeky.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\ZuneSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (bsmain)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/31 13:48:01 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Melissa\Desktop\aswMBR.exe
[2012/03/31 13:47:11 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Melissa\Desktop\OTL.exe
[2012/03/30 10:11:15 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Melissa\Desktop\dds.com
[2012/03/28 17:22:41 | 000,000,000 | ---D | C] -- C:\Users\Melissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/03/28 11:42:03 | 000,000,000 | ---D | C] -- C:\Users\Melissa\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/03/28 11:41:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012/03/28 11:41:26 | 000,136,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\atl100.dll
[2012/03/28 11:41:26 | 000,080,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfcm100u.dll
[2012/03/28 11:41:24 | 004,421,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc100u.dll
[2012/03/28 11:41:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2012/03/27 09:42:47 | 000,000,000 | ---D | C] -- C:\Users\Melissa\AppData\Roaming\com.amazon.music.uploader
[2012/03/27 09:42:24 | 000,000,000 | ---D | C] -- D:\DocUment (D)\Amazon MP3 Uploader
[2012/03/27 09:41:44 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/03/27 09:41:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2012/03/27 07:51:22 | 000,000,000 | ---D | C] -- D:\DocUment (D)\My Kindle Content
[2012/03/27 07:47:45 | 000,000,000 | ---D | C] -- C:\Users\Melissa\AppData\Local\Amazon
[2012/03/17 16:45:30 | 000,000,000 | ---D | C] -- C:\Users\Melissa\AppData\Roaming\Digiarty
[2012/03/17 16:44:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty
[2012/03/16 11:00:19 | 000,028,160 | ---- | C] (mst software GmbH, Germany) -- C:\Windows\System32\DfSdkBt.exe
[2012/03/15 10:39:28 | 000,772,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr100.dll
[2012/03/15 10:39:28 | 000,419,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp100.dll
[2012/03/15 10:38:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMusic Download Manager
[2012/03/11 08:19:17 | 000,000,000 | ---D | C] -- C:\Users\Melissa\AppData\Roaming\tiger-k
[2012/03/11 08:19:15 | 000,000,000 | ---D | C] -- D:\DocUment (D)\Leawo
[2012/03/11 08:19:15 | 000,000,000 | ---D | C] -- C:\Users\Melissa\AppData\Roaming\Leawo
[2012/03/11 08:17:56 | 000,606,208 | ---- | C] (http://www.xvid.org) -- C:\Windows\System32\xvidcore.dll
[2012/03/11 08:17:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leawo

========== Files - Modified Within 30 Days ==========

[2012/03/31 14:00:01 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{ACF09497-FFF9-47DE-B362-A9047A295D54}.job
[2012/03/31 13:48:33 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Melissa\Desktop\aswMBR.exe
[2012/03/31 13:47:15 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Melissa\Desktop\OTL.exe
[2012/03/31 13:00:29 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/31 13:00:29 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/31 13:00:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/30 18:04:29 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/03/30 10:11:16 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Melissa\Desktop\dds.com
[2012/03/28 17:31:12 | 000,002,487 | ---- | M] () -- C:\Users\Melissa\Desktop\HiJackThis.lnk
[2012/03/28 15:59:59 | 000,390,640 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/03/28 11:41:39 | 000,000,780 | ---- | M] () -- C:\Users\Melissa\Desktop\Free YouTube to MP3 Converter.lnk
[2012/03/27 10:12:40 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/03/27 10:12:40 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/03/27 09:41:59 | 000,000,642 | ---- | M] () -- C:\Users\Public\Desktop\Amazon MP3 Uploader.lnk
[2012/03/17 16:44:17 | 000,001,026 | ---- | M] () -- C:\Users\Public\Desktop\WinX DVD Ripper Platinum.lnk
[2012/03/16 19:03:27 | 000,099,421 | ---- | M] () -- C:\Users\Melissa\.DLMSave_back.xml
[2012/03/16 19:03:27 | 000,099,421 | ---- | M] () -- C:\Users\Melissa\.DLMSave.xml
[2012/03/16 11:00:39 | 000,000,870 | ---- | M] () -- C:\Users\Public\Desktop\One-Click-Optimizer (WO8).lnk
[2012/03/16 11:00:38 | 000,000,678 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo WinOptimizer 8.lnk
[2012/03/15 11:00:16 | 000,001,221 | ---- | M] () -- C:\Users\Melissa\.Setting.ini
[2012/03/15 10:38:47 | 000,000,560 | ---- | M] () -- C:\Users\Public\Desktop\eMusic Download Manager.lnk
[2012/03/11 08:18:00 | 000,000,679 | ---- | M] () -- C:\Users\Public\Desktop\Leawo DVD to MP4 Converter.lnk
[2012/03/06 18:10:37 | 000,043,008 | ---- | M] () -- C:\Users\Melissa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/06 15:43:14 | 004,421,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc100u.dll
[2012/03/06 15:43:14 | 000,772,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr100.dll
[2012/03/06 15:43:14 | 000,419,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp100.dll
[2012/03/06 15:43:14 | 000,136,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl100.dll
[2012/03/06 15:43:14 | 000,080,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfcm100u.dll

========== Files Created - No Company Name ==========

[2012/03/28 17:22:41 | 000,002,487 | ---- | C] () -- C:\Users\Melissa\Desktop\HiJackThis.lnk
[2012/03/28 11:41:39 | 000,000,780 | ---- | C] () -- C:\Users\Melissa\Desktop\Free YouTube to MP3 Converter.lnk
[2012/03/27 09:41:59 | 000,000,642 | ---- | C] () -- C:\Users\Public\Desktop\Amazon MP3 Uploader.lnk
[2012/03/27 09:41:59 | 000,000,642 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon MP3 Uploader.lnk
[2012/03/17 16:44:17 | 000,001,026 | ---- | C] () -- C:\Users\Public\Desktop\WinX DVD Ripper Platinum.lnk
[2012/03/16 11:00:39 | 000,000,870 | ---- | C] () -- C:\Users\Public\Desktop\One-Click-Optimizer (WO8).lnk
[2012/03/16 11:00:38 | 000,000,678 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo WinOptimizer 8.lnk
[2012/03/15 10:41:59 | 000,099,421 | ---- | C] () -- C:\Users\Melissa\.DLMSave_back.xml
[2012/03/15 10:41:59 | 000,099,421 | ---- | C] () -- C:\Users\Melissa\.DLMSave.xml
[2012/03/15 10:39:24 | 000,001,221 | ---- | C] () -- C:\Users\Melissa\.Setting.ini
[2012/03/15 10:38:12 | 000,000,560 | ---- | C] () -- C:\Users\Public\Desktop\eMusic Download Manager.lnk
[2012/03/11 08:18:00 | 000,000,679 | ---- | C] () -- C:\Users\Public\Desktop\Leawo DVD to MP4 Converter.lnk
[2011/12/05 15:56:08 | 000,084,616 | ---- | C] () -- C:\Windows\StkUnist.exe
[2011/10/11 16:05:35 | 000,000,014 | ---- | C] () -- C:\Windows\System32\SysInfo.dll
[2011/09/01 13:51:15 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/05/16 12:51:49 | 000,000,122 | ---- | C] () -- C:\Windows\System32\BsMain.ini
[2011/05/06 11:43:25 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/05/06 11:42:37 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5C321E34
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:AC6124CA
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:8CE646EE

< End of report >
Missy_Trouble
Active Member
 
Posts: 12
Joined: March 28th, 2012, 8:55 pm

Re: Computer slow and freezes

Unread postby Missy_Trouble » March 31st, 2012, 5:11 pm

.
Last edited by Missy_Trouble on March 31st, 2012, 6:07 pm, edited 1 time in total.
Missy_Trouble
Active Member
 
Posts: 12
Joined: March 28th, 2012, 8:55 pm

Re: Computer slow and freezes

Unread postby Missy_Trouble » March 31st, 2012, 5:12 pm

.
Last edited by Missy_Trouble on March 31st, 2012, 5:59 pm, edited 1 time in total.
Missy_Trouble
Active Member
 
Posts: 12
Joined: March 28th, 2012, 8:55 pm

Re: Computer slow and freezes

Unread postby Missy_Trouble » March 31st, 2012, 5:13 pm

OTL Extras logfile created on: 3/31/2012 1:49:34 PM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Melissa\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.27 Mb Total Physical Memory | 117.29 Mb Available Physical Memory | 11.58% Memory free
2.23 Gb Paging File | 0.71 Gb Available in Paging File | 31.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 32.51 Gb Total Space | 12.42 Gb Free Space | 38.20% Space Free | Partition Type: NTFS
Drive D: | 32.26 Gb Total Space | 20.31 Gb Free Space | 62.97% Space Free | Partition Type: NTFS

Computer Name: MISSY-TROUBLE | User Name: Melissa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- D:\Program Files\Opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{066613AA-866E-4E43-A7A1-4FF05955D627}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{07E30096-AA13-4C3B-BF1D-069BF79489F3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0EF517E2-C6A2-4713-A6FA-4D96D557F00D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0F1E7BA4-386D-437D-8DDF-126E8DD005CC}" = lport=137 | protocol=17 | dir=in | app=system |
"{125775C5-EA66-4EBA-A307-116881B07D24}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{17C5E322-D8D9-403C-B12D-E765C902C2AF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{18A00992-45BC-4BE2-83D3-A5B0B89FF116}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1AA9F7F2-A4D5-481C-81BA-44FAAFAB20DB}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{22909884-14B1-44E2-9999-458A5DB3F318}" = rport=137 | protocol=17 | dir=out | app=system |
"{22BDFB64-4B92-4AAC-BFAC-98ECE73C9844}" = lport=139 | protocol=6 | dir=in | app=system |
"{44DEDCCF-B87B-4B3B-8574-6C70E1A5E424}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{50CA9103-A0B9-4DB8-8B80-90B3577C41E6}" = lport=445 | protocol=6 | dir=in | app=system |
"{54563DE8-A020-48DA-9E79-A8142DBEA818}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{699B4374-C758-4BAB-83E1-790DA87ED789}" = rport=10243 | protocol=6 | dir=out | app=system |
"{732FF55C-8D87-48F9-9E23-E8F28A9B3C0A}" = rport=139 | protocol=6 | dir=out | app=system |
"{7481D26B-B224-47DE-A643-F0194DB2EAC9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7A5852E7-BF44-4A18-B7B3-1BC6A9F9F299}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{87C50358-62C0-4D70-835F-3E62D0EFA321}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{87E8B64B-5A7D-4CB4-8A36-86755F378040}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8BA1357D-5660-46C5-8721-059B2BBCA016}" = rport=138 | protocol=17 | dir=out | app=system |
"{8C68EDE9-EBF6-4DFF-B95C-FFBEEA17458D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{95A94BB1-0EB5-4FA2-A77C-2AFD9E1A0846}" = rport=445 | protocol=6 | dir=out | app=system |
"{AB71DF4F-16B6-4C9F-BC40-C73EE444ABE3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B2A62B27-8F0F-455A-956C-0530851268F3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B639B438-0078-4EBC-8690-4A411956FFD8}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{B8033CAC-39D7-4F71-8DF0-0DDA9DA3565E}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{BB92D5DA-7052-4840-9CD2-109BC6F986D1}" = lport=138 | protocol=17 | dir=in | app=system |
"{BE391566-0645-47F2-B373-ABA75AD76F32}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BF97E128-1003-40D7-B85C-4C9770A8995D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CEA36747-9FF3-4D6C-B247-64CDCFFD9B80}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{CFD64DC2-83CF-474B-A6A0-C8CFE0CB32DD}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{E6ECE7B8-7485-4E38-866E-162D833BC54F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EF4310BC-ADFC-45B0-8558-D7B8344ECBF6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F97CC84E-BE43-4A99-AD6D-A9BEE2C3787A}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0846E680-67B5-4237-BD4D-9BC83930D257}" = protocol=17 | dir=in | app=d:\document (d)\bluesoleil_.exe |
"{0CDAC8F6-1ABB-4876-AB87-EF0AFC3C34D8}" = protocol=6 | dir=in | app=d:\document (d)\bluesoleil_.exe |
"{176D16F9-9E58-4908-9BB4-87EA782C954C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{18759D1B-E261-4D20-96C9-54E02C9AE764}" = protocol=6 | dir=out | app=system |
"{38F60E09-CFF3-4898-BE10-FE43D02A65FC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{434A7C14-7B25-4EC3-9DBA-79F033CA741F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4633C593-3BE4-416E-A66A-EE261A0DF6C6}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{48088049-27F9-4521-9678-AD26F30BD6D3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5AED3FE9-58D4-46D2-80B9-2BB68958B363}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5E38DF2E-6A86-4DC1-872C-91313B888D48}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{683FE801-17EF-4390-94DA-9E8C5CBE2125}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{6D84B62F-FCEA-4794-B769-F016251E6356}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6DAFB69F-37A0-43E5-BDC6-80D57F6B602B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{70A0291B-9544-425D-867C-BDBAB5611121}" = protocol=6 | dir=in | app=d:\program files\rising\rav\ravmond.exe |
"{76660DAE-E1E3-47B0-92C4-D9FFBAA8275E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{82CA03D4-A03B-4D92-88D6-BBB5CA52B503}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{A34CBD2A-C59D-4BE9-99C5-321CBBC414BA}" = protocol=17 | dir=in | app=d:\program files\rising\rav\ravmond.exe |
"{AAB60699-E886-4644-B7C8-63B50850B7FE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B2122ABB-5C97-46A7-BBAF-6EFA17677EEF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B4DC7788-F96C-486F-94A5-EEC817FC50B2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B6B47DD9-24FB-494F-B10C-7B640EFF7C65}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{BD6D1178-46AA-4D0D-8185-465D79DEAC99}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C63E716C-F6E0-4CA6-BD73-E199C1A0C06C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CCA361CE-BE2E-4013-AA6C-3596D9B9DF78}" = protocol=6 | dir=out | app=system |
"{CF33A882-6A0C-4050-8326-99C8CBEBDC05}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CF5180F8-6011-4503-946B-8ABC82BFF72A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DDBA60A7-D7CD-4EF3-B272-31C3D91F9104}" = protocol=17 | dir=in | app=d:\document (d)\bluesoleil_.exe |
"{E1083FFC-A2A9-4BC6-83FF-D99959AC60FB}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{ECDA8E87-BB7A-4FF8-9F3C-A9876570314A}" = protocol=6 | dir=in | app=d:\document (d)\bluesoleil_.exe |
"TCP Query User{02DA8C01-D58C-4DAD-A9E9-6DECBAC2FB11}D:\program files\rising\rav\ravmond.exe" = protocol=6 | dir=in | app=d:\program files\rising\rav\ravmond.exe |
"TCP Query User{1DAEE7D3-06CF-411C-8204-9E95553EDE5A}D:\program files\opera.exe" = protocol=6 | dir=in | app=d:\program files\opera.exe |
"TCP Query User{1FA614AC-7993-4832-9D90-8063BE7045BD}D:\program files\opera.exe" = protocol=6 | dir=in | app=d:\program files\opera.exe |
"TCP Query User{C9F33ECE-65FA-4450-97AC-708DFBEB824D}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{8F74B4CB-1123-4612-9A7E-95A9E1C62881}D:\program files\opera.exe" = protocol=17 | dir=in | app=d:\program files\opera.exe |
"UDP Query User{9E617F16-6564-46C6-8679-78D0023639D3}D:\program files\rising\rav\ravmond.exe" = protocol=17 | dir=in | app=d:\program files\rising\rav\ravmond.exe |
"UDP Query User{DDFD632A-F4FB-4852-BD1C-9505832597F6}D:\program files\opera.exe" = protocol=17 | dir=in | app=d:\program files\opera.exe |
"UDP Query User{E449A22D-4E54-4432-BA7D-8F78D00B1C34}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0412CCFF-BFAC-83D8-44FB-3BE60F05FCF8}" = Amazon MP3 Uploader
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series" = Canon MP280 series MP Drivers
"{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 25
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2C4E2E4E-A7C9-4CCB-BF03-FE6EBD5D4AB7}" = Windows Mobile Device Updater Component
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5F6C549F-78DA-4E0E-AE70-0BD981936D99}" = Nuance PDF Reader
"{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{7006ED29-58F2-40C3-AE87-039287AD20B6}" = Zune
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{8CE4CB34-8187-42A1-B597-517760BEE8EC}" = BPD_Scan
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{D271DAE0-8D68-4C97-8356-A126D48A1D8C}" = Ulead Photo Explorer 8.0 SE Basic
"{E583A6F3-8F2F-4644-97FF-748F83A58D68}_is1" = Leawo DVD to MP4 Converter version 4.3.0.0
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AC3Filter" = AC3Filter (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"Ashampoo WinOptimizer 8_is1" = Ashampoo WinOptimizer 8 v.8.13
"AviSynth" = AviSynth 2.5
"BlazeDVD 6.0_is1" = BlazeDVD 6.0
"Canon MP280 series User Registration" = Canon MP280 series User Registration
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.amazon.music.uploader" = Amazon MP3 Uploader
"DVDFab 8 Qt_is1" = DVDFab 8.0.9.2 (12/05/2011) Qt
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"eMusic Download Manager 5.0.5" = eMusic Download Manager
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.17.319
"Freemake Video Converter_is1" = Freemake Video Converter version 2.3.4
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mobile Media Converter_is1" = MIKSOFT Mobile Media Converter
"Monopoly Star Wars" = Monopoly Star Wars
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"RAV" = Rising Antivirus
"SpywareBlaster_is1" = SpywareBlaster 4.4
"Trusted Software Assistant_is1" = File Type Assistant
"WinX DVD Ripper Platinum Streamer Edition_is1" = WinX DVD Ripper Platinum Streamer Edition 6.8.2
"Zune" = Zune

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Opera 11.61.1250" = Opera 11.61

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/31/2012 4:48:03 PM | Computer Name = Missy-Trouble | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80U.DLL".
Dependent
Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 3/31/2012 4:48:03 PM | Computer Name = Missy-Trouble | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80U.DLL".
Dependent
Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 3/31/2012 4:48:35 PM | Computer Name = Missy-Trouble | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80U.DLL".
Dependent
Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 3/31/2012 4:48:35 PM | Computer Name = Missy-Trouble | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80U.DLL".
Dependent
Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 3/31/2012 4:53:25 PM | Computer Name = Missy-Trouble | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80U.DLL".
Dependent
Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 3/31/2012 4:53:25 PM | Computer Name = Missy-Trouble | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80U.DLL".
Dependent
Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 3/31/2012 5:02:58 PM | Computer Name = Missy-Trouble | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80U.DLL".
Dependent
Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 3/31/2012 5:02:59 PM | Computer Name = Missy-Trouble | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80U.DLL".
Dependent
Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 3/31/2012 5:03:28 PM | Computer Name = Missy-Trouble | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80U.DLL".
Dependent
Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 3/31/2012 5:03:28 PM | Computer Name = Missy-Trouble | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80U.DLL".
Dependent
Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

[ System Events ]
Error - 3/30/2012 4:30:41 PM | Computer Name = Missy-Trouble | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.64 for the Network Card with network
address 001B385B6C43 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).

Error - 3/30/2012 6:20:43 PM | Computer Name = Missy-Trouble | Source = DCOM | ID = 10010
Description =

Error - 3/30/2012 6:21:04 PM | Computer Name = Missy-Trouble | Source = DCOM | ID = 10010
Description =

Error - 3/30/2012 8:37:47 PM | Computer Name = Missy-Trouble | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.100 for the Network Card with network
address 001DD90F972B has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).

Error - 3/30/2012 8:38:31 PM | Computer Name = Missy-Trouble | Source = Service Control Manager | ID = 7026
Description =

Error - 3/30/2012 8:45:03 PM | Computer Name = Missy-Trouble | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.64 for the Network Card with network
address 001B385B6C43 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).

Error - 3/31/2012 4:00:25 PM | Computer Name = Missy-Trouble | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.100 for the Network Card with network
address 001DD90F972B has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).

Error - 3/31/2012 4:00:55 PM | Computer Name = Missy-Trouble | Source = Service Control Manager | ID = 7026
Description =

Error - 3/31/2012 4:03:58 PM | Computer Name = Missy-Trouble | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.100 for the Network Card with network
address 001B385B6C43 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).

Error - 3/31/2012 4:06:15 PM | Computer Name = Missy-Trouble | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.64 for the Network Card with network
address 001B385B6C43 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).


< End of report >
Missy_Trouble
Active Member
 
Posts: 12
Joined: March 28th, 2012, 8:55 pm

Re: Computer slow and freezes

Unread postby Missy_Trouble » March 31st, 2012, 6:09 pm

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-03-31 14:16:56
-----------------------------
14:16:56.384 OS Version: Windows 6.0.6002 Service Pack 2
14:16:56.384 Number of processors: 1 586 0x1601
14:16:56.387 ComputerName: MISSY-TROUBLE UserName: Melissa
14:17:15.917 Initialize success
14:23:09.655 AVAST engine defs: 12033101
14:43:51.554 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
14:43:51.559 Disk 0 Vendor: Hitachi_HTS541680J9SA00 SB2OC70P Size: 76319MB BusType: 3
14:43:51.582 Disk 0 MBR read successfully
14:43:51.587 Disk 0 MBR scan
14:43:52.372 Disk 0 unknown MBR code
14:43:52.393 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 9993 MB offset 63
14:43:52.485 Disk 0 Partition 2 80 (A) 06 FAT16 NTFS 33294 MB offset 20467712
14:43:52.565 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 33030 MB offset 88653824
14:43:52.600 Disk 0 scanning sectors +156299264
14:43:52.713 Disk 0 scanning C:\Windows\system32\drivers
14:44:32.146 Service scanning
14:45:48.972 Modules scanning
14:46:18.097 Disk 0 trace - called modules:
14:46:18.134 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS PCIIDEX.SYS msahci.sys HSX_CNXT.sys
14:46:18.199 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x844a2ac8]
14:46:18.213 3 CLASSPNP.SYS[868ab8b3] -> nt!IofCallDriver -> [0x8441a918]
14:46:18.225 5 acpi.sys[8623d6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0x844108a0]
14:46:19.443 AVAST engine scan C:\Windows
14:46:27.115 AVAST engine scan C:\Windows\system32
15:04:39.051 AVAST engine scan C:\Windows\system32\drivers
15:05:29.597 AVAST engine scan C:\Users\Melissa
15:09:03.995 Disk 0 MBR has been saved successfully to "C:\Users\Melissa\Desktop\MBR.dat"
15:09:04.917 The log file has been saved successfully to "C:\Users\Melissa\Desktop\aswMBR.txt"
Missy_Trouble
Active Member
 
Posts: 12
Joined: March 28th, 2012, 8:55 pm

Re: Computer slow and freezes

Unread postby maxi » April 1st, 2012, 3:05 pm

Hi missy :)

ESET online scannner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Note: If you are using Windows Vista or Windows 7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
  • First please Disable any Antivirus you have active, as shown in This topic.
  • Note: Don't forget to re-enable it after the scan.
  • Next hold down Control then click on the following link to open a new window to ESET online scannner
  • Select the option YES, I accept the Terms of Use then click on Start.
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on Start.
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on Finish.
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.


Please post the log in your next reply and give me an update on your computer,

Regards maxi :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: Computer slow and freezes

Unread postby Missy_Trouble » April 1st, 2012, 7:27 pm

D:\D Downloads\cnet2_InstallRARFileOpenKnife_exe.exe a variant of Win32/InstallCore.D application
D:\D Downloads\cnet_4kyoutubetomp3_1_5_exe.exe a variant of Win32/InstallCore.D application
D:\D Downloads\YouTubeDownloaderSetup34.exe a variant of Win32/Toolbar.Widgi application
D:\DocUment (D)\InstallRARFileOpenKnife.exe Win32/OpenCandy application


My computer still freezes. Deleting the coupon and registry program made no difference. Which i knew it wouldn't. They were not an issue. The above programs i don't even have on my computer. I removed those awhile back. I know those are just left over stuff. The issues started last week with my computer. I downloaded a few things, i believe it was in one of those programs the issue is. Two of those programs i already removed before coming here.
Missy_Trouble
Active Member
 
Posts: 12
Joined: March 28th, 2012, 8:55 pm

Re: Computer slow and freezes

Unread postby maxi » April 2nd, 2012, 10:58 am

Hi missy,

Step 1
Create a System Restore Point
  1. Right-click on Computer and select Properties.
  2. In the left pane under Tasks please click System protection.
    If UAC prompts for an administrator password or approval, type the password or give your "permission to continue".
  3. Select System Protection, then choose Create.
  4. In the System Restore dialog box, type a description for the restore point and then click Create again.
    A window will pop up with "The Restore Point was created successfully" confirmation message.
  5. Click OK, then close the System Restore dialog.

If you have successfully created a System Restore Point... we can proceed.
If you have NOT successfully created a System Restore Point... do not go any further!
Please post back so we can determine why it was unsuccessful.




Step 2
Run an OTL Fix
  1. Right-click the OTL.exe icon on your desktop and select Run As Administrator from the popup menu. The OTL by OldTimer window will be displayed.

  2. Copy the contents in the following box and then paste it into the Image textbox.
    • Do not include the word "Code:"
    Code: Select all
    :OTL
    IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2260173
    IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
    IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2260173
    @Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5C321E34
    @Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:AC6124CA
    @Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:8CE646EE
    
    
    :Files
    D:\D Downloads\cnet2_InstallRARFileOpenKnife_exe.exe 
    D:\D Downloads\cnet_4kyoutubetomp3_1_5_exe.exe
    D:\D Downloads\YouTubeDownloaderSetup34.exe 
    D:\DocUment (D)\InstallRARFileOpenKnife.exe
    
    :Commands
    
    [EMPTYTEMP]
    [CREATERESTOREPOINT]
    
  3. Click the Run Fix button near the top of the window. A message window will be displayed indicating that the system needs to be rebooted.
  4. Click Image. The system will reboot
  5. Log in following the reboot. A Notepad window should open containing a report.
  6. Copy the entire contents of the report and paste it in your reply.

In your next reply please include:
The log produced by OTL.
Any change in your computers performance after the OTL fix.

Regards maxi :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: Computer slow and freezes

Unread postby Missy_Trouble » April 4th, 2012, 12:37 pm

Sorry i haven't got back to you. My phone line was down since Monday night. The phone guy just here this morning. Will continue with your directions.
Missy_Trouble
Active Member
 
Posts: 12
Joined: March 28th, 2012, 8:55 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 126 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware