Jump to content

computer running incredibly slow

Carl
 Share

Recommended Posts

Carl Newbie

Carl

Posted
Posted

I run windows vista on my computer and just recently it has started running incredibly slow. Could this be due to malware? I only have very basic computer knowledge so please keep your suggestions as simple as possible. Any help would be greatly appreciated.

 

Carl

  • Replies 8
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Carl Newbie

Carl

Posted
  • Author
Posted

Malware log.

 

Hi

 

Sorry for the slow response.

 

Please find attached MBAM, other log to follow:

 

Malwarebytes' Anti-Malware 1.51.2.1300

http://www.malwarebytes.org

 

 

Database version: 8151

 

 

Windows 6.0.6002 Service Pack 2

Internet Explorer 9.0.8112.16421

 

 

13/11/2011 10:33:21

mbam-log-2011-11-13 (10-33-19).txt

 

 

Scan type: Full scan (C:\|D:\|)

Objects scanned: 312174

Time elapsed: 2 hour(s), 9 minute(s), 22 second(s)

 

 

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

 

 

Memory Processes Infected:

(No malicious items detected)

 

 

Memory Modules Infected:

(No malicious items detected)

 

 

Registry Keys Infected:

(No malicious items detected)

 

 

Registry Values Infected:

(No malicious items detected)

 

 

Registry Data Items Infected:

(No malicious items detected)

 

 

Folders Infected:

(No malicious items detected)

 

 

Files Infected:

(No malicious items detected)

KenB Newbie

KenB

Posted
Posted

Hi Carl,

 

Just before etavares gets back to you ....

 

What size is your hard drive and how much free space do you have?

Start > Computer > Right click on C:\ > Properties

 

Also how much RAM is in the machine?

Start > Right click Computer > Properties

There is an email going around offering processed pork - gelatin - and salt in a can ......this is simply SPAM !!

 

MiniToolBox

Network Test

Wireless Test

Carl Newbie

Carl

Posted
  • Author
Posted

Thanks for your continued help.

 

Extras file:

 

OTL Extras logfile created on: 13/11/2011 13:30:46 - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Carl & Ruth\Downloads

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

 

894.77 Mb Total Physical Memory | 409.86 Mb Available Physical Memory | 45.81% Memory free

2.01 Gb Paging File | 0.86 Gb Available in Paging File | 42.77% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 69.77 Gb Total Space | 18.91 Gb Free Space | 27.10% Space Free | Partition Type: NTFS

Drive D: | 69.52 Gb Total Space | 69.25 Gb Free Space | 99.62% Space Free | Partition Type: NTFS

 

Computer Name: CARLRUTHHOME-PC | User Name: Carl & Ruth | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"UacDisableNotify" = 1

"InternetSettingsDisableNotify" = 1

"AutoUpdateDisableNotify" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

 

========== Authorized Applications List ==========

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{1BCAAF0D-E6BE-4CF7-BBDC-D3BF67A72725}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\acer homemedia connect.exe |

"{64C7B1E2-4F18-4070-A2B8-A7E0074C5796}" = dir=in | app=c:\program files\acer arcade live\acer arcade live main page\acer arcade live.exe |

"{6B9693AA-F737-4C07-AD65-67C46A6AC963}" = dir=in | app=c:\program files\acer arcade live\acer videomagician\acer videomagician.exe |

"{757FAE47-740C-4C64-BB0F-3F7330A6FDC4}" = dir=in | app=c:\program files\acer arcade live\acer homemedia\acer homemedia.exe |

"{801F094F-A3A4-411A-926F-69DD95D6D054}" = dir=in | app=c:\program files\acer arcade live\acer dv magician\acer dv magician.exe |

"{AED93CBC-54E0-49E7-8B51-4714948842AB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{B22D5A3B-6C22-4989-8BA0-11513C242A71}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe |

"{D5ABD75B-9A14-4F0F-83A7-4EE767E54B96}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{F1956F76-D701-4364-B0C3-90EB238DE3F3}" = dir=in | app=c:\program files\acer arcade live\acer dvdivine\acer dvdivine.exe |

"{F7C85AA6-1E67-4D84-ADD8-244ED2F7EDD5}" = dir=in | app=c:\program files\acer arcade live\acer slideshow dvd\acer slideshow dvd.exe |

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{001FC252-5D30-956C-D6E3-405B9651B698}" = CCC Help Korean

"{0145ABB1-8F13-D85C-EFA7-16AAFD415F07}" = Catalyst Control Center Localization Chinese Standard

"{020617D7-2F72-4D02-BF59-A5CBC1761177}" = SQL Server 2008 R2 Management Studio

"{046755CA-F677-4B7F-AF9A-6AB295A02A30}" = Microsoft SQL Server 2008 R2 Native Client

"{08091134-5478-4F0E-5A1A-470BE72647ED}" = CCC Help Thai

"{121475F5-2598-4574-8801-8F6B3D6A99BB}" = SQL Server 2008 R2 Management Studio

"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect

"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker

"{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7

"{18F72BF6-D1B1-04AF-BBB2-EA2BA6F50EDB}" = CCC Help English

"{1E6F7CFD-5BEB-0828-B1B1-645FA4F292DB}" = Catalyst Control Center Localization Korean

"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email

"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls

"{27005EDF-E80A-7059-81A3-692051625488}" = Catalyst Control Center Localization French

"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1

"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant

"{2D4A265B-8CE4-EF70-0C2A-1271119AA5B3}" = Catalyst Control Center Localization Turkish

"{2EA65C2D-0C11-3D8B-46AE-B9092EE7D64C}" = CCC Help Norwegian

"{2EB3629F-C98A-F5A3-25C2-D47B0EDF2A7C}" = CCC Help Greek

"{2EB81825-E9EE-44F4-8F51-1240C3898DC6}" = EPSON File Manager

"{2FA6AE84-DFE1-9651-7AEB-2E8C78E5B97D}" = CCC Help Swedish

"{37EBDFAC-5900-A0AD-CCE9-9A0DDA5682F9}" = Catalyst Control Center Localization Portuguese

"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3D78F2A2-C893-4ABD-B5FE-AD7011837755}" = EPSON Easy Photo Print

"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD

"{45576B9A-D9A9-CCE2-488F-E74A96FA550B}" = CCC Help Turkish

"{472BC165-1990-1963-7AAD-BD4DAA3F293E}" = CCC Help Finnish

"{47BE41E6-2F0F-4D17-9C2D-3850FFD9D405}" = Microsoft SQL Server VSS Writer

"{4B4C56E5-819C-E1EB-B682-2F3EB3C32D88}" = CCC Help Hungarian

"{4C0F2181-4765-D5C5-B665-52E7722C1D18}" = Catalyst Control Center Localization Japanese

"{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}" = SQL Server 2008 R2 Database Engine Shared

"{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU

"{526B988C-393C-181A-0536-257C6AE70D18}" = CCC Help Portuguese

"{5792B5D9-645A-3309-C848-9BB7A68F1667}" = CCC Help Russian

"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = SQL Server 2008 R2 Database Engine Services

"{593AF68A-BEDA-BC04-D278-7E020F2E6A6E}" = Catalyst Control Center Localization Dutch

"{5D112C61-C8D0-4718-8DD7-B9115EB9AF90}" = LogMeIn

"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites

"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3

"{687C95B4-4670-DEF1-4585-E11CE3AB7C26}" = CCC Help German

"{6D4DC170-69D1-7CE8-EF98-6DCDC887FA1C}" = Catalyst Control Center Localization Spanish

"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{75D803F3-2CCA-F91B-F269-1EA77BA56688}" = Catalyst Control Center Localization Chinese Traditional

"{76866BE3-B2C7-40BB-B267-927792AED0C3}" = Microsoft SQL Server 2008 R2 Setup (English)

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime

"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver

"{7C8EAD2B-A954-4F73-AAFC-C3EC60D49ADA}" = Microsoft SQL Server 2008 R2 RsFx Driver

"{7CE727EA-498F-B17F-53B6-C695E134C83C}" = Catalyst Control Center Localization Greek

"{7E70195B-0530-EED3-E8FE-237EC86F989E}" = Catalyst Control Center Localization Polish

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111263673}" = Treasures of the Deep

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111271497}" = Mystery Case Files - Prime Suspects

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11146090}" = Big Kahuna Reef 2

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111473353}" = Dynasty

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11170417}" = Luxor 2

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112179547}" = MCF Ravenhearst

"{85967580-EBC2-11D4-AEA3-0050046A88ED}" = LEGO Island 2

"{886607CA-3144-493D-1134-EEAAC8D5AAFD}" = CCC Help French

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A5AEB5F-C533-FD3B-9D35-6FF8BEB91A7E}" = CCC Help Dutch

"{8CB7C96F-22D5-5911-3507-4639ED218CE6}" = CCC Help Polish

"{8FF37D01-3105-690A-C481-06EBED787498}" = Catalyst Control Center Localization Swedish

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{93998800-1608-403F-9A51-420A77D23C25}" = Sql Server Customer Experience Improvement Program

"{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}" = Camera RAW Plug-In for EPSON Creativity Suite

"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{97D4EB44-3BD8-F35A-14AE-73FB3B491396}" = Catalyst Control Center Localization Italian

"{999E1B83-866A-F0A5-321C-B3438BC246B1}" = ATI Catalyst Install Manager

"{99AF8AED-2960-B47B-CAA0-1558B5E78D48}" = CCC Help Danish

"{A78024C0-8C20-27CB-2B7B-6A60445B61AF}" = Catalyst Control Center Localization Russian

"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia

"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology

"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2

"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint

"{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management

"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine

"{B231A9E2-9E9C-9226-E483-DD2D725D1BFE}" = Catalyst Control Center Localization Thai

"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0

"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = SQL Server 2008 R2 Database Engine Services

"{B7CBEC53-C913-87E2-D70F-3BABEFB0A080}" = Catalyst Control Center Localization Finnish

"{B94C6815-7BCC-4124-AC39-9208A06FFFA7}" = Disney-Pixar Ratatouille

"{BD2BA0B1-5448-987E-9562-6C665252714A}" = Catalyst Control Center Localization Norwegian

"{BF9BF038-FE03-429D-9B26-2FA0FD756052}" = Microsoft SQL Server Browser

"{C03A4F4C-09A2-ADA3-0DE9-F830F636DD4B}" = CCC Help Spanish

"{C6660342-B863-AD6B-3D74-C5466AAF1A5F}" = CCC Help Italian

"{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}" = SQL Server 2008 R2 Common Files

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1

"{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}" = Microsoft SQL Server 2008 R2 Policies

"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files

"{D462BF9E-0C35-4705-BF9B-3DF9F3816643}" = Acer ePerformance Management

"{D475C441-82E7-4694-8717-EA8896D6D37A}" = CCC Help Japanese

"{D51FFF33-0F42-72C1-0DFD-220E3B3E4F97}" = CCC Help Chinese Traditional

"{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}" = Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU

"{DE247139-8107-31A7-E580-6AFAE183A95F}" = Catalyst Control Center Localization German

"{DEB38E1A-F4E5-4DF0-96F4-4050567A9D09}" = AV Input Selection

"{E256842C-AD14-4BDC-87B2-B3A4A7037837}" = LogMeIn

"{E7DA2552-8808-7F25-1A85-AAFDE834CA14}" = CCC Help Czech

"{EB0A38F9-6698-B5D5-949E-E042BBEE763B}" = Catalyst Control Center Localization Hungarian

"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page

"{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}" = SQL Server 2008 R2 Database Engine Shared

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician

"{F748B133-D25C-14C2-0178-D90703042FDE}" = CCC Help Chinese Standard

"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician

"{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}" = SQL Server 2008 R2 Common Files

"{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver

"2EFF310ED3BF3BFB24E6CC25AEB5491813E56803" = Windows Driver Package - ITE Tech.Inc. (itecir) HIDClass (06/20/2007 5.0.0004.2)

"8461-7759-5462-8226" = Vuze

"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Barbie Jewelry Designer" = Barbie® Jewelry Designer

"Coupon Printer2.0" = Coupon Printer

"EPSON Printer and Utilities" = EPSON Printer Software

"EPSON Scanner" = EPSON Scan

"EPSON Stylus CX7300_CX8300_DX7400_DX8400 User’s Guide" = EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manual

"FileZilla Client" = FileZilla Client 3.3.5.1

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker

"InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7

"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft Report Viewer Redistributable 2008 (KB971119)" = Microsoft Report Viewer Redistributable 2008 SP1

"Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2

"Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2

"NIS" = Norton Internet Security

"QuickTime 3.0" = QuickTime 3.0

"RealPlayer 12.0" = RealPlayer

"Spotify" = Spotify

"WinRAR archiver" = WinRAR 4.01 (32-bit)

"Yahoo! Companion" = Yahoo! Toolbar

"Yahoo! Toolbar" = Yahoo! Toolbar

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"7b4e12b4e844396f" = CarlsCalendar

"Google Chrome" = Google Chrome

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 13/10/2011 15:27:52 | Computer Name = CarlRuthHome-PC | Source = EventSystem | ID = 4621

Description =

 

Error - 19/10/2011 06:55:13 | Computer Name = CarlRuthHome-PC | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "C:\Program Files\Real\RealPlayer\plugins\rmxrend.dll".

Dependent

Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"

could not be found. Please use sxstrace.exe for detailed diagnosis.

 

Error - 19/10/2011 07:01:16 | Computer Name = CarlRuthHome-PC | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "C:\Program Files\Real\RealPlayer\plugins\rmxrend.dll".

Dependent

Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"

could not be found. Please use sxstrace.exe for detailed diagnosis.

 

Error - 27/10/2011 07:01:14 | Computer Name = CarlRuthHome-PC | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "C:\Program Files\Real\RealPlayer\plugins\rmxrend.dll".

Dependent

Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"

could not be found. Please use sxstrace.exe for detailed diagnosis.

 

Error - 27/10/2011 07:01:23 | Computer Name = CarlRuthHome-PC | Source = SideBySide | ID = 16842785

Description = Activation context generation failed for "C:\Program Files\Real\RealPlayer\plugins\rmxrend.dll".

Dependent

Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"

could not be found. Please use sxstrace.exe for detailed diagnosis.

 

Error - 30/10/2011 07:06:34 | Computer Name = CarlRuthHome-PC | Source = EventSystem | ID = 4621

Description =

 

Error - 03/11/2011 18:33:52 | Computer Name = CarlRuthHome-PC | Source = Windows Search Service | ID = 3013

Description =

 

Error - 03/11/2011 18:33:52 | Computer Name = CarlRuthHome-PC | Source = Windows Search Service | ID = 3013

Description =

 

Error - 04/11/2011 10:05:40 | Computer Name = CarlRuthHome-PC | Source = Application Hang | ID = 1002

Description = The program WinMail.exe version 6.0.6001.18000 stopped interacting

with Windows and was closed. To see if more information about the problem is available,

check the problem history in the Problem Reports and Solutions control panel. Process

ID: 14f4 Start Time: 01cc9af96569afb0 Termination Time: 275

 

Error - 07/11/2011 11:15:33 | Computer Name = CarlRuthHome-PC | Source = EventSystem | ID = 4621

Description =

 

[ System Events ]

Error - 11/11/2011 15:53:50 | Computer Name = CarlRuthHome-PC | Source = Service Control Manager | ID = 7022

Description =

 

Error - 11/11/2011 15:57:07 | Computer Name = CarlRuthHome-PC | Source = Service Control Manager | ID = 7022

Description =

 

Error - 11/11/2011 15:57:33 | Computer Name = CarlRuthHome-PC | Source = Service Control Manager | ID = 7011

Description =

 

Error - 11/11/2011 15:57:33 | Computer Name = CarlRuthHome-PC | Source = Service Control Manager | ID = 7011

Description =

 

Error - 12/11/2011 13:00:09 | Computer Name = CarlRuthHome-PC | Source = Service Control Manager | ID = 7011

Description =

 

Error - 12/11/2011 13:36:42 | Computer Name = CarlRuthHome-PC | Source = DCOM | ID = 10010

Description =

 

Error - 13/11/2011 04:19:35 | Computer Name = CarlRuthHome-PC | Source = Service Control Manager | ID = 7011

Description =

 

Error - 13/11/2011 04:20:54 | Computer Name = CarlRuthHome-PC | Source = Service Control Manager | ID = 7011

Description =

 

Error - 13/11/2011 04:20:54 | Computer Name = CarlRuthHome-PC | Source = Service Control Manager | ID = 7011

Description =

 

Error - 13/11/2011 04:22:57 | Computer Name = CarlRuthHome-PC | Source = Service Control Manager | ID = 7011

Description =

 

 

< End of report >

Carl Newbie

Carl

Posted
  • Author
Posted

OTL file:

 

OTL logfile created on: 13/11/2011 13:30:46 - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Carl & Ruth\Downloads

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

 

894.77 Mb Total Physical Memory | 409.86 Mb Available Physical Memory | 45.81% Memory free

2.01 Gb Paging File | 0.86 Gb Available in Paging File | 42.77% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 69.77 Gb Total Space | 18.91 Gb Free Space | 27.10% Space Free | Partition Type: NTFS

Drive D: | 69.52 Gb Total Space | 69.25 Gb Free Space | 99.62% Space Free | Partition Type: NTFS

 

Computer Name: CARLRUTHHOME-PC | User Name: Carl & Ruth | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:\Users\Carl & Ruth\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)

PRC - C:\Program Files\LogMeIn\x86\ramaint.exe (LogMeIn, Inc.)

PRC - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe (LogMeIn, Inc.)

PRC - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\ccsvchst.exe (Symantec Corporation)

PRC - C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)

PRC - C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe (Acer Inc.)

PRC - C:\Acer\Empowering Technology\SysMonitor.exe ()

PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)

PRC - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)

PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

PRC - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (HiTRSUT)

PRC - C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe (HiTRUST)

PRC - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe ()

PRC - C:\Windows\System32\spool\drivers\w32x86\3\E_FATICDE.EXE (SEIKO EPSON CORPORATION)

PRC - C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)

 

 

========== Modules (No Company Name) ==========

 

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6bc98e9b5eedaa8f71c5454d36a4b772\System.Management.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8645de531003807d00822e03986a075d\System.ServiceProcess.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\6d2f689baff5da3df134fdec0742a13c\System.Runtime.Remoting.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll ()

MOD - C:\Program Files\FileZilla FTP Client\fzshellext.dll ()

MOD - C:\Windows\System32\atitmmxx.dll ()

MOD - C:\Acer\Empowering Technology\SysMonitor.exe ()

MOD - C:\Acer\Empowering Technology\Acer.Empowering.Framework.DialogManager.dll ()

MOD - C:\Acer\Empowering Technology\Acer.Empowering.Framework.PasswordSetting.dll ()

MOD - C:\Windows\System32\BatchCrypto.dll ()

MOD - C:\Windows\System32\ShowErrMsg.dll ()

MOD - C:\Acer\Empowering Technology\ePerformance\ePerformance.Plugin.dll ()

MOD - C:\Acer\Empowering Technology\ePerformance\ePerformance.Presenter.dll ()

MOD - C:\Acer\Empowering Technology\ePerformance\ePerformance.Library.dll ()

MOD - C:\Acer\Empowering Technology\ePerformance\ePerformance.Model.dll ()

MOD - C:\Acer\Empowering Technology\ePerformance\ePerformance.Model.Interface.dll ()

MOD - C:\Acer\Empowering Technology\MemCheck.Interface.dll ()

MOD - C:\Acer\Empowering Technology\eRecovery\ServiceInterface.dll ()

 

 

========== Win32 Services (SafeList) ==========

 

SRV - (LMIMaint) -- C:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn, Inc.)

SRV - (LMIGuardianSvc) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe (LogMeIn, Inc.)

SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe (Symantec Corporation)

SRV - (LogMeIn) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)

SRV - (Symantec RemoteAssist) -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe (Symantec, Inc.)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)

SRV - (Acer HomeMedia Connect Service) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)

SRV - (eDataSecurity Service) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe (HiTRSUT)

SRV - (AcerMemUsageCheckService) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe ()

 

 

========== Driver Services (SafeList) ==========

 

DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)

DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)

DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20111027.001\BHDrvx86.sys (Symantec Corporation)

DRV - (LMIRfsClientNP) -- C:\Windows\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)

DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20111111.030\IDSvix86.sys (Symantec Corporation)

DRV - (SYMTDIv) -- C:\Windows\System32\Drivers\NIS\1109000.00C\SYMTDIV.SYS (Symantec Corporation)

DRV - (SymEFA) -- C:\Windows\system32\drivers\NIS\1109000.00C\SYMEFA.SYS (Symantec Corporation)

DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20111112.009\NAVEX15.SYS (Symantec Corporation)

DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20111112.009\NAVENG.SYS (Symantec Corporation)

DRV - (ccHP) -- C:\Windows\system32\drivers\NIS\1109000.00C\ccHPx86.sys (Symantec Corporation)

DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.)

DRV - (LMIRfsDriver) -- C:\Windows\System32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)

DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)

DRV - (SymIRON) -- C:\Windows\system32\drivers\NIS\1109000.00C\Ironx86.SYS (Symantec Corporation)

DRV - (SRTSP) -- C:\Windows\System32\Drivers\NIS\1109000.00C\SRTSP.SYS (Symantec Corporation)

DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\system32\drivers\NIS\1109000.00C\SRTSPX.SYS (Symantec Corporation)

DRV - (RsFx0150) -- C:\Windows\System32\drivers\RsFx0150.sys (Microsoft Corporation)

DRV - (SymDS) -- C:\Windows\system32\drivers\NIS\1109000.00C\SYMDS.SYS (Symantec Corporation)

DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV - (itecir) -- C:\Windows\System32\drivers\itecir.sys (Windows ® Codename Longhorn DDK provider)

DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.)

DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )

DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys ()

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.uk.acer.yahoo.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.uk.acer.yahoo.com

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = http://uk.rd.yahoo.com/customize/ycomp/defaults/sp/*http://uk.yahoo.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Carl & Ruth\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Carl & Ruth\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2011/07/22 15:30:34 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6 [2011/11/13 08:19:17 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/11/01 14:59:37 | 000,000,000 | ---D | M]

 

 

========== Chrome ==========

 

CHR - default_search_provider: Yahoo! Search (Enabled)

CHR - default_search_provider: search_url = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7

CHR - default_search_provider: suggest_url =

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Carl & Ruth\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Carl & Ruth\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Carl & Ruth\AppData\Local\Google\Chrome\Application\15.0.874.106\pdf.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll

CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

CHR - plugin: Google Update (Enabled) = C:\Users\Carl & Ruth\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Carl & Ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\

 

O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\coieplg.dll (Symantec Corporation)

O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\ipsbho.dll (Symantec Corporation)

O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\System32\ActiveToolBand.dll (HiTRUST)

O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\coieplg.dll (Symantec Corporation)

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)

O3 - HKCU\..\Toolbar\WebBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)

O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\coieplg.dll (Symantec Corporation)

O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe ()

O4 - HKLM..\Run: [Acer Tour] File not found

O4 - HKLM..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (Acer Inc.)

O4 - HKLM..\Run: [Apanel] C:\ACERSW\config\NewSetApanel.cmd File not found

O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe (HiTRUST)

O4 - HKLM..\Run: [eRecoveryService] File not found

O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)

O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()

O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [setresolution] C:\ACERSW\config\1440x900.cmd File not found

O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKCU..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (Acer Inc.)

O4 - HKCU..\Run: [EPSON Stylus DX7400 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE (SEIKO EPSON CORPORATION)

O13 - gopher Prefix: missing

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1EAE3A4F-8D3E-43DA-A24F-2FA26F090668}: DhcpNameServer = 192.168.1.254

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\Carl & Ruth\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg

O24 - Desktop BackupWallPaper: C:\Users\Carl & Ruth\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

 

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011/11/13 13:15:01 | 000,000,000 | ---D | C] -- C:\Users\Carl & Ruth\Desktop\malewarebyte log

[2011/11/03 20:22:52 | 000,000,000 | ---D | C] -- C:\Users\Carl & Ruth\Documents\Vuze Downloads

[2011/11/03 20:07:51 | 000,000,000 | ---D | C] -- C:\Users\Carl & Ruth\AppData\Roaming\WinRAR

[2011/11/03 20:07:50 | 000,000,000 | ---D | C] -- C:\Users\Carl & Ruth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

[2011/11/03 20:07:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

[2011/11/03 20:07:45 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR

[2011/11/03 20:03:14 | 000,000,000 | ---D | C] -- C:\Users\Carl & Ruth\.swt

[2011/11/01 14:59:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared

[2007/12/22 23:46:30 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe

[2007/08/15 23:14:02 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\Interop.Shell32.dll

 

========== Files - Modified Within 30 Days ==========

 

[2011/11/13 12:48:01 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2287012915-254848662-4266273031-1000UA.job

[2011/11/13 12:17:58 | 000,003,296 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011/11/13 12:17:58 | 000,003,296 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011/11/13 08:16:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/11/13 08:16:00 | 938,991,616 | -HS- | M] () -- C:\hiberfil.sys

[2011/11/12 17:10:01 | 000,002,627 | ---- | M] () -- C:\Users\Carl & Ruth\Desktop\Microsoft Office Word 2007.lnk

[2011/11/11 20:20:37 | 000,000,676 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Carl & Ruth.job

[2011/11/11 16:47:02 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2287012915-254848662-4266273031-1000Core.job

[2011/11/04 14:02:41 | 000,674,072 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/11/04 14:02:40 | 000,132,078 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/11/03 22:12:09 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/11/03 20:55:19 | 000,022,016 | ---- | M] () -- C:\Users\Carl & Ruth\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/11/03 20:02:41 | 000,001,637 | ---- | M] () -- C:\Users\Carl & Ruth\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk

[2011/11/03 20:02:40 | 000,001,637 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk

[2011/11/01 15:00:01 | 000,001,745 | ---- | M] () -- C:\Users\Public\Desktop\Free Offers.lnk

[2011/11/01 15:00:00 | 000,000,847 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk

[2011/11/01 14:59:17 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll

[2011/11/01 14:58:54 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll

[2011/11/01 14:58:54 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll

[2011/11/01 14:58:47 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\System32\pncrt.dll

 

========== Files Created - No Company Name ==========

 

[2011/11/03 22:12:09 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/11/03 20:02:41 | 000,001,637 | ---- | C] () -- C:\Users\Carl & Ruth\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk

[2011/11/03 20:02:40 | 000,001,637 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk

[2011/11/03 20:02:37 | 000,001,637 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk

[2011/11/01 15:00:00 | 000,001,745 | ---- | C] () -- C:\Users\Public\Desktop\Free Offers.lnk

[2011/11/01 15:00:00 | 000,000,847 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk

[2011/08/07 21:53:49 | 000,000,333 | ---- | C] () -- C:\Windows\WININIT.INI

[2011/08/07 20:08:52 | 000,002,108 | ---- | C] () -- C:\Users\Carl & Ruth\AppData\Local\rx_audio.Cache

[2009/11/19 18:19:32 | 000,000,031 | -H-- | C] () -- C:\Windows\UKCpInfo.sys

[2009/09/16 15:54:52 | 000,027,136 | ---- | C] () -- C:\Windows\System32\QTUninst.dll

[2009/09/16 15:52:20 | 000,000,142 | ---- | C] () -- C:\Windows\PPI.INI

[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll

[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe

[2009/08/01 08:48:36 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2009/08/01 08:48:36 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin

[2008/11/01 21:16:59 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin

[2008/09/28 17:09:11 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2008/09/28 16:22:37 | 000,022,016 | ---- | C] () -- C:\Users\Carl & Ruth\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008/09/26 20:50:44 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat

[2008/09/26 20:50:44 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat

[2008/09/26 20:50:44 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat

[2008/09/26 20:50:44 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat

[2008/09/26 20:50:44 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat

[2008/09/26 20:50:44 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat

[2008/09/26 20:50:44 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat

[2008/09/26 20:50:44 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat

[2008/09/26 20:50:44 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat

[2008/09/26 20:50:44 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat

[2008/09/26 20:50:44 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat

[2008/09/26 20:50:44 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat

[2008/09/26 20:50:44 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat

[2008/09/26 20:50:44 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat

[2008/09/26 20:50:44 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat

[2008/09/26 20:50:44 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat

[2008/09/26 20:50:44 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat

[2008/09/26 20:50:44 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat

[2008/09/26 20:50:44 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini

[2008/09/26 20:46:06 | 000,000,025 | ---- | C] () -- C:\Windows\CDE DX7400DEFGIPS.ini

[2008/08/14 17:40:42 | 000,176,214 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat

[2008/03/05 23:38:44 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe

[2007/12/22 23:48:25 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini

[2007/12/22 23:48:25 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini

[2007/12/22 23:46:30 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe

[2007/08/16 00:11:33 | 000,001,024 | ---- | C] () -- C:\Windows\System32\NTIBUN4.dll

[2007/08/15 23:14:00 | 000,331,776 | ---- | C] () -- C:\Windows\System32\ScrollBarLib.dll

[2007/08/15 22:03:27 | 000,000,734 | ---- | C] () -- C:\Windows\generic.ini

[2007/08/15 22:03:27 | 000,000,109 | ---- | C] () -- C:\Windows\Alaunch.ini

[2007/08/15 22:02:17 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat

[2007/08/15 22:02:17 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll

[2007/04/25 23:33:22 | 000,266,240 | ---- | C] () -- C:\Windows\System32\NotesExtmngr.dll

[2007/04/25 23:32:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\NotesActnMenu.dll

[2007/04/25 23:32:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\MSNSpook.dll

[2007/04/25 23:31:00 | 000,028,672 | ---- | C] () -- C:\Windows\System32\BatchCrypto.dll

[2007/04/25 23:30:52 | 000,073,728 | ---- | C] () -- C:\Windows\System32\APISlice.dll

[2007/04/25 23:30:44 | 000,063,488 | ---- | C] () -- C:\Windows\System32\ShowErrMsg.dll

[2006/12/25 22:44:48 | 000,022,016 | ---- | C] () -- C:\Windows\System32\MailFormat_U.dll

[2006/11/13 12:50:06 | 000,071,680 | ---- | C] () -- C:\Windows\System32\HTCA_SelfExtract.bin

[2006/11/02 12:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2006/11/02 12:47:37 | 000,295,896 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2006/11/02 12:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006/11/02 10:33:01 | 000,674,072 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2006/11/02 10:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2006/11/02 10:33:01 | 000,132,078 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2006/11/02 10:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2006/11/02 10:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2006/11/02 08:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2006/11/02 08:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2006/11/02 07:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2006/11/02 07:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[2004/01/30 14:07:46 | 000,245,408 | ---- | C] () -- C:\Windows\System32\unicows.dll

[2001/12/26 23:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll

[2001/09/04 06:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll

[2001/07/30 23:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll

[2001/07/24 05:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

 

========== LOP Check ==========

 

[2009/09/16 16:29:55 | 000,000,000 | ---D | M] -- C:\Users\Carl & Ruth\AppData\Roaming\Ace

[2011/11/07 15:14:32 | 000,000,000 | ---D | M] -- C:\Users\Carl & Ruth\AppData\Roaming\Azureus

[2008/09/26 21:15:46 | 000,000,000 | ---D | M] -- C:\Users\Carl & Ruth\AppData\Roaming\EPSON

[2008/09/28 14:25:46 | 000,000,000 | ---D | M] -- C:\Users\Carl & Ruth\AppData\Roaming\eSobi

[2011/03/16 21:10:20 | 000,000,000 | ---D | M] -- C:\Users\Carl & Ruth\AppData\Roaming\FileZilla

[2011/08/07 17:49:27 | 000,000,000 | ---D | M] -- C:\Users\Carl & Ruth\AppData\Roaming\Simple Star

[2011/10/18 16:47:19 | 000,000,000 | ---D | M] -- C:\Users\Carl & Ruth\AppData\Roaming\Spotify

[2011/11/12 19:31:18 | 000,032,646 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 

========== Purity Check ==========

 

 

 

========== Custom Scans ==========

 

 

< %SYSTEMDRIVE%\*.* >

[2007/08/15 23:14:41 | 000,003,380 | ---- | M] () -- C:\-20070815.log

[2008/09/28 17:14:50 | 000,001,024 | ---- | M] () -- C:\.rnd

[2006/09/18 21:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat

[2009/04/11 06:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr

[2007/08/15 22:04:32 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK

[2006/09/18 21:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys

[2011/11/13 08:16:00 | 938,991,616 | -HS- | M] () -- C:\hiberfil.sys

[2009/09/16 15:51:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2006/11/29 15:35:20 | 000,000,512 | ---- | M] () -- C:\MDR.iss

[2009/09/16 15:51:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2011/11/13 08:15:58 | 1252,802,560 | -HS- | M] () -- C:\pagefile.sys

[2007/08/15 23:10:11 | 000,000,644 | ---- | M] () -- C:\RHDSetup.log

[2007/08/15 23:32:58 | 000,000,032 | ---- | M] () -- C:\setup.log

 

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

[2006/11/02 12:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\jnwppr.dll

[2011/10/06 12:21:50 | 000,052,096 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\system32\Spool\prtprocs\w32x86\LMIproc.dll

[2006/10/27 02:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\msonpppr.dll

 

< %systemroot%\*. /mp /s >

 

< %systemroot%\system32\*.dll /lockedfiles >

 

< %systemroot%\Tasks\*.job /lockedfiles >

 

< %systemroot%\system32\drivers\*.sys /lockedfiles >

 

< %systemroot%\system32\*.exe /lockedfiles >

 

< %systemroot%\System32\config\*.sav >

[2007/08/15 22:04:19 | 006,602,752 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV

[2007/08/15 22:04:17 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV

[2007/08/15 22:04:20 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV

[2007/08/15 22:04:29 | 015,556,608 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV

[2007/08/15 22:04:30 | 006,012,928 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

 

< %PROGRAMFILES%\* >

[2008/10/27 22:28:58 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

 

< %USERPROFILE%\..|smtmp;true;true;true /FP >

 

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Win dows\WindowsUpdate\AU >

 

< hklm\software\clients\startmenuinternet|command /rs >

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Carl & Ruth\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2011/11/08 03:02:58 | 001,036,344 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Carl & Ruth\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2011/11/08 03:02:58 | 001,036,344 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Carl & Ruth\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/11/08 03:02:58 | 001,036,344 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Carl & Ruth\AppData\Local\Google\Chrome\Application\chrome.exe" [2011/11/08 03:02:58 | 001,036,344 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/04/26 14:55:39 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/04/26 14:55:39 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/04/26 14:55:39 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/04/26 14:55:45 | 000,748,336 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/04/26 14:55:45 | 000,748,336 | ---- | M] (Microsoft Corporation)

 

< hklm\software\clients\startmenuinternet|command /64 /rs >

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Carl & Ruth\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2011/11/08 03:02:58 | 001,036,344 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Carl & Ruth\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2011/11/08 03:02:58 | 001,036,344 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Carl & Ruth\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/11/08 03:02:58 | 001,036,344 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Carl & Ruth\AppData\Local\Google\Chrome\Application\chrome.exe" [2011/11/08 03:02:58 | 001,036,344 | ---- | M] (Google Inc.)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/04/26 14:55:39 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/04/26 14:55:39 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/04/26 14:55:39 | 000,074,240 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/04/26 14:55:45 | 000,748,336 | ---- | M] (Microsoft Corporation)

HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/04/26 14:55:45 | 000,748,336 | ---- | M] (Microsoft Corporation)

 

 

< End of report >

Carl Newbie

Carl

Posted
  • Author
Posted

Ken B

 

Hi Ken

 

The hard drive © is 67.7GB with 18.3GB free but there is also a drive showing as data (d) which is also 67.7GB and is empty.

 

There is 1GB RAM

 

Thanks

 

Carl

KenB Newbie

KenB

Posted
Posted

Hi Carl

You have plenty of free space. Windows needs about 10% free.

You could make use of the D:\ Data drive to save files and photos to.

 

I will leave etavares to advise further.

There is an email going around offering processed pork - gelatin - and salt in a can ......this is simply SPAM !!

 

MiniToolBox

Network Test

Wireless Test

etavares Newbie

etavares

Posted
Posted

Hello, Carl.

 

 

Nothing major in those logs. However, I did notice that you have a lot of security warnings hidden (e.g. the UAC is turned off, you're not getting antivirus notifications, etc.). Did you set those intentionally? If yes, I do recommend we enable them as they are important to know the security status of your machine. If you didn't...some malware changes it. Please let me know.

 

 

The 1GB of RAM is the simplest upgrade to improve the performance of your computer. However, this sounds like it came on suddenly so there is something going on. When is your computer slow? During startup, after booting up? When it gets slow, press Ctrl-Shift-Esc to bring up Task Manager, click on the Processes tab, click on the CPU column header to sort by CPU usage, then scroll down and look for any program with 10 or higher in the CPU column. LIst the process in your reply or let me know that nothing is using that much of your CPU.

 

 

We'll also look for rootkits here and then move on to one final antivirus scan to rule that out.

 

 

 

 

 

 

Step 1

 

 

We also need a new log from the GMER anti-rootkit scanner. Please first disable any CD emulation programs using the steps found in this topic:

 

 

Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

 

 

 

 

 

 

 

 

Step 2

 

 

I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetOnline.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstallDesktopIcon.png icon on your desktop.

    [*]Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetAcceptTerms.png

    [*]Click the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetStart.png button.

    [*]Accept any security warnings from your browser.

    [*]Check http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetScanArchives.png

    [*]Push the Start button.

    [*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

    [*]When the scan completes, push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetListThreats.png

    [*]Push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

    [*]Push the http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetBack.png button.

    [*]Push http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetFinish.png

 

 

etavares

 

 

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...