TheTechGuide Forum

General Category => Tech Clinic => Topic started by: atomilano on November 29, 2010, 09:33:40 PM

Title: Computer is running slow slow
Post by: atomilano on November 29, 2010, 09:33:40 PM
Hi, My computer has been running very slowly and seems to get slower each day. I have deleted temp files, cookies and run spyware. I have run other scans and it does not turn up any viruses. Can you take a look at my Hijackthis file and give me some suggestions on what I could do to speed it up?
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:28:00 PM, on 11/29/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\HPConfig.exe
C:\WINDOWS\System32\hphmon05.exe
C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe
C:\Program Files\Lexmark X6100 Series\lxbfbmon.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://qus8l.hpwis.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\IPSBHO.DLL
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (file missing)
O2 - BHO: Verizon Broadband Toolbar - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\PROGRA~1\VERIZO~1\VERIZO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll (file missing)
O3 - Toolbar: Verizon Broadband Toolbar - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\PROGRA~1\VERIZO~1\VERIZO~1.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coIEPlg.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Display Settings] C:\Program Files\HPQ\Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [QT4HPOT] C:\Program Files\HPQ\One-Touch\OneTouch.EXE
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Verizon_McciTrayApp] "C:\Program Files\Verizon\McciTrayApp.exe"
O4 - HKLM\..\Run: [VerizonServicepoint.exe] "C:\Program Files\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-21-3186122018-3506906131-3992227617-500\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Administrator')
O4 - HKUS\S-1-5-21-3186122018-3506906131-3992227617-500\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Administrator')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemyfios.verizon.net/sdcCommon/download/FIOS/Verizon%20FiOS%20Installer.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} (F5 Networks VPN Manager) - https://vcp.colpal.com/vdesk/terminal/urxvpn.cab#version=6020,2008,0514,2345
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
O16 - DPF: {549F957E-2F89-11D6-8CFE-00C04F52B225} (CMV5 Class) - http://coupons.smartsource.com/download/cscmv5X.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1141349522921
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6C275925-A1ED-4DD2-9CEE-9823F5FDAA10} (F5 Networks SSLTunnel) - https://vcp.colpal.com/vdesk/terminal/urTermProxy.cab#version=6020,2008,0514,2337
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} (CBSTIEPrint Class) - http://offers.e-centives.com/cif/download/bin/actxcab.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} (F5 Networks SuperHost Class) - https://vcp.colpal.com/vdesk/terminal/urxshost.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} (F5 Networks Host Control) - https://vcp.colpal.com/vdesk/terminal/urxhost.cab#version=6020,2008,0514,2340
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Configuration Interface Service (HPConfig) - Hewlett-Packard - C:\WINDOWS\system32\HPConfig.exe
O23 - Service: HPWirelessMgr - Hewlett-Packard Co. - C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe

--
End of file - 12181 bytes


I am also experiencing issues with Internet explorer, where if I leave the screen and walk away or a short duration 5 -10 minutes, I get Internet Explorer (Not Responding). It just hangs.

Thanks so much
Title: Computer is running slow slow
Post by: guestolo on November 29, 2010, 10:27:51 PM
Download [color="#FF0000"]OTL.exe[/color] (http://"http://oldtimer.geekstogo.com/OTL.exe")[/url] by OldTimer to your Desktop.
Title: Computer is running slow slow
Post by: atomilano on December 01, 2010, 07:45:03 PM
[quote name='guestolo' date='29 November 2010 - 09:27 PM' timestamp='1291087671' post='473426']
Download [color="#FF0000"]OTL.exe[/color] (http://"http://oldtimer.geekstogo.com/OTL.exe")[/url] by OldTimer to your Desktop.
[/quote]

Hi,
Here are the logs:
Extras.txt
OTL Extras logfile created on: 12/1/2010 7:19:12 PM - Run 1
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Documents and Settings\User\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
447.00 Mb Total Physical Memory | 40.00 Mb Available Physical Memory | 9.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): c:\pagefile.sys 672 1344 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 15.35 Gb Free Space | 41.20% Space Free | Partition Type: NTFS
 
Computer Name: YOUR-SGZ3XPNGO4 | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.vbe [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.vbs [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.wsf [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.wsh [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"9051:UDP" = 9051:UDP:LocalSubNet:Enabled:Verizon Tech Wizard
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0613467F-A45E-4CB1-9ECE-1F3DD79FB927}" = Easy Internet Sign-up
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1133372B-68D6-435F-BB71-7F3EEB555EA5}" = Verizon FiOS Connection Wizard
"{17424F35-8B77-4ADF-BC63-BF9B81418539}" = Apple Application Support
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D643CD7-4DD6-11D7-A4E0-000874180BB3}" = Microsoft Money 2004
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2A267BC6-F77F-4DD4-825F-7AEB1F68B4B1}" = HpSdpAppCoreApp
"{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45B6180B-DCAB-4093-8EE8-6164457517F0}" = Photosmart 140,240,7200,7600,7700,7900 Series
"{45EBDA59-D33B-433A-956E-B2F236468B56}" = MUSICMATCH® Jukebox
"{46DDF76F-ACD4-42BC-B48F-B89C4EE2E1A9}" = Easy CD & DVD Creator 6
"{48BD24F5-13DE-493A-A7CE-28A85113FF0C}" = HP Deskjet printer preloaded drivers
"{55937F00-A69B-4049-8D3A-1C7729742B6F}" = BUM
"{5BF2B19D-9C79-492A-8969-F059F06A627F}" = Print to Fax
"{607CE53B-0999-4F3B-8FF1-DB1AA47548A8}" = Roxio PhotoSuite 5
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{66C018BD-6F16-4B32-B4CD-1DC1B21FBDFF}" = Zone Deluxe Games
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7148F0A8-6813-11D6-A77B-00B0D0142000}" = Java 2 Runtime Environment, SE v1.4.2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{7BBD57D6-09B1-4CC3-9664-A0D53EE25247}" = PSShortcutsP
"{8C64E145-54BA-11D6-91B1-00500462BE80}" = Microsoft Money 2004 System Pack
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{936C42D0-8CEE-4BDF-B8CE-C4BDC93C6CF8}" = HP Software Update
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures
"{A8F2DCDE-AE4E-4AC9-BECD-496FB80FBF6A}" = Notebook Utilities
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint Plus
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E8843212-F0FC-4C3B-BFF3-D51829CB4F19}" = iTunes
"{F419D20A-7719-4639-8E30-C073A040D878}" = HP Deskjet Preloaded Printer Drivers
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ATI Display Driver" = ATI Display Driver
"Broadcom 802.11b Network Adapter" = HP WLAN 54g W450 Network Adapter
"CNXT_MODEM_PCI_VEN_10B9&DEV_5457&SUBSYS_0850103C" = Conexant 56K ACLink Modem
"Conexant PCI Audio" = Conexant AC-Link Audio
"Coupon Printer for Windows2.0" = Coupon Printer for Windows
"HijackThis" = HijackThis 1.99.1
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{0613467F-A45E-4CB1-9ECE-1F3DD79FB927}" = Easy Internet Sign-up
"InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"Lexmark X6100 Series" = Lexmark X6100 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"N360" = Norton 360
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Punch! Super Home Suite Demo" = Punch! Super Home Suite Demo
"QT4HPOT" = One-Touch Buttons
"RadialpointClientGateway_is1" = Verizon Servicepoint 1.5.22
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.3
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Verizon Help and Support" = Verizon Help and Support Tool
"Verizon Online Help and Support" = Verizon Online Help and Support
"verizon_broad" = Verizon Broadband Toolbar (IE only)
"Windows XP Service Pack" = Windows XP Service Pack 3
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{9863F141-7A33-4c9a-A5F2-96996461B216}" = KODAK EASYSHARE Gallery Easy Upload, v2.1
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 11/20/2010 8:46:00 PM | Computer Name = YOUR-SGZ3XPNGO4 | Source = Bonjour Service | ID = 100
Description = 240: ERROR: read_msg errno 10054 (An existing connection was forcibly
 closed by the remote host.)
 
Error - 11/20/2010 8:46:00 PM | Computer Name = YOUR-SGZ3XPNGO4 | Source = Bonjour Service | ID = 100
Description = 228: ERROR: read_msg errno 10054 (An existing connection was forcibly
 closed by the remote host.)
 
Error - 11/28/2010 10:44:09 PM | Computer Name = YOUR-SGZ3XPNGO4 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 11/28/2010 10:44:09 PM | Computer Name = YOUR-SGZ3XPNGO4 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 11/28/2010 10:53:02 PM | Computer Name = YOUR-SGZ3XPNGO4 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 11/28/2010 10:53:23 PM | Computer Name = YOUR-SGZ3XPNGO4 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 11/28/2010 10:53:37 PM | Computer Name = YOUR-SGZ3XPNGO4 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 11/28/2010 10:53:37 PM | Computer Name = YOUR-SGZ3XPNGO4 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 11/28/2010 10:57:17 PM | Computer Name = YOUR-SGZ3XPNGO4 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error - 11/28/2010 10:57:17 PM | Computer Name = YOUR-SGZ3XPNGO4 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
 hungapp, version 0.0.0.0, hang address 0x00000000.
 
[ System Events ]
Error - 11/16/2010 10:02:42 PM | Computer Name = YOUR-SGZ3XPNGO4 | Source = Print | ID = 19
Description = Sharing printer failed + 1722, Printer Microsoft Office Document Image
 Writer share name Printer.
 
Error - 11/16/2010 10:07:45 PM | Computer Name = YOUR-SGZ3XPNGO4 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
 the N360 service.
 
Error - 11/17/2010 11:11:21 PM | Computer Name = YOUR-SGZ3XPNGO4 | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
 period.
 
Error - 11/18/2010 12:38:07 PM | Computer Name = YOUR-SGZ3XPNGO4 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
 
Error - 11/20/2010 8:53:17 PM | Computer Name = YOUR-SGZ3XPNGO4 | Source = atapi | ID = 262153
Description = The device, \Device\Ide\IdePort0, did not respond within the timeout
 period.
 
Error - 11/28/2010 10:36:50 PM | Computer Name = YOUR-SGZ3XPNGO4 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
 the N360 service.
 
Error - 11/28/2010 10:37:45 PM | Computer Name = YOUR-SGZ3XPNGO4 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
 
Error - 11/28/2010 10:37:49 PM | Computer Name = YOUR-SGZ3XPNGO4 | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.
 
Error - 11/29/2010 7:30:34 AM | Computer Name = YOUR-SGZ3XPNGO4 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
 the N360 service.
 
Error - 12/1/2010 7:45:20 PM | Computer Name = YOUR-SGZ3XPNGO4 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
 the N360 service.
 
 
< End of report >
olt.txt
OTL logfile created on: 12/1/2010 7:19:12 PM - Run 1
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Documents and Settings\User\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
447.00 Mb Total Physical Memory | 40.00 Mb Available Physical Memory | 9.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): c:\pagefile.sys 672 1344 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 15.35 Gb Free Space | 41.20% Space Free | Partition Type: NTFS
 
Computer Name: YOUR-SGZ3XPNGO4 | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2010/12/01 19:17:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/03/17 15:55:42 | 001,565,696 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Verizon\McciTrayApp.exe
PRC - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccsvchst.exe
PRC - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/09/25 23:31:32 | 000,185,640 | ---- | M] (Seagate LLC) -- C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2008/09/16 20:14:46 | 002,065,648 | ---- | M] (Verizon) -- C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/02/18 15:55:28 | 000,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
PRC - [2003/09/23 01:20:02 | 000,049,152 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark X6100 Series\lxbfbmon.exe
PRC - [2003/09/23 01:01:40 | 000,057,344 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe
PRC - [2003/07/18 19:23:22 | 000,868,352 | ---- | M] (Roxio) -- C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
PRC - [2003/05/22 21:55:38 | 000,483,328 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon05.exe
PRC - [2003/05/22 16:10:00 | 000,110,592 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2003/05/21 14:35:50 | 000,004,608 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\carpserv.exe
PRC - [2003/01/14 16:12:14 | 000,053,248 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
PRC - [2002/08/15 12:11:00 | 000,151,552 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\HPConfig.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010/12/01 19:17:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
MOD - [2010/09/20 14:26:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\asoehook.dll
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/03/17 15:53:28 | 000,198,656 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Common Files\Motive\McciContextHook_DSR.dll
MOD - [2009/07/12 03:02:02 | 000,653,120 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\microsoft.vc90.crt\msvcr90.dll
MOD - [2009/07/12 03:02:00 | 000,569,664 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\microsoft.vc90.crt\msvcp90.dll
MOD - [2003/05/22 16:09:00 | 000,065,536 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe -- (N360)
SRV - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2003/01/14 16:12:14 | 000,053,248 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe -- (HPWirelessMgr)
SRV - [2002/08/15 12:11:00 | 000,151,552 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPConfig.exe -- (HPConfig)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\rasirda.sys -- (Rasirda) WAN Miniport (IrDA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ce3n5.sys -- (CE3)
DRV - [2010/11/03 19:07:06 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101104.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/10/19 15:36:22 | 000,341,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101130.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/09/28 19:38:25 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101201.025\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/09/28 19:38:24 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101201.025\NAVENG.SYS -- (NAVENG)
DRV - [2010/05/29 06:42:19 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/05/29 06:42:18 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/05 23:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/04/29 00:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/21 22:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/21 21:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 21:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/03/18 20:49:23 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/03/17 15:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/03/17 15:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/02/25 19:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP)
DRV - [2009/10/14 22:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS)
DRV - [2008/05/14 18:46:57 | 000,010,744 | ---- | M] (F5 Networks) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\urfltw2k.sys -- (f5ipfw)
DRV - [2008/05/14 18:46:52 | 000,027,000 | ---- | M] (F5 Networks) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\urvpndrv.sys -- (urvpndrv)
DRV - [2004/05/15 18:29:12 | 000,701,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003/10/11 10:06:51 | 000,259,456 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2003/10/11 09:50:59 | 000,028,276 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2003/07/18 19:25:16 | 000,021,993 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2003/07/18 19:25:14 | 000,022,745 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2003/07/18 19:25:10 | 000,118,409 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2003/07/18 19:22:06 | 000,213,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\UdfReadr_xp.sys -- (UdfReadr_xp)
DRV - [2003/07/17 02:19:56 | 000,066,992 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2003/07/17 02:19:56 | 000,024,698 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2003/07/16 20:01:02 | 000,028,280 | ---- | M] (National Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DP83815.sys -- (DP83815)
DRV - [2003/07/10 06:16:46 | 000,026,112 | R--- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aliirda.sys -- (ALiIRDA)
DRV - [2003/05/22 15:36:00 | 000,273,072 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2003/05/21 14:35:56 | 000,030,592 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\strmdisp.sys -- (StreamDispatcher)
DRV - [2003/05/21 14:33:54 | 000,179,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWALI.sys -- (HSFHWALI)
DRV - [2003/05/21 14:32:32 | 000,631,296 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/05/21 14:31:22 | 001,063,040 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/05/02 06:58:22 | 000,173,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2003/03/31 14:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2002/11/05 10:04:48 | 000,291,328 | R--- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\caliaud.sys -- (CALIAUD)
DRV - [2002/11/05 10:04:48 | 000,244,608 | R--- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\calihal.sys -- (CALIHALA)
DRV - [2002/10/16 07:15:54 | 000,014,543 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DKbFltr.SYS -- (DKbFltr)
DRV - [2002/07/18 08:07:50 | 000,023,602 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\atisgkaf.sys -- (caboagp)
DRV - [2002/07/17 14:09:12 | 000,014,504 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hpci.sys -- (HPCI)
DRV - [2001/08/17 02:10:28 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2010/06/04 07:11:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\ [2010/03/18 20:51:50 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2009/03/16 20:02:15 | 000,000,732 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: () - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (CNisExtBho Class) - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll File not found
O2 - BHO: (Verizon Broadband Toolbar) - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\Program Files\verizon_broad\verizon_broad.dll (Verizon Online.                              )
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Verizon Broadband Toolbar) - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\Program Files\verizon_broad\verizon_broad.dll (Verizon Online.                              )
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Verizon Broadband Toolbar) - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\Program Files\verizon_broad\verizon_broad.dll (Verizon Online.                              )
O4 - HKLM..\Run: [CARPService] C:\WINDOWS\System32\carpserv.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\Cpqset.exe ()
O4 - HKLM..\Run: [Display Settings] C:\Program Files\HPQ\Notebook Utilities\hptasks.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Lexmark X6100 Series] C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [MMTray]  File not found
O4 - HKLM..\Run: [QT4HPOT] C:\Program Files\HPQ\One-Touch\ONETOUCH.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [RoxioEngineUtility] C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe (Roxio)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [UserFaultCheck]  File not found
O4 - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe (Alcatel-Lucent)
O4 - HKLM..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\VSP\VerizonServicepoint.exe (Verizon)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra Button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains:   ([]msn in My Computer)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://activatemyfios.verizon.net/sdcCommon/download/FIOS/Verizon%20FiOS%20Installer.cab (Support.com Configuration Class)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} https://vcp.colpal.com/vdesk/terminal/urxvpn.cab#version=6020,2008,0514,2345 (F5 Networks VPN Manager)
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} https://support.microsoft.com/OAS/ActiveX/odc.cab (Microsoft PID Sniffer)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc.cab (Office Update Installation Engine)
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} http://www.linkedin.com/cab/LinkedInContactFinderControl.cab (LinkedIn ContactFinderControl)
O16 - DPF: {549F957E-2F89-11D6-8CFE-00C04F52B225} http://coupons.smartsource.com/download/cscmv5X.cab (CMV5 Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1141349522921 (WUWebControl Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6C275925-A1ED-4DD2-9CEE-9823F5FDAA10} https://vcp.colpal.com/vdesk/terminal/urTermProxy.cab#version=6020,2008,0514,2337 (F5 Networks SSLTunnel)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38043.6809837963 (Reg Error: Key error.)
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} http://www.ravantivirus.com/scan/ravonline.cab (CRAVOnline Object)
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} http://offers.e-centives.com/cif/download/bin/actxcab.cab (CBSTIEPrint Class)
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Registry Information Class)
O16 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2)
O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} https://vcp.colpal.com/vdesk/terminal/urxshost.cab (F5 Networks SuperHost Class)
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab (ActiveDataInfo Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} https://vcp.colpal.com/vdesk/terminal/urxhost.cab#version=6020,2008,0514,2340 (F5 Networks Host Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.250.0.12
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/12/31 14:09:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010/12/01 19:17:17 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2010/11/29 21:26:01 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/11/18 11:47:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[2010/11/17 20:10:07 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/11/17 20:09:40 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/11/16 21:31:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/11/16 21:28:57 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\User\IECompatCache
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010/12/01 19:24:32 | 000,167,936 | ---- | M] () -- C:\Documents and Settings\User\Desktop\oti.doc
[2010/12/01 19:22:04 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Microsoft Office Word 2003.lnk
[2010/12/01 19:17:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2010/12/01 18:42:41 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/01 18:42:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/01 18:42:12 | 468,766,720 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/29 21:27:03 | 000,002,445 | ---- | M] () -- C:\Documents and Settings\User\Desktop\HiJackThis.lnk
[2010/11/20 20:16:25 | 000,000,645 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2010/11/17 20:12:24 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/11/17 11:56:06 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/11/12 08:34:29 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/11/11 08:44:48 | 000,385,256 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/11 08:44:48 | 000,054,850 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/04 11:57:55 | 468,799,488 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010/12/01 19:24:23 | 000,167,936 | ---- | C] () -- C:\Documents and Settings\User\Desktop\oti.doc
[2010/11/29 21:26:02 | 000,002,445 | ---- | C] () -- C:\Documents and Settings\User\Desktop\HiJackThis.lnk
[2010/11/17 20:12:24 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/11/12 08:34:27 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2008/04/11 16:50:53 | 000,374,784 | ---- | C] () -- C:\WINDOWS\3dg32.dll
[2007/11/05 22:24:11 | 000,000,031 | -H-- | C] () -- C:\WINDOWS\uccspecc.sys
[2007/07/18 20:08:27 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2006/12/28 15:11:32 | 000,002,917 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/01/09 20:45:09 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbfvs.dll
[2005/01/09 20:44:23 | 000,000,188 | ---- | C] () -- C:\WINDOWS\System32\lxbfcoin.ini
[2005/01/09 20:43:31 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBFLCNP.DLL
[2004/05/17 17:21:44 | 000,000,645 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2004/05/15 16:27:32 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameD.txt
[2003/10/11 10:00:36 | 000,000,237 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2003/10/11 09:57:36 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2003/10/11 09:54:03 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/10/11 09:45:53 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/10/11 09:45:27 | 000,000,137 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/06/23 14:57:52 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/06/23 14:46:02 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
 
========== LOP Check ==========
 
[2004/05/17 17:22:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2009/12/31 16:35:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2010/03/31 11:51:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/12/26 09:09:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2003/10/11 09:41:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\InterTrust
[2004/02/26 21:28:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\InterVideo
[2009/12/31 16:27:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Leadertech
[2008/04/11 16:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\SmartDraw
 
========== Purity Check ==========
 
 

< End of report >
Title: Computer is running slow slow
Post by: guestolo on December 01, 2010, 11:57:59 PM
Wow, I see some software that is way out of date, before we carry on, can you do the following please

Download Security Check by screen317 from here (http://"http://screen317.spywareinfoforum.org/SecurityCheck.exe") or here (http://"http://screen317.changelog.fr/SecurityCheck.exe").
Title: Computer is running slow slow
Post by: atomilano on December 02, 2010, 09:15:15 AM
[quote name='guestolo' date='01 December 2010 - 10:57 PM' timestamp='1291265879' post='473472']
Wow, I see some software that is way out of date, before we carry on, can you do the following please

Download Security Check by screen317 from here (http://"http://screen317.spywareinfoforum.org/SecurityCheck.exe") or here (http://"http://screen317.changelog.fr/SecurityCheck.exe").[/quote]


Hi,
Here is the log:
 Results of screen317's Security Check version 0.99.6  
 Windows XP Service Pack 3  
 Internet Explorer 8  
``````````````````````````````
Antivirus/Firewall Check:
 Windows Firewall Disabled!  
 Norton 360    
```````````````````````````````
Anti-malware/Other Utilities Check:
 Out of date Spybot installed!
 Ad-Aware
 Out of date HijackThis installed!
 Malwarebytes' Anti-Malware    
 HijackThis 1.99.1    
 Java 2 Runtime Environment, SE v1.4.2
 Adobe Flash Player  
Adobe Reader 9.4.0
````````````````````````````````
Process Check:  
objlist.exe by Laurent
 Norton ccSvcHst.exe
 Ad-Aware AAWService.exe is disabled!
 Ad-Aware AAWTray.exe is disabled!
````````````````````````````````
DNS Vulnerability Check:
 GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````
Title: Computer is running slow slow
Post by: guestolo on December 04, 2010, 01:48:18 AM
You don't really have enough RAM to be running more intensive Anti-Virus, Anti-spyware software

Let's try the following please
Open Spybot>>Click on MODE>>Advanced Mode
Click on Tools in bottom left hand corner.
Click on Resident icon.
Ensure that both SDHELPER and TEATimer are both
UNChecked
Click Allow Change box if prompted
Click on the Immunize button on the left
Close down ALL browser windows and UNDO the changes
When done, let's do the next step

Uninstall Adaware-SE Personal from Add and Remove Programs
Reboot the computer afterwards

Back in Windows
Again, access Add/Remove Programs
Uninstall Java 2 Runtime Environment, SE v1.4.2

Reboot the computer once again
Back in Windows
Please download TFC by Old Timer and save it to your desktop.
http://oldtimer.geekstogo.com/TFC.exe
Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately.

Back in Windows
Open Malwarebytes' Anti-Malware
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

In addition, reopen OTL.exe
Click on "QUICK SCAN", when the scan is complete, post the new log that opens please
Title: Computer is running slow slow
Post by: atomilano on December 06, 2010, 12:47:56 PM
[quote name='guestolo' date='04 December 2010 - 12:48 AM' timestamp='1291445298' post='473545']
You don't really have enough RAM to be running more intensive Anti-Virus, Anti-spyware software

Let's try the following please
Open Spybot>>Click on MODE>>Advanced Mode
Click on Tools in bottom left hand corner.
Click on Resident icon.
Ensure that both SDHELPER and TEATimer are both
UNChecked
Click Allow Change box if prompted
Click on the Immunize button on the left
Close down ALL browser windows and UNDO the changes
When done, let's do the next step

Uninstall Adaware-SE Personal from Add and Remove Programs
Reboot the computer afterwards

Back in Windows
Again, access Add/Remove Programs
Uninstall Java 2 Runtime Environment, SE v1.4.2

Reboot the computer once again
Back in Windows
Please download TFC by Old Timer and save it to your desktop.
http://oldtimer.geekstogo.com/TFC.exe
Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately.

Back in Windows
Open Malwarebytes' Anti-Malware
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

In addition, reopen OTL.exe
Click on "QUICK SCAN", when the scan is complete, post the new log that opens please
[/quote]


Ok, here is MBAM
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Database version: 5256

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/6/2010 12:43:27 PM
mbam-log-2010-12-06 (12-43-27).txt

Scan type: Quick scan
Objects scanned: 145139
Time elapsed: 9 minute(s), 58 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogoff (PUM.Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
Title: Computer is running slow slow
Post by: atomilano on December 06, 2010, 01:09:15 PM
[quote name='atomilano' date='06 December 2010 - 11:47 AM' timestamp='1291657676' post='473602']
Ok, here is MBAM
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Database version: 5256

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/6/2010 12:43:27 PM
mbam-log-2010-12-06 (12-43-27).txt

Scan type: Quick scan
Objects scanned: 145139
Time elapsed: 9 minute(s), 58 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogoff (PUM.Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
[/quote]

Here is the OTL log

OTL logfile created on: 12/6/2010 12:57:42 PM - Run 2
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Documents and Settings\User\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
447.00 Mb Total Physical Memory | 65.00 Mb Available Physical Memory | 15.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): c:\pagefile.sys 672 1344 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 15.54 Gb Free Space | 41.71% Space Free | Partition Type: NTFS
 
Computer Name: YOUR-SGZ3XPNGO4 | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2010/12/01 19:17:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/03/17 15:55:42 | 001,565,696 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Verizon\McciTrayApp.exe
PRC - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccsvchst.exe
PRC - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/09/25 23:31:32 | 000,185,640 | ---- | M] (Seagate LLC) -- C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2008/09/16 20:14:46 | 002,065,648 | ---- | M] (Verizon) -- C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/02/18 15:55:28 | 000,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
PRC - [2003/09/23 01:20:02 | 000,049,152 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark X6100 Series\lxbfbmon.exe
PRC - [2003/09/23 01:01:40 | 000,057,344 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe
PRC - [2003/07/18 19:23:22 | 000,868,352 | ---- | M] (Roxio) -- C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
PRC - [2003/05/22 21:55:38 | 000,483,328 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon05.exe
PRC - [2003/05/22 16:10:00 | 000,110,592 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2003/05/21 14:35:50 | 000,004,608 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\carpserv.exe
PRC - [2003/01/14 16:12:14 | 000,053,248 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
PRC - [2002/08/15 12:11:00 | 000,151,552 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\HPConfig.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010/12/01 19:17:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
MOD - [2010/09/20 14:26:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\asoehook.dll
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/03/17 15:53:28 | 000,198,656 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Common Files\Motive\McciContextHook_DSR.dll
MOD - [2009/07/12 03:02:02 | 000,653,120 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\microsoft.vc90.crt\msvcr90.dll
MOD - [2009/07/12 03:02:00 | 000,569,664 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\microsoft.vc90.crt\msvcp90.dll
MOD - [2003/05/22 16:09:00 | 000,065,536 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe -- (N360)
SRV - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2003/01/14 16:12:14 | 000,053,248 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe -- (HPWirelessMgr)
SRV - [2002/08/15 12:11:00 | 000,151,552 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPConfig.exe -- (HPConfig)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\rasirda.sys -- (Rasirda) WAN Miniport (IrDA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ce3n5.sys -- (CE3)
DRV - [2010/11/22 21:20:07 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101123.003\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/10/19 15:36:22 | 000,341,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101130.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/09/28 19:38:25 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101206.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/09/28 19:38:24 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101206.002\NAVENG.SYS -- (NAVENG)
DRV - [2010/05/29 06:42:19 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/05/29 06:42:18 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/05 23:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/04/29 00:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/21 22:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/21 21:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 21:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/03/18 20:49:23 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/03/17 15:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/03/17 15:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/02/25 19:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP)
DRV - [2009/10/14 22:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS)
DRV - [2008/05/14 18:46:57 | 000,010,744 | ---- | M] (F5 Networks) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\urfltw2k.sys -- (f5ipfw)
DRV - [2008/05/14 18:46:52 | 000,027,000 | ---- | M] (F5 Networks) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\urvpndrv.sys -- (urvpndrv)
DRV - [2004/05/15 18:29:12 | 000,701,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003/10/11 10:06:51 | 000,259,456 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2003/10/11 09:50:59 | 000,028,276 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2003/07/18 19:25:16 | 000,021,993 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2003/07/18 19:25:14 | 000,022,745 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2003/07/18 19:25:10 | 000,118,409 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2003/07/18 19:22:06 | 000,213,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\UdfReadr_xp.sys -- (UdfReadr_xp)
DRV - [2003/07/17 02:19:56 | 000,066,992 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2003/07/17 02:19:56 | 000,024,698 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2003/07/16 20:01:02 | 000,028,280 | ---- | M] (National Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DP83815.sys -- (DP83815)
DRV - [2003/07/10 06:16:46 | 000,026,112 | R--- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aliirda.sys -- (ALiIRDA)
DRV - [2003/05/22 15:36:00 | 000,273,072 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2003/05/21 14:35:56 | 000,030,592 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\strmdisp.sys -- (StreamDispatcher)
DRV - [2003/05/21 14:33:54 | 000,179,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWALI.sys -- (HSFHWALI)
DRV - [2003/05/21 14:32:32 | 000,631,296 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/05/21 14:31:22 | 001,063,040 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/05/02 06:58:22 | 000,173,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2003/03/31 14:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2002/11/05 10:04:48 | 000,291,328 | R--- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\caliaud.sys -- (CALIAUD)
DRV - [2002/11/05 10:04:48 | 000,244,608 | R--- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\calihal.sys -- (CALIHALA)
DRV - [2002/10/16 07:15:54 | 000,014,543 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DKbFltr.SYS -- (DKbFltr)
DRV - [2002/07/18 08:07:50 | 000,023,602 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\atisgkaf.sys -- (caboagp)
DRV - [2002/07/17 14:09:12 | 000,014,504 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hpci.sys -- (HPCI)
DRV - [2001/08/17 02:10:28 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2010/06/04 07:11:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\ [2010/03/18 20:51:50 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2009/03/16 20:02:15 | 000,000,732 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (CNisExtBho Class) - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll File not found
O2 - BHO: (Verizon Broadband Toolbar) - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\Program Files\verizon_broad\verizon_broad.dll (Verizon Online.                              )
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Verizon Broadband Toolbar) - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\Program Files\verizon_broad\verizon_broad.dll (Verizon Online.                              )
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Verizon Broadband Toolbar) - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\Program Files\verizon_broad\verizon_broad.dll (Verizon Online.                              )
O4 - HKLM..\Run: [CARPService] C:\WINDOWS\System32\carpserv.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\Cpqset.exe ()
O4 - HKLM..\Run: [Display Settings] C:\Program Files\HPQ\Notebook Utilities\hptasks.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Lexmark X6100 Series] C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [MMTray]  File not found
O4 - HKLM..\Run: [QT4HPOT] C:\Program Files\HPQ\One-Touch\ONETOUCH.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [RoxioEngineUtility] C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe (Roxio)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [UserFaultCheck]  File not found
O4 - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe (Alcatel-Lucent)
O4 - HKLM..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\VSP\VerizonServicepoint.exe (Verizon)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra Button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains:   ([]msn in My Computer)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://activatemyfios.verizon.net/sdcCommon/download/FIOS/Verizon%20FiOS%20Installer.cab (Support.com Configuration Class)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} https://vcp.colpal.com/vdesk/terminal/urxvpn.cab#version=6020,2008,0514,2345 (F5 Networks VPN Manager)
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} https://support.microsoft.com/OAS/ActiveX/odc.cab (Microsoft PID Sniffer)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc.cab (Office Update Installation Engine)
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} http://www.linkedin.com/cab/LinkedInContactFinderControl.cab (LinkedIn ContactFinderControl)
O16 - DPF: {549F957E-2F89-11D6-8CFE-00C04F52B225} http://coupons.smartsource.com/download/cscmv5X.cab (CMV5 Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1141349522921 (WUWebControl Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6C275925-A1ED-4DD2-9CEE-9823F5FDAA10} https://vcp.colpal.com/vdesk/terminal/urTermProxy.cab#version=6020,2008,0514,2337 (F5 Networks SSLTunnel)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38043.6809837963 (Reg Error: Key error.)
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} http://www.ravantivirus.com/scan/ravonline.cab (CRAVOnline Object)
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} http://offers.e-centives.com/cif/download/bin/actxcab.cab (CBSTIEPrint Class)
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Registry Information Class)
O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} https://vcp.colpal.com/vdesk/terminal/urxshost.cab (F5 Networks SuperHost Class)
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab (ActiveDataInfo Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} https://vcp.colpal.com/vdesk/terminal/urxhost.cab#version=6020,2008,0514,2340 (F5 Networks Host Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.250.0.12
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/12/31 14:09:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010/12/06 12:06:11 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\TFC.exe
[2010/12/01 19:17:17 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2010/11/29 21:26:01 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/11/18 11:47:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[2010/11/17 20:10:07 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/11/17 20:09:40 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/11/16 21:31:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2010/11/16 21:28:57 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\User\IECompatCache
 
========== Files - Modified Within 30 Days ==========
 
[2010/12/06 12:52:00 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/06 12:51:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/06 12:51:06 | 468,766,720 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/06 12:06:13 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\TFC.exe
[2010/12/02 09:08:49 | 000,869,086 | ---- | M] () -- C:\Documents and Settings\User\Desktop\SecurityCheck.exe
[2010/12/01 22:32:33 | 000,000,645 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2010/12/01 19:24:32 | 000,167,936 | ---- | M] () -- C:\Documents and Settings\User\Desktop\oti.doc
[2010/12/01 19:22:04 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Microsoft Office Word 2003.lnk
[2010/12/01 19:17:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2010/11/29 21:27:03 | 000,002,445 | ---- | M] () -- C:\Documents and Settings\User\Desktop\HiJackThis.lnk
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/17 20:12:24 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/11/17 11:56:06 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/11/12 08:34:29 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/11/11 08:44:48 | 000,385,256 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/11 08:44:48 | 000,054,850 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
 
========== Files Created - No Company Name ==========
 
[2010/12/02 09:08:45 | 000,869,086 | ---- | C] () -- C:\Documents and Settings\User\Desktop\SecurityCheck.exe
[2010/12/01 19:24:23 | 000,167,936 | ---- | C] () -- C:\Documents and Settings\User\Desktop\oti.doc
[2010/11/29 21:26:02 | 000,002,445 | ---- | C] () -- C:\Documents and Settings\User\Desktop\HiJackThis.lnk
[2010/11/17 20:12:24 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/11/12 08:34:27 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2008/04/11 16:50:53 | 000,374,784 | ---- | C] () -- C:\WINDOWS\3dg32.dll
[2007/11/05 22:24:11 | 000,000,031 | -H-- | C] () -- C:\WINDOWS\uccspecc.sys
[2007/07/18 20:08:27 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2006/12/28 15:11:32 | 000,002,917 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/01/09 20:45:09 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbfvs.dll
[2005/01/09 20:44:23 | 000,000,188 | ---- | C] () -- C:\WINDOWS\System32\lxbfcoin.ini
[2005/01/09 20:43:31 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBFLCNP.DLL
[2004/05/17 17:21:44 | 000,000,645 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2004/05/15 16:27:32 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameD.txt
[2003/10/11 10:00:36 | 000,000,237 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2003/10/11 09:57:36 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2003/10/11 09:54:03 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/10/11 09:45:53 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/10/11 09:45:27 | 000,000,137 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/06/23 14:57:52 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/06/23 14:46:02 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

< End of report >
Title: Computer is running slow slow
Post by: guestolo on December 13, 2010, 02:09:53 PM
Very sorry for the delay, I totally forgot about this topic  /huh.gif\' class=\'bbc_emoticon\' alt=\':huh:\' />

How are things running now?
 we should still do some more housecleaning
I had you remove your version of Java, have you installed the more up to date version yet?
If not, we will do that also
Title: Computer is running slow slow
Post by: atomilano on December 13, 2010, 09:22:21 PM
[quote name='guestolo' date='13 December 2010 - 01:09 PM' timestamp='1292267393' post='473759']
Very sorry for the delay, I totally forgot about this topic  /huh.gif\' class=\'bbc_emoticon\' alt=\':huh:\' />

How are things running now?
 we should still do some more housecleaning
I had you remove your version of Java, have you installed the more up to date version yet?
If not, we will do that also
[/quote]

HI, no problem, I know you are busy.
Things are running slightly better but not much. I still keep getting Internet Explorer Not responding when I leave my computer for a brief period of time.  This was happening before we started the cleanup process. I did not install the more up to date version of Java yet.  Should I also run the Malaware software periodically?
thanks
Title: Computer is running slow slow
Post by: guestolo on December 14, 2010, 11:09:48 PM
Can you do the following
Since you no longer have Windows Defender installed
You can enter Add/Remove and uninstall Windows Defender Signatures

To make sure you have the latest version of Adobe Flash Player installed:
1. To uninstall an older version, download this file to your Desktop: uninstall_flash_player.exe (http://"http://download.macromedia.com/pub/flashplayer/current/uninstall_flash_player.exe")
2. Quit ALL running applications, including all Internet Explorer or other browser windows, and messenger applications (like AOL Instant Messenger, Yahoo Messenger, MSN Messenger).
3. Double-click on the file you've downloaded to uninstall Flash.
Follow the prompts, you can delete the uninstaller after removal

We'll update it in a bit
download JavaRa (http://"http://sourceforge.net/project/downloading.php?groupname=javara&filename=JavaRa.zip&use_mirror=osdn") and unzip it to your desktop.

Close any instances of Internet Explorer before continuingCome back here afterwards:
Double  click on OTL.exe and Run it
On startup, Allow OTL to run if prompted
A log should open, you can simply close it

Go to this site: Install Adobe Flash Player (http://get.adobe.com/flashplayer/), and choose Agree and install now. This will install the newest version of Flash for your browser (note: Flash plugins for IE and Firefox must be installed separately).
Note: I recommend you uncheck an optional install (Free McAfee Security Scan or Free Google Toolbar).

[color="blue"]Updating Java:[/color]Java installs a Quick Starter service that is not required to run on startup
Open Windows Control Panel>>Java Icon>>Advanced tab
Expand on "Miscellaneous"
Uncheck "Java Quick Starter"
Apply and Ok it

There may be other entries running on startup that may not necessarily be needed
I suggest that you download and save to desktop Startuplite
from the link
http://www.malwarebytes.org/startuplite.php

Run it and disable entries suggested
Reboot one more time

Let's ensure your disks are clean of errors
Open MyComputer>>Right Click on "Local Disk C:" and choose Properties
Select the TOOLS tab and then click "Check Now" under Error Checking
tick Both options then click START
You should be prompted that it will schedule on next restart
Select YES
Restart the computer, let it run Error check on drive, this can take a bit of time
Be patient

When complete
Let me know how things are now running
In addition: Did you notice a slowdown after installing Norton 360?

And again, Can you reopen OTL.exe and run a Quick Scan
Post it's new log
Title: Computer is running slow slow
Post by: atomilano on December 17, 2010, 04:19:38 PM
Hi,
I did notice  slow down when I installed Norton 360, and was getting slower and slower. I think things are running somewhat faster. Is it possible to add RAM to this laptop?
Here is the OTL log:
OTL logfile created on: 12/17/2010 4:09:32 PM - Run 3
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Documents and Settings\User\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
447.00 Mb Total Physical Memory | 74.00 Mb Available Physical Memory | 17.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 65.00% Paging File free
Paging file location(s): c:\pagefile.sys 672 1344 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.25 Gb Total Space | 15.64 Gb Free Space | 41.99% Space Free | Partition Type: NTFS
 
Computer Name: YOUR-SGZ3XPNGO4 | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2010/12/01 19:17:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/03/17 15:55:42 | 001,565,696 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Verizon\McciTrayApp.exe
PRC - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccsvchst.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/09/25 23:31:32 | 000,185,640 | ---- | M] (Seagate LLC) -- C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2008/09/16 20:14:46 | 002,065,648 | ---- | M] (Verizon) -- C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/09/23 01:20:02 | 000,049,152 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark X6100 Series\lxbfbmon.exe
PRC - [2003/09/23 01:01:40 | 000,057,344 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe
PRC - [2003/05/22 21:55:38 | 000,483,328 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hphmon05.exe
PRC - [2003/05/22 16:10:00 | 000,110,592 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2003/05/21 14:35:50 | 000,004,608 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\carpserv.exe
PRC - [2003/01/14 16:12:14 | 000,053,248 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe
PRC - [2002/08/15 12:11:00 | 000,151,552 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\HPConfig.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010/12/01 19:17:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
MOD - [2010/09/20 14:26:01 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\asoehook.dll
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/03/17 15:53:28 | 000,198,656 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Common Files\Motive\McciContextHook_DSR.dll
MOD - [2009/07/12 03:02:02 | 000,653,120 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\microsoft.vc90.crt\msvcr90.dll
MOD - [2009/07/12 03:02:00 | 000,569,664 | R--- | M] (Microsoft Corporation) -- C:\Program Files\Norton 360\Engine\4.3.0.5\microsoft.vc90.crt\msvcp90.dll
MOD - [2003/05/22 16:09:00 | 000,065,536 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/02/25 19:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton 360\Engine\4.3.0.5\ccSvcHst.exe -- (N360)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2003/01/14 16:12:14 | 000,053,248 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exe -- (HPWirelessMgr)
SRV - [2002/08/15 12:11:00 | 000,151,552 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPConfig.exe -- (HPConfig)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\rasirda.sys -- (Rasirda) WAN Miniport (IrDA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ce3n5.sys -- (CE3)
DRV - [2010/12/17 10:24:41 | 001,360,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101217.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/12/17 10:24:40 | 000,086,008 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101217.002\NAVENG.SYS -- (NAVENG)
DRV - [2010/11/22 21:20:07 | 000,691,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101123.003\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/11/08 19:50:31 | 000,341,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101215.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/05/29 06:42:18 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/05/05 23:01:59 | 000,361,904 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/04/29 00:03:51 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\Ironx86.SYS -- (SymIRON)
DRV - [2010/04/21 22:02:20 | 000,173,104 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMEFA.SYS -- (SymEFA)
DRV - [2010/04/21 21:29:50 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0403000.005\SRTSP.SYS -- (SRTSP)
DRV - [2010/04/21 21:29:50 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/03/18 20:49:23 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/03/17 15:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/03/17 15:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/02/25 19:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\ccHPx86.sys -- (ccHP)
DRV - [2009/10/14 22:50:05 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0403000.005\SYMDS.SYS -- (SymDS)
DRV - [2008/05/14 18:46:57 | 000,010,744 | ---- | M] (F5 Networks) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\urfltw2k.sys -- (f5ipfw)
DRV - [2008/05/14 18:46:52 | 000,027,000 | ---- | M] (F5 Networks) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\urvpndrv.sys -- (urvpndrv)
DRV - [2004/05/15 18:29:12 | 000,701,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003/10/11 10:06:51 | 000,259,456 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2003/10/11 09:50:59 | 000,028,276 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2003/07/18 19:25:16 | 000,021,993 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2003/07/18 19:25:14 | 000,022,745 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2003/07/18 19:25:10 | 000,118,409 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2003/07/18 19:22:06 | 000,213,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\UdfReadr_xp.sys -- (UdfReadr_xp)
DRV - [2003/07/17 02:19:56 | 000,066,992 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2003/07/17 02:19:56 | 000,024,698 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2003/07/16 20:01:02 | 000,028,280 | ---- | M] (National Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DP83815.sys -- (DP83815)
DRV - [2003/07/10 06:16:46 | 000,026,112 | R--- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aliirda.sys -- (ALiIRDA)
DRV - [2003/05/22 15:36:00 | 000,273,072 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2003/05/21 14:35:56 | 000,030,592 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\strmdisp.sys -- (StreamDispatcher)
DRV - [2003/05/21 14:33:54 | 000,179,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWALI.sys -- (HSFHWALI)
DRV - [2003/05/21 14:32:32 | 000,631,296 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/05/21 14:31:22 | 001,063,040 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/05/02 06:58:22 | 000,173,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2003/03/31 14:00:00 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2002/11/05 10:04:48 | 000,291,328 | R--- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\caliaud.sys -- (CALIAUD)
DRV - [2002/11/05 10:04:48 | 000,244,608 | R--- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\calihal.sys -- (CALIHALA)
DRV - [2002/10/16 07:15:54 | 000,014,543 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DKbFltr.SYS -- (DKbFltr)
DRV - [2002/07/18 08:07:50 | 000,023,602 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\atisgkaf.sys -- (caboagp)
DRV - [2002/07/17 14:09:12 | 000,014,504 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hpci.sys -- (HPCI)
DRV - [2001/08/17 02:10:28 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2010/06/04 07:11:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\ [2010/03/18 20:51:50 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2009/03/16 20:02:15 | 000,000,732 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.3.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (CNisExtBho Class) - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll File not found
O2 - BHO: (Verizon Broadband Toolbar) - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\Program Files\verizon_broad\verizon_broad.dll (Verizon Online.                              )
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (CNavExtBho Class) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Verizon Broadband Toolbar) - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\Program Files\verizon_broad\verizon_broad.dll (Verizon Online.                              )
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton AntiVirus) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.3.0.5\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Verizon Broadband Toolbar) - {A057A204-BACC-4D26-8398-26FADCF27386} - C:\Program Files\verizon_broad\verizon_broad.dll (Verizon Online.                              )
O4 - HKLM..\Run: [CARPService] C:\WINDOWS\System32\carpserv.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\Cpqset.exe ()
O4 - HKLM..\Run: [Display Settings] C:\Program Files\HPQ\Notebook Utilities\hptasks.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Lexmark X6100 Series] C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [QT4HPOT] C:\Program Files\HPQ\One-Touch\ONETOUCH.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [RoxioEngineUtility] C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe (Roxio)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe (Alcatel-Lucent)
O4 - HKLM..\Run: [VerizonServicepoint.exe] C:\Program Files\Verizon\VSP\VerizonServicepoint.exe (Verizon)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra Button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains:   ([]msn in My Computer)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://activatemyfios.verizon.net/sdcCommon/download/FIOS/Verizon%20FiOS%20Installer.cab (Support.com Configuration Class)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} https://vcp.colpal.com/vdesk/terminal/urxvpn.cab#version=6020,2008,0514,2345 (F5 Networks VPN Manager)
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} https://support.microsoft.com/OAS/ActiveX/odc.cab (Microsoft PID Sniffer)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc.cab (Office Update Installation Engine)
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} http://www.linkedin.com/cab/LinkedInContactFinderControl.cab (LinkedIn ContactFinderControl)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1141349522921 (WUWebControl Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {6C275925-A1ED-4DD2-9CEE-9823F5FDAA10} https://vcp.colpal.com/vdesk/terminal/urTermProxy.cab#version=6020,2008,0514,2337 (F5 Networks SSLTunnel)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38043.6809837963 (Reg Error: Key error.)
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} http://www.ravantivirus.com/scan/ravonline.cab (CRAVOnline Object)
O16 - DPF: {A7EA8AD2-287F-11D3-B120-006008C39542} http://offers.e-centives.com/cif/download/bin/actxcab.cab (CBSTIEPrint Class)
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Registry Information Class)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} https://vcp.colpal.com/vdesk/terminal/urxshost.cab (F5 Networks SuperHost Class)
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab (ActiveDataInfo Class)
O16 - DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} https://vcp.colpal.com/vdesk/terminal/urxhost.cab#version=6020,2008,0514,2340 (F5 Networks Host Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.250.0.12
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/12/31 14:09:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010/12/17 13:14:20 | 000,204,496 | ---- | C] (Malwarebytes) -- C:\Documents and Settings\User\Desktop\StartUpLite.exe
[2010/12/17 13:05:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/12/17 13:05:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/12/17 12:49:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010/12/17 12:49:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2010/12/17 12:48:18 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2010/12/17 11:38:10 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/12/17 11:28:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\User\Desktop\JavaRa
[2010/12/06 12:06:11 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\TFC.exe
[2010/12/01 19:17:17 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2010/11/29 21:26:01 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/11/18 11:47:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[2010/11/17 20:10:07 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/11/17 20:09:40 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
 
========== Files - Modified Within 30 Days ==========
 
[2010/12/17 15:27:48 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/17 15:27:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/17 15:27:04 | 468,766,720 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/17 15:07:04 | 000,216,856 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/17 15:04:15 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/12/17 13:16:07 | 000,204,496 | ---- | M] (Malwarebytes) -- C:\Documents and Settings\User\Desktop\StartUpLite.exe
[2010/12/17 12:48:33 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010/12/17 12:48:32 | 000,001,619 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2010/12/17 12:36:05 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Microsoft Office Word 2003.lnk
[2010/12/17 11:20:48 | 000,205,540 | ---- | M] () -- C:\Documents and Settings\User\Desktop\JavaRa.zip
[2010/12/13 12:55:07 | 468,799,488 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2010/12/12 16:50:55 | 000,000,645 | ---- | M] () -- C:\WINDOWS\lexstat.ini
[2010/12/06 12:06:13 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\TFC.exe
[2010/12/02 09:08:49 | 000,869,086 | ---- | M] () -- C:\Documents and Settings\User\Desktop\SecurityCheck.exe
[2010/12/01 19:24:32 | 000,167,936 | ---- | M] () -- C:\Documents and Settings\User\Desktop\oti.doc
[2010/12/01 19:17:22 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe
[2010/11/29 21:27:03 | 000,002,445 | ---- | M] () -- C:\Documents and Settings\User\Desktop\HiJackThis.lnk
[2010/11/29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/17 20:12:24 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
 
========== Files Created - No Company Name ==========
 
[2010/12/17 12:48:32 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010/12/17 12:48:30 | 000,001,619 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2010/12/17 11:20:45 | 000,205,540 | ---- | C] () -- C:\Documents and Settings\User\Desktop\JavaRa.zip
[2010/12/02 09:08:45 | 000,869,086 | ---- | C] () -- C:\Documents and Settings\User\Desktop\SecurityCheck.exe
[2010/12/01 19:24:23 | 000,167,936 | ---- | C] () -- C:\Documents and Settings\User\Desktop\oti.doc
[2010/11/29 21:26:02 | 000,002,445 | ---- | C] () -- C:\Documents and Settings\User\Desktop\HiJackThis.lnk
[2010/11/17 20:12:24 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2008/04/11 16:50:53 | 000,374,784 | ---- | C] () -- C:\WINDOWS\3dg32.dll
[2007/11/05 22:24:11 | 000,000,031 | -H-- | C] () -- C:\WINDOWS\uccspecc.sys
[2007/07/18 20:08:27 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2006/12/28 15:11:32 | 000,002,917 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/01/09 20:45:09 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbfvs.dll
[2005/01/09 20:44:23 | 000,000,188 | ---- | C] () -- C:\WINDOWS\System32\lxbfcoin.ini
[2005/01/09 20:43:31 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBFLCNP.DLL
[2004/05/17 17:21:44 | 000,000,645 | ---- | C] () -- C:\WINDOWS\lexstat.ini
[2004/05/15 16:27:32 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\DragToDiscUserNameD.txt
[2003/10/11 10:00:36 | 000,000,237 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2003/10/11 09:57:36 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2003/10/11 09:54:03 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/10/11 09:45:53 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/10/11 09:45:27 | 000,000,137 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/06/23 14:57:52 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/06/23 14:46:02 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
 
========== LOP Check ==========
 
[2004/05/17 17:22:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BVRP Software
[2009/12/31 16:35:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2010/03/31 11:51:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/12/26 09:09:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2003/10/11 09:41:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\InterTrust
[2004/02/26 21:28:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\InterVideo
[2009/12/31 16:27:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Leadertech
[2008/04/11 16:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\SmartDraw
 
========== Purity Check ==========
 
 

< End of report >
Title: Computer is running slow slow
Post by: guestolo on December 17, 2010, 10:44:39 PM
I missed a couple entries, can you do the following please
Access your Add and Remove Programs and uninstall "McAfee Security Scan"
Double  click on OTL.exe and Run it
On startup, Allow OTL to run if prompted
A log should open, can you post it please
A copy of this log can also be found in
C:\_OTL\Moved Files folder

In addition: Can you go to Crucial.com
http://www.crucial.com/systemscanner/index.aspx
Tick the box Agreeing to Terms and Conditions for downloading the Scanner
Then click the button "Download the Scanner"
Save to desktop then run "CrucialScan.exe"
Follow the prompts. Post the link to the results after the scan is finished
Title: Computer is running slow slow
Post by: atomilano on December 20, 2010, 09:37:30 AM
[quote name='guestolo' date='17 December 2010 - 09:44 PM' timestamp='1292643879' post='473857']
I missed a couple entries, can you do the following please
Access your Add and Remove Programs and uninstall "McAfee Security Scan"
Double  click on OTL.exe and Run it
On startup, Allow OTL to run if prompted
A log should open, can you post it please
A copy of this log can also be found in
C:\_OTL\Moved Files folder

In addition: Can you go to Crucial.com
http://www.crucial.com/systemscanner/index.aspx
Tick the box Agreeing to Terms and Conditions for downloading the Scanner
Then click the button "Download the Scanner"
Save to desktop then run "CrucialScan.exe"
Follow the prompts. Post the link to the results after the scan is finished
[/quote]


HI ,
Here is the OTL log:
All processes killed
========== OTL ==========
File move failed. C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk scheduled to be moved on reboot.
File C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe not found.
Starting removal of ActiveX control {A3009861-330C-4E10-822B-39D16EC8829D}
C:\WINDOWS\Downloaded Program Files\ravonline.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{A3009861-330C-4E10-822B-39D16EC8829D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3009861-330C-4E10-822B-39D16EC8829D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A3009861-330C-4E10-822B-39D16EC8829D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3009861-330C-4E10-822B-39D16EC8829D}\ not found.
Starting removal of ActiveX control {A7EA8AD2-287F-11D3-B120-006008C39542}
C:\WINDOWS\Downloaded Program Files\default.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{A7EA8AD2-287F-11D3-B120-006008C39542}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A7EA8AD2-287F-11D3-B120-006008C39542}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A7EA8AD2-287F-11D3-B120-006008C39542}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A7EA8AD2-287F-11D3-B120-006008C39542}\ not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: User
->Temp folder emptied: 1147753 bytes
->Temporary Internet Files folder emptied: 156777775 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 1535 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16427 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 151.00 mb
 
 
[EMPTYFLASH]
 
User: Administrator
 
User: All Users
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: LocalService
 
User: NetworkService
 
User: User
->Flash cache emptied: 0 bytes
 
Total Flash Files Cleaned = 0.00 mb
 
 
OTL by OldTimer - Version 3.2.17.3 log created on 12192010_172927

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk not found!
File\Folder C:\Documents and Settings\User\Local Settings\Temp\flaAB.tmp not found!
File\Folder C:\Documents and Settings\User\Local Settings\Temp\~DF2DC5.tmp not found!
File\Folder C:\Documents and Settings\User\Local Settings\Temp\~DF31EE.tmp not found!
File\Folder C:\Documents and Settings\User\Local Settings\Temp\~DF3853.tmp not found!
File\Folder C:\Documents and Settings\User\Local Settings\Temp\~DF38C9.tmp not found!
File\Folder C:\Documents and Settings\User\Local Settings\Temp\~DF3D02.tmp not found!
File\Folder C:\Documents and Settings\User\Local Settings\Temp\~DF3EAC.tmp not found!
File\Folder C:\Documents and Settings\User\Local Settings\Temp\~DF4C80.tmp not found!
File\Folder C:\Documents and Settings\User\Local Settings\Temp\~DF4CBB.tmp not found!
File\Folder C:\Documents and Settings\User\Local Settings\Temp\~DF4E27.tmp not found!
File\Folder C:\Documents and Settings\User\Local Settings\Temp\~DF4E3E.tmp not found!
File\Folder C:\Documents and Settings\User\Local Settings\Temp\~DF4F48.tmp not found!
File\Folder C:\Documents and Settings\User\Local Settings\Temp\~DF4F5D.tmp not found!
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\R9SVDFDC\like[1].htm moved successfully.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\R9SVDFDC\SetToolbarLoad[1].htm moved successfully.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\R9SVDFDC\stnjde[1].htm moved successfully.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\HFCALHN8\directions[1].htm moved successfully.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\HFCALHN8\index[1].htm moved successfully.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\HFCALHN8\load[1].html moved successfully.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\HFCALHN8\sh29[1].html moved successfully.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\2U7FCEBQ\domain[1].html moved successfully.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\2U7FCEBQ\onlinestore[1].htm moved successfully.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\2U7FCEBQ\walmart_com[1].htm moved successfully.
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_700.dat not found!

Registry entries deleted on Reboot...
Title: Computer is running slow slow
Post by: atomilano on December 20, 2010, 09:45:09 AM
[quote name='guestolo' date='17 December 2010 - 09:44 PM' timestamp='1292643879' post='473857']
I missed a couple entries, can you do the following please
Access your Add and Remove Programs and uninstall "McAfee Security Scan"
Double  click on OTL.exe and Run it
On startup, Allow OTL to run if prompted
A log should open, can you post it please
A copy of this log can also be found in
C:\_OTL\Moved Files folder

In addition: Can you go to Crucial.com
http://www.crucial.com/systemscanner/index.aspx
Tick the box Agreeing to Terms and Conditions for downloading the Scanner
Then click the button "Download the Scanner"
Save to desktop then run "CrucialScan.exe"
Follow the prompts. Post the link to the results after the scan is finished
[/quote]
Here is the link:

http://www.crucial.com/systemscanner/viewscanbyid.aspx?id=3957853331D926C3
Title: Computer is running slow slow
Post by: guestolo on December 21, 2010, 12:56:34 AM
It is possible to add Ram to your computer
By the looks of it, up to 1GB can be installed
So you would have to purchase 2- 512mb sticks

If you don't want to go that route right now, would you like to try a different AntiVirus software, one a bit less on system resources?
Title: Computer is running slow slow
Post by: atomilano on December 21, 2010, 08:17:27 AM
[quote name='guestolo' date='20 December 2010 - 11:56 PM' timestamp='1292910994' post='473971']
It is possible to add Ram to your computer
By the looks of it, up to 1GB can be installed
So you would have to purchase 2- 512mb sticks

If you don't want to go that route right now, would you like to try a different AntiVirus software, one a bit less on system resources?
[/quote]
Hi,
I guess at this point all the cleanup that can be done was completed?  If you can confirm that for me?
So the next steps are to increase the RAM or change the Norton 360 to another less system resource intensive anti virus software?  PLease confirm this.  
Regarding the RAM increase, is it fairly straightforward to do on a laptop?  I have done it before on a desktop. Do you think it will make a big difference? I appreciate your opinion.

thanks
Title: Computer is running slow slow
Post by: guestolo on December 21, 2010, 10:29:30 PM
Changing laptop memory is really straight forward, if you want to go that route, you will have to purchase the 2 sticks of RAM
When ready post back, I can walk you thru it, or just look in your manual, it will have straight forward directions

Again, if you don't want to go that route, would you like to test your system without Norton 360 and see if it responds a bit better?
Title: Computer is running slow slow
Post by: atomilano on January 04, 2011, 08:50:57 PM
[quote name='guestolo' date='21 December 2010 - 09:29 PM' timestamp='1292988570' post='473994']
Changing laptop memory is really straight forward, if you want to go that route, you will have to purchase the 2 sticks of RAM
When ready post back, I can walk you thru it, or just look in your manual, it will have straight forward directions

Again, if you don't want to go that route, would you like to test your system without Norton 360 and see if it responds a bit better?
[/quote]
Hi,
I have upgraded the memory to 1024mb. So far it seems to be running faster. I also followed some instructions that told me to change the change the virtual memory swap file size. I changed it to 2048 for the initial and maximum size. The instructions said I could double or triple the size so I chose the double and made it 2048. Is there something else I should do?

Thanks for all your help!
Title: Computer is running slow slow
Post by: atomilano on January 04, 2011, 10:11:08 PM
[quote name='atomilano' date='04 January 2011 - 07:50 PM' timestamp='1294192257' post='474366']
Hi,
I have upgraded the memory to 1024mb. So far it seems to be running faster. I also followed some instructions that told me to change the change the virtual memory swap file size. I changed it to 2048 for the initial and maximum size. The instructions said I could double or triple the size so I chose the double and made it 2048. Is there something else I should do?

I am getting a consistent error when I shut down: 'Freeagent service exe - application error. The instruction at 0x0000000  etc memory cannot be read'.  I started to see when I installed the new memory on the first restart. Do you know this is?
Thanks for all your help!
[/quote]
Title: Computer is running slow slow
Post by: atomilano on January 07, 2011, 11:39:55 AM
Hi ,
The Freeagent error has gone away. I think this is now a closed issue. Thank you very much for all of your support.

Is there an anti spyware I should run outside of the norton 360 I am using?

Best regards!