Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

cpu lagging after worm,win32.netskey removal

Started by tclarke , Jan 11 2010 12:12 AM

  • Please log in to reply

#1
tclarke
Posted 11 January 2010 - 12:12 AM

tclarke

    Member

  • Member
  • PipPip
  • 27 posts
after removal of netsky and all extra files i downloaded to remove the worm i have found that when in minimize a screen the screen peels down. i have defragmented, disk clean up and ran reg-cure but no change. the guy that helped me with the worm removal noticed something about have a fault bracket error or something of that nature. don't know if that's whats causing it but can someone please help.
  • 0

Advertisements

#2
happyrock
Posted 11 January 2010 - 08:04 AM

happyrock

    Tech Moderator

  • Retired Staff
  • 9,285 posts
go here and download System Investigator by Olrik (SINO.exe)

Save SINO to a place you can remember and run SINO.exe. (If you downloaded the ZIP version you will need to extract it first)
put ticks in the following checkboxes:
System Info
Services
Boot Check
Tasklist
Startup Items
Event Log
Ipconfig
Ping
Netstat
Hosts file
Shares
Routing Table[/code]
Once checked, hit the Run Scan! button and wait for the program to finish the scan.

A notepad window will pop up. Please copy all of the content into your next reply
Note: If you try to interact with the program once it’s started scanning it might appear to hang. The scan however will continue.

if SINO fails to run or has trouble with event viewer...
Please download VEW the Event Viewer Tool by Vino Rosso from here and save it to your Desktop...
Double-click VEW.exe
Under 'Select log to query...put ticks in both application and system
Under 'Select type to list... select both error and critical
Click the radio button for 'Number of events...Type 5 in the 1 to 20 box
Then click the Run button.

Notepad will open with the output log.

Please post the Output log in your next reply

Edited by happyrock, 11 January 2010 - 08:19 AM.

  • 0

#3
tclarke
Posted 11 January 2010 - 06:11 PM

tclarke

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
System Investigator by Olrik
Log Created On: 1807_11-01-2010
SINO Version: 2.4.9.9

Total RAM: 2037 MB | Free RAM: 1140 MB | Pagefile Size: 3933 MB
C: | 122228 MB out of 152374 MB Free | Local Fixed Disk
D: | None | CD-ROM Disc

<<<< System Information >>>>

Computer Name: LOLA
Username: T
Language Setting: ENU
Windows Directory: C:\WINDOWS
Windows Version: Windows XP Service Pack 3

<<<< Tasklist >>>>

[System Idle Process] - Process ID: 0
[System] - Process ID: 4
[C:\WINDOWS\System32\smss.exe] - Process ID: 956
[csrss.exe] - Process ID: 1020
[C:\WINDOWS\system32\winlogon.exe] - Process ID: 1044
[C:\WINDOWS\system32\services.exe] - Process ID: 1088
[C:\WINDOWS\system32\lsass.exe] - Process ID: 1100
[C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe] - Process ID: 1320
[C:\WINDOWS\system32\svchost.exe] - Process ID: 1340
[svchost.exe] - Process ID: 1444
[C:\WINDOWS\System32\svchost.exe] - Process ID: 1488
[C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe] - Process ID: 1604
[svchost.exe] - Process ID: 1808
[svchost.exe] - Process ID: 1876
[C:\WINDOWS\system32\spoolsv.exe] - Process ID: 124
[svchost.exe] - Process ID: 288
[C:\WINDOWS\Explorer.EXE] - Process ID: 492
[C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe] - Process ID: 548
[C:\WINDOWS\system32\agrsmsvc.exe] - Process ID: 600
[C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe] - Process ID: 612
[C:\Program Files\Bonjour\mDNSResponder.exe] - Process ID: 628
[C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe] - Process ID: 648
[C:\WINDOWS\system32\DVDRAMSV.exe] - Process ID: 680
[C:\WINDOWS\eHome\ehRecvr.exe] - Process ID: 704
[C:\WINDOWS\eHome\ehSched.exe] - Process ID: 748
[C:\Program Files\Intel\Wireless\Bin\EvtEng.exe] - Process ID: 464
[C:\WINDOWS\system32\inetsrv\inetinfo.exe] - Process ID: 908
[C:\Program Files\Java\jre6\bin\jqs.exe] - Process ID: 1004
[C:\WINDOWS\system32\HPZipm12.exe] - Process ID: 1620
[C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe] - Process ID: 1652
[C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe] - Process ID: 1716
[C:\WINDOWS\system32\tcpsvcs.exe] - Process ID: 1928
[svchost.exe] - Process ID: 1956
[C:\WINDOWS\system32\ctfmon.exe] - Process ID: 1968
[C:\WINDOWS\system32\svchost.exe] - Process ID: 2052
[c:\TOSHIBA\IVP\swupdate\swupdtmr.exe] - Process ID: 2156
[C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe] - Process ID: 2204
[C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe] - Process ID: 2236
[C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe] - Process ID: 2384
[C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe] - Process ID: 2772
[C:\WINDOWS\ehome\ehtray.exe] - Process ID: 2808
[C:\WINDOWS\eHome\ehmsas.exe] - Process ID: 2844
[C:\Program Files\HP\HP Software Update\HPWuSchd2.exe] - Process ID: 2944
[C:\WINDOWS\system32\hkcmd.exe] - Process ID: 2976
[C:\WINDOWS\system32\igfxpers.exe] - Process ID: 2996
[C:\Program Files\Microsoft IntelliPoint\ipoint.exe] - Process ID: 3112
[C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe] - Process ID: 3124
[c:\Program Files\Microsoft IntelliPoint\dpupdchk.exe] - Process ID: 3144
[C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe] - Process ID: 3152
[C:\Program Files\iTunes\iTunesHelper.exe] - Process ID: 3244
[C:\WINDOWS\RTHDCPL.EXE] - Process ID: 3292
[C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe] - Process ID: 3300
[C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] - Process ID: 3308
[C:\WINDOWS\system32\TDispVol.exe] - Process ID: 3444
[C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe] - Process ID: 3564
[C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe] - Process ID: 3600
[C:\WINDOWS\system32\TPSMain.exe] - Process ID: 3608
[C:\Program Files\Toshiba\Tvs\TvsTray.exe] - Process ID: 3676
[C:\Program Files\Java\jre6\bin\jusched.exe] - Process ID: 3704
[C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe] - Process ID: 3844
[C:\WINDOWS\system32\TPSBattM.exe] - Process ID: 3848
[C:\WINDOWS\system32\SearchIndexer.exe] - Process ID: 1064
[C:\Program Files\ltmoh\Ltmoh.exe] - Process ID: 2452
[C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe] - Process ID: 2892
[C:\Program Files\Windows Media Player\WMPNSCFG.exe] - Process ID: 2908
[C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] - Process ID: 2936
[mcrdsvc.exe] - Process ID: 3276
[C:\WINDOWS\system32\RAMASST.exe] - Process ID: 3336
[C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe] - Process ID: 408
[C:\Program Files\IncrediMail\bin\IMApp.exe] - Process ID: 176
[C:\WINDOWS\system32\dllhost.exe] - Process ID: 4056
[C:\WINDOWS\System32\svchost.exe] - Process ID: 4076
[wmiprvse.exe] - Process ID: 4032
[wmpnetwk.exe] - Process ID: 4164
[C:\Program Files\iPod\bin\iPodService.exe] - Process ID: 5320
[alg.exe] - Process ID: 4612
[SSU.exe] - Process ID: 228
[C:\Program Files\Trend Micro\Internet Security\TmProxy.exe] - Process ID: 728
[C:\Program Files\Trend Micro\BM\TMBMSRV.exe] - Process ID: 4780
[C:\Program Files\IncrediMail\bin\IncMail.exe] - Process ID: 192
[C:\Program Files\Mozilla Firefox\firefox.exe] - Process ID: 2760
[C:\DOCUME~1\T\LOCALS~1\Temp\SINO\SINO.exe] - Process ID: 4304
[wmiprvse.exe] - Process ID: 1504

<<<< Startup Items >>>>

[desktop] - <Startup> - desktop.ini
[desktop] - <Startup> - desktop.ini
[ERUNT AutoBackup] - <Startup> - ERUNT AutoBackup.lnk
[IncrediMail] - <HKU\S-1-5-21-283526366-2727312811-2674721823-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\IncrediMail\bin\IncMail.exe" /c
[LtMoh] - <HKU\S-1-5-21-283526366-2727312811-2674721823-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\ltmoh\Ltmoh.exe"
[TOSCDSPD] - <HKU\S-1-5-21-283526366-2727312811-2674721823-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe"
[WMPNSCFG] - <HKU\S-1-5-21-283526366-2727312811-2674721823-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Windows Media Player\WMPNSCFG.exe"
[swg] - <HKU\S-1-5-21-283526366-2727312811-2674721823-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
[ctfmon.exe] - <HKU\S-1-5-21-283526366-2727312811-2674721823-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\WINDOWS\system32\ctfmon.exe"
[desktop] - <Startup> - desktop.ini
[desktop] - <Common Startup> - desktop.ini
[RAMASST] - <Common Startup> - C:\WINDOWS\system32\RAMASST.exe
[AppleSyncNotifier] - <HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe"
[CFSServ.exe] - <HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - CFSServ.exe -NoClient
[ehTray] - <HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\WINDOWS\ehome\ehtray.exe"
[HP Software Update] - <HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
[igfxhkcmd] - <HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\WINDOWS\system32\hkcmd.exe"
[igfxpers] - <HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\WINDOWS\system32\igfxpers.exe"
[igfxtray] - <HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\WINDOWS\system32\igfxtray.exe"
[IntelliPoint] - <HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
[IntelWireless] - <HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
[IntelZeroConfig] - <HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
[iTunesHelper] - <HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\iTunes\iTunesHelper.exe"
[RTHDCPL] - <HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "RTHDCPL.EXE"
[SmoothView] - <HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe"
[SynTPEnh] - <HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
[SynTPLpr] - <HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
[TDispVol] - <HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\WINDOWS\system32\TDispVol.exe"
[TFncKy] - <HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - TFncKy.exe
[THotkey] - <HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe"
[TPSMain] - <HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\WINDOWS\system32\TPSMain.exe"
[Tvs] - <HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Toshiba\Tvs\TvsTray.exe"
[QuickTime Task] - <HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
[UfSeAgnt.exe] - <HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
[SunJavaUpdateSched] - <HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Java\jre6\bin\jusched.exe"
[SpySweeper] - <HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run> - "C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe" /startintray

<<<< MS Services >>>>

Alerter (Alerter) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k LocalService
Application Layer Gateway Service (ALG) - Running [Manual | Stoppable | Not_Pausable] - C:\WINDOWS\System32\alg.exe
Application Management (AppMgmt) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
ASP.NET State Service (aspnet_state) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
Windows Audio (AudioSrv) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Background Intelligent Transfer Service (BITS) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Computer Browser (Browser) - Stopped [Auto | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Indexing Service (CiSvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\cisvc.exe
ClipBook (ClipSrv) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\clipsrv.exe
.NET Runtime Optimization Service v2.0.50727_X86 (clr_optimization_v2.0.50727_32) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
COM+ System Application (COMSysApp) - Running [Manual | Stoppable | Not_Pausable] - C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
CryptSvc (CryptSvc) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
DCOM Server Process Launcher (DcomLaunch) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost -k DcomLaunch
DHCP Client (Dhcp) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Logical Disk Manager Administrative Service (dmadmin) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\dmadmin.exe /com
Logical Disk Manager (dmserver) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
DNS Client (Dnscache) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k NetworkService
Media Center Receiver Service (ehRecvr) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\eHome\ehRecvr.exe
Media Center Scheduler Service (ehSched) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\eHome\ehSched.exe
Error Reporting Service (ERSvc) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Event Log (Eventlog) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\services.exe
COM+ Event System (EventSystem) - Running [Manual | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Fast User Switching Compatibility (FastUserSwitchingCompatibility) - Running [Manual | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Windows Presentation Foundation Font Cache 3.0.0.0 (FontCache3.0.0.0) - Stopped [Manual | Not_Stoppable | Not_Pausable] - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
Help and Support (helpsvc) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
HID Input Service (HidServ) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
HTTP SSL (HTTPFilter) - Running [Manual | Stoppable | Pausable] - C:\WINDOWS\System32\svchost.exe -k HTTPFilter
Windows CardSpace (idsvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - "c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
IMAPI CD-Burning COM Service (ImapiService) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\imapi.exe
Server (lanmanserver) - Running [Auto | Stoppable | Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Workstation (lanmanworkstation) - Running [Auto | Stoppable | Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
TCP/IP NetBIOS Helper (LmHosts) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k LocalService
Media Center Extender Service (McrdSvc) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\ehome\mcrdsvc.exe
Messenger (Messenger) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
MHN (MHN) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
NetMeeting Remote Desktop Sharing (mnmsrvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\mnmsrvc.exe
Distributed Transaction Coordinator (MSDTC) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\msdtc.exe
Windows Installer (MSIServer) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\msiexec.exe /V
Network DDE (NetDDE) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\netdde.exe
Network DDE DSDM (NetDDEdsdm) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\netdde.exe
Net Logon (Netlogon) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\lsass.exe
Network Connections (Netman) - Running [Manual | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Net.Tcp Port Sharing Service (NetTcpPortSharing) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - "c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
Network Location Awareness (NLA) (Nla) - Running [Manual | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
NT LM Security Support Provider (NtLmSsp) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\lsass.exe
Removable Storage (NtmsSvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Microsoft Office Diagnostics Service (odserv) - Stopped [Manual | Not_Stoppable | Not_Pausable] - "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE"
Office Source Engine (ose) - Stopped [Manual | Not_Stoppable | Not_Pausable] - "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
Plug and Play (PlugPlay) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\services.exe
Pml Driver HPZ12 (Pml Driver HPZ12) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\HPZipm12.exe
IPSEC Services (PolicyAgent) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\lsass.exe
Protected Storage (ProtectedStorage) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\lsass.exe
Remote Access Auto Connection Manager (RasAuto) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Remote Access Connection Manager (RasMan) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Remote Desktop Help Session Manager (RDSessMgr) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\sessmgr.exe
Routing and Remote Access (RemoteAccess) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Remote Registry (RemoteRegistry) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k LocalService
Remote Procedure Call (RPC) Locator (RpcLocator) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\locator.exe
Remote Procedure Call (RPC) (RpcSs) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost -k rpcss
QoS RSVP (RSVP) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\rsvp.exe
Security Accounts Manager (SamSs) - Running [Auto | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\lsass.exe
Smart Card (SCardSvr) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\SCardSvr.exe
Task Scheduler (Schedule) - Running [Auto | Stoppable | Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Secondary Logon (seclogon) - Running [Auto | Stoppable | Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
System Event Notification (SENS) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Windows Firewall/Internet Connection Sharing (ICS) (SharedAccess) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Shell Hardware Detection (ShellHWDetection) - Running [Auto | Stoppable | Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Print Spooler (Spooler) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\spoolsv.exe
System Restore Service (srservice) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
SSDP Discovery Service (SSDPSRV) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k LocalService
Windows Image Acquisition (WIA) (stisvc) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k imgsvc
MS Software Shadow Copy Provider (SwPrv) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\dllhost.exe /Processid:{655C292E-E3E6-43EE-822F-34E3ABD19DC9}
Performance Logs and Alerts (SysmonLog) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\smlogsvc.exe
Telephony (TapiSrv) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Terminal Services (TermService) - Running [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost -k DComLaunch
Themes (Themes) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Telnet (TlntSvr) - Stopped [Disabled | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\tlntsvr.exe
Distributed Link Tracking Client (TrkWks) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Universal Plug and Play Device Host (upnphost) - Running [Manual | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k LocalService
Uninterruptible Power Supply (UPS) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\ups.exe
Volume Shadow Copy (VSS) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\vssvc.exe
Windows Time (W32Time) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
WebClient (WebClient) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k LocalService
Windows Management Instrumentation (winmgmt) - Running [Auto | Stoppable | Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Portable Media Serial Number Service (WmdmPmSN) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Windows Management Instrumentation Driver Extensions (Wmi) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
WMI Performance Adapter (WmiApSrv) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\wbem\wmiapsrv.exe
Windows Media Player Network Sharing Service (WMPNetworkSvc) - Running [Manual | Stoppable | Not_Pausable] - "C:\Program Files\Windows Media Player\WMPNetwk.exe"
Security Center (wscsvc) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Automatic Updates (wuauserv) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Windows Driver Foundation - User-mode Driver Framework (WudfSvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
Wireless Zero Configuration (WZCSVC) - Stopped [Auto | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Network Provisioning Service (xmlprov) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs

<<<< Non-MS Services >>>>

IPv6 Helper Service (6to4) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k netsvcs
Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Running [Auto | Stoppable | Pausable] - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
Agere Modem Call Progress Audio (AgereModemAudio) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\agrsmsvc.exe
Apple Mobile Device (Apple Mobile Device) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
Bonjour Service (Bonjour Service) - Running [Auto | Stoppable | Not_Pausable] - "C:\Program Files\Bonjour\mDNSResponder.exe"
ConfigFree Service (CFSvcs) - Running [Auto | Stoppable | Not_Pausable] - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
Wired AutoConfig (Dot3svc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k dot3svc
DVD-RAM_Service (DVD-RAM_Service) - Running [Auto | Stoppable | Not_Pausable] - C:\WINDOWS\system32\DVDRAMSV.exe
Extensible Authentication Protocol Service (EapHost) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k eapsvcs
Intel® PROSet/Wireless Event Log (EvtEng) - Running [Auto | Stoppable | Not_Pausable] - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
Google Software Updater (gusvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
Health Key and Certificate Management Service (hkmsvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
IIS Admin (IISADMIN) - Running [Auto | Stoppable | Pausable] - C:\WINDOWS\system32\inetsrv\inetinfo.exe
iPod Service (iPod Service) - Running [Manual | Stoppable | Not_Pausable] - "C:\Program Files\iPod\bin\iPodService.exe"
Java Quick Starter (JavaQuickStarterService) - Running [Auto | Stoppable | Pausable] - "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
Network Access Protection Agent (napagent) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\System32\svchost.exe -k netsvcs
Peer Networking Group Authentication (p2pgasvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k p2psvc
Peer Networking Identity Manager (p2pimsvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k p2psvc
Peer Networking (p2psvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k p2psvc
Peer Name Resolution Protocol (PNRPSvc) - Stopped [Manual | Not_Stoppable | Not_Pausable] - C:\WINDOWS\system32\svchost.exe -k p2psvc
Intel® PROSet/Wireless Registry Service (RegSrvc) - Running [Auto | Stoppable | Not_Pausable] - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
Intel® PROSet/Wireless Service (S24EventMonitor) - Running [Auto | Stoppable | Not_Pausable] - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
Trend Micro Central Control Component (SfCtlCom) - Running [Auto | Not_Stoppable | Not_Pausable] - "C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe"
Simple TCP/IP Services (SimpTcp) - Running [Auto | Stoppable | Pausable] - C:\WINDOWS\system32\tcpsvcs.exe
Simple Mail Transfer Protocol (SMTP) (SMTPSVC) - Running [Auto | Stoppable | Pausable] - C:\WINDOWS\system32\inetsrv\inetinfo.exe
Swupdtmr (Swupdtmr) - Running [Auto | Not_Stoppable | Not_Pausable] - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
TOSHIBA Application Service (TAPPSRV) - Running [Auto | Stoppable | Pausable] - "C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe"
Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Running [Manual | Not_Stoppable | Not_Pausable] - "C:\Program Files\Trend Micro\BM\TMBMSRV.exe" /service
Trend Micro Proxy Service (TmProxy) - Running [Manual | Not_Stoppable | Not_Pausable] - "C:\Program Files\Trend Micro\Internet Security\TmProxy.exe"
World Wide Web Publishing (W3SVC) - Running [Auto | Stoppable | Pausable] - C:\WINDOWS\system32\inetsrv\inetinfo.exe
[color="#0000FF"]Webroot Spy Sweeper Engine (WebrootSpySweeperService)[/color] - [color="#CC6600"]Running [Auto | Not_Stoppable | Not_Pausable][/color] - "C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe"
[color="#0000FF"]Webroot Client Service (WRConsumerService)[/color] - [color="#CC6600"]Running [Auto | Stoppable | Not_Pausable][/color] - "C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe"
[color="#0000FF"]Windows Search (WSearch)[/color] - [color="#CC6600"]Running [Auto | Stoppable | Not_Pausable][/color] - C:\WINDOWS\system32\SearchIndexer.exe /Embedding

[color="#FF0000"]<<<< Boot.ini >>>>[/color]

[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

[color="#FF0000"]<<<< Ipconfig >>>>[/color]

Windows IP Configuration

Host Name . . . . . . . . . . . . : Lola
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : satx.rr.com

Ethernet adapter Wireless Network Connection:

Connection-specific DNS Suffix . : satx.rr.com
Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection
Physical Address. . . . . . . . . : 00-18-DE-2D-75-07
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.100
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IP Address. . . . . . . . . . . . : fe80::218:deff:fe2d:7507%4
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 24.93.41.125
24.93.41.126
fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
Lease Obtained. . . . . . . . . . : Monday, January 11, 2010 17:50:49
Lease Expires . . . . . . . . . . : Tuesday, January 12, 2010 17:50:49

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection
Physical Address. . . . . . . . . : 00-A0-D1-53-70-EA

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 80-00-02-3A-BD-BA-C3-46
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 2001:0:5ef5:73bc:8000:23a:bdba:c346
IP Address. . . . . . . . . . . . : fe80::ffff:ffff:fffd%6
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Automatic Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . : satx.rr.com
Description . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : C0-A8-01-64
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : fe80::5efe:192.168.1.100%2
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Disabled


[color="#FF0000"]<<<< Pinging >>>>[/color]

[color="#4169E1"]OpenDNS Domain Test[/color]
Pinging to www.opendns.com [208.69.38.150]:

Response - 78ms
Response - 77ms
Response - 62ms
Response - 94ms

Packets: Sent = 4, Received = 4, Lost = 0
Minimum = 62ms - Maximum = 94ms

[color="#4169E1"]OpenDNS IP Test[/color]
Pinging to 208.67.222.222 [208.67.222.222]:

Response - 62ms
Response - 46ms
Response - 62ms
Response - 62ms

Packets: Sent = 4, Received = 4, Lost = 0
Minimum = 62ms - Maximum = 62ms

[color="#4169E1"]YouTube Domain Test[/color]
Pinging to www.youtube.com [74.125.47.101]:

Response - 46ms
Response - 62ms
Response - 46ms
Response - 31ms

Packets: Sent = 4, Received = 4, Lost = 0
Minimum = 31ms - Maximum = 62ms

[color="#4169E1"]YouTube IP Test[/color]
Pinging to 208.117.236.69 [208.117.236.69]:

Response - 93ms
Response - 108ms
Response - 94ms
Response - 78ms

Packets: Sent = 4, Received = 4, Lost = 0
Minimum = 78ms - Maximum = 94ms

[color="#4169E1"]localhost Test[/color]
Pinging to 127.0.0.1 [127.0.0.1]:

Response - 0ms
Response - 0ms
Response - 0ms
Response - 0ms

Packets: Sent = 4, Received = 4, Lost = 0
Minimum = 0ms - Maximum = 0ms


[color="#FF0000"]<<<< Netstat >>>>[/color]

Active Connections

Proto Local Address Foreign Address State PID
TCP 0.0.0.0:7 0.0.0.0:0 LISTENING 1928
[tcpsvcs.exe]

TCP 0.0.0.0:9 0.0.0.0:0 LISTENING 1928
[tcpsvcs.exe]

TCP 0.0.0.0:13 0.0.0.0:0 LISTENING 1928
[tcpsvcs.exe]

TCP 0.0.0.0:17 0.0.0.0:0 LISTENING 1928
[tcpsvcs.exe]

TCP 0.0.0.0:19 0.0.0.0:0 LISTENING 1928
[tcpsvcs.exe]

TCP 0.0.0.0:25 0.0.0.0:0 LISTENING 908
[inetinfo.exe]

TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 908
[inetinfo.exe]

TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 1444
c:\windows\system32\WS2_32.dll
C:\WINDOWS\system32\RPCRT4.dll
c:\windows\system32\rpcss.dll
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ADVAPI32.dll
[svchost.exe]

TCP 0.0.0.0:443 0.0.0.0:0 LISTENING 908
[inetinfo.exe]

TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
[System]

TCP 0.0.0.0:1026 0.0.0.0:0 LISTENING 908
[inetinfo.exe]

TCP 0.0.0.0:2869 0.0.0.0:0 LISTENING 1956
C:\WINDOWS\system32\httpapi.dll
c:\windows\system32\ssdpsrv.dll
C:\WINDOWS\system32\RPCRT4.dll
[svchost.exe]

TCP 0.0.0.0:10243 0.0.0.0:0 LISTENING 4164
[WMPNetwk.exe]

TCP 127.0.0.1:1037 0.0.0.0:0 LISTENING 4612
[alg.exe]

TCP 127.0.0.1:5152 0.0.0.0:0 LISTENING 1004
[jqs.exe]

TCP 127.0.0.1:5354 0.0.0.0:0 LISTENING 628
[mDNSResponder.exe]

TCP 127.0.0.1:6999 0.0.0.0:0 LISTENING 728
[TmProxy.exe]

TCP 127.0.0.1:19989 0.0.0.0:0 LISTENING 2772
[CFSServ.exe]

TCP 127.0.0.1:27015 0.0.0.0:0 LISTENING 612
[AppleMobileDeviceService.exe]

TCP 127.0.0.1:37848 0.0.0.0:0 LISTENING 1716
[SfCtlCom.exe]

TCP 192.168.1.100:139 0.0.0.0:0 LISTENING 4
[System]

TCP 127.0.0.1:1033 127.0.0.1:27015 ESTABLISHED 3244
[iTunesHelper.exe]

TCP 127.0.0.1:1164 127.0.0.1:1165 ESTABLISHED 2760
[firefox.exe]

TCP 127.0.0.1:1165 127.0.0.1:1164 ESTABLISHED 2760
[firefox.exe]

TCP 127.0.0.1:1169 127.0.0.1:1170 ESTABLISHED 2760
[firefox.exe]

TCP 127.0.0.1:1170 127.0.0.1:1169 ESTABLISHED 2760
[firefox.exe]

TCP 127.0.0.1:27015 127.0.0.1:1033 ESTABLISHED 612
[AppleMobileDeviceService.exe]

TCP 127.0.0.1:6999 127.0.0.1:1425 FIN_WAIT_2 728
[TmProxy.exe]

TCP 127.0.0.1:6999 127.0.0.1:1248 FIN_WAIT_2 728
[TmProxy.exe]

TCP 127.0.0.1:1119 127.0.0.1:6999 CLOSE_WAIT 3704
[jusched.exe]

TCP 127.0.0.1:1248 127.0.0.1:6999 CLOSE_WAIT 3144
[dpupdchk.exe]

TCP 127.0.0.1:1425 127.0.0.1:6999 CLOSE_WAIT 4304
[SINO.exe]

TCP 127.0.0.1:5152 127.0.0.1:1166 CLOSE_WAIT 1004
[jqs.exe]

TCP 192.168.1.100:1294 74.206.224.5:88 CLOSE_WAIT 2760
[firefox.exe]

TCP 192.168.1.100:15532 192.168.1.1:2869 CLOSING 1488
c:\windows\system32\WS2_32.dll
C:\WINDOWS\System32\dpnhupnp.dll
c:\windows\system32\6to4svc.dll
ntdll.dll
C:\WINDOWS\system32\kernel32.dll
[svchost.exe]

TCP 127.0.0.1:1349 127.0.0.1:6999 TIME_WAIT 0
TCP 127.0.0.1:1422 127.0.0.1:6999 TIME_WAIT 0
TCP 127.0.0.1:50041 127.0.0.1:1423 TIME_WAIT 0
TCP 192.168.1.100:1350 24.143.192.65:80 TIME_WAIT 0
TCP [::]:7 [::]:0 LISTENING 1928
[tcpsvcs.exe]

TCP [::]:9 [::]:0 LISTENING 1928
[tcpsvcs.exe]

TCP [::]:13 [::]:0 LISTENING 1928
[tcpsvcs.exe]

TCP [::]:17 [::]:0 LISTENING 1928
[tcpsvcs.exe]

TCP [::]:19 [::]:0 LISTENING 1928
[tcpsvcs.exe]

TCP [::]:135 [::]:0 LISTENING 1444
-- unknown component(s) --
[svchost.exe]

TCP [::]:1026 [::]:0 LISTENING 908
[inetinfo.exe]

TCP [::]:2869 [::]:0 LISTENING 1956
-- unknown component(s) --
[svchost.exe]

TCP [::]:10243 [::]:0 LISTENING 4164
[WMPNetwk.exe]

TCP [::1]:6999 [::]:0 LISTENING 728
[TmProxy.exe]

UDP 0.0.0.0:19 *:* 1928
[tcpsvcs.exe]

UDP 0.0.0.0:63433 *:* 628
[mDNSResponder.exe]

UDP 0.0.0.0:445 *:* 4
[System]

UDP 0.0.0.0:7 *:* 1928
[tcpsvcs.exe]

UDP 0.0.0.0:500 *:* 1100
[lsass.exe]

UDP 0.0.0.0:3776 *:* 3276
[mcrdsvc.exe]

UDP 0.0.0.0:4500 *:* 1100
[lsass.exe]

UDP 0.0.0.0:3456 *:* 908
[inetinfo.exe]

UDP 0.0.0.0:3544 *:* 1488
c:\windows\system32\WS2_32.dll
c:\windows\system32\6to4svc.dll
ntdll.dll
C:\WINDOWS\system32\kernel32.dll
[svchost.exe]

UDP 0.0.0.0:1079 *:* 1488
c:\windows\system32\WS2_32.dll
C:\WINDOWS\System32\dpnhupnp.dll
c:\windows\system32\6to4svc.dll
ntdll.dll
C:\WINDOWS\system32\kernel32.dll
[svchost.exe]

UDP 0.0.0.0:1025 *:* 628
[mDNSResponder.exe]

UDP 0.0.0.0:9 *:* 1928
[tcpsvcs.exe]

UDP 0.0.0.0:17 *:* 1928
[tcpsvcs.exe]

UDP 0.0.0.0:13 *:* 1928
[tcpsvcs.exe]

UDP 127.0.0.1:1090 *:* 176
[IMApp.exe]

UDP 127.0.0.1:1095 *:* 492
[Explorer.EXE]

UDP 127.0.0.1:1900 *:* 1956
c:\windows\system32\WS2_32.dll
c:\windows\system32\ssdpsrv.dll
ntdll.dll
C:\WINDOWS\system32\kernel32.dll
[svchost.exe]

UDP 127.0.0.1:1132 *:* 192
[IncMail.exe]

UDP 127.0.0.1:123 *:* 1488
c:\windows\system32\WS2_32.dll
c:\windows\system32\w32time.dll
ntdll.dll
C:\WINDOWS\system32\kernel32.dll
[svchost.exe]

UDP 192.168.1.100:18930 *:* 1488
c:\windows\system32\WS2_32.dll
C:\WINDOWS\System32\dpnhupnp.dll
c:\windows\system32\6to4svc.dll
ntdll.dll
C:\WINDOWS\system32\kernel32.dll
[svchost.exe]

UDP 192.168.1.100:137 *:* 4
[System]

UDP 192.168.1.100:1900 *:* 1956
c:\windows\system32\WS2_32.dll
c:\windows\system32\ssdpsrv.dll
ntdll.dll
C:\WINDOWS\system32\kernel32.dll
[svchost.exe]

UDP 192.168.1.100:5353 *:* 628
[mDNSResponder.exe]

UDP 192.168.1.100:1073 *:* 1488
c:\windows\system32\WS2_32.dll
c:\windows\system32\6to4svc.dll
ntdll.dll
-- unknown component(s) --
[svchost.exe]

UDP 192.168.1.100:123 *:* 1488
c:\windows\system32\WS2_32.dll
c:\windows\system32\w32time.dll
ntdll.dll
C:\WINDOWS\system32\kernel32.dll
[svchost.exe]

UDP 192.168.1.100:138 *:* 4
[System]

UDP [::]:13 *:* 1928
[tcpsvcs.exe]

UDP [::]:1025 *:* 628
[mDNSResponder.exe]

UDP [::]:17 *:* 1928
[tcpsvcs.exe]

UDP [::]:7 *:* 1928
[tcpsvcs.exe]

UDP [::]:19 *:* 1928
[tcpsvcs.exe]

UDP [::]:9 *:* 1928
[tcpsvcs.exe]


[color="#FF0000"]<<<< Routing Table >>>>[/color]

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 18 de 2d 75 07 ...... Intel® PRO/Wireless 3945ABG Network Connection - Packet Scheduler Miniport
0x3 ...00 a0 d1 53 70 ea ...... Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.1.100 192.168.1.100 20
192.168.1.0 255.255.255.0 192.168.1.100 192.168.1.100 25
192.168.1.100 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.1.255 255.255.255.255 192.168.1.100 192.168.1.100 25
224.0.0.0 240.0.0.0 192.168.1.100 192.168.1.100 25
255.255.255.255 255.255.255.255 192.168.1.100 3 1
255.255.255.255 255.255.255.255 192.168.1.100 192.168.1.100 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None

Route Table

[color="#FF0000"]<<<< Hosts File >>>>[/color]

The HOSTS file is 27 Bytes in size.

There were 0 lines not pointing to 127.0.0.1

[color="#FF0000"]<<<< Active Shares >>>>[/color]

[color="#0000FF"]Share: IPC$[/color] - [color="#CC6600"]Path: [/color]
[color="#0000FF"]Share: ADMIN$[/color] - [color="#CC6600"]Path: C:\WINDOWS[/color]
[color="#0000FF"]Share: C$[/color] - [color="#CC6600"]Path: C:\[/color]


[color="#000080"]END OF LOG FILE, Date of Completion: 1807_11-01-2010 ----------[/color]
  • 0

#4
happyrock
Posted 12 January 2010 - 08:52 AM

happyrock

    Tech Moderator

  • Retired Staff
  • 9,285 posts
your hard drive is a little over 80% full...anything over 85% and you won't even be able to defrag the drive...
You should never fill an NTFS drive more than 85% full, or the Master File Table [MFT] can become badly fragmented, making the drive slow....You need special tools, such as PerfectDisk or Diskeeperpro, to defrag the MFT....your really close to the max and your computers performance shows it...burn some of the data to dvd's or a external USB hard drive and then delete them from the OS drive...
if you go the dvd route...make sure another computer can read the dvd's first before deleting from the OS drive..
another thing is to use msconfig and UNCHECK everything except your AV and firewall...then reboot
after doing those things run your defragger
also go back to my first post and download and run VEW ...post the log

Edited by happyrock, 12 January 2010 - 08:55 AM.

  • 0

#5
tclarke
Posted 12 January 2010 - 01:29 PM

tclarke

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
sorry im not familiar with computer lingo is the OS drive my C drive??... and when you say "your hard drive is a little over 80% full" does that mean the my memory is almost full??.. What/ where is the NTFS drive and should i remove such things as music and pictures
  • 0

#6
happyrock
Posted 12 January 2010 - 07:14 PM

happyrock

    Tech Moderator

  • Retired Staff
  • 9,285 posts

im not familiar with computer lingo is the OS drive my C drive

yep...

does that mean the my memory is almost full?

nope...memory is not related to the hard drive...think of hard drives like filing cabinets...yours is stuffed and thats why it takes your computer so long to do anything...

What/ where is the NTFS drive and should i remove such things as music and pictures

C drive and yes move copies of your music pictures and any documents off your c drive to free up space...movies take up real big chunks of space...

in my last post I asked you to do a couple of things...have you done them yet

Edited by happyrock, 12 January 2010 - 07:17 PM.

  • 0

#7
tclarke
Posted 12 January 2010 - 11:56 PM

tclarke

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts
thank you for explaining...no i have not...have to get a memory stick first to move the files

for future reference is there somewhere i can look to see my how much space has been taken up on my C drive
  • 0
Back to Windows XP, 2000, 2003, NT · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Retired Forums
  3. Windows XP, 2000, 2003, NT

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP