Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Laptop fails to update and very slow - suspect virus PLEASE HELP!

Started by tallula28 , May 06 2011 08:38 AM

  • Please log in to reply

#16
tallula28
Posted 28 May 2011 - 08:07 AM

tallula28

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Hi Ron

Sorry for my slow reply.

I just redone the Mcafee removal tool and then the OTL. I also tried the clock instrutions and it didnt work, it said there was a error.
Here are my resultsfrom the OTL scan:OTL logfile created on: 28/05/2011 14:44:56 - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\colby\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1,014.00 Mb Total Physical Memory | 256.00 Mb Available Physical Memory | 25.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 56.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 62.44 Gb Total Space | 17.37 Gb Free Space | 27.82% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.77 Gb Free Space | 67.66% Space Free | Partition Type: NTFS

Computer Name: COLBY-PC | User Name: colby | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/10 13:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/05/10 13:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/05/08 13:40:57 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\colby\Desktop\OTL.exe
PRC - [2011/03/29 22:58:01 | 000,235,168 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10o_ActiveX.exe
PRC - [2010/10/22 17:47:26 | 000,524,288 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2010/10/22 17:38:46 | 000,386,560 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
PRC - [2008/10/29 07:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/03/31 20:05:52 | 000,077,824 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0\bin\jusched.exe
PRC - [2007/02/08 06:11:04 | 000,303,104 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\sttray.exe
PRC - [2006/11/08 19:47:14 | 001,066,528 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2006/11/05 11:22:16 | 000,221,184 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
PRC - [2006/11/05 10:55:48 | 000,010,752 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
PRC - [2006/11/03 12:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac207\Monitor.exe
PRC - [2006/10/13 11:31:34 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2003/02/17 12:45:02 | 000,262,144 | ---- | M] () -- C:\Program Files\Tesco\Picture Suite\InsDetect.exe


========== Modules (SafeList) ==========

MOD - [2011/05/10 13:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2011/05/08 13:40:57 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\colby\Desktop\OTL.exe
MOD - [2010/08/31 16:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/05/10 13:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/10/22 17:38:46 | 000,386,560 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/11/07 13:27:02 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)


========== Driver Services (SafeList) ==========

DRV - [2011/05/10 13:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/05/10 13:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/05/10 13:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/05/10 12:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/05/10 12:59:44 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/05/10 12:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008/05/02 10:58:28 | 000,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008/05/02 10:58:14 | 000,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008/05/02 10:58:12 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2007/02/08 06:11:04 | 000,647,680 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2006/12/05 12:34:42 | 000,507,136 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PFC027.SYS -- (PAC207)
DRV - [2006/11/20 20:13:58 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/20 20:13:58 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/20 20:13:56 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/12 00:10:40 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/11/02 08:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 08:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2006/11/02 08:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/17 15:43:52 | 000,007,424 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Program Files\DellSupport\Drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2005/02/23 15:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylo....19&affID=17159

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 26 F7 7B 56 49 FC CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


[2011/05/28 14:12:10 | 000,002,423 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml

O1 HOSTS File: ([2011/05/09 14:42:19 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ECenter] c:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] c:\Program Files\Java\jre1.6.0\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [Tesco Insert Detect] C:\Program Files\Tesco\Picture Suite\InsDetect.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\colby\Pictures\aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.jpg
O24 - Desktop BackupWallPaper: C:\Users\colby\Pictures\aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/28 14:23:33 | 001,832,544 | ---- | C] (McAfee, Inc.) -- C:\Users\colby\Desktop\MCPR.exe
[2011/05/28 14:11:27 | 000,000,000 | ---D | C] -- C:\Program Files\Yuna Software
[2011/05/11 17:55:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/05/11 17:55:15 | 000,019,544 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/05/11 17:55:13 | 000,307,928 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/05/11 17:55:07 | 000,025,432 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/05/11 17:55:06 | 000,049,240 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/05/11 17:55:04 | 000,441,176 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/05/11 17:55:01 | 000,053,592 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/05/11 17:53:21 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/05/11 17:53:18 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/05/11 17:52:40 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/05/11 17:52:40 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/05/09 19:44:37 | 000,061,440 | ---- | C] ( ) -- C:\Users\colby\Desktop\VEW.exe
[2011/05/09 14:52:59 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/05/09 14:52:42 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/05/09 14:52:41 | 000,000,000 | ---D | C] -- C:\Users\colby\AppData\Local\temp
[2011/05/09 14:17:11 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/05/09 14:17:11 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/05/09 14:17:11 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/05/09 14:16:58 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/05/09 14:16:56 | 000,000,000 | ---D | C] -- C:\george
[2011/05/09 14:16:29 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/09 14:16:08 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/05/09 13:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Citrix
[2011/05/09 13:53:29 | 000,000,000 | ---D | C] -- C:\Program Files\Citrix
[2011/05/09 13:53:00 | 000,000,000 | ---D | C] -- C:\Users\colby\AppData\Local\Citrix
[2011/05/09 13:52:15 | 000,000,000 | ---D | C] -- C:\Users\colby\AppData\Local\Apps
[2011/05/09 13:52:13 | 000,000,000 | ---D | C] -- C:\Users\colby\AppData\Local\Deployment
[2011/05/09 11:33:30 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/09 11:33:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/09 11:33:26 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/05/09 11:33:26 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/09 11:29:58 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\colby\Desktop\mbam-setup-1.50.1.1100.exe
[2011/05/09 09:25:21 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/05/08 16:19:52 | 000,589,632 | ---- | C] (AVAST Software) -- C:\Users\colby\Desktop\aswMBR.exe
[2011/05/08 13:40:41 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\colby\Desktop\OTL.exe
[2011/05/03 23:45:02 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011/05/03 23:45:00 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011/01/09 23:52:09 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\colby\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2011/05/28 14:34:28 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/28 14:34:10 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/28 14:34:09 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/28 14:34:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/28 14:33:41 | 1063,718,912 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/28 14:23:37 | 001,832,544 | ---- | M] (McAfee, Inc.) -- C:\Users\colby\Desktop\MCPR.exe
[2011/05/28 14:15:51 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{92A66576-6360-40C6-AF9D-AE3CADE930A9}.job
[2011/05/28 14:03:05 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/24 19:14:10 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011/05/11 17:55:16 | 000,001,831 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/05/11 17:55:01 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/05/11 17:46:44 | 056,923,744 | ---- | M] () -- C:\Users\colby\Desktop\setup_av_free.exe
[2011/05/10 13:10:59 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/05/10 13:10:55 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/05/10 13:03:54 | 000,441,176 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/05/10 13:03:44 | 000,307,928 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/05/10 13:02:37 | 000,049,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/05/10 12:59:56 | 000,025,432 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/05/10 12:59:44 | 000,053,592 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/05/10 12:59:35 | 000,019,544 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/05/09 19:44:38 | 000,061,440 | ---- | M] ( ) -- C:\Users\colby\Desktop\VEW.exe
[2011/05/09 19:11:45 | 000,004,892 | ---- | M] () -- C:\Users\colby\AppData\Local\d3d9caps.dat
[2011/05/09 14:42:19 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/05/09 14:12:37 | 004,343,965 | R--- | M] () -- C:\Users\colby\Desktop\george.exe
[2011/05/09 11:33:31 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/09 11:30:14 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\colby\Desktop\mbam-setup-1.50.1.1100.exe
[2011/05/08 16:23:25 | 000,000,512 | ---- | M] () -- C:\Users\colby\Desktop\MBR.dat
[2011/05/08 16:20:07 | 000,589,632 | ---- | M] (AVAST Software) -- C:\Users\colby\Desktop\aswMBR.exe
[2011/05/08 13:40:57 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\colby\Desktop\OTL.exe

========== Files Created - No Company Name ==========

[2011/05/11 17:55:16 | 000,001,831 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/05/11 17:46:37 | 056,923,744 | ---- | C] () -- C:\Users\colby\Desktop\setup_av_free.exe
[2011/05/09 14:17:11 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/05/09 14:17:11 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/05/09 14:17:11 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/05/09 14:17:11 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/05/09 14:17:11 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/05/09 14:11:59 | 004,343,965 | R--- | C] () -- C:\Users\colby\Desktop\george.exe
[2011/05/09 11:33:31 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/08 16:23:25 | 000,000,512 | ---- | C] () -- C:\Users\colby\Desktop\MBR.dat
[2011/01/09 23:52:09 | 000,007,887 | ---- | C] () -- C:\Users\colby\AppData\Roaming\pcouffin.cat
[2011/01/09 23:52:09 | 000,001,144 | ---- | C] () -- C:\Users\colby\AppData\Roaming\pcouffin.inf
[2011/01/09 19:48:11 | 000,001,057 | ---- | C] () -- C:\Users\colby\AppData\Roaming\vso_ts_preview.xml
[2010/05/24 20:33:00 | 004,670,829 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2010/05/24 20:33:00 | 001,529,856 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2010/05/24 20:33:00 | 001,447,921 | ---- | C] () -- C:\Windows\System32\ffmpegmt.dll
[2010/05/24 20:33:00 | 000,877,385 | ---- | C] () -- C:\Windows\System32\ff_x264.dll
[2010/05/24 20:33:00 | 000,810,113 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/05/24 20:33:00 | 000,336,384 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll
[2010/05/24 20:33:00 | 000,324,096 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2010/05/24 20:33:00 | 000,248,320 | ---- | C] () -- C:\Windows\System32\ff_kernelDeint.dll
[2010/05/24 20:33:00 | 000,216,576 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2010/05/24 20:33:00 | 000,151,552 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2010/05/24 20:33:00 | 000,145,408 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2010/05/24 20:33:00 | 000,139,944 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2010/05/24 20:33:00 | 000,121,856 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2010/05/24 20:33:00 | 000,116,736 | ---- | C] () -- C:\Windows\System32\ff_tremor.dll
[2010/05/24 20:33:00 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/05/24 20:33:00 | 000,100,864 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2010/05/24 20:33:00 | 000,097,792 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2010/05/19 21:59:20 | 000,150,528 | ---- | C] () -- C:\Windows\System32\mkx.dll
[2010/05/19 21:59:10 | 000,109,568 | ---- | C] () -- C:\Windows\System32\avi.dll
[2010/05/19 21:59:02 | 000,141,824 | ---- | C] () -- C:\Windows\System32\mp4.dll
[2010/05/19 21:58:52 | 000,123,392 | ---- | C] () -- C:\Windows\System32\ogm.dll
[2010/05/19 21:58:24 | 000,113,152 | ---- | C] () -- C:\Windows\System32\dsmux.exe
[2010/05/19 21:58:18 | 000,154,112 | ---- | C] () -- C:\Windows\System32\ts.dll
[2010/05/19 21:58:08 | 000,249,856 | ---- | C] () -- C:\Windows\System32\dxr.dll
[2010/05/19 21:57:42 | 000,097,792 | ---- | C] () -- C:\Windows\System32\avs.dll
[2010/05/19 21:57:38 | 000,137,728 | ---- | C] () -- C:\Windows\System32\mkv2vfr.exe
[2010/05/19 21:57:26 | 000,093,184 | ---- | C] () -- C:\Windows\System32\avss.dll
[2010/05/19 21:57:20 | 000,358,400 | ---- | C] () -- C:\Windows\System32\gdsmux.exe
[2010/05/19 21:55:40 | 000,080,384 | ---- | C] () -- C:\Windows\System32\mkzlib.dll
[2010/05/19 21:55:36 | 000,024,576 | ---- | C] () -- C:\Windows\System32\mkunicode.dll
[2009/08/11 22:21:26 | 000,087,552 | ---- | C] () -- C:\Windows\System32\ac3config.exe
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/06/07 17:24:04 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/02/20 17:05:26 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/02/20 17:05:26 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/01/10 23:15:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\mmfinfo.dll
[2008/12/29 20:22:48 | 000,008,704 | ---- | C] () -- C:\Windows\System32\vidccleaner.exe
[2008/11/06 16:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/10/24 20:19:23 | 000,106,496 | ---- | C] () -- C:\Windows\System32\PixText.dll
[2007/10/13 10:30:20 | 000,000,137 | ---- | C] () -- C:\Windows\System32\Registration.ini
[2007/09/23 16:51:58 | 000,000,224 | ---- | C] () -- C:\Users\colby\AppData\Roaming\wklnhst.dat
[2007/04/13 20:54:28 | 000,004,892 | ---- | C] () -- C:\Users\colby\AppData\Local\d3d9caps.dat
[2007/04/04 22:57:26 | 000,033,280 | ---- | C] () -- C:\Users\colby\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/04/01 03:49:05 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1114.dll
[2007/04/01 03:49:05 | 000,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll
[2007/04/01 03:49:05 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007/04/01 03:49:05 | 000,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll
[2007/04/01 03:48:47 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/04/01 03:48:36 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/03/31 20:10:54 | 000,065,536 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2007/03/31 20:10:50 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2006/11/10 23:02:53 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/07 20:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 13:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 13:44:53 | 000,320,392 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 11:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 11:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 11:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 10:27:46 | 000,000,518 | ---- | C] () -- C:\Windows\System32\SP207.INI
[2006/11/02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/09/16 23:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/16 23:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll

< End of report >

I await your reply.
  • 0

Advertisements

#17
RKinner
Posted 28 May 2011 - 08:41 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Click on the clock, Change Date and Time Settings, Internet Time, Set the time and date to about right and Apply then Change Settings, (Continue), Change the time server to the one that ends in .gov. Update Now. Does it work?

Copy the text between the lines of stars by highlighting and Ctrl + c


********************************************************************
:Services
Application Updater

:OTL
PRC - [2010/10/22 17:47:26 | 000,524,288 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2010/10/22 17:38:46 | 000,386,560 | ---- | M] (Spigot, Inc.) -- C:\Program Files\Application Updater\ApplicationUpdater.exe
SRV - [2010/10/22 17:38:46 | 000,386,560 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] c:\Program Files\Java\jre1.6.0\bin\jusched.exe (Sun Microsystems, Inc.)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

:files
C:\Program Files\Application Updater
C:\Program Files\Common Files\Spigot
C:\Program Files\Spigot

:Commands
[purity]
[emptytemp]
[Reboot]


*******************************************************************

then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done.

Go back in and Clear the Event logs as before then run VEW again and post the logs.

Ron
  • 0

#18
tallula28
Posted 28 May 2011 - 08:55 AM

tallula28

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Hi

There were 4 that ended in .gov so i oicked the top one and it worked!

How do I clear the event logs?
  • 0

#19
RKinner
Posted 28 May 2011 - 09:15 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Right click on Computer and select Manage (Continue) then Event Viewer. Click on Windows Logs then click on each of the sub categories and Clear Logs, then Clear.
  • 0

#20
tallula28
Posted 28 May 2011 - 09:30 AM

tallula28

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
I have cleared the event logs as you said.

Iam now trying to run vew I clicked system, error, warning, and typed in 20, when i then click run an error box comes up saying:

Run-time error '75':
Path/File access error
  • 0

#21
tallula28
Posted 28 May 2011 - 09:33 AM

tallula28

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Here is the log from the OTL fix scan:

All processes killed
========== SERVICES/DRIVERS ==========
Service Application Updater stopped successfully!
Service Application Updater deleted successfully!
========== OTL ==========
No active process named SearchSettings.exe was found!
No active process named ApplicationUpdater.exe was found!
Error: No service named Application Updater was found to stop!
Service\Driver key Application Updater not found.
C:\Program Files\Application Updater\ApplicationUpdater.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ deleted successfully.
C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ deleted successfully.
c:\Program Files\Java\jre1.6.0\bin\ssv.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully.
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
c:\Program Files\Java\jre1.6.0\bin\jusched.exe moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\internet\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
========== FILES ==========
C:\Program Files\Application Updater folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings\Res folder moved successfully.
C:\Program Files\Common Files\Spigot\Search Settings folder moved successfully.
C:\Program Files\Common Files\Spigot folder moved successfully.
File\Folder C:\Program Files\Spigot not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: colby
->Temp folder emptied: 18516656 bytes
->Temporary Internet Files folder emptied: 60547651 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 790 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 113739194 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 9304905 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 193.00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 05282011_154631

Files\Folders moved on Reboot...
C:\Users\colby\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SuggestedSites.dat moved successfully.
C:\Users\colby\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8JS24J3J\page__st__15__gopid__2017101[1].htm moved successfully.
C:\Users\colby\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8JS24J3J\search[1].htm moved successfully.
C:\Users\colby\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8JS24J3J\xd_proxy[1].htm moved successfully.
C:\Users\colby\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0BNSUH5D\like[1].htm moved successfully.
C:\Users\colby\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
  • 0

#22
RKinner
Posted 28 May 2011 - 02:01 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
I think when you ran VEW you forgot to right click and Run As Administrator. Try it again that way and see if it doesn't work.
  • 0

#23
tallula28
Posted 28 May 2011 - 05:05 PM

tallula28

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Yes you were right :)

here is the log:

Vino's Event Viewer v01c run on Windows Vista in English
Report run at 29/05/2011 00:02:55

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 28/05/2011 20:17:05
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 is being limited by system firmware. The processor has been in this reduced performance state for 15 seconds since the last report.

Log: 'System' Date/Time: 28/05/2011 20:17:05
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 0 is being limited by system firmware. The processor has been in this reduced performance state for 15 seconds since the last report.

Log: 'System' Date/Time: 28/05/2011 23:01:52
Type: Warning Category: 0
Event: 4 Source: bcm4sbxp
Broadcom 440x 10/100 Integrated Controller: The network link is down. Check to make sure the network cable is properly connected.

Log: 'System' Date/Time: 28/05/2011 23:02:00
Type: Warning Category: 0
Event: 1003 Source: Microsoft-Windows-Dhcp-Client
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 00197E01D331. The following error occurred: The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
  • 0

#24
RKinner
Posted 28 May 2011 - 05:36 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Log: 'System' Date/Time: 28/05/2011 20:17:05
Type: Warning Category: 0
Event: 7 Source: Microsoft-Windows-Kernel-Processor-Power
The speed of processor 1 is being limited by system firmware. The processor has been in this reduced performance state for 15 seconds since the last report.

This is usually caused by overheating.

Get SIW

http://www.snapfiles.com/get/siw.html

Run it (right click and Run As Administrator) and under Hardware look for Sensors. Click on Sensors and look in the right pane there should be some temperature readings. What are they? Watch your video or run a scan for a little bit then look again. Are the temps going up? Or are they too high? (desktops usually run below 40 C. Laptops below 60 C.) If so make sure your air vents are not blocked. Turn off the PC. Take a vacuum cleaner and suck the dust from all vents of a laptop. Take the back off a desktop and suck or blow the dust from the vents and the heat sink. Turn on the PC. Is the CPU fan running? You may need a new fan.

Ron
  • 0

#25
tallula28
Posted 16 June 2011 - 03:38 AM

tallula28

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Ron,I run the download as you said to but the screen went to bluescreen and said it had to shutdown due to security problems. It then rebooted itself, so I havent tried again.

The laptop still wont update window or windows defender that is also out of date.
  • 0

Advertisements

#26
RKinner
Posted 16 June 2011 - 07:35 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP
Makes sure the laptop is on a hard surface and that nothing is blocking the vents and that it is not sitting in direct sunlight or near a heat source.

Run VEW again as before. Remember to Run AS Administrator

Get Process Explorer

http://live.sysinter...com/procexp.exe

Save it to your desktop then - right click and Run As Administrator. Click once or twice on the CPU column header to sort things by CPU usage with the big hitters at the top. File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.

Ron
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP