Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

very slow computer

Started by lmd46 , May 21 2011 01:33 PM

  • This topic is locked This topic is locked

#1
lmd46
Posted 21 May 2011 - 01:33 PM

lmd46

    Member

  • Member
  • PipPip
  • 39 posts
OTL logfile created on: 5/21/2011 2:55:59 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Donna\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

501.00 Mb Total Physical Memory | 81.00 Mb Available Physical Memory | 16.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 41.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 157.77 Gb Free Space | 67.75% Space Free | Partition Type: NTFS

Computer Name: DONNA-PC | User Name: Donna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/21 14:52:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Donna\Downloads\OTL.exe
PRC - [2011/05/10 07:57:31 | 000,235,168 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10p_ActiveX.exe
PRC - [2010/12/26 23:12:09 | 001,392,784 | ---- | M] (Webroot Software, Inc. ) -- C:\Program Files\Webroot\Security\Current\Framework\WRTray.exe
PRC - [2010/12/26 23:12:01 | 003,275,112 | ---- | M] (Webroot Software, Inc. ) -- C:\Program Files\Webroot\Security\Current\Framework\WRConsumerService.exe
PRC - [2010/12/07 19:44:24 | 003,888,696 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files\Webroot\Security\Current\plugins\antimalware\AEI.exe
PRC - [2010/12/07 19:44:16 | 000,158,048 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files\Webroot\Security\Current\plugins\antimalware\SSU.exe
PRC - [2010/01/11 16:21:52 | 000,490,216 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2009/10/26 15:46:54 | 001,458,176 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PRC - [2009/08/13 07:32:00 | 000,262,416 | ---- | M] (Data Perceptions / PowerProgrammer) -- C:\Windows\System32\WebUpdateSvc4.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/11/28 18:40:16 | 000,327,680 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
PRC - [2008/01/19 00:38:40 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2003/01/21 15:25:46 | 000,098,304 | ---- | M] () -- C:\Program Files\NewSoft\Smart Start UP\PnPDetect.exe


========== Modules (SafeList) ==========

MOD - [2011/05/21 14:52:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Donna\Downloads\OTL.exe
MOD - [2010/08/31 11:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/12/26 23:12:01 | 003,275,112 | ---- | M] (Webroot Software, Inc. ) [Auto | Running] -- C:\Program Files\Webroot\Security\Current\Framework\WRConsumerService.exe -- (WRConsumerService)
SRV - [2010/12/07 19:44:24 | 003,888,696 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Auto | Running] -- C:\Program Files\Webroot\Security\current\plugins\antimalware\AEI.exe -- (WebrootSpySweeperService)
SRV - [2009/08/13 07:32:00 | 000,262,416 | ---- | M] (Data Perceptions / PowerProgrammer) [Auto | Running] -- C:\Windows\System32\WebUpdateSvc4.exe -- (WebUpdate4)
SRV - [2008/01/19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2004/12/16 11:26:58 | 000,462,848 | ---- | M] (Dell) [On_Demand | Stopped] -- C:\Windows\System32\dlbxcoms.exe -- (dlbx_device)


========== Driver Services (SafeList) ==========

DRV - [2010/10/12 16:57:12 | 000,182,056 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ssidrv.sys -- (ssidrv)
DRV - [2010/10/12 16:57:12 | 000,045,072 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [File_System | Auto | Running] -- C:\Windows\System32\drivers\ssfmonm.sys -- (ssfmonm)
DRV - [2010/10/12 16:57:12 | 000,024,496 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\sshrmd.sys -- (sshrmd)
DRV - [2010/07/22 14:53:56 | 000,056,664 | ---- | M] (Meade Instruments Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DsiUsb.sys -- (DsiUsb)
DRV - [2010/03/12 18:22:18 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009/10/26 16:09:06 | 001,095,936 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2008/06/27 02:40:18 | 000,335,872 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187.sys -- (RTL8187)
DRV - [2005/09/20 11:30:00 | 000,162,432 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.usatoday.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



O1 HOSTS File: ([2010/12/27 13:11:34 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask.com Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [DLBXCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\DLBXtime.DLL ()
O4 - HKLM..\Run: [IPPDetect] File not found
O4 - HKLM..\Run: [Smart Start UP] C:\Program Files\NewSoft\Smart Start UP\PnPDetect.exe ()
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [WebrootTrayApp] C:\Program Files\Webroot\Security\Current\Framework\WRTray.exe (Webroot Software, Inc. )
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Donna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PMB Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O16 - DPF: {4ECE056F-E50F-4F9D-B069-EB342D21F26A} http://www2.snapfish...ishActivia3.cab (Snapfish Activia3)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8C652F68-02DD-4524-AA60-D40527C818EF} https://kaleidos.rm....site/KAUtil.cab (KALaunch Class)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.251.130 167.206.251.129
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Donna\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Donna\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/10 07:36:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2011/05/10 07:36:09 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2011/05/09 23:19:32 | 000,000,000 | ---D | C] -- C:\b27be2e8bd1faa12f788d6
[2010/09/09 13:04:37 | 000,049,152 | ---- | C] ( ) -- C:\Windows\System32\csnphv71.dll
[2007/01/30 15:35:00 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlbxiesc.dll
[2007/01/30 15:22:32 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlbxinpa.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/21 14:55:00 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/21 14:55:00 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/21 14:46:24 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{DF815F25-C64E-423E-8EDB-50DC5BE5678E}.job
[2011/05/21 14:44:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/09 23:34:42 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/09 23:34:42 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/26 23:18:50 | 000,030,424 | ---- | C] () -- C:\Windows\System32\wrLZMA.dll
[2010/12/26 23:18:50 | 000,017,472 | ---- | C] () -- C:\Windows\System32\SsiEfr.exe
[2010/09/09 13:04:40 | 000,032,768 | ---- | C] () -- C:\Windows\vsnphv71.exe
[2010/09/09 13:04:39 | 000,015,584 | ---- | C] () -- C:\Windows\snphv71.ini
[2010/09/09 13:04:38 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dsnphv71.dll
[2010/09/09 13:04:37 | 000,188,928 | ---- | C] () -- C:\Windows\System32\drivers\snphv71.sys
[2010/09/09 13:04:37 | 000,036,864 | ---- | C] () -- C:\Windows\System32\vsnphv71.dll
[2010/09/09 13:04:33 | 000,020,480 | ---- | C] () -- C:\Windows\dsnphv71.exe
[2010/05/18 21:32:46 | 000,000,139 | ---- | C] () -- C:\Windows\WebUpdateSvc4.INI
[2010/05/18 21:04:14 | 000,047,628 | ---- | C] () -- C:\Windows\System32\wuwuninst.exe
[2009/12/01 22:12:03 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/12/01 22:12:02 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/12/01 21:46:34 | 000,040,960 | ---- | C] () -- C:\Windows\System32\IPPCPUID.DLL
[2009/12/01 21:25:01 | 000,122,880 | ---- | C] () -- C:\Windows\System32\Nsvideo.dll
[2009/12/01 20:35:47 | 000,032,768 | R--- | C] () -- C:\Windows\System32\infcpy.dll
[2009/09/11 07:44:07 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/11 07:44:06 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/13 07:32:02 | 000,426,256 | ---- | C] () -- C:\Windows\System32\WuWUI.exe
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/27 16:32:23 | 008,673,792 | ---- | C] () -- C:\ProgramData\atscie.msi
[2009/04/04 16:50:29 | 000,001,069 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009/03/25 17:39:34 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2009/03/25 17:39:34 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2009/03/06 18:55:44 | 000,870,128 | ---- | C] () -- C:\Users\Donna\AppData\Roaming\mcs.rma
[2009/03/06 18:55:44 | 000,000,004 | ---- | C] () -- C:\Users\Donna\AppData\Roaming\5A4DAE
[2009/02/28 17:05:59 | 000,019,968 | ---- | C] () -- C:\Users\Donna\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/25 17:18:26 | 000,684,032 | ---- | C] () -- C:\Windows\libeay32.dll
[2009/02/25 17:18:23 | 000,155,648 | ---- | C] () -- C:\Windows\ssleay32.dll
[2009/02/24 16:27:42 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/02/24 16:16:49 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2007/02/19 08:26:16 | 000,135,168 | ---- | C] () -- C:\Windows\System32\dlbxjswr.dll
[2007/02/19 08:21:58 | 000,397,312 | ---- | C] () -- C:\Windows\System32\dlbxutil.dll
[2007/02/07 18:57:16 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlbxcoin.dll
[2006/12/12 12:13:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1147.dll
[2006/12/12 11:02:50 | 000,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll
[2006/12/12 11:01:48 | 000,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,270,552 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,604,502 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,104,170 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/08/18 11:26:46 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlbxvs.dll
[2005/02/24 22:23:46 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlbxcnv4.dll
[2005/01/20 05:56:00 | 000,098,304 | ---- | C] () -- C:\Windows\System32\dlbxinsr.dll
[2005/01/20 05:55:48 | 000,032,768 | ---- | C] () -- C:\Windows\System32\dlbxcur.dll
[2005/01/20 05:54:40 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlbxinsb.dll
[2005/01/20 05:54:28 | 000,077,824 | ---- | C] () -- C:\Windows\System32\dlbxcub.dll
[2005/01/20 05:54:18 | 000,139,264 | ---- | C] () -- C:\Windows\System32\dlbxins.dll
[2005/01/20 05:53:44 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dlbxcu.dll
[2004/01/13 19:46:00 | 000,172,032 | ---- | C] () -- C:\Windows\System32\tifmicon.dll

< End of report >

here is the extras log
OTL Extras logfile created on: 5/21/2011 2:55:59 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Donna\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

501.00 Mb Total Physical Memory | 81.00 Mb Available Physical Memory | 16.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 41.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.88 Gb Total Space | 157.77 Gb Free Space | 67.75% Space Free | Partition Type: NTFS

Computer Name: DONNA-PC | User Name: Donna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0280C80E-A444-4A2E-A611-B1F2A409A6AF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{054EAA5C-36A6-4336-988A-7EAEC9D35007}" = rport=139 | protocol=6 | dir=out | app=system |
"{0AB31686-2D1D-4F04-8CD4-931F9275CD47}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{0CB1A481-FCC8-4857-8F97-D9362E4089E6}" = rport=137 | protocol=17 | dir=out | app=system |
"{1A5DD438-5E33-4197-AA49-0E80FEBB3762}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=c:\windows\system32\spoolsv.exe |
"{1C0BC7D0-3108-4CCB-911B-E71DFA6FB694}" = lport=138 | protocol=17 | dir=in | app=system |
"{3049E638-953F-43CE-9A30-4B31E2A8EA93}" = lport=137 | protocol=17 | dir=in | app=system |
"{332F986E-A7A6-44F6-BA5B-223CC94E6E11}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{3D8117D3-8476-4559-88CC-397500ACF986}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{41400481-93A4-4449-846D-EF5BB4AB776E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4F597BF0-4E59-46C7-9C2F-E6C037659ED6}" = rport=138 | protocol=17 | dir=out | app=system |
"{55910FDA-C1A3-467C-8A51-07CAA9ED09D0}" = lport=139 | protocol=6 | dir=in | app=system |
"{5DAAFFB0-D089-487E-BB58-C4FE1941E4A4}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{75EB9515-5DAB-442F-B6E6-7CC6B2AD85DC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=file and printer sharing (spooler service - rpc-epmap) |
"{8B2E9960-01F8-4718-B8FB-7673EBEFFB6C}" = rport=445 | protocol=6 | dir=out | app=system |
"{B0391038-97CC-44CD-B860-F77CD2BE202A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CA040470-257B-45F5-8CA0-6C3D24CBB627}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F3744B5C-2B66-448D-8E9A-70CAC164E1AA}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{14D349D0-55A4-4F06-B58F-45AE00E44BC9}" = protocol=1 | dir=out | name=file and printer sharing (echo request - icmpv4-out) |
"{1AB2CDC7-5FE7-4E5C-958A-4D2B4CCC9524}" = protocol=1 | dir=in | name=file and printer sharing (echo request - icmpv4-in) |
"{2EED7DB0-3F4A-45B4-A65D-3E555D35323E}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{5BB3FE62-563B-4D26-9D6E-3483C95A4512}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8384F822-21B3-4F62-9A7B-9A3C466D8998}" = protocol=6 | dir=in | app=c:\windows\system32\dlbxcoms.exe |
"{84FC9FBA-558E-48CA-821A-B1205D86AD73}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8A9B2060-97D6-4C99-AB0B-70E424E04749}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{972E28CE-C6B7-4899-8C20-FBEF93649629}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A0EFE3AE-0E34-4754-A2A6-9E115ADD2CBE}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B5AFC93C-2C1B-4550-852A-A14397024E69}" = protocol=58 | dir=out | name=file and printer sharing (echo request - icmpv6-out) |
"{B7A86989-62B7-4C8C-A826-3759B9209B2D}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C14C5FF7-52AC-4626-8A63-E3A0D07A5EC1}" = protocol=58 | dir=in | name=file and printer sharing (echo request - icmpv6-in) |
"{EA0936A5-3467-46C5-B1DB-FB9843BD43B1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EA791A2E-B0BA-42A5-89E2-A14D8B354AEB}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{EC3F823D-57AC-4B4F-9C87-16BC10010880}" = protocol=17 | dir=in | app=c:\windows\system32\dlbxcoms.exe |
"TCP Query User{32D0D6DA-2339-46BA-A5FF-2544504CB974}C:\program files\v cast music with rhapsody\rhapsody.exe" = protocol=6 | dir=in | app=c:\program files\v cast music with rhapsody\rhapsody.exe |
"TCP Query User{801E0A5D-D3B6-4129-8AF6-C03ACE5C59DA}C:\program files\v cast music with rhapsody\rhapsody.exe" = protocol=6 | dir=in | app=c:\program files\v cast music with rhapsody\rhapsody.exe |
"TCP Query User{B786927F-E030-44BA-A68B-97C32408A84D}C:\program files\meade\manuals\autostarsuite\autostarsuite.exe" = protocol=6 | dir=in | app=c:\program files\meade\manuals\autostarsuite\autostarsuite.exe |
"TCP Query User{DF0DEBC6-00BC-431E-A2B6-2B54190CD23A}C:\program files\meade\autostarsuite\autostarsuite.exe" = protocol=6 | dir=in | app=c:\program files\meade\autostarsuite\autostarsuite.exe |
"UDP Query User{6DA2301E-CD54-4961-AFD9-AB8E8555F3DE}C:\program files\v cast music with rhapsody\rhapsody.exe" = protocol=17 | dir=in | app=c:\program files\v cast music with rhapsody\rhapsody.exe |
"UDP Query User{7AC0D07E-BDD3-49CA-9D22-0CAB8C41F7DB}C:\program files\meade\autostarsuite\autostarsuite.exe" = protocol=17 | dir=in | app=c:\program files\meade\autostarsuite\autostarsuite.exe |
"UDP Query User{7BBCCBA1-F7CD-47FA-AB90-5FC7CC6AD670}C:\program files\meade\manuals\autostarsuite\autostarsuite.exe" = protocol=17 | dir=in | app=c:\program files\meade\manuals\autostarsuite\autostarsuite.exe |
"UDP Query User{EC87B841-EFEE-492E-A020-6307E7D04F20}C:\program files\v cast music with rhapsody\rhapsody.exe" = protocol=17 | dir=in | app=c:\program files\v cast music with rhapsody\rhapsody.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo
"{187B8EFC-810D-4D9F-AC0D-601D7C84665D}" = Geek Squad 24 Hour Computer Support
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23484C5A-E7AE-4F59-B7DF-88D63BEF18F4}" = Meade LPI
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 18
"{2C9241DC-E141-4BB9-99F2-0BC54D81862F}" = Smart Start UP
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C516E56-0B4B-4BDE-88A2-035B4D170A26}" = DXG-506V
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C91B84-7B46-4FE7-8999-8228CFA75F89}" = Intel® Integrated Performance Primitives RTI 4.0
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = TIPCI
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask.com Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B287B75-DF8D-40C8-9620-8E4492C38EF1}" = Webroot Software
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B0-0409-0000-0000000FF1CE}" = Microsoft Save as PDF Add-in for 2007 Microsoft Office programs
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B0C0F5E6-10B1-11D6-9296-0050BA073EEC}" = Presto! VideoWorks 6
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{BDD8B3C0-0877-418D-ACC9-2AB0064B901A}" = Presto! Mr. Photo 3
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{DABF43D9-1104-4764-927B-5BED1274A3B0}" = Runtime
"{EC2A8F27-4FBF-4E41-B27B-FE822511B761}" = iTunes
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}" = Microsoft .NET Compact Framework 2.0 SP2
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Autostar Suite" = Autostar Suite
"Autostar Updater" = Autostar Updater
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Envisage Install" = Envisage Install
"HDMI" = Intel® Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"Software Update Wizard (Redist)" = Software Update Wizard (Redist) 4.5
"Starry Night Bundle Edition" = Starry Night Bundle Edition
"V CAST Music with Rhapsody" = V CAST Music with Rhapsody
"Webroot Software" = Webroot Software
"Xvid_is1" = Xvid 1.2.2 final uninstall

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/20/2011 10:34:45 PM | Computer Name = Donna-PC | Source = Software Licensing Service | ID = 8198
Description = License Activation (SLUI.exe) failed with the following error code:
0x80070057

Error - 5/21/2011 3:02:06 AM | Computer Name = Donna-PC | Source = ESENT | ID = 490
Description = wuaueng.dll (1064) SUS20ClientDataStore: An attempt to open the file
"C:\Windows\SoftwareDistribution\DataStore\Logs\edb.chk" for read / write access
failed with system error 32 (0x00000020): "The process cannot access the file because
it is being used by another process. ". The open file operation will fail with
error -1032 (0xfffffbf8).

Error - 5/21/2011 3:02:17 AM | Computer Name = Donna-PC | Source = ESENT | ID = 490
Description = wuaueng.dll (1064) SUS20ClientDataStore: An attempt to open the file
"C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log" for read / write access
failed with system error 32 (0x00000020): "The process cannot access the file because
it is being used by another process. ". The open file operation will fail with
error -1032 (0xfffffbf8).

Error - 5/21/2011 3:02:42 AM | Computer Name = Donna-PC | Source = ESENT | ID = 490
Description = wuaueng.dll (1064) SUS20ClientDataStore: An attempt to open the file
"C:\Windows\SoftwareDistribution\DataStore\Logs\edb.chk" for read / write access
failed with system error 32 (0x00000020): "The process cannot access the file because
it is being used by another process. ". The open file operation will fail with
error -1032 (0xfffffbf8).

Error - 5/21/2011 3:02:52 AM | Computer Name = Donna-PC | Source = ESENT | ID = 490
Description = wuaueng.dll (1064) SUS20ClientDataStore: An attempt to open the file
"C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log" for read / write access
failed with system error 32 (0x00000020): "The process cannot access the file because
it is being used by another process. ". The open file operation will fail with
error -1032 (0xfffffbf8).

Error - 5/21/2011 3:27:15 AM | Computer Name = Donna-PC | Source = ESENT | ID = 490
Description = wuaueng.dll (1064) SUS20ClientDataStore: An attempt to open the file
"C:\Windows\SoftwareDistribution\DataStore\Logs\edb.chk" for read / write access
failed with system error 32 (0x00000020): "The process cannot access the file because
it is being used by another process. ". The open file operation will fail with
error -1032 (0xfffffbf8).

Error - 5/21/2011 3:27:31 AM | Computer Name = Donna-PC | Source = ESENT | ID = 490
Description = wuaueng.dll (1064) SUS20ClientDataStore: An attempt to open the file
"C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log" for read / write access
failed with system error 32 (0x00000020): "The process cannot access the file because
it is being used by another process. ". The open file operation will fail with
error -1032 (0xfffffbf8).

Error - 5/21/2011 3:27:49 AM | Computer Name = Donna-PC | Source = ESENT | ID = 490
Description = wuaueng.dll (1064) SUS20ClientDataStore: An attempt to open the file
"C:\Windows\SoftwareDistribution\DataStore\Logs\edb.chk" for read / write access
failed with system error 32 (0x00000020): "The process cannot access the file because
it is being used by another process. ". The open file operation will fail with
error -1032 (0xfffffbf8).

Error - 5/21/2011 3:27:59 AM | Computer Name = Donna-PC | Source = ESENT | ID = 490
Description = wuaueng.dll (1064) SUS20ClientDataStore: An attempt to open the file
"C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log" for read / write access
failed with system error 32 (0x00000020): "The process cannot access the file because
it is being used by another process. ". The open file operation will fail with
error -1032 (0xfffffbf8).

Error - 5/21/2011 3:28:12 AM | Computer Name = Donna-PC | Source = ESENT | ID = 490
Description = wuaueng.dll (1064) SUS20ClientDataStore: An attempt to open the file
"C:\Windows\SoftwareDistribution\DataStore\Logs\edb.chk" for read / write access
failed with system error 32 (0x00000020): "The process cannot access the file because
it is being used by another process. ". The open file operation will fail with
error -1032 (0xfffffbf8).

[ Media Center Events ]
Error - 10/14/2009 1:25:07 PM | Computer Name = Donna-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 5/20/2011 10:33:17 PM | Computer Name = Donna-PC | Source = DCOM | ID = 10010
Description =

Error - 5/21/2011 3:00:52 AM | Computer Name = Donna-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 5/21/2011 3:27:09 AM | Computer Name = Donna-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 5/21/2011 2:44:51 PM | Computer Name = Donna-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 3:28:33 AM on 5/21/2011 was unexpected.

Error - 5/21/2011 2:45:04 PM | Computer Name = Donna-PC | Source = Server | ID = 2505
Description = The server could not bind to the transport \Device\NetBT_Tcpip_{484C268C-DD5E-4E27-85C4-8C10BE341FD1}
because another computer on the network has the same name. The server could not
start.

Error - 5/21/2011 2:45:01 PM | Computer Name = Donna-PC | Source = netbt | ID = 4321
Description = The name "DONNA-PC :0" could not be registered on the interface
with IP address 192.168.1.103. The computer with the IP address 192.168.1.102 did
not allow the name to be claimed by this computer.

Error - 5/21/2011 2:45:01 PM | Computer Name = Donna-PC | Source = netbt | ID = 4321
Description = The name "DONNA-PC :0" could not be registered on the interface
with IP address 192.168.1.103. The computer with the IP address 192.168.1.102 did
not allow the name to be claimed by this computer.

Error - 5/21/2011 2:45:04 PM | Computer Name = Donna-PC | Source = netbt | ID = 4321
Description = The name "DONNA-PC :20" could not be registered on the interface
with IP address 192.168.1.103. The computer with the IP address 192.168.1.102 did
not allow the name to be claimed by this computer.

Error - 5/21/2011 2:45:38 PM | Computer Name = Donna-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 5/21/2011 2:47:13 PM | Computer Name = Donna-PC | Source = Service Control Manager | ID = 7022
Description =


< End of report >

Edited by lmd46, 21 May 2011 - 01:40 PM.

  • 0

Advertisements

#2
BlackOxide
Posted 23 May 2011 - 02:33 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Hello again :)

I believe the problem with the slowness is being caused by the Laptop not having enough RAM...

501.00 Mb Total Physical Memory | 81.00 Mb Available Physical Memory | 16.00% Memory free



512MB will not run Vista smoothly nowadays. What is the make and model of the laptop?



We'll get a couple of scans done to check for malware, but your OTL log looks clean.




1)
Download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image




2)
Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.





In your next reply
Please post the contents of...
aswMBR log
MBAM log
Make and model of the laptop
  • 0

#3
lmd46
Posted 23 May 2011 - 10:02 PM

lmd46

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
It is so slow I couldnt download the programs or run them---I am trying to uninstall programs but having a hard time as well. My son has too many of his science programs on here-that is when it started slowing down-when he put all of his telescope programs on here-thought he infected it-but he probably just filld up the space-he said he will ty to put them on disk-if it lets him now-so hard to do anything--we did delete lots of photos that he had on a flash drive-took forever-but I dont think that frees up the hard drive-he needs to move the programs-correct?? i will try the scans in the morning oh and it is a gateway

Edited by lmd46, 23 May 2011 - 10:10 PM.

  • 0

#4
BlackOxide
Posted 24 May 2011 - 02:06 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Sounds like it is extremely hard to work with in Normal Mode. Leave uninstalling programs for now, you shouldn't need to do that. We'll try another way round this. If you can run the following program for me, then get back to me with the log. I will then get back to you with what to disable, which should then speed things up a bit.

As Normal Mode is running too slow, you can do this in Safe Mode with Networking.
  • Switch on your PC and immediately start tapping the F8 key on the keyboard
  • Keep tapping it until a menu comes on the screen whereby you have several options to choose from, one of which is Safe Mode with Networking
  • Make sure Safe Mode with Networking is highlighted and then press Enter
  • Your PC will now boot into Safe Mode
  • Now follow the instructions below...


Autoruns - Startup Items
  • Click here to download Autoruns and Save it to your Desktop
  • Extract the contents of Autoruns.zip by Right clicking it and choose Extract All (or Extract here if using WinRar)
  • Once the contents have been extracted you will see a folder called Autoruns
  • Open the folder and Right Click on autoruns and click Run as Administrator to launch the program
  • Let the program finish scanning your PC until it says Ready in the bottom left
  • Click File then Save, then in the Save as type box select Text (.txt) then in the File Name box above, call it StartupItems.txt and save it to your Desktop
  • Please attach the StartupItems.txt to your next reply



To attach a file...
  • Click Add Reply as you would do normally
  • Then within the 'Attachments' area, click Browse and select the file that you want to attach
  • Click the Attach This File button
  • Now click Add to Post on the right hand side, to insert the attachment into your post.

  • 0

#5
lmd46
Posted 24 May 2011 - 06:28 PM

lmd46

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
wow that was easy--this is how fast is used to beAttached File  StartupItems.txt   29.08KB   106 downloadsAttached File  StartupItems.txt   29.08KB   106 downloads
  • 0

#6
BlackOxide
Posted 25 May 2011 - 02:06 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Yep, it will be fast in Safe Mode, not much is allowed to load in that mode :)

Lets now disable some startup items using Autoruns, then let me know how quick it runs in Normal Mode.


Autoruns Startup Modify

In Safe Mode with Networking...
Open Autoruns by Right Clicking on autoruns.exe and click Run as Administrator
Once it has finished scanning and you see Ready in the bottom left corner, click the Logon tab at the top
Untick the following items:

  • Adobe ARM
  • Adobe Reader Speed Launcher
  • IgfxTray
  • IPPDetect
  • Persistence
  • QuickTime Task
  • Smart Start UP
  • SMSERIAL
  • PMB Media Check Tool.lnk
Once you have unticked those items, just close Autoruns using the top right X
Now reboot your PC
  • 0

#7
lmd46
Posted 25 May 2011 - 03:36 PM

lmd46

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
much faster but still not where I would like it to be--what did we delete?

anything else
we are getting there!
  • 0

#8
BlackOxide
Posted 25 May 2011 - 04:31 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Autoruns wont delete any data/files. Basically it disables those items from starting at boot when Windows itself loads. Those programs can still be run by double clicking their icons if needed, they just don't start with Windows anymore, so it has more memory free to handle the boot process and any other programs you may want to run. Frees up more of your RAM basically :)

You could now run a Defrag using Auslogics Defrag. It may not improve the speed an awful lot, but it's worth running it.

With 512MB of RAM, we are limited as to how quick we can get the laptop running though. Your laptop should support a RAM upgrade. I can get a rough price as what it would cost if you like. You don't have to have an upgrade, but if the laptop still isn't as quick as you'd like, putting more RAM in would make a difference. I would need the actual model of your Gateway laptop though. Should be something like Gateway MS2274 for example. It's usually on a sticker on the bottom of the laptop.

Here's the instructions for running the Auslogics Defrag:

Auslogics Disk Defrag
  • Click here to download Auslogics Disk Defrag
  • Once downloaded double click the file and follow the prompts to install (I would advise to UNtick the options to Install the Auslogics Toolbar and the Ask.com homepage as you go through the setup)
  • Once installed, run the program and at the top make sure the C: Drive is ticked
  • Then click the little downwards arrow next to Defrag and choose Defrag and Optimize
  • Once complete, please reboot the PC

  • 0

#9
lmd46
Posted 26 May 2011 - 05:00 PM

lmd46

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
every little bit is helping-anything else--this was a big help as well
gateway mt6705
  • 0

#10
BlackOxide
Posted 27 May 2011 - 03:10 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
To be honest there isn't much else, software wise, we can do to get it going much quicker. How is it overall now, still slower than you'd prefer? If it is, RAM should help you out. I've had a look and a 1GB stick would be around $16 and a 2GB is around $29.

You don't have to go for the RAM if you're not sure, you could use the laptop for a bit and see how you get on. If you are finding it does get very slow as you're using it and loading programs, I would adivse fitting some more RAM. :)
  • 0

Advertisements

#11
lmd46
Posted 27 May 2011 - 04:08 PM

lmd46

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
If my son put his autostar programs on a disk would that help-he has quite a few on here
  • 0

#12
BlackOxide
Posted 28 May 2011 - 05:54 AM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
I wouldn't think it would make much of a difference. The main reasons why PC's can run slow, is if all of the RAM is being used, if there is very little or no space left on the Hard Drive, or if the drive is heavily fragmented. Looking at the OTL log, it shows that you are fine on Hard Drive space, you have around 150GB free which is plenty. Your drive would not be heavily fragmented, due to having quite a lot of free space and you've ran the Auslogics Defrag. As the Autostar program doesn't load at startup, putting it on Disc, shouldn't have any affect on boot speed unfortunately, as it wouldn't be running in the background anyway.
  • 0

#13
lmd46
Posted 28 May 2011 - 08:23 PM

lmd46

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
so why did it all of a sudden start running so slow--I thought it was my sons programs b/c it was fine before he started using it---did Vista change something?
  • 0

#14
BlackOxide
Posted 29 May 2011 - 01:22 PM

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
It can sometimes be extremely difficult in pinpointing exactly what has made it go slow. Normally, just installing a program shouldn't make much of a difference, if it is not actively running in the background. If Autostar didn't install properly, or has clashed with some other program, then it may have caused this problem, but under normal circumstances it shouldn't have done. As you believe it may be the cause, you could try saving the Autostar items onto disk, then uninstall the program through Programs and Features in Control Panel.

If the above did not help, then the only other thing I can think of is restoring your laptop to an earlier date when you knew it was working normally. This may not solve the problem, but you can give it a try. Follow this guide to help run you through restoring your laptop to an earlier date. We may need to run Autoruns again after doing this step, as it may restore the startup items we disabled earlier, but it doesn't take long to disable them again.
  • 0

#15
lmd46
Posted 29 May 2011 - 06:39 PM

lmd46

    Member

  • Topic Starter
  • Member
  • PipPip
  • 39 posts
I really couldnt even pick a date--I have been using the newer HP while my son had been using the Gateway-the HP is only a yr or so old so somewhere in there--I will talk to my son-I t is much faster now-even usable!! to add RAM, you dont have to replace the hard drive? what did you mean just add a stick-like a flash drive? how does that work then? that seems easy and inexpensive enough
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP