Problem: My Acer Aspire netbook with XP sp3 has been taking about 20 minutes to load the desktop page after starting up the computer. It gets to the "choose user" page on startup quickly, but once a user has been chosen, the computer takes 20 minutes to actually load all icons and become usable. Once fully running, it still runs incredibly slow, but is able to go to websites and perform basic functions - albeit, quite slowly.
What I've done to try to fix it: I have run registry and cleanup fixes by CCleaner, have always had AVG Free 2011 installed (haven't done any manual scans with it yet), and also ran scan and some fixes with AdAware. I've also de-selected most non-essential items on the system startup through msconfig.exe (there's one on there that's questionable though, called "PersistenceThread.exe" and it's located in the C:/windows/system32 area)
Any tips for speeding up this machine?
Thanks so much!
-Luke
Here's my log:
OTL logfile created on: 3/4/2012 7:30:13 PM - Run 1
OTL by OldTimer - Version 3.2.35.1 Folder = C:\Documents and Settings\new user\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.03 Gb Available Physical Memory | 51.70% Memory free
3.84 Gb Paging File | 3.09 Gb Available in Paging File | 80.57% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 19.53 Gb Total Space | 2.83 Gb Free Space | 14.49% Space Free | Partition Type: NTFS
Drive E: | 213.35 Gb Total Space | 171.87 Gb Free Space | 80.56% Space Free | Partition Type: NTFS
Computer Name: MACHINENAME | User Name: new user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/03/04 19:25:51 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\new user\My Documents\Downloads\OTL.exe
PRC - [2012/02/13 18:45:49 | 000,939,872 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2011/09/10 06:28:50 | 002,338,656 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\avgtray.exe
PRC - [2011/09/09 03:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\avgnsx.exe
PRC - [2011/08/18 01:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\avgrsx.exe
PRC - [2011/08/18 01:33:06 | 007,390,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/07/13 20:05:45 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/05/23 14:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\avgchsvx.exe
PRC - [2011/03/28 02:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\avgcsrvx.exe
PRC - [2011/03/03 19:52:00 | 003,410,576 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
PRC - [2011/02/10 06:55:18 | 001,148,256 | ---- | M] () -- E:\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- E:\avgwdsvc.exe
PRC - [2010/11/09 14:53:00 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2010/01/24 18:39:44 | 000,096,792 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\PersistenceThread.exe
PRC - [2009/04/07 14:34:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2008/04/13 16:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/12/19 12:58:32 | 000,086,016 | R--- | M] (SA International) -- C:\WINDOWS\system32\SAiLicSvr.exe
PRC - [2007/09/11 12:23:22 | 000,438,272 | ---- | M] (TODO: <Company name>) -- C:\WINDOWS\system32\SAiDownloader.exe
PRC - [2007/04/27 07:40:00 | 000,206,400 | ---- | M] (SafeNet, Inc) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
PRC - [2007/04/27 01:00:04 | 000,316,992 | ---- | M] (SafeNet, Inc.) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
PRC - [2004/09/29 11:14:36 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
========== Modules (No Company Name) ==========
MOD - [2012/03/04 16:20:21 | 003,186,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012/03/04 16:19:52 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2012/02/13 18:45:49 | 000,939,872 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2011/10/13 08:15:05 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011/07/13 20:05:46 | 001,014,744 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2011/02/10 06:55:18 | 001,148,256 | ---- | M] () -- E:\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2009/10/27 19:40:14 | 003,885,984 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2008/04/14 12:58:40 | 002,854,912 | ---- | M] () -- C:\WINDOWS\system32\btwicons.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2012/02/13 18:45:58 | 000,909,152 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011/11/10 05:17:31 | 000,167,264 | ---- | M] () [Disabled | Stopped] -- E:\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/11/03 12:06:56 | 002,152,152 | ---- | M] (Lavasoft Limited) [Disabled | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/08/18 01:33:06 | 007,390,560 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- E:\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/03/03 19:52:00 | 003,410,576 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto | Start_Pending] -- C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe -- (CarboniteService)
SRV - [2011/02/08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- E:\avgwdsvc.exe -- (avgwd)
SRV - [2010/11/09 14:53:00 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2010/01/24 15:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Stopped] -- C:\Program Files\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2009/07/23 20:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/04/07 14:34:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2007/12/19 12:58:32 | 000,086,016 | R--- | M] (SA International) [Auto | Running] -- C:\WINDOWS\System32\SAiLicSvr.exe -- (SAiLicSvr)
SRV - [2007/09/11 12:23:22 | 000,438,272 | ---- | M] (TODO: <Company name>) [Auto | Running] -- C:\WINDOWS\System32\SAiDownloader.exe -- (SAiDownloader)
SRV - [2007/04/27 07:40:00 | 000,206,400 | ---- | M] (SafeNet, Inc) [Auto | Running] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe -- (SentinelProtectionServer)
SRV - [2007/04/27 01:00:04 | 000,316,992 | ---- | M] (SafeNet, Inc.) [Auto | Running] -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe -- (SentinelKeysServer)
SRV - [2004/09/29 11:14:36 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2011/11/03 12:06:56 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2011/11/03 12:06:56 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011/05/27 19:05:44 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/04 23:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 15:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 13:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 07:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 06:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 06:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 05:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/09/14 14:38:58 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)) WsAudio_DeviceS(5)
DRV - [2010/09/14 14:38:58 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)) WsAudio_DeviceS(4)
DRV - [2010/09/14 14:38:58 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)) WsAudio_DeviceS(3)
DRV - [2010/09/14 14:38:58 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)) WsAudio_DeviceS(2)
DRV - [2010/09/14 14:38:58 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)) WsAudio_DeviceS(1)
DRV - [2010/08/31 13:18:10 | 000,013,312 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pneteth.sys -- (pneteth)
DRV - [2010/08/21 17:02:38 | 000,132,480 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2010/01/28 11:49:55 | 005,870,080 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/04/07 14:33:08 | 000,025,264 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\purendis.sys -- (purendis)
DRV - [2009/04/07 14:33:08 | 000,023,984 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pnarp.sys -- (pnarp)
DRV - [2008/12/29 15:32:32 | 001,346,464 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2008/10/03 17:58:34 | 000,053,344 | ---- | M] (Warp Nine Engineering) [Kernel | Auto | Stopped] -- C:\Program Files\SignWarehouse\SignWarehouse Production Suite\Program\Par1284.sys -- (Par1284)
DRV - [2008/04/15 10:14:02 | 000,990,632 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008/04/15 10:13:58 | 000,534,440 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/03/27 16:18:12 | 000,047,272 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008/03/10 17:18:42 | 000,057,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2008/02/27 12:49:00 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\BANTExt.sys -- (BANTExt)
DRV - [2008/02/04 16:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2008/02/04 16:57:30 | 000,037,032 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwmodem.sys -- (btwmodem)
DRV - [2007/09/20 10:59:14 | 000,156,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2007/04/27 07:40:00 | 000,090,688 | ---- | M] (SafeNet, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel)
DRV - [2007/04/27 07:40:00 | 000,035,328 | ---- | M] (SafeNet, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SNTNLUSB.SYS -- (SNTNLUSB)
DRV - [2007/04/12 10:46:16 | 000,016,288 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hpfxbulk.sys -- (HPFXBULK)
DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006/09/28 14:32:14 | 000,009,472 | ---- | M] (June Fabrics Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pnetmdm.sys -- (pnetmdm)
DRV - [2004/09/29 12:36:29 | 000,015,360 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NetMotCM.sys -- (ndiscm)
DRV - [2002/07/17 06:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...pa&d=2011-12-13 10:46:08&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1416
FF - prefs.js..extensions.enabledItems: avg@toolbar:10.0.0.7
FF - prefs.js..keyword.URL: "http://isearch.avg.c...6:08&sap=ku&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: E:\Firefox4\ [2011/12/24 12:51:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@igeared: E:\Toolbar\Firefox\avg@igeared [2011/11/27 23:46:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Secure Search\10.0.0.7\ [2012/02/13 18:46:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/04 17:46:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/13 20:05:52 | 000,000,000 | ---D | M]
[2012/03/04 17:46:55 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\new user\Application Data\Mozilla\Extensions
[2012/03/04 18:29:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\new user\Application Data\Mozilla\Firefox\Profiles\n5anzkf1.default\extensions
[2012/03/04 18:29:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\new user\Application Data\Mozilla\Firefox\Profiles\n5anzkf1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/07/15 15:56:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/04/06 13:01:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2012/02/13 18:46:29 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\DOCUMENTS AND SETTINGS\ALL USERS.WINDOWS\APPLICATION DATA\AVG SECURE SEARCH\10.0.0.7
[2010/02/08 14:21:31 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/12/24 12:51:08 | 000,000,000 | ---D | M] (AVG Safe Search) -- E:\FIREFOX4
[2011/02/02 20:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/02/13 18:45:45 | 000,003,727 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
O1 HOSTS File: ([2007/01/24 08:56:24 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - E:\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] E:\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [PersistenceThread] C:\WINDOWS\system32\PersistenceThread.exe (Intel Corporation)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {79D1DBE2-A317-4D67-891D-9849D17F0531} http://www.parcelque...oad/MapEdge.cab (MapEdge)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} http://drmlicense.on...e/en/crlocx.ocx (CRLDownloadWrapper Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42B1D896-E9B2-40D9-853E-E2430DD865C5}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\intu-help-qb3 {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files\Intuit\QuickBooks 2010\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igdlogin: DllName - (igdlogin.dll) - C:\WINDOWS\System32\igdlogin.dll ()
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O27 - HKLM IFEO\afwserv.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avastsvc.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\avastui.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\egui.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\ekrn.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msascui.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msmpeng.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O27 - HKLM IFEO\msseces.exe: Debugger - C:\WINDOWS\System32\svchost.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/01/24 10:36:21 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sprestrt)
O34 - HKLM BootExecute: (E:\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (E:\avgrsx.exe /sync /restart)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/03/04 18:31:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\new user\My Documents\Downloads
[2012/03/04 17:46:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\new user\Local Settings\Application Data\Mozilla
[2012/03/04 17:46:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\new user\Application Data\Mozilla
[2012/03/04 17:45:01 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\new user\Recent
[2012/03/04 17:44:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\new user\My Documents\registry backups
[2012/03/04 17:06:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\new user\Application Data\Adobe
[2012/03/04 17:05:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\new user\Application Data\AVG Secure Search
[2012/02/13 18:46:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[13 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/03/04 19:05:00 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-1275210071-1417001333-1002UA.job
[2012/03/04 19:04:00 | 000,000,990 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-1275210071-1417001333-1001UA.job
[2012/03/04 19:00:28 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\new user\Desktop\Internet.lnk
[2012/03/04 18:54:19 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2012/03/04 18:35:48 | 000,765,226 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/03/04 18:35:48 | 000,207,448 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/03/04 18:35:11 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012/03/04 18:34:21 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1454471165-1275210071-1417001333-1004.job
[2012/03/04 18:34:21 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1454471165-1275210071-1417001333-1002.job
[2012/03/04 18:34:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/03/04 18:27:07 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/03/04 16:47:13 | 000,345,016 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/03/04 15:59:47 | 090,795,267 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/03/04 15:48:14 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/15 23:59:02 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-1275210071-1417001333-1002Core.job
[2012/02/15 21:29:37 | 089,138,198 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm.old
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[13 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/03/04 19:00:28 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\new user\Desktop\Internet.lnk
[2012/02/15 14:42:14 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/15 14:42:14 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2011/12/28 23:46:04 | 000,016,432 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2011/09/25 18:26:54 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011/09/25 18:26:52 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011/09/25 18:26:51 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/09/25 18:26:51 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/09/25 18:26:50 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/06/02 18:14:37 | 000,000,200 | ---- | C] () -- C:\WINDOWS\QCPC80UI.dat
[2011/05/11 13:04:21 | 000,000,334 | ---- | C] () -- C:\WINDOWS\BRCALIB.INI
[2011/05/11 13:01:37 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRADC10A.DAT
[2011/04/04 06:07:42 | 003,017,984 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/04/02 19:01:50 | 000,000,095 | ---- | C] () -- C:\WINDOWS\QBChanUtil_Trigger.ini
[2011/03/28 11:48:12 | 000,102,262 | ---- | C] () -- C:\WINDOWS\hpoins05.dat.temp
[2011/03/28 11:48:12 | 000,017,505 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat.temp
[2011/03/28 11:39:50 | 000,102,259 | ---- | C] () -- C:\WINDOWS\hpoins05.dat
[2011/03/07 18:27:07 | 000,000,056 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010/12/02 14:16:51 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/11/17 23:49:59 | 000,153,600 | ---- | C] () -- C:\WINDOWS\System32\WS_ATLMovie.dll
[2010/08/21 17:10:34 | 008,892,928 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Application Data\atscie.msi
[2010/08/21 17:04:26 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010/07/09 19:34:35 | 000,000,076 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2010/06/06 17:41:16 | 000,000,022 | ---- | C] () -- C:\WINDOWS\MapEdge.INI
[2010/04/19 18:48:39 | 000,000,940 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2010/04/19 18:47:28 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\hppapr02.dll
[2010/04/19 18:47:28 | 000,000,600 | ---- | C] () -- C:\WINDOWS\System32\hppapr02.dat
[2010/04/19 18:43:43 | 000,130,884 | ---- | C] () -- C:\WINDOWS\hppins03.dat
========== LOP Check ==========
[2012/02/13 18:46:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Secure Search
[2011/11/27 23:37:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Security Toolbar
[2011/06/28 16:59:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG10
[2011/06/28 15:45:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\avg9
[2011/04/02 20:31:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Carbonite
[2011/03/14 10:01:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Common Files
[2011/06/28 17:47:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MFAData
[2011/05/25 22:18:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\NCH Swift Sound
[2011/04/02 19:02:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Nuance
[2011/05/01 20:12:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SQL Anywhere 11
[2010/09/08 01:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2011/04/06 09:27:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\W3i
[2012/03/04 17:05:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\new user\Application Data\AVG Secure Search
[2011/06/28 17:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\new user\Application Data\AVG10
[2012/03/04 18:35:11 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:96D0C06F
< End of report >