Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Slow to boot, Firefox Crashing Frequently, OTL Freezes and will not co


  • Please log in to reply

#91
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
To get into Safe Mode:

Reboot and when you see the maker's logo, hear a beep or it talks about F8, start tapping the F8 key slowly. Keep tapping until the Safe Mode Menu appears.

However it doesn't appear that we need it since you say we are now cranking along again. Interesting that the error we had in the Scheduler has cleared itself.

Do you really need the sidebar? I turned it off the first day I had Vista and Microsoft is recommending it be turned off for security reasons: http://technet.micro...dvisory/2719662

It's easy to turn off. http://www.howtogeek...debar-in-vista/

If you want to keep it I think you can disable the individual items until you find the one that is causing the slowness.

For your current errors try:

Copy the next 3 lines:

sfc.exe /scanfile=C:\Windows\system32\pnrpperf.dll
sfc.exe /scanfile=C:\Windows\system32\emdmgmt.dll
sfc.exe /scanfile=C:\Windows\system32\bitsperf.dll

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Right click and Paste or Edit then Paste and the copied lines should appear.
Hit Enter. Close the command window.

All this does is have Windows check that the files are good and if not it should replace them.

I wonder will OTL, Quickscan, run now?
  • 0

Advertisements


#92
M624

M624

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Tried OTL and it still freezes up.

Completed the three lines.

And will go through my gadgets but all I use on it is a calendar, clock, and notepad. And now Avast shows in it.
  • 0

#93
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
Please download DDS from http://download.blee...om/sUBs/dds.com or http://download.blee...om/sUBs/dds.scr
and save it to your desktop.

* Disable any script blocking protection
* Double click dds.pif to run the tool.
* When done, two DDS.txt's will open.
* Save both reports to your desktop.

---------------------------------------------------
Please include the contents of the following in your next reply:

DDS.txt
Attach.txt.


Also let's see if Speedyfox will run:

http://www.crystalidea.com/speedyfox

Download, Save, close Firefox then right click on Speedyfox and Run As Admin. Click on Speed up my Firefox. When it finishes, Exit.

This is a neat little program to keep on your desktop. Run it any time you make a change to Firefox such as adding or removing or updating an add-on.
  • 0

#94
M624

M624

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
DDS

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.7.2
Run by Cherie at 9:49:04 on 2013-01-13
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2046.605 [GMT -6:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Windows\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\VAIO PC Wireless LAN Wizard\AutoLaunchWLASU.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunesHelper.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Windows\system32\PSIService.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\system32\stacsv.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Cherie\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Cherie\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\Apntex.exe
C:\Users\Cherie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Cherie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Cherie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Cherie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Cherie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Cherie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Cherie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Cherie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Cherie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Cherie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Cherie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Users\Cherie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
C:\Users\Cherie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Cherie\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Users\Cherie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Cherie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com/?SearchSource=10&ctid=CT3247692
uURLSearchHooks: Swagbucks2 Toolbar: {f6f9d189-f5d3-4cde-9901-4944cf9b2b1e} - c:\program files\swagbucks2\prxtbSwag.dll
mURLSearchHooks: Swagbucks2 Toolbar: {f6f9d189-f5d3-4cde-9901-4944cf9b2b1e} - c:\program files\swagbucks2\prxtbSwag.dll
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Google Gears Helper: {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
BHO: Swagbucks2 Toolbar: {f6f9d189-f5d3-4cde-9901-4944cf9b2b1e} - c:\program files\swagbucks2\prxtbSwag.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn1\YTSingleInstance.dll
TB: Swagbucks2 Toolbar: {F6F9D189-F5D3-4CDE-9901-4944CF9B2B1E} - c:\program files\swagbucks2\prxtbSwag.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
TB: Swagbucks2 Toolbar: {f6f9d189-f5d3-4cde-9901-4944cf9b2b1e} - c:\program files\swagbucks2\prxtbSwag.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [Sidebar] "c:\program files\windows sidebar\sidebar.exe" /autoRun
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [GoogleChromeAutoLaunch_182A077789D37C7DA9A5650D3C1D56FE] "c:\users\cherie\appdata\local\google\chrome\application\chrome.exe" --no-startup-window
uRun: [cdloader] "c:\users\cherie\appdata\roaming\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [Google Update] "c:\users\cherie\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [Apoint] "c:\program files\apoint\Apoint.exe"
mRun: [VWLASU] "c:\program files\sony\vaio pc wireless lan wizard\AutoLaunchWLASU.exe"
mRun: [NvSvc] "RUNDLL32.EXE" c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] "RUNDLL32.EXE" c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] "RUNDLL32.EXE" c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [MaxMenuMgr] "c:\program files\seagate\seagatemanager\freeagent status\StxMenuMgr.exe"
mRun: [IndexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe"
mRun: [VAIORegistration] "c:\program files\sony\first experience\WelcomeLauncher.exe"
mRun: [CarboniteSetupLite] "c:\program files\carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=900
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [VAIO Help and Support Demo] "c:\program files\sony\vaio help and support demo\LaunchVHSD.exe"
mRun: [iTunesHelper] "c:\program files\iTunesHelper.exe"
mRun: [VAIOSurvey] "c:\program files\sony\vaio survey\Vista VAIO Survey.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
StartupFolder: c:\users\cherie\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {C228AEDD-FC47-11D3-AF87-D128A9381404} - hxxp://www.link-systems.com/sdkhtml/SDK/paste/lsiw9x.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{10628216-432C-4174-A054-6A1BE95937DB} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{B465C8B6-D278-4040-8C1A-127ECB8B1A20} : DHCPNameServer = 208.67.222.222 208.67.220.220 2.2.2.1
Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - c:\program files\intuit\quickbooks 2008\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: VESWinlogon - VESWinlogon.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-1-2 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-1-2 361032]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-1-2 21256]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-1-2 58680]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-1-2 44808]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2009-2-2 21504]
R2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2009-9-25 189736]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2013-1-4 28464]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\drivers\R5U870FLx86.sys [2007-11-15 75008]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\drivers\R5U870FUx86.sys [2007-11-15 43904]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2007-11-15 9344]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-11-15 812544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2012-2-15 80824]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2009-6-9 24576]
S3 PTDMBus;PANTECH USB Modem Composite Device Driver ;c:\windows\system32\drivers\PTDMBus.sys [2008-12-9 29952]
S3 PTDMMdm;PANTECH USB Modem Drivers ;c:\windows\system32\drivers\PTDMMdm.sys [2008-12-9 41856]
S3 PTDMVsp;PANTECH USB Modem Serial Port ;c:\windows\system32\drivers\PTDMVsp.sys [2008-12-9 39936]
S3 PTDMWWAN;PANTECH USB Modem WWAN Driver;c:\windows\system32\drivers\PTDMWWAN.sys [2008-12-9 59520]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2012-2-15 181432]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
S4 NAT;Norton Anti-Theft;"c:\program files\norton anti-theft\engine\1.1.0.23\ccsvchst.exe" /s "nat" /m "c:\program files\norton anti-theft\engine\1.1.0.23\dimaster.dll" /prefetch:1 --> c:\program files\norton anti-theft\engine\1.1.0.23\ccSvcHst.exe [?]
S4 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\nitro pdf\reader 2\NitroPDFReaderDriverService2.exe [2011-6-21 196912]
.
=============== File Associations ===============
.
ShellExec: VCExporterLaunch.exe: open="c:\program files\sony\vaio vp utilities\VCELaunch.exe" "%1"
.
=============== Created Last 30 ================
.
2013-01-09 21:42:07 2048000 ----a-w- c:\windows\system32\win32k.sys
2013-01-09 21:41:15 204288 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-09 21:41:13 1400832 ----a-w- c:\windows\system32\msxml6.dll
2013-01-04 12:47:30 99880 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2013-01-04 12:47:30 81448 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2013-01-04 12:47:30 28464 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2013-01-04 12:47:30 17448 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2013-01-04 12:47:28 233472 ----a-w- c:\windows\system32\BtwRSupport.dll
2013-01-04 12:47:09 -------- d-----w- c:\windows\system32\es-MX
2013-01-04 12:47:09 -------- d-----w- c:\windows\system32\es-AR
2013-01-04 12:41:57 324120 ----a-w- c:\windows\system32\drivers\iaStor.sys
2013-01-04 12:41:57 -------- d-----w- C:\Intel
2013-01-04 00:18:29 -------- d-----w- c:\users\cherie\Bluetooth Software
2013-01-04 00:12:22 -------- d-----w- c:\program files\WIDCOMM
2013-01-03 22:24:21 -------- d-----w- c:\windows\pss
2013-01-02 18:40:41 -------- d-----w- C:\oldtasks
2013-01-02 14:15:01 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-01-02 14:15:01 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-01-02 14:13:37 41224 ----a-w- c:\windows\avastSS.scr
2013-01-02 14:12:39 -------- d-----w- c:\programdata\AVAST Software
2013-01-02 14:12:39 -------- d-----w- c:\program files\AVAST Software
2013-01-01 09:07:52 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2013-01-01 09:07:51 683008 ----a-w- c:\windows\system32\d2d1.dll
2013-01-01 09:07:51 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-01 09:07:51 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-01 09:07:51 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2013-01-01 09:07:51 1069056 ----a-w- c:\windows\system32\DWrite.dll
2013-01-01 01:16:35 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-01 01:16:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-12-31 22:37:58 -------- d-----w- c:\users\cherie\appdata\local\temp
2012-12-31 22:36:39 -------- d-sh--w- C:\$RECYCLE.BIN
2012-12-31 22:20:36 98816 ----a-w- c:\windows\sed.exe
2012-12-31 22:20:36 256000 ----a-w- c:\windows\PEV.exe
2012-12-31 22:20:36 208896 ----a-w- c:\windows\MBR.exe
2012-12-31 16:30:18 -------- d-----w- c:\program files\Windows Portable Devices
2012-12-31 15:43:49 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2012-12-31 15:43:49 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2012-12-31 15:43:49 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2012-12-31 15:37:21 5120 ----a-w- c:\windows\system32\wmi.dll
2012-12-31 15:37:21 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-12-31 15:37:21 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-12-31 15:28:32 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2012-12-31 15:27:51 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2012-12-31 15:27:51 519680 ----a-w- c:\windows\system32\d3d11.dll
2012-12-31 15:27:51 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2012-12-31 15:27:51 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2012-12-31 15:27:51 252928 ----a-w- c:\windows\system32\dxdiag.exe
2012-12-31 15:27:51 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2012-12-31 15:27:51 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2012-12-31 15:11:18 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-31 15:11:08 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-31 15:11:08 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-31 15:11:07 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-31 15:11:07 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-31 15:11:07 16896 ----a-w- c:\windows\system32\winusb.dll
2012-12-31 15:11:06 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-31 15:11:06 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-31 15:11:03 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-31 15:11:03 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-31 15:11:03 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-31 15:02:33 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-31 15:02:33 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-12-31 11:55:14 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2012-12-31 11:55:14 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2012-12-31 11:55:14 293376 ----a-w- c:\windows\system32\psisdecd.dll
2012-12-31 11:55:14 217088 ----a-w- c:\windows\system32\psisrndr.ax
2012-12-31 11:55:12 189952 ----a-w- c:\windows\system32\winmm.dll
2012-12-31 11:55:11 23552 ----a-w- c:\windows\system32\mciseq.dll
2012-12-31 11:55:04 623616 ----a-w- c:\windows\system32\localspl.dll
2012-12-31 11:54:37 508416 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-12-31 11:54:36 30208 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2012-12-31 11:54:35 1205064 ----a-w- c:\windows\system32\ntdll.dll
2012-12-31 11:54:07 75776 ----a-w- c:\windows\system32\synceng.dll
2012-12-31 11:52:39 797696 ----a-w- c:\windows\system32\FntCache.dll
2012-12-31 11:52:38 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2012-12-31 11:52:21 66560 ----a-w- c:\windows\system32\packager.dll
2012-12-31 11:52:16 376320 ----a-w- c:\windows\system32\winsrv.dll
2012-12-31 11:52:14 680448 ----a-w- c:\windows\system32\msvcrt.dll
2012-12-31 11:51:55 985088 ----a-w- c:\windows\system32\crypt32.dll
2012-12-31 11:51:55 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-12-31 11:51:55 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-12-31 11:51:23 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-12-31 11:51:20 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll
2012-12-31 11:51:13 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-31 11:50:51 49152 ----a-w- c:\windows\system32\csrsrv.dll
2012-12-31 11:50:49 1314816 ----a-w- c:\windows\system32\quartz.dll
2012-12-31 11:50:48 497152 ----a-w- c:\windows\system32\qdvd.dll
2012-12-31 11:50:43 377344 ----a-w- c:\windows\system32\winhttp.dll
2012-12-31 11:50:25 1248768 ----a-w- c:\windows\system32\msxml3.dll
2012-12-31 11:50:13 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2012-12-31 11:50:13 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2012-12-31 11:50:13 238080 ----a-w- c:\windows\system32\oleacc.dll
2012-12-31 11:50:12 563712 ----a-w- c:\windows\system32\oleaut32.dll
2012-12-31 11:49:45 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2012-12-31 11:49:02 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-12-31 11:48:54 707584 ----a-w- c:\program files\common files\system\wab32.dll
2012-12-31 11:47:29 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-12-31 11:47:28 278528 ----a-w- c:\windows\system32\schannel.dll
2012-12-31 11:47:28 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2012-12-31 11:47:27 9728 ----a-w- c:\windows\system32\lsass.exe
2012-12-31 11:47:27 72704 ----a-w- c:\windows\system32\secur32.dll
2012-12-31 11:47:25 231424 ----a-w- c:\windows\system32\msshsq.dll
2012-12-31 11:47:23 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-12-31 11:47:22 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-12-31 11:22:36 613376 ----a-w- c:\windows\system32\rdpencom.dll
2012-12-31 10:59:42 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-12-31 10:59:15 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-12-31 10:59:02 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-12-31 10:59:02 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-12-30 21:31:40 -------- d-----w- c:\program files\CCleaner
2012-12-30 17:19:32 -------- d-----w- c:\windows\system32\vi-VN
2012-12-30 17:19:32 -------- d-----w- c:\windows\system32\eu-ES
2012-12-30 17:19:32 -------- d-----w- c:\windows\system32\ca-ES
2012-12-28 21:21:14 -------- d-----w- c:\users\cherie\appdata\roaming\QuickScan
2012-12-28 21:20:50 -------- d-----w- c:\users\cherie\appdata\roaming\OpswatLogs
2012-12-28 03:57:22 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-12-28 03:56:53 -------- d-----w- c:\program files\Mozilla Plugins
2012-12-28 03:56:51 -------- d-----w- c:\program files\iTunesMiniPlayer.Resources
2012-12-28 03:56:50 -------- d-----w- c:\program files\iTunesHelper.Resources
2012-12-28 03:54:12 -------- d-----w- c:\program files\iTunes.Resources
2012-12-28 03:54:10 -------- d-----w- c:\program files\iPod
2012-12-28 03:52:45 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-12-28 03:52:45 -------- d-----w- c:\program files\CD Configuration
2012-12-18 14:28:14 186584 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
.
==================== Find3M ====================
.
2013-01-04 00:17:48 3608 --sha-w- c:\windows\system32\KGyGaAvL.sys
2013-01-04 00:17:25 88 --sh--r- c:\windows\system32\51CDD8BA3D.sys
2012-12-31 15:28:30 98816 ----a-w- c:\windows\system32\mfps.dll
2012-12-31 15:27:51 4096 ----a-w- c:\windows\system32\drivers\en-us\dxgkrnl.sys.mui
2012-12-30 19:23:38 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-30 19:23:37 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-12 19:57:12 293344 ----a-w- c:\program files\iTunesOutlookAddIn.dll
2012-12-12 19:57:10 405472 ----a-w- c:\program files\iTunesAdmin.dll
2012-12-12 19:57:10 152544 ----a-w- c:\program files\iTunesHelper.exe
2012-12-12 19:57:10 148960 ----a-w- c:\program files\iTunesHelper.dll
2012-12-12 19:57:10 117728 ----a-w- c:\program files\iTunesMiniPlayer.dll
2012-12-12 19:57:08 9789408 ----a-w- c:\program files\iTunes.exe
2012-12-12 19:57:02 782840 ----a-w- c:\program files\gnsdk_sdkmanager.dll
2012-12-12 19:57:02 649616 ----a-w- c:\program files\iPodUpdaterExt.dll
2012-12-12 19:57:02 3015160 ----a-w- c:\program files\gnsdk_dsp.dll
2012-12-12 19:57:02 269304 ----a-w- c:\program files\gnsdk_submit.dll
2012-12-12 19:57:02 22747616 ----a-w- c:\program files\iTunes.dll
2012-12-12 19:57:02 226296 ----a-w- c:\program files\gnsdk_musicid.dll
2012-11-02 10:18:17 376320 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 08:26:06 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2012-10-31 21:53:32 112528 ----a-w- c:\program files\ITDetector.ocx
.
============= FINISH: 9:50:40.58 ===============



ATTACH

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 2/20/2008 11:22:20 AM
System Uptime: 1/12/2013 4:32:39 PM (17 hours ago)
.
Motherboard: Sony Corporation | | VAIO
Processor: Intel® Core™2 Duo CPU T8100 @ 2.10GHz | N/A | 2101/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 176 GiB total, 12.884 GiB free.
D: is Removable
E: is Removable
H: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1656: 1/6/2013 12:00:08 AM - Scheduled Checkpoint
RP1657: 1/6/2013 12:51:10 PM - Scheduled Checkpoint
RP1658: 1/7/2013 10:38:25 AM - Scheduled Checkpoint
RP1659: 1/8/2013 12:00:08 AM - Scheduled Checkpoint
RP1660: 1/9/2013 12:00:08 AM - Scheduled Checkpoint
RP1661: 1/9/2013 12:06:36 PM - Scheduled Checkpoint
RP1662: 1/10/2013 3:00:44 AM - Windows Update
RP1663: 1/11/2013 12:46:31 AM - Scheduled Checkpoint
RP1664: 1/11/2013 12:49:13 PM - Scheduled Checkpoint
RP1666: 1/11/2013 2:36:39 PM - Removed Brother MFL-Pro Suite
RP1667: 1/11/2013 2:45:05 PM - Device Driver Package Install: Brother Printers
RP1668: 1/12/2013 7:24:55 PM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Activation Assistant for the 2007 Microsoft Office suites
Adobe AIR
Adobe Common File Installer
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop Elements 6.0
Adobe Premiere Elements 4.0
Adobe Premiere Elements 4.0 Templates
Adobe Reader X (10.1.5)
Aleks 3.12
Alps Pointing-device for VAIO
Amazon MP3 Downloader 1.0.17
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Magic-i Visual Effects Installer
Ask Toolbar
Ask Toolbar Updater
Audible Download Manager
AudibleManager
avast! Free Antivirus
AviSynth 2.5
Bonjour
Carbonite Online Backup Setup
CCleaner
Click to Disc
Click to Disc Editor
Corel Paint Shop Pro Photo X2
Coupon Printer for Windows
DSD Direct
DSD Direct Player
DSD Playback Plug-in
DVD Decrypter (Remove Only)
ERUNT 1.1j
Facebook Plug-In
Foxit Reader
GearDrvs
Google Chrome
Google Earth Plug-in
Google Gears
Google Talk Plugin
Google Update Helper
HDAUDIO SoftV92 Data Fax Modem with SmartCP
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HTC Driver Installer
HTC Sync
iCloud
Instant Mode
Intel® Matrix Storage Manager
iTunes
Java 7 Update 7
Java Auto Updater
Java™ 6 Update 31
Java™ 6 Update 5
Java™ SE Runtime Environment 6
JavaFX 2.1.1
K-Lite Codec Pack 5.8.3 (Basic)
LocationFree Player
Malwarebytes Anti-Malware version 1.70.0.1100
MegaStat 9.1
MegaStat Excel 2007
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
NaturalReaderFree
Nitro PDF Reader 2
Norton Anti-Theft
NVIDIA Drivers
OpenMG Limited Patch 4.7-07-15-19-01
OpenMG Secure Module 4.7.00
PANTECH PC USB Modem Software
PaperPort Image Printer
QuickBooks Simple Start 2008
QuickTime
Riverpoint Writer
Roxio Activation Module
ScanSoft PaperPort 11
Seagate Manager Installer
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Setting Utility Series
Skype Toolbars
Skype™ 5.10
SonicStage Mastering Studio
SonicStage Mastering Studio Audio Filter
SonicStage Mastering Studio Audio Filter Custom Preset
SonicStage Mastering Studio Plugins
Sony Video Shared Library
Spelling Dictionaries Support For Adobe Reader 9
SupportSoft Assisted Service
Swagbucks2 Toolbar
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VAIO BD Menu Data
VAIO Camera Capture Utility
VAIO Center Access Bar
VAIO Content Folder Setting
VAIO Content Metadata Intelligent Analyzing Manager
VAIO Content Metadata Manager Setting
VAIO Content Metadata XML Interface Library
VAIO Control Center
VAIO DVD Menu Data Basic
VAIO Entertainment Center
VAIO Entertainment Platform
VAIO Event Service
VAIO Help and Support
VAIO Launcher
VAIO Media
VAIO Media 6.0
VAIO Media AC3 Decoder 1.0
VAIO Media Content Collection 6.0
VAIO Media Integrated Server 6.2
VAIO Media Redistribution 6.0
VAIO Media Registration Tool
VAIO Media Registration Tool 6.0
VAIO Movie Story
VAIO Movie Story Template Data
VAIO MusicBox
VAIO MusicBox Sample Music
VAIO OOBE and Welcome Center
VAIO Original Function Setting
VAIO PC Wireless LAN Wizard
VAIO Power Management
VAIO Productivity Center
VAIO Security Center
VAIO Service Utility
VAIO Startup Assistant
VAIO Survey
VAIO Update 3
VAIO Wallpaper Contents
WIDCOMM Bluetooth Software 6.1.0.2000
WinDVD BD for VAIO
WinRAR 4.20 (32-bit)
Wireless Switch Setting Utility
Yahoo! Toolbar
.
==== End Of File ===========================
  • 0

#95
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
Uninstall:

Ask Toolbar
Ask Toolbar Updater
Java 7 Update 7
Java Auto Updater
Java™ 6 Update 31
Java™ 6 Update 5
Java™ SE Runtime Environment 6
JavaFX 2.1.1 (Unless you have some specific need for Java you should leave it uninstalled. If you must use Java, get the latest from java.com . Do not let them foist the ask or Yahoo toolbars or the McAfee Security Scan on you. Just uncheck the optional downloads. The I would get the No-Script add-on for Firefox or the Script-No add-on for Chrome. Then allow only those websites that you trust to run Java.)

Norton Anti-Theft (if it shows up in the uninstall list. If not you can try the free Revo uninstaller:
http://www.revounins...e_download.html

Skype Toolbars (This is just the annoying thing that turns all 10 digits numbers into telephone numbers. Removing it will not stop Skype from Working)

Swagbucks2 Toolbar

Yahoo! Toolbar

Go into regedit again and look for

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NAT

If you find it then Right click on NAT and delete it. You may have to take ownership to delete it.
  • 0

#96
M624

M624

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Ok I installed all that. Next step?
  • 0

#97
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
How is it running now? Is it booting OK? Any other problems?

Let's try autoruns from

http://live.sysinter...om/autoruns.exe

Download Save and Run the program by right clicking and Run As Admin. File, Save, to your desktop, autoruns.arn, OK

Rename it from autoruns.arn to autoruns.txt then ATTACH it. Do not copy and paste.
  • 0

#98
M624

M624

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Boot up is good now but everything just seems to be running slow. When I kept running into problems with OTl I uninstalled Firefox and am now using Chrome. Not sure if Chrome is the issue or not?

autorun sent in e-mail. won't attach here
  • 0

#99
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
In Autoruns you can go down through the Everything list and Uncheck the yellow marked items. These are trying to find files that aren't there so might speed things up a bit.

Make a new Process Explorer log and copy and paste it. Let's see if we can see anything.
  • 0

#100
M624

M624

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Not sure which is the process explorer log. Is that the Procmon Bootlog? We've ran so many I'm not sure which is which any more.
  • 0

Advertisements


#101
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a minute for things then:

File, Save As, Save. Open the file Procexp.txt on your desktop and copy and paste the text to a reply.
  • 0

#102
M624

M624

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Process PID CPU Private Bytes Working Set Description Company Name Verified Signer
System Idle Process 0 96.14 0 K 24 K
chrome.exe 3796 2.31 64,932 K 74,396 K Google Chrome Google Inc. (Verified) Google Inc
procexp.exe 4828 1.54 25,796 K 34,700 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
SearchIndexer.exe 3112 < 0.01 45,100 K 31,092 K Microsoft Windows Search Indexer Microsoft Corporation (Unable to verify) Microsoft Corporation
chrome.exe 2928 < 0.01 191,520 K 186,460 K Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 3884 < 0.01 49,596 K 62,856 K Google Chrome Google Inc. (Verified) Google Inc
System 4 < 0.01 0 K 31,992 K
taskeng.exe 908 < 0.01 3,812 K 6,660 K Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
AutoLaunchWLASU.exe 2912 < 0.01 16,228 K 8,948 K AutoLaunchWLASU Sony Electronics, Inc. (Unable to verify) Sony Electronics, Inc.
chrome.exe 5420 < 0.01 231,572 K 263,116 K Google Chrome Google Inc. (Verified) Google Inc
csrss.exe 672 < 0.01 12,828 K 14,124 K Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
AvastSvc.exe 1648 < 0.01 33,340 K 33,920 K avast! Service AVAST Software (Verified) AVAST Software
Skype.exe 3036 < 0.01 69,156 K 40,876 K Skype Skype Technologies S.A. (Verified) Skype Technologies SA
AppleMobileDeviceService.exe 1492 < 0.01 4,316 K 5,920 K MobileDeviceService Apple Inc. (Verified) Apple Inc.
svchost.exe 912 < 0.01 3,436 K 6,344 K Host Process for Windows Services Microsoft Corporation (Unable to verify) Microsoft Corporation
explorer.exe 1856 < 0.01 36,556 K 44,492 K Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1512 < 0.01 16,560 K 11,596 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
BTTray.exe 2732 < 0.01 6,480 K 7,996 K Bluetooth Tray Application Broadcom Corporation. (Verified) Broadcom Corporation
AvastUI.exe 2764 < 0.01 14,724 K 8,276 K avast! Antivirus AVAST Software (Verified) AVAST Software
googletalkplugin.exe 288 < 0.01 16,464 K 18,268 K Google Talk Plugin Google (Verified) Google Inc
stacsv.exe 2884 < 0.01 8,724 K 5,348 K STacSV Module IDT, Inc. (Unable to verify) IDT, Inc.
svchost.exe 1040 < 0.01 16,076 K 9,612 K Host Process for Windows Services Microsoft Corporation (Unable to verify) Microsoft Corporation
chrome.exe 4236 < 0.01 25,236 K 47,776 K Google Chrome Google Inc. (Verified) Google Inc
Apoint.exe 2864 < 0.01 2,460 K 4,956 K Alps Pointing-device Driver Alps Electric Co., Ltd. (Verified) Microsoft Windows Hardware Compatibility Publisher
svchost.exe 1132 < 0.01 60,856 K 23,808 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
iPodService.exe 3544 < 0.01 3,220 K 4,552 K iPodService Module (32-bit) Apple Inc. (Verified) Apple Inc.
chrome.exe 4760 < 0.01 11,760 K 46,232 K Google Chrome Google Inc. (Verified) Google Inc
svchost.exe 1120 < 0.01 75,940 K 73,300 K Host Process for Windows Services Microsoft Corporation (Unable to verify) Microsoft Corporation
csrss.exe 608 < 0.01 1,756 K 4,532 K Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 4648 < 0.01 57,592 K 94,628 K Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 5000 < 0.01 10,272 K 45,944 K Google Chrome Google Inc. (Verified) Google Inc
HPNetworkCommunicatorCom.exe 6080 < 0.01 3,280 K 7,956 K HPNetworkCommunicatorCom Hewlett-Packard Co. (Verified) Hewlett Packard
XAudio.exe 3412 < 0.01 1,032 K 2,264 K Modem Audio Service Conexant Systems, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
chrome.exe 4280 < 0.01 30,932 K 50,844 K Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 3716 < 0.01 332,856 K 195,436 K Google Chrome Google Inc. (Verified) Google Inc
lsass.exe 716 < 0.01 3,616 K 3,116 K Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
BTStackServer.exe 3896 < 0.01 13,164 K 8,248 K Bluetooth Stack COM Server Broadcom Corporation. (Verified) Broadcom Corporation
svchost.exe 2108 < 0.01 3,004 K 4,424 K Host Process for Windows Services Microsoft Corporation (Unable to verify) Microsoft Corporation
chrome.exe 4336 < 0.01 72,436 K 87,988 K Google Chrome Google Inc. (Verified) Google Inc
SearchProtocolHost.exe 4600 < 0.01 5,624 K 8,680 K Microsoft Windows Search Protocol Host Microsoft Corporation (Verified) Microsoft Windows
ApMsgFwd.exe 4064 < 0.01 1,100 K 2,744 K ApMsgFwd Alps Electric Co., Ltd. (Verified) Alps Electric Co.
iTunesHelper.exe 2344 < 0.01 4,852 K 6,680 K iTunesHelper Apple Inc. (Verified) Apple Inc.
ScanToPCActivationApp.exe 2748 < 0.01 4,460 K 7,428 K ScanToPCActivationApp Hewlett-Packard Co. (Verified) Hewlett Packard
HPNetworkCommunicator.exe 5332 < 0.01 2,872 K 5,288 K HPNetworkCommunicator Hewlett-Packard Co. (Verified) Hewlett Packard
spoolsv.exe 1764 < 0.01 9,372 K 10,276 K Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
Interrupts n/a < 0.01 0 K 0 K Hardware Interrupts and DPCs
WUDFHost.exe 3448 3,048 K 4,264 K Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 516 3,260 K 5,812 K WMI Provider Host Microsoft Corporation (Unable to verify) Microsoft Corporation
winlogon.exe 812 2,036 K 4,512 K Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 660 1,524 K 3,360 K Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
VAIOUpdt.exe 2156 3,492 K 4,992 K VAIO Update Sony Corporation (Verified) Sony Corporation
taskeng.exe 1956 1,776 K 4,440 K Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 984 4,312 K 6,060 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1352 8,276 K 9,824 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1788 12,716 K 11,180 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1260 1,992 K 4,016 K Host Process for Windows Services Microsoft Corporation (Unable to verify) Microsoft Corporation
svchost.exe 2644 2,604 K 4,348 K Host Process for Windows Services Microsoft Corporation (Unable to verify) Microsoft Corporation
svchost.exe 2976 6,476 K 10,332 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3024 780 K 2,072 K Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4888 1,832 K 5,896 K Host Process for Windows Services Microsoft Corporation (Unable to verify) Microsoft Corporation
stxmenumgr.exe 3380 2,332 K 5,312 K FreeAgent™ Launcher Seagate LLC (Verified) Seagate Technology
smss.exe 492 296 K 676 K Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
SLsvc.exe 1276 6,108 K 4,296 K Microsoft Software Licensing Service Microsoft Corporation (Verified) Microsoft Windows
services.exe 704 3,112 K 6,088 K Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
SearchFilterHost.exe 416 3,204 K 5,204 K Microsoft Windows Search Filter Host Microsoft Corporation (Unable to verify) Microsoft Corporation
rundll32.exe 4976 6,888 K 10,008 K Windows host process (Rundll32) Microsoft Corporation (Verified) Microsoft Windows
rundll32.exe 2984 5,036 K 5,648 K Windows host process (Rundll32) Microsoft Corporation (Verified) Microsoft Windows
rundll32.exe 3068 3,384 K 4,112 K Windows host process (Rundll32) Microsoft Corporation (Verified) Microsoft Windows
PSIService.exe 2780 2,508 K 3,036 K nTitles PSIService (Verified) Corel Corporation
pptd40nt.exe 2640 1,652 K 3,440 K PaperPort Print to Desktop for NT Nuance Communications, Inc. (Verified) Nuance Communications
mDNSResponder.exe 2096 1,900 K 3,628 K Bonjour Service Apple Inc. (Verified) Apple Inc.
lsm.exe 728 2,000 K 3,512 K Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
iviRegMgr.exe 2584 1,156 K 3,088 K RegMgr Module InterVideo (Verified) Intervideo
ISUSPM.exe 2904 2,300 K 5,036 K Macrovision Software Manager Macrovision Corporation (Verified) Macrovision Corporation
IAANTmon.exe 3424 3,328 K 4,952 K RAID Monitor Intel Corporation (Verified) Intel Corporation
IAAnotif.exe 2352 3,420 K 5,220 K Event Monitor User Notification Tool Intel Corporation (Verified) Intel Corporation
GoogleUpdate.exe 2968 4,536 K 1,768 K Google Installer Google Inc. (Verified) Google Inc
GoogleUpdate.exe 5260 4,312 K 1,828 K Google Installer Google Inc. (Verified) Google Inc
GoogleCrashHandler.exe 3556 2,736 K 904 K Google Crash Handler Google Inc. (Verified) Google Inc
GoogleCrashHandler.exe 5380 2,684 K 856 K Google Crash Handler Google Inc. (Verified) Google Inc
FreeAgentService.exe 2296 5,108 K 4,912 K Sync Windows Services Seagate Technology LLC (Verified) Seagate Technology
dwm.exe 1320 1,516 K 4,296 K Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 4296 24,832 K 42,460 K Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 4324 23,196 K 40,820 K Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 4308 22,980 K 40,756 K Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 4804 5,008 K 40,264 K Google Chrome Google Inc. (Verified) Google Inc
audiodg.exe 1236 12,896 K 10,124 K Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
armsvc.exe 1936 2,104 K 2,940 K Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
ApntEx.exe 1308 1,624 K 3,440 K Alps Pointing-device Driver for Windows NT/2000/XP/Vista Alps Electric Co., Ltd. (Unable to verify) Alps Electric Co., Ltd.
  • 0

#103
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
I don't see any slowdown in your CPU. Could be Chrome I guess. I'm still concerned that some of your Microsoft processes are not verified. Go into Process Explorer again, Options and Uncheck Verify Signature. Then close Process Explorer and open it again. Now sort it by name by clicking on the Process column header. Find the first svchost and right click on it and select Properties (then Image). There should be a button Verify. Press it. Does it now say at the top of the window

Image File
Host Process for Windows Services
(Verified) Microsoft Windows

Also verify that it shows:
Path:
C:\Windows\System32\svchost.exe

Repeat for each svchost.exe file.

Also let's check your Internet connection:

Go to http://www.speedtest.net/ and click on Begin Test

When the Test finishes click on Share This Result and then select Forum then Copy then move to a reply and Ctrl + v

Download Firefox again

http://www.mozilla.o...US/firefox/new/


Save and Install it by right clicking and Run As Admin.

Also get the Adblock Plus add-on:

https://addons.mozil...n/adblock-plus/

After you install it, Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox

How long does it take for Firefox to boot?

(There is a similar Adblock Plus add-on for Chrome which you should install. https://adblockplus.org/en/chrome )
  • 0

#104
M624

M624

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
Got all the svchost.exe verified

Here is the speedtest
Posted Image

Downloaded the Adblock for Chrome and working on Firefox now.
  • 0

#105
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,799 posts
  • MVP
Your link is a lot faster than mine:

Posted Image

I suppose your DNS could be a bit sluggish: Try Namebench:

http://lifehacker.co...r-your-computer

See if it can find a faster DNS for you.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP