Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer running slow [Solved]


  • This topic is locked This topic is locked

#1
Fred60

Fred60

    Member

  • Member
  • PipPip
  • 82 posts
Computer running slow. Here is the output from OTL

OTL logfile created on: 9/7/2013 6:44:52 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\hello\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.48 Gb Available Physical Memory | 74.08% Memory free
3.35 Gb Paging File | 3.03 Gb Available in Paging File | 90.48% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.88 Gb Total Space | 24.92 Gb Free Space | 44.59% Space Free | Partition Type: NTFS
Drive D: | 3.63 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: LATITUDED810 | User Name: hello | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/14 11:10:26 | 003,291,008 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/08/12 21:34:11 | 000,439,360 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2013/05/28 10:40:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\hello\Desktop\OTL.exe
PRC - [2013/05/09 04:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/03/15 15:07:56 | 000,395,640 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
PRC - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Updater\Updater.exe
PRC - [2013/01/15 13:07:42 | 000,780,152 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
PRC - [2012/05/09 14:25:58 | 000,152,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\EMET\EMET_notifier.exe
PRC - [2011/07/11 17:47:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2009/10/14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/10/07 14:13:38 | 000,176,128 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2005/07/27 16:41:08 | 000,045,056 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
PRC - [2004/06/28 23:56:12 | 000,045,056 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\hidfind.exe


========== Modules (No Company Name) ==========

MOD - [2013/09/07 14:37:18 | 002,098,176 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13090701\algo.dll
MOD - [2013/08/14 17:41:13 | 000,292,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Automation\67f02c1e223d14f00fb51694068b08f4\Inkjet.Automation.ni.dll
MOD - [2013/08/14 17:40:51 | 000,294,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Utilities\c43b49d65e0cc0113880b6b3f95d2314\Inkjet.Utilities.ni.dll
MOD - [2013/08/14 17:40:37 | 000,081,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Configuration\be693a87b798c9317dd9a70638f94618\Inkjet.Configuration.ni.dll
MOD - [2013/08/14 17:40:36 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Diagnostics\ebe1cb191c8906f3d161cfaef676a309\Inkjet.Diagnostics.ni.dll
MOD - [2013/08/13 23:50:14 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\14d1a28674a9f78c5759e7dcf74a13fd\System.Configuration.ni.dll
MOD - [2013/08/13 23:43:23 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\f93600ac836b9140e1df13bb0f6bfccf\System.Xml.ni.dll
MOD - [2013/08/13 23:43:09 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\a12a09aaa2c560a808dea7eaba5040c1\System.Windows.Forms.ni.dll
MOD - [2013/08/13 23:42:31 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b34cb206ab0cec687c3730b14cdff57\System.Drawing.ni.dll
MOD - [2013/08/13 23:39:18 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\10df39542df7d48462451fc39bce8418\System.ni.dll
MOD - [2013/07/15 13:29:04 | 000,620,718 | ---- | M] () -- C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2013/07/11 00:11:05 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll
MOD - [2011/03/17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 16:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2009/10/14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009/10/14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 05:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2013/08/20 22:37:55 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/08/17 21:40:12 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/08/14 11:10:26 | 003,291,008 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/03/15 15:07:56 | 000,395,640 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)
SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/01/15 13:07:42 | 000,780,152 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe -- (Kodak AiO Status Monitor Service)
SRV - [2012/09/20 14:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\UIUSys.sys -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\TEMP\cpuz135\cpuz135_x32.sys -- (cpuz135)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013/06/27 16:23:24 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/06/27 16:23:24 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/06/27 16:23:24 | 000,175,176 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/05/09 04:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/05/09 04:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/05/09 04:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/05/09 04:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2013/05/09 04:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/10/07 04:49:50 | 000,023,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2009/10/07 04:49:38 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2009/10/07 04:47:54 | 000,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/10/07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2007/11/17 17:42:56 | 002,210,048 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51)
DRV - [2006/04/06 15:49:00 | 000,088,192 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gtipci21.sys -- (GTIPCI21)
DRV - [2005/09/28 20:57:18 | 000,113,847 | R--- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2005/05/03 15:09:28 | 001,033,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.SYS -- (HSF_DPV)
DRV - [2005/05/03 15:08:50 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH)
DRV - [2005/05/03 15:08:44 | 000,705,408 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/03/17 16:30:10 | 000,132,608 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2005/03/10 16:56:06 | 000,273,168 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\STAC97.sys -- (STAC97)
DRV - [2005/01/11 13:18:22 | 000,800,768 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {39C085B0-056D-4AEF-A263-D07F19D58897}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{39C085B0-056D-4AEF-A263-D07F19D58897}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 40 9A 81 CD 4B D0 CA 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {8D6EC59D-7699-4CF1-AE7F-DD2A9728E15A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{39C085B0-056D-4AEF-A263-D07F19D58897}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{8D6EC59D-7699-4CF1-AE7F-DD2A9728E15A}: "URL" = http://www.bing.com/...ferrer:source?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.realsimple.com/"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1489
FF - prefs.js..extensions.enabledAddons: %7B82AF8DCA-6DE9-405D-BD5E-43525BDAD38A%7D:6.11.0.13348
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/05/15 07:34:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/08/17 21:39:44 | 000,000,000 | ---D | M]

[2010/03/30 22:19:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\hello\Application Data\Mozilla\Extensions
[2013/06/05 21:03:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\hello\Application Data\Mozilla\Firefox\Profiles\5mvmbh83.default\extensions
[2013/08/17 21:39:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/08/22 03:14:15 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/08/17 21:39:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/08/22 03:14:15 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/08/17 21:40:14 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/05/15 07:34:48 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/07/11 17:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - homepage: http://www.google.com/

O1 HOSTS File: ([2013/05/28 11:35:59 | 000,571,847 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost #[IPv6]
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 abcstats.com
O1 - Hosts: 127.0.0.1 a.abv.bg
O1 - Hosts: 127.0.0.1 adserver.abv.bg
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 ca.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 achmedia.com
O1 - Hosts: 127.0.0.1 csh.actiondesk.com
O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ads.activepower.net
O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 cms.ad2click.nl
O1 - Hosts: 127.0.0.1 ad2games.com
O1 - Hosts: 127.0.0.1 ads.ad2games.com
O1 - Hosts: 127.0.0.1 content.ad20.net
O1 - Hosts: 15520 more lines...
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EMET Notifier] C:\Program Files\EMET\EMET_notifier.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background File not found
O4 - HKCU..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: verbosestatus = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcp...ols/pcmatic.cab (PCPitstop Utility)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1259372744578 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2CCC3D74-C3D4-4831-950D-09BC602001CD}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E79037EE-41BC-45F5-B8F0-DD7E43EB59B5}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\hello\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\hello\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/27 18:24:59 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{194c3ad4-fd57-11df-80b5-0012f08cf726}\Shell\AutoRun\command - "" = D:\rcaDVM_setup.exe
O33 - MountPoints2\{194c3ad4-fd57-11df-80b5-0012f08cf726}\Shell\install\command - "" = D:\rcaDVM_setup.exe
O33 - MountPoints2\{b1599933-b2b2-11e1-8340-0012f08cf726}\Shell - "" = AutoRun
O33 - MountPoints2\{b1599933-b2b2-11e1-8340-0012f08cf726}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b1599933-b2b2-11e1-8340-0012f08cf726}\Shell\AutoRun\command - "" = E:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/17 21:39:33 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/08/17 20:11:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2013/08/13 23:44:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT
[2013/07/08 08:22:40 | 000,800,824 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\LocalService\Application Data\DPInst.exe
[2013/07/08 08:22:40 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\LocalService\Application Data\gacutil.exe
[2013/07/08 08:22:40 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\LocalService\Application Data\PnPutil.exe

========== Files - Modified Within 30 Days ==========

[2013/09/07 18:56:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/07 18:56:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/07 18:44:21 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/09/07 18:44:11 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/09/07 18:44:06 | 000,017,921 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2013/09/07 18:43:03 | 000,063,783 | ---- | M] () -- C:\WINDOWS\System32\nvwsapps.xml
[2013/09/07 18:42:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/09/07 18:37:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/08/20 22:37:53 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/08/20 22:37:52 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/08/14 19:55:16 | 000,017,921 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2013/08/13 23:51:06 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/08/13 23:31:37 | 000,497,884 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/08/13 23:31:37 | 000,086,218 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

========== Files Created - No Company Name ==========

[2013/07/08 08:22:40 | 000,000,181 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\gacutil.exe.config
[2013/06/27 16:23:48 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013/06/26 17:43:42 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013/06/26 17:43:38 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013/05/03 16:01:53 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\hello\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/03/20 12:01:42 | 000,175,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/03/20 12:01:41 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2012/09/24 13:31:08 | 000,001,119 | ---- | C] () -- C:\WINDOWS\System32\EKaio2WiaCoInst.ini
[2012/02/14 19:12:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/07/28 17:49:42 | 000,000,193 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2009/06/27 18:36:17 | 003,145,728 | ---- | C] () -- C:\Documents and Settings\hello\NTUSER.bak

========== ZeroAccess Check ==========

[2009/11/27 21:00:55 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/04/29 00:46:52 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

Fred
  • 0

Advertisements


#2
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello Fred60,

Sorry for the delay.

Nothing in the way or malware leaping out at me there.

Let's do a bit of a clean up and run another scan to have a different type of look at things.

Please run OTL.exe

  • Under the Custom Scans/Fixes box at the bottom, copy and paste the content of the quote box below:


    :Files
    ipconfig /flushdns /c

    :Commands
    [resethosts]
    [emptytemp]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • It will produce a log for you on reboot, please post that log in your next reply.The log is saved in the same location as OTL.
Next

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called (FRST.txt) in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.
So when you return please post
  • OTL.txt
  • FRST.txt

  • 1

#3
Fred60

Fred60

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
OK, here are the results

All processes killed
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\hello\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\hello\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: hello
->Temp folder emptied: 2121302 bytes
->Temporary Internet Files folder emptied: 463577 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 185257831 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 2264 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 109563 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 14014809 bytes

Total Files Cleaned = 193.00 mb




ADDITIONAL



Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-09-2013 03
Ran by hello at 2013-09-16 20:35:25
Running from C:\Documents and Settings\hello\My Documents\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Acrobat.com (Version: 2.0.0)
Acrobat.com (Version: 2.0.0.0)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.174)
Adobe Flash Player 11 Plugin (Version: 11.8.800.168)
Adobe Photoshop Elements 2.0 (Version: 2.0)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
aioscnnr (Version: 7.6.13.10)
ALPS Touch Pad Driver
ATI - Software Uninstall Utility (Version: 6.14.10.1010)
ATI Control Panel (Version: 6.14.10.5125)
ATI Display Driver (Version: 8.063.2.1.1-050111a-020427C-Dell)
avast! Free Antivirus (Version: 8.0.1497.0)
Broadcom Gigabit Integrated Controller (Version: 8.10.07)
C4USelfUpdater (Version: 1.00.0000)
center (Version: 7.7.2.0)
C-Major Audio (Version: 42xx)
Conexant D110 MDC V.92 Modem
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dropbox (HKCU Version: 2.0.22)
EMET (Version: 3.0.0)
essentials (Version: 7.7.2.0)
Family Tree Maker 2012 (Version: 21.0.388)
Google Earth (Version: 7.1.1.1888)
Google Update Helper (Version: 1.3.21.153)
Kodak AIO Printer (Version: 7.7.2.0)
KODAK AiO Software (Version: 7.7.6.0)
Logitech Webcam Software (Version: 12.10.1113)
Logitech Webcam Software Driver Package (Version: 12.10.1110)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Live Add-in 1.3 (Version: 2.0.2313.0)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Software Update for Web Folders (English) 14 (Version: 14.0.6029.1000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft WSE 3.0 (Version: 3.0.5305.0)
MotoHelper MergeModules (Version: 1.2.0)
Mozilla Firefox 23.0.1 (x86 en-US) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6.0 Parser (Version: 6.10.1129.0)
NVIDIA Drivers
ocr (Version: 6.2.3.50)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PowerDVD DX (Version: 8.2.5202)
PreReq (Version: 6.2.4.0)
PrintProjects (Version: 1.0.0.9282)
Skype Click to Call (Version: 6.11.13348)
Skype™ 6.3 (Version: 6.3.107)
Sonic CinePlayer Decoder Pack (Version: 4.2.0)
Texas Instruments PCIxx21/x515/xx12 drivers. (Version: 2.00.0000)
TIPCI (Version: 2.00.0000)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB971930) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
WebFldrs XP (Version: 9.50.7523)
Winamp (Version: 5.621 )
Winamp Detector Plug-in (HKCU Version: 1.0.0.1)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)
WinPatrol (Version: 28.6.2013.0)

==================== Restore Points =========================

13-09-2013 02:03:14 Software Distribution Service 3.0
14-09-2013 11:41:18 Software Distribution Service 3.0
15-09-2013 11:53:40 System Checkpoint
16-09-2013 18:26:58 System Checkpoint

==================== Hosts content: ==========================

2004-08-04 06:00 - 2013-09-16 20:14 - 00000098 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2004-08-04 06:00 - 2009-02-27 00:56 - 00177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfime.ime
2009-06-27 20:26 - 2007-03-16 18:10 - 00770048 _____ (Dell Inc.) C:\WINDOWS\System32\BCMLogon.dll
2013-09-16 18:12 - 2013-09-16 15:15 - 02101760 _____ () C:\Program Files\AVAST Software\Avast\defs\13091601\algo.dll
2013-05-24 20:36 - 2013-05-24 20:36 - 00130736 _____ (Dropbox, Inc.) C:\Documents and Settings\hello\Application Data\Dropbox\bin\DropboxExt.19.dll
2011-03-17 01:11 - 2011-03-17 01:11 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:45 - 2010-10-20 16:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-09-16 20:26 - 2009-10-07 01:47 - 00109080 _____ (Logitech Inc.) C:\WINDOWS\TEMP\logishrd\LVPrcInj01.dll
2013-01-18 10:48 - 2013-01-18 10:48 - 01374720 _____ (Eastman Kodak Company) C:\WINDOWS\system32\EKAiO2MON.dll
2013-01-18 10:48 - 2013-01-18 10:48 - 00060928 _____ (Eastman Kodak Company) C:\WINDOWS\System32\spool\PRTPROCS\W32X86\EKAiO2PPR.dll
2009-11-27 21:53 - 2008-07-06 08:06 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll
2013-08-14 17:41 - 2013-08-14 17:41 - 00292352 _____ (Eastman Kodak Company) C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Automation\67f02c1e223d14f00fb51694068b08f4\Inkjet.Automation.ni.dll
2013-08-14 17:40 - 2013-08-14 17:40 - 00294400 _____ (Eastman Kodak Company) C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Utilities\c43b49d65e0cc0113880b6b3f95d2314\Inkjet.Utilities.ni.dll
2013-08-14 17:40 - 2013-08-14 17:40 - 00081408 _____ (Eastman Kodak Company) C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Configuration\be693a87b798c9317dd9a70638f94618\Inkjet.Configuration.ni.dll
2013-08-14 17:40 - 2013-08-14 17:40 - 00106496 _____ (Eastman Kodak Company) C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Diagnostics\ebe1cb191c8906f3d161cfaef676a309\Inkjet.Diagnostics.ni.dll
2013-08-14 17:41 - 2013-08-14 17:41 - 00236544 _____ (Eastman Kodak Company) C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Localization\5a136875748781cac5f84520b9046e56\Inkjet.Localization.ni.dll
2013-08-14 17:40 - 2013-08-14 17:40 - 00181248 _____ (Eastman Kodak Company) C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Statistics\9c94aafee5b7205371940212c4055d3d\Inkjet.Statistics.ni.dll
2013-08-14 17:40 - 2013-08-14 17:40 - 00862720 _____ (Eastman Kodak Company) C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.Hardware\0a6fe7786e48b51759b8e18dc3060b8c\Inkjet.Hardware.ni.dll
2012-09-26 11:57 - 2012-09-26 11:57 - 00075264 _____ (Eastman Kodak Company) C:\Program Files\Kodak\AiO\Center\Logger.dll
2013-07-11 18:53 - 2013-07-11 18:53 - 00117760 _____ ( ) C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.EKAiO2SDKLib\ea614f74eb722c113b5cc0e7b496aa8a\Interop.EKAiO2SDKLib.ni.dll
2013-08-14 17:41 - 2013-08-14 17:41 - 00098304 _____ (Eastman Kodak Company) C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Inkjet.DeviceSettin#\089a13b51a9c17442eff954e2d2ebc6c\Inkjet.DeviceSettings.ni.dll
2011-12-10 11:21 - 2013-01-18 10:45 - 01543168 _____ (Eastman Kodak Company) C:\WINDOWS\system32\kodak\kds_aio5000\ekaio2wia.dll
2009-06-27 19:30 - 2005-03-04 20:31 - 00095511 ____R (Alps Electric Co., Ltd.) C:\WINDOWS\system32\VXDIF.DLL
2012-05-09 14:25 - 2012-05-09 14:25 - 01815552 _____ (Developer Express Inc.) C:\Program Files\EMET\DevExpress.XtraBars.v10.1.dll
2012-05-09 14:25 - 2012-05-09 14:25 - 02921984 _____ (Developer Express Inc.) C:\Program Files\EMET\DevExpress.Utils.v10.1.dll
2012-05-09 14:25 - 2012-05-09 14:25 - 02460160 _____ (Developer Express Inc.) C:\Program Files\EMET\DevExpress.Data.v10.1.dll
2013-01-15 13:05 - 2013-01-15 13:05 - 00054272 _____ (Eastman Kodak Company) C:\PROGRAM FILES\KODAK\AIO\STATUSMONITOR\EKStatusMonitor.Dll

==================== Alternate Data Streams (whitelisted) ==========


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/03/2013 00:14:27 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: center -- Error 1335.The cabinet file 'center.cab' required for this installation is corrupt and cannot be used. This could indicate a network error, an error reading from the CD-ROM, or a problem with this package.


System errors:
=============
Error: (09/16/2013 08:30:43 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{2CCC3D74-C3D4-4831-950D-09BC602001CD}.
The backup browser is stopping.

Error: (09/16/2013 08:27:16 PM) (Source: Service Control Manager) (User: )
Description: The Parallel port driver service failed to start due to the following error:
%%1058

Error: (09/16/2013 08:26:17 PM) (Source: SCardSvr) (User: )
Description: WDM Reader driver initialization cannot open reader device: The system cannot find the path specified.

Error: (09/16/2013 08:14:11 PM) (Source: Service Control Manager) (User: )
Description: The Skype C2C Service service terminated unexpectedly. It has done this 1 time(s).

Error: (09/16/2013 08:14:11 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).

Error: (09/16/2013 08:14:11 PM) (Source: Service Control Manager) (User: )
Description: The Kodak AiO Network Discovery Service service terminated unexpectedly. It has done this 1 time(s).

Error: (09/16/2013 08:14:11 PM) (Source: Service Control Manager) (User: )
Description: The Process Monitor service terminated unexpectedly. It has done this 1 time(s).

Error: (09/16/2013 08:14:10 PM) (Source: Service Control Manager) (User: )
Description: The Kodak AiO Status Monitor Service service terminated unexpectedly. It has done this 1 time(s).

Error: (09/16/2013 08:04:37 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{2CCC3D74-C3D4-4831-950D-09BC602001CD}.
The backup browser is stopping.

Error: (09/16/2013 08:00:59 PM) (Source: Service Control Manager) (User: )
Description: The Parallel port driver service failed to start due to the following error:
%%1058


Microsoft Office Sessions:
=========================
Error: (07/03/2013 00:14:27 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: Product: center -- Error 1335.The cabinet file 'center.cab' required for this installation is corrupt and cannot be used. This could indicate a network error, an error reading from the CD-ROM, or a problem with this package.(NULL)(NULL)(NULL)


==================== Memory info ===========================

Percentage of memory in use: 25%
Total physical RAM: 2047.39 MB
Available physical RAM: 1516.09 MB
Total Pagefile: 3430.23 MB
Available Pagefile: 3058.19 MB
Total Virtual: 2047.88 MB
Available Virtual: 1952.1 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:55.88 GB) (Free:24.61 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (VOLLARA_PRODUCTS_V3) (CDROM) (Total:3.63 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 56 GB) (Disk ID: 02B902B9)
Partition 1: (Active) - (Size=56 GB) - (Type=07 NTFS)




SCAN RESULTS



Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-09-2013 03
Ran by hello (administrator) on LATITUDED810 on 16-09-2013 20:33:58
Running from C:\Documents and Settings\hello\My Documents\Downloads
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\SCardSvr.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastUI.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\HidFind.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Microsoft Corporation) C:\Program Files\EMET\EMET_notifier.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
() C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
(Eastman Kodak Company) C:\PROGRAM FILES\KODAK\AIO\STATUSMONITOR\EKStatusMonitor.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [176128 2005-10-07] (Alps Electric Co., Ltd.)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM\...\Run: [LogitechQuickCamRibbon] - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM\...\Run: [ATIPTA] - C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [344064 2005-01-11] (ATI Technologies, Inc.)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [EMET Notifier] - C:\Program Files\EMET\EMET_notifier.exe [152152 2012-05-09] (Microsoft Corporation)
HKLM\...\Run: [WinampAgent] - C:\Program Files\Winamp\winampa.exe [74752 2011-07-11] (Nullsoft, Inc.)
HKLM\...\Run: [EKStatusMonitor] - C:\PROGRAM FILES\KODAK\AIO\STATUSMONITOR\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\system32\userinit.exe
Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\WgaLogon: C:\Windows\system32\WgaLogon.dll (Microsoft Corporation)
HKCU\...\Run: [msnmsgr] - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
HKCU\...\Run: [WinPatrol] - C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [439360 2013-08-12] (BillP Studios)
HKCU\...\Policies\Explorer: [NoInstrumentation] 1
HKCU\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Policies\Explorer: [NoSetTaskbar] 0
MountPoints2: {194c3ad4-fd57-11df-80b5-0012f08cf726} - D:\rcaDVM_setup.exe
MountPoints2: {b1599933-b2b2-11e1-8340-0012f08cf726} - E:\setup.exe -a
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x409A81CD4BD0CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcp...ols/pcmatic.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\hello\Application Data\Mozilla\Firefox\Profiles\5mvmbh83.default
FF Homepage: hxxp://www.realsimple.com/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe [395640 2013-03-15] (Eastman Kodak Company)
R2 Kodak AiO Status Monitor Service; C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [780152 2013-01-15] (Eastman Kodak Company)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3291008 2013-08-14] (Skype Technologies S.A.)
S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [49760 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [177864 2013-08-30] ()
R3 b57w2k; C:\Windows\System32\DRIVERS\b57xp32.sys [132608 2005-03-17] (Broadcom Corporation)
S3 FilterService; C:\Windows\System32\DRIVERS\lvuvcflt.sys [23832 2009-10-07] (Logitech Inc.)
R3 GTIPCI21; C:\Windows\System32\DRIVERS\gtipci21.sys [88192 2006-04-06] (Texas Instruments)
R3 HSFHWICH; C:\Windows\System32\DRIVERS\HSFHWICH.sys [208384 2005-05-03] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\Windows\System32\DRIVERS\HSF_DPV.SYS [1033728 2005-05-03] (Conexant Systems, Inc.)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 STAC97; C:\Windows\System32\drivers\STAC97.sys [273168 2005-03-10] (SigmaTel, Inc.)
R3 w29n51; C:\Windows\System32\DRIVERS\w29n51.sys [2210048 2007-11-17] (Intel® Corporation)
S3 cpuz135; \??\C:\WINDOWS\TEMP\cpuz135\cpuz135_x32.sys [x]
U5 FontCache3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [46104 2008-07-29] (Microsoft Corporation)
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S3 UIUSys; system32\drivers\UIUSys.sys [x]
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-16 20:33 - 2013-09-16 20:33 - 00000000 ____D C:\FRST
2013-09-16 20:30 - 2013-09-16 20:30 - 00003778 _____ C:\Documents and Settings\hello\Desktop\09162013_201407.log
2013-09-12 22:28 - 2013-09-12 22:29 - 00012351 _____ C:\WINDOWS\KB2870699-IE8.log
2013-09-12 22:19 - 2013-09-12 22:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876315$
2013-09-12 22:18 - 2013-09-12 22:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$
2013-09-12 22:17 - 2013-09-12 22:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$
2013-09-12 13:47 - 2013-09-12 13:47 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-12 13:47 - 2013-09-12 13:47 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2013-09-12 13:46 - 2013-09-12 13:47 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-12 13:46 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-09-12 13:17 - 2013-09-12 13:38 - 00000000 ____D C:\AdwCleaner
2013-09-12 13:16 - 2013-09-12 13:16 - 01037278 _____ C:\Documents and Settings\hello\Desktop\adwcleaner.exe
2013-09-12 06:44 - 2013-09-12 22:19 - 00011193 _____ C:\WINDOWS\KB2876315.log
2013-09-12 06:43 - 2013-09-12 22:18 - 00010560 _____ C:\WINDOWS\KB2876217.log
2013-09-12 06:43 - 2013-09-12 22:18 - 00009676 _____ C:\WINDOWS\KB2864063.log
2013-08-28 23:25 - 2013-08-28 23:25 - 00004982 _____ C:\WINDOWS\KB2834904-v2.log
2013-08-28 23:25 - 2013-08-28 23:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-08-17 21:39 - 2013-08-18 20:52 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-17 20:11 - 2013-08-17 20:11 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\InstallMate
2013-08-17 19:58 - 2013-08-17 19:58 - 00090112 _____ C:\WINDOWS\Minidump\Mini081713-02.dmp
2013-08-17 07:08 - 2013-08-17 07:08 - 00090112 _____ C:\WINDOWS\Minidump\Mini081713-01.dmp

==================== One Month Modified Files and Folders =======

2013-09-16 20:33 - 2013-09-16 20:33 - 00000000 ____D C:\FRST
2013-09-16 20:32 - 2009-06-27 18:23 - 02030839 _____ C:\WINDOWS\WindowsUpdate.log
2013-09-16 20:31 - 2010-04-03 08:00 - 00000000 ____D C:\Documents and Settings\hello\Application Data\Skype
2013-09-16 20:30 - 2013-09-16 20:30 - 00003778 _____ C:\Documents and Settings\hello\Desktop\09162013_201407.log
2013-09-16 20:27 - 2012-12-21 12:00 - 00000316 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2013-09-16 20:27 - 2009-11-27 21:41 - 00063783 _____ C:\WINDOWS\system32\nvwsapps.xml
2013-09-16 20:27 - 2009-11-27 21:41 - 00017921 _____ C:\WINDOWS\system32\nvModes.001
2013-09-16 20:27 - 2009-06-27 13:24 - 00000300 _____ C:\WINDOWS\wiadebug.log
2013-09-16 20:27 - 2004-08-04 06:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-09-16 20:26 - 2013-07-03 17:46 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-16 20:26 - 2011-05-14 15:28 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Kodak
2013-09-16 20:26 - 2009-06-27 18:35 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-09-16 20:26 - 2009-06-27 13:24 - 00000049 _____ C:\WINDOWS\wiaservc.log
2013-09-16 20:17 - 2009-06-27 18:36 - 00000278 ___SH C:\Documents and Settings\hello\ntuser.ini
2013-09-16 20:17 - 2009-06-27 18:35 - 00032454 _____ C:\WINDOWS\SchedLgU.Txt
2013-09-16 19:56 - 2013-07-03 17:46 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-16 19:55 - 2009-06-27 18:24 - 00002577 ____C C:\WINDOWS\system32\CONFIG.NT
2013-09-16 19:37 - 2013-03-26 19:59 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-09-13 21:37 - 2013-03-26 19:59 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-09-13 21:37 - 2011-05-12 21:13 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-09-13 06:27 - 2009-06-27 13:19 - 00296456 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-09-12 22:29 - 2013-09-12 22:28 - 00012351 _____ C:\WINDOWS\KB2870699-IE8.log
2013-09-12 22:29 - 2013-05-15 23:45 - 00014167 _____ C:\WINDOWS\updspapi.log
2013-09-12 22:29 - 2013-05-15 23:40 - 00139751 _____ C:\WINDOWS\iis6.log
2013-09-12 22:29 - 2013-05-15 23:40 - 00129839 _____ C:\WINDOWS\FaxSetup.log
2013-09-12 22:29 - 2013-05-15 23:40 - 00062076 _____ C:\WINDOWS\ocgen.log
2013-09-12 22:29 - 2013-05-15 23:40 - 00059244 _____ C:\WINDOWS\tsoc.log
2013-09-12 22:29 - 2013-05-15 23:40 - 00043449 _____ C:\WINDOWS\comsetup.log
2013-09-12 22:29 - 2013-05-15 23:40 - 00039552 _____ C:\WINDOWS\msmqinst.log
2013-09-12 22:29 - 2013-05-15 23:40 - 00026311 _____ C:\WINDOWS\ntdtcsetup.log
2013-09-12 22:29 - 2013-05-15 23:40 - 00022743 _____ C:\WINDOWS\netfxocm.log
2013-09-12 22:29 - 2013-05-15 23:40 - 00008925 _____ C:\WINDOWS\MedCtrOC.log
2013-09-12 22:29 - 2013-05-15 23:40 - 00007182 _____ C:\WINDOWS\ocmsn.log
2013-09-12 22:29 - 2013-05-15 23:40 - 00006531 _____ C:\WINDOWS\tabletoc.log
2013-09-12 22:29 - 2013-05-15 23:40 - 00006489 _____ C:\WINDOWS\msgsocm.log
2013-09-12 22:29 - 2013-05-15 23:40 - 00001374 _____ C:\WINDOWS\imsins.log
2013-09-12 22:29 - 2012-11-13 17:37 - 00065536 _____ C:\WINDOWS\system32\config\OAlerts.evt
2013-09-12 22:28 - 2010-03-30 23:16 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help
2013-09-12 22:28 - 2009-06-27 19:58 - 00000000 ____D C:\WINDOWS\ie8updates
2013-09-12 22:19 - 2013-09-12 22:19 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876315$
2013-09-12 22:19 - 2013-09-12 06:44 - 00011193 _____ C:\WINDOWS\KB2876315.log
2013-09-12 22:19 - 2009-06-27 13:21 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-09-12 22:18 - 2013-09-12 22:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$
2013-09-12 22:18 - 2013-09-12 06:43 - 00010560 _____ C:\WINDOWS\KB2876217.log
2013-09-12 22:18 - 2013-09-12 06:43 - 00009676 _____ C:\WINDOWS\KB2864063.log
2013-09-12 22:17 - 2013-09-12 22:17 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$
2013-09-12 22:08 - 2013-08-13 23:44 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-09-12 22:03 - 2009-06-27 19:56 - 76725432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-09-12 13:47 - 2013-09-12 13:47 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-12 13:47 - 2013-09-12 13:47 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2013-09-12 13:47 - 2013-09-12 13:46 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-12 13:38 - 2013-09-12 13:17 - 00000000 ____D C:\AdwCleaner
2013-09-12 13:38 - 2009-06-27 18:36 - 00000000 ____D C:\Documents and Settings\hello
2013-09-12 13:16 - 2013-09-12 13:16 - 01037278 _____ C:\Documents and Settings\hello\Desktop\adwcleaner.exe
2013-08-30 03:48 - 2013-03-20 12:01 - 00177864 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-08-30 03:48 - 2013-03-20 12:01 - 00066336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-08-30 03:48 - 2013-03-20 12:01 - 00049376 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2013-08-30 03:48 - 2011-03-31 16:30 - 00770344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-08-30 03:48 - 2011-03-31 16:30 - 00369584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2013-08-30 03:48 - 2011-03-31 16:30 - 00056080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2013-08-30 03:48 - 2011-03-31 16:30 - 00049760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2013-08-30 03:48 - 2011-03-31 16:30 - 00029816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFsBlk.sys
2013-08-30 03:47 - 2011-03-31 16:30 - 00229648 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2013-08-30 03:47 - 2011-03-31 16:30 - 00041664 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2013-08-28 23:25 - 2013-08-28 23:25 - 00004982 _____ C:\WINDOWS\KB2834904-v2.log
2013-08-28 23:25 - 2013-08-28 23:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-08-22 03:14 - 2010-04-03 07:59 - 00000000 ___RD C:\Program Files\Skype
2013-08-22 03:14 - 2010-04-03 07:59 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2013-08-19 06:35 - 2009-06-27 18:21 - 00000000 ____D C:\WINDOWS\system32\Restore
2013-08-18 20:52 - 2013-08-17 21:39 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-18 20:52 - 2013-06-06 22:42 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-17 20:12 - 2013-05-28 11:40 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\WinPatrol
2013-08-17 20:11 - 2013-08-17 20:11 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\InstallMate
2013-08-17 19:58 - 2013-08-17 19:58 - 00090112 _____ C:\WINDOWS\Minidump\Mini081713-02.dmp
2013-08-17 19:58 - 2010-10-06 17:23 - 00000000 ____D C:\WINDOWS\Minidump
2013-08-17 07:08 - 2013-08-17 07:08 - 00090112 _____ C:\WINDOWS\Minidump\Mini081713-01.dmp

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
  • 0

#4
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello again Fred60,

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

  • Click the green ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
    then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Then click on: Finish
  • Use notepad to open the logfile located at C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt.
  • Copy and paste that log as a reply to this topic.

  • 1

#5
Fred60

Fred60

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
OK, here are the results of ESET

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=6b96b71fd392d045a52f11b6d81f775e
# engine=15186
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-09-19 04:21:58
# local_time=2013-09-19 12:21:58 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=774 16777213 85 93 145383 155399590 0 0
# scanned=65550
# found=1
# cleaned=1
# scan_time=4795
sh=728B0331B572EE396616BD8DBEF068396AFCBC00 ft=0 fh=0000000000000000 vn="a variant of Win32/HiddenStart.A application (deleted - quarantined)" ac=C fn="C:\Documents and Settings\All Users\Application Data\{484395D8-1F9B-4C71-9DA9-A64CBD0E8DE2}\setup.res"

Fred
  • 0

#6
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello Fred60,

Please download Security Check by screen317 from here .

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

  • 1

#7
Fred60

Fred60

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
Resulta of Security Check

Results of screen317's Security Check version 0.99.73
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
WinPatrol
Adobe Flash Player 11.8.800.168
Adobe Reader XI
Mozilla Firefox (23.0.1)
````````Process Check: objlist.exe by Laurent````````
WinPatrol winpatrol.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast avastUI.exe
BillP Studios WinPatrol winpatrol.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 8%
````````````````````End of Log``````````````````````
  • 0

#8
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Still not seeing any malware.

You could try defragging and run chkdsk.

Download Auslogics Disk Defrag and save it to your Desktop.

Double click and follow the prompts to install it. Note: only install the defrag utility. Some versions come with Askbar toolbars... do not install those.

Once installed, run the defrag utility.

At the end the utility may tell you that it has found Junk Files and recommend that you run a scan to remove. Disregard that suggestion, it is a promotion of a tool you don't need. All we are interested in here is the defrag. process.

Note: Do not download Windows Registry Cleaner which is promoted at the same site.

Next

Please run chkdsk.

Go to Windows XP chkdsk for some helpful instructions.

Run the chkdsk command to check for problems.

To do this:

  • Click Start, select Run,
  • Then type cmd in the box; to get to the Command Prompt utility
  • Click Ok
  • Run the chkdsk utility by typing in the following command:
chkdsk c: /f /r

Note: The gaps should be there.

  • at the question "Would you like to schedule this volume to be checked the next time the system restarts?" type Y
  • Restart you computer and let chkdsk run
The /f command automatically fixes any errors encountered, the /r command locates bad sectors and recovers readable information.

Be patient, it can take a long time.

When it's finished come back and tell me how it went.
  • 1

#9
Fred60

Fred60

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
Seems to be running much better now,

Thanks,
  • 0

#10
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Excellent news. :thumbsup:

I think your machines is good to go now.

We have a couple of last steps to perform and then you're all set.Posted Image

  • Double-click OTL.exe to run it. (Vista users, please right click on OTL.exe and select "Run as an Administrator")
  • Click on the CleanUp! button
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

Any other tools remaining may be deleted.

Step 2

Next, we need to clean your restore points and set a new one:

Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs from changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected)1. Turn off System Restore.On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
2. Restart your computer.

3. Turn ON System Restore.On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check Turn off System Restore.
Click Apply, and then click OK.
[/list]System Restore will now be active again.
-------------------------------------------------------------------------------------------------------------------

A reminder: Remember to (re-install if uninstalled during cleaning) update and turn back on any anti-malware programs you may have turned off during the cleaning process.
-------------------------------------------------------------------------------------------------------------------

Here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article Strong passwords: How to create and use them.

----------------------------------------------------------------------------------------------------------------------

Java warning

Java is a popular point of entry to your computer for malicous programs. The United States Department of Homeland Security recommends that computer users disable Java see here. Unless you need it to run an important software the safest approach is to completely uninstall Java. Where you do require it then the next safest option is to disable it in your browsers until you need it, then enable it.

How to disable Java in your web browser and How to unplug Java from the browser

If you do still need Java then regularly check that it is up to date. Older versions are the most vulnerable to malicious attack.

  • Download Java for Windows

    Reboot your computer.
    You also need to unininstall older versions of Java.
  • Click Start > Control Panel > Add or Remove Programs
  • Remove all Java updates except the latest one you have just installed.
----------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future:



If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.

* Click Start > Control Panel > System and Security > Windows Update
* Under Windows Update click on Turn automatic updating on or off
* Check items shown to ensure you receive updates automatically. Click OK.

Be aware of what emails you open and websites you visit.

Go here for some good advice about how to prevent infection.

A fun way to check your online safety literacy.

Quiz - getsafeonline

Have a safe and happy computing day!
  • 1

#11
Fred60

Fred60

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
Thanks for the help.

Something to add to your data base that I found out with this computer and may also apply to other laptops.

This is A Dell M70

I found two things that cause it to reduce clock speed.

1. Getting too hot. Root cause clogged cooling fins in the CPU and Graphics card. If it is within the capabilities of the owner, disassemble the laptop. Remove heat sinks and fans to remove clogged dust.

2. A defective power adapter. If not enough power output, the battery will not charge. If the battery dies not charge it reduces the clock speed even if the adapter is plugged in.

Fred
  • 0

#12
Fred60

Fred60

    Member

  • Topic Starter
  • Member
  • PipPip
  • 82 posts
Also, it is a good idea to clean and apply new heat transfer paste on the CPU and Graphics card.

Fred
  • 0

#13
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Thanks Fred, good information. :thumbsup:
  • 0

#14
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP