GeekPolice
Would you like to react to this message? Create an account in a few clicks or log in to continue.

GeekPoliceLog in

 


My PC is slower & slower

2 posters

descriptionMy PC is slower & slower EmptyMy PC is slower & slower17th March 2010, 6:25 am

more_horiz
Lately, when I attempt to do a shut down or restart, there ia about 5-10 minutes of saving the settings. Then, upon restart, there's another 5-10 minutes before I can do anothing. It just sits there & does nothing.

Here's the HijackThis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:20:58 AM, on 3/17/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\OEM02Mon.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\KADxMain.exe
C:\WINDOWS\LOGI_MWX.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Lexmark 5600-6600 Series\lxduMsdMon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxduserv.exe
C:\WINDOWS\system32\lxducoms.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wwltv.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3080419
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.wwltv.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Lexmark Printable Web - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\WINDOWS\OEM02Mon.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [KADxMain] C:\WINDOWS\system32\KADxMain.exe
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [lxdumon.exe] "C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe"
O4 - HKLM\..\Run: [lxduamon] "C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe"
O4 - HKLM\..\Run: [Lexmark 5600-6600 Series Fax Server] "C:\Program Files\Lexmark 5600-6600 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {73779860-6F88-4D8C-9DAB-30583B9BAAC3} (FileProInet2.ImageView) - https://ssl.jpclerkofcourt.us/JeffNetService/ImageServer/iView2/FileProInet2.CAB
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: lxduCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxduserv.exe
O23 - Service: lxdu_device - - C:\WINDOWS\system32\lxducoms.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 10808 bytes

descriptionMy PC is slower & slower EmptyRe: My PC is slower & slower17th March 2010, 3:42 pm

more_horiz
Please visit this webpage for a tutorial on downloading and running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

See the area: Using ComboFix, and when done, post the log back here.

descriptionMy PC is slower & slower EmptyRe: My PC is slower & slower17th March 2010, 5:05 pm

more_horiz
Here's the log from ComboFix:
ComboFix 10-03-16.05 - Rick 03/17/2010 11:42:55.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.471 [GMT -5:00]
Running from: c:\documents and settings\Rick\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100317-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((( Files Created from 2010-02-17 to 2010-03-17 )))))))))))))))))))))))))))))))
.

2010-03-11 19:56 . 2010-03-11 19:56 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-03-05 19:02 . 2010-03-11 19:55 152576 ----a-w- c:\documents and settings\Rick\Application Data\Sun\Java\jre1.6.0_17\lzma.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-17 06:08 . 2009-08-13 21:14 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-03-11 19:56 . 2008-04-19 01:11 -------- d-----w- c:\program files\Java
2010-03-11 19:55 . 2010-01-22 19:12 79488 ----a-w- c:\documents and settings\Rick\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-03-05 19:01 . 2009-10-06 23:04 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-02-01 16:37 . 2010-02-01 16:37 52224 ----a-w- c:\documents and settings\Rick\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-02-01 16:37 . 2009-10-06 23:05 117760 ----a-w- c:\documents and settings\Rick\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-01-16 21:13 . 2008-04-19 01:23 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-31 16:50 . 2004-08-10 17:51 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:14 . 2004-08-10 17:51 916480 ----a-w- c:\windows\system32\wininet.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-03-05 2012912]
"RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2009-10-18 160592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-07-10 851968]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-07-10 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-07-10 162328]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-07-10 137752]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-08-28 36864]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-12-11 2183168]
"SigmatelSysTrayApp"="stsystra.exe" [2007-07-10 405504]
"KADxMain"="c:\windows\system32\KADxMain.exe" [2006-11-02 282624]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-02-28 17920]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]
"Logitech Utility"="LOGI_MWX.EXE" [2003-12-17 19968]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 76304]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 49152]
"lxdumon.exe"="c:\program files\Lexmark 5600-6600 Series\lxdumon.exe" [2008-09-10 676520]
"lxduamon"="c:\program files\Lexmark 5600-6600 Series\lxduamon.exe" [2008-09-10 16040]
"Lexmark 5600-6600 Series Fax Server"="c:\program files\Lexmark 5600-6600 Series\fm3032.exe" [2008-09-10 311976]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-03-11 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-12-18 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Device Detector 3.lnk - c:\program files\Olympus\DeviceDetector\DevDtct2.exe [2009-1-20 118784]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-8-4 805392]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"EditLevel"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 20:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 07:42 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-18 14:58 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]
2007-07-03 18:57 1228800 ----a-w- c:\program files\Dell\QuickSet\quickset.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DELL Webcam Manager]
2007-07-27 21:43 118784 -c----w- c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
2009-05-21 16:13 206064 ----a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
2007-11-01 20:39 189736 ------w- c:\program files\Dell\MediaDirect\PCMService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Dell\\MediaDirect\\PCMService.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\lxducoms.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [10/6/2009 4:44 PM 114768]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [9/15/2009 11:42 AM 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [9/15/2009 11:42 AM 66632]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10/6/2009 4:44 PM 20560]
R2 lxdu_device;lxdu_device;c:\windows\system32\lxducoms.exe -service --> c:\windows\system32\lxducoms.exe -service [?]
R2 lxduCATSCustConnectService;lxduCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxduserv.exe [1/25/2009 8:17 PM 98984]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [9/15/2009 11:42 AM 12872]
S3 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys --> c:\windows\system32\DRIVERS\sxuptp.sys [?]
.
Contents of the 'Scheduled Tasks' folder

2010-02-25 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.wwltv.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.wwltv.com/
IE: Customize Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: RoboForm Toolbar - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {73779860-6F88-4D8C-9DAB-30583B9BAAC3} - hxxps://ssl.jpclerkofcourt.us/JeffNetService/ImageServer/iView2/FileProInet2.CAB
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-mcmscsvc
SafeBoot-MCODS
AddRemove-HijackThis - c:\documents and settings\Rick\Local Settings\Temporary Internet Files\Content.IE5\2TWSQAX2\HijackThis.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-17 11:47
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1244)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
c:\windows\System32\BCMLogon.dll
c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80.DLL
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCR80.dll

- - - - - - - > 'explorer.exe'(3332)
c:\windows\system32\WININET.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-03-17 11:48:58
ComboFix-quarantined-files.txt 2010-03-17 16:48

Pre-Run: 95,425,359,872 bytes free
Post-Run: 95,668,592,640 bytes free

- - End Of File - - D8F372E76A9B96590196DF80FE860EF5

descriptionMy PC is slower & slower EmptyRe: My PC is slower & slower17th March 2010, 8:42 pm

more_horiz
My PC is slower & slower Mbamicontw5 Please download Malwarebytes Anti-Malware from Malwarebytes.org.
Alternate link: BleepingComputer.com.
(Note: if you already have the program installed, just follow the directions. No need to re-download or re-install!)

Double Click mbam-setup.exe to install the application.

(Note: if you already have the program installed, open Malwarebytes from the Start Menu or Desktop shortcut, click the Update tab, and click Check for Updates, before doing the scan as instructed below!)

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

descriptionMy PC is slower & slower EmptyRe: My PC is slower & slower18th March 2010, 5:15 am

more_horiz
MBAM log:
Malwarebytes' Anti-Malware 1.44
Database version: 3510
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

3/17/2010 11:51:08 PM
mbam-log-2010-03-17 (23-51-08).txt

Scan type: Full Scan (C:\|)
Objects scanned: 180638
Time elapsed: 30 minute(s), 58 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP203\A0033790.sys (Malware.Trace) -> Quarantined and deleted successfully.

descriptionMy PC is slower & slower EmptyRe: My PC is slower & slower18th March 2010, 1:56 pm

more_horiz
Please run a free online scan with the ESET Online Scanner
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic

descriptionMy PC is slower & slower EmptyRe: My PC is slower & slower20th March 2010, 12:36 am

more_horiz
Here's the log. Np threats found:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# IEXPLORE.EXE=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=280c1d5555394d47bc07d47b3ef67078
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-03-19 11:52:36
# local_time=2010-03-19 06:52:36 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 18754635 18754635 0 0
# compatibility_mode=769 16775125 100 98 0 204399435 0 0
# compatibility_mode=2560 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=61292
# found=0
# cleaned=0
# scan_time=2877

descriptionMy PC is slower & slower EmptyRe: My PC is slower & slower20th March 2010, 3:19 am

more_horiz
Please download OTS by OldTimer and save it to your Desktop.

Note: You must be logged on to the system with an account that has Administrator privileges to run this program.
  • Close ALL OTHER PROGRAMS.
  • Double-click on OTS to start the program (if you are running on Vista then right-click the program and
    choose Run as Administrator).
  • At the top, tick on Scan All Users section
  • At File Age set it to 90 Days
  • In the Processes, Modules, Services, Drivers, and Registry
    section, please set on Safe List.
  • In the Files Created Within and Files Modified Within section, set it to File Age
  • At the bottom, tick on all Safe List and Use Company Name WhiteList option
  • Under Additional Scans, tick on the "Extras" button and then click the checkboxes in front of the following items to select them:
      Reg - Disabled MS Config Items
      Reg - Drivers32
      Reg - Ext
      Reg - IE
      Explorer Bar
      Reg - NetSvcs
      Reg - Safeboot Minimal
      Reg - Safeboot Network
      File - Lop Check
      File - Purity Scan
  • Do NOT change any other settings.
  • Now click the Run Scan button on the toolbar.
  • Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.

descriptionMy PC is slower & slower EmptyOTS Log - Part 127th March 2010, 7:12 pm

more_horiz
[code]
OTS logfile created on: 3/21/2010 8:38:10 AM - Run 1
OTS by OldTimer - Version 3.1.27.1 Folder = C:\Documents and Settings\Rick\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 541.00 Mb Available Physical Memory | 53.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 105.90 Gb Total Space | 88.99 Gb Free Space | 84.03% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 244.63 Mb Total Space | 236.97 Mb Free Space | 96.87% Space Free | Partition Type: FAT
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: RICK-NEW
Current User Name: Rick
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 90 Days

[Processes - Safe List]
ots.exe -> C:\Documents and Settings\Rick\Desktop\OTS.exe -> [2010/03/21 08:35:16 | 000,637,440 | ---- | M] (OldTimer Tools)
superantispyware.exe -> C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE -> [2010/03/05 14:01:23 | 002,012,912 | ---- | M] (SUPERAntiSpyware.com)
acrord32.exe -> C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe -> [2009/12/18 09:58:20 | 000,345,520 | ---- | M] (Adobe Systems Incorporated)
ashdisp.exe -> C:\Program Files\Alwil Software\Avast4\ashDisp.exe -> [2009/11/24 18:51:40 | 000,081,000 | ---- | M] (ALWIL Software)
ashserv.exe -> C:\Program Files\Alwil Software\Avast4\ashServ.exe -> [2009/11/24 18:51:35 | 000,138,680 | ---- | M] (ALWIL Software)
ashmaisv.exe -> C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -> [2009/11/24 18:51:21 | 000,254,040 | ---- | M] (ALWIL Software)
ashwebsv.exe -> C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -> [2009/11/24 18:48:48 | 000,352,920 | ---- | M] (ALWIL Software)
aswupdsv.exe -> C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -> [2009/11/24 18:43:56 | 000,018,752 | ---- | M] (ALWIL Software)
robotaskbaricon.exe -> C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe -> [2009/10/17 20:08:45 | 000,160,592 | ---- | M] (Siber Systems)
sprtcmd.exe -> C:\Program Files\Dell Support Center\bin\sprtcmd.exe -> [2009/05/21 11:13:58 | 000,206,064 | ---- | M] (SupportSoft, Inc.)
lxdumon.exe -> C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe -> [2008/09/10 06:11:12 | 000,676,520 | ---- | M] ()
lxdumsdmon.exe -> C:\Program Files\Lexmark 5600-6600 Series\lxdumsdmon.exe -> [2008/09/10 06:11:09 | 000,025,256 | ---- | M] ()
sprtsvc.exe -> C:\Program Files\Dell Support Center\bin\sprtsvc.exe -> [2008/08/14 01:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.)
lxducoms.exe -> C:\WINDOWS\system32\lxducoms.exe -> [2008/05/23 07:58:34 | 000,594,600 | ---- | M] ( )
lxduserv.exe -> C:\WINDOWS\system32\spool\drivers\w32x86\3\lxduserv.exe -> [2008/05/23 07:58:22 | 000,098,984 | ---- | M] (Lexmark International, Inc.)
setpoint.exe -> C:\Program Files\Logitech\SetPoint\SetPoint.exe -> [2008/05/02 02:44:08 | 000,805,392 | ---- | M] (Logitech, Inc.)
khalmnpr.exe -> C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe -> [2008/05/02 02:40:56 | 000,076,304 | ---- | M] (Logitech, Inc.)
explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
oem02mon.exe -> C:\WINDOWS\OEM02Mon.exe -> [2007/08/28 14:54:58 | 000,036,864 | ---- | M] (Creative Technology Ltd.)
stsystra.exe -> C:\WINDOWS\stsystra.exe -> [2007/07/09 22:03:06 | 000,405,504 | ---- | M] (SigmaTel, Inc.)
devdtct2.exe -> C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe -> [2007/02/22 19:32:12 | 000,118,784 | ---- | M] (OLYMPUS IMAGING CORP.)
kadxmain.exe -> C:\WINDOWS\system32\KADxMain.exe -> [2006/11/02 14:05:50 | 000,282,624 | ---- | M] (Knowles Acoustics)
logi_mwx.exe -> C:\WINDOWS\LOGI_MWX.EXE -> [2003/12/17 09:50:00 | 000,019,968 | ---- | M] (Logitech Inc.)

[Modules - Safe List]
ots.exe -> C:\Documents and Settings\Rick\Desktop\OTS.exe -> [2010/03/21 08:35:16 | 000,637,440 | ---- | M] (OldTimer Tools)
msvcr80.dll -> C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll -> [2008/07/25 11:17:20 | 000,635,904 | ---- | M] (Microsoft Corporation)
lgscroll.dll -> C:\Program Files\Logitech\SetPoint\lgscroll.dll -> [2008/05/02 02:42:50 | 000,045,584 | ---- | M] (Logitech, Inc.)
hccutils.dll -> C:\WINDOWS\system32\hccutils.dll -> [2007/07/09 21:58:30 | 000,102,400 | ---- | M] (Intel Corporation)

[Win32 Services - Safe List]
(avast! Antivirus) avast! Antivirus [Auto | Running] -> C:\Program Files\Alwil Software\Avast4\ashServ.exe -> [2009/11/24 18:51:35 | 000,138,680 | ---- | M] (ALWIL Software)
(avast! Mail Scanner) avast! Mail Scanner [On_Demand | Running] -> C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -> [2009/11/24 18:51:21 | 000,254,040 | ---- | M] (ALWIL Software)
(avast! Web Scanner) avast! Web Scanner [On_Demand | Running] -> C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -> [2009/11/24 18:48:48 | 000,352,920 | ---- | M] (ALWIL Software)
(aswUpdSv) avast! iAVS4 Control Service [Auto | Running] -> C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -> [2009/11/24 18:43:56 | 000,018,752 | ---- | M] (ALWIL Software)
(sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) [Auto | Running] -> C:\Program Files\Dell Support Center\bin\sprtsvc.exe -> [2008/08/14 01:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.)
(lxdu_device) lxdu_device [Auto | Running] -> C:\WINDOWS\System32\lxducoms.exe -> [2008/05/23 07:58:34 | 000,594,600 | ---- | M] ( )
(lxduCATSCustConnectService) lxduCATSCustConnectService [Auto | Running] -> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxduserv.exe -> [2008/05/23 07:58:22 | 000,098,984 | ---- | M] ()
(LBTServ) Logitech Bluetooth Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -> [2008/05/02 02:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.)
(Pml Driver HPZ12) Pml Driver HPZ12 [On_Demand | Stopped] -> C:\WINDOWS\system32\HPZipm12.exe -> [2004/03/18 16:55:48 | 000,065,536 | ---- | M] (HP)

[Driver Services - Safe List]
(SASKUTIL) SASKUTIL [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -> [2010/03/05 14:01:23 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
(SASDIFSV) SASDIFSV [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -> [2010/03/05 14:01:23 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
(SASENUM) SASENUM [Kernel | On_Demand | Running] -> C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -> [2010/03/05 14:01:23 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
(aswTdi) avast! Network Shield Support [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\aswTdi.sys -> [2009/11/24 18:49:07 | 000,048,560 | ---- | M] (ALWIL Software)
(aswRdr) aswRdr [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\aswRdr.sys -> [2009/11/24 18:48:57 | 000,023,120 | ---- | M] (ALWIL Software)
(Aavmker4) avast! Asynchronous Virus Monitor [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\aavmker4.sys -> [2009/11/24 18:47:54 | 000,027,408 | ---- | M] (ALWIL Software)
(aswMon2) avast! Standard Shield Support [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\aswmon2.sys -> [2009/09/15 05:56:14 | 000,094,160 | ---- | M] (ALWIL Software)
(aswSP) avast! Self Protection [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\aswSP.sys -> [2009/09/15 05:55:30 | 000,114,768 | ---- | M] (ALWIL Software)
(aswFsBlk) aswFsBlk [File_System | Auto | Running] -> C:\WINDOWS\system32\drivers\aswFsBlk.sys -> [2009/09/15 05:55:19 | 000,020,560 | ---- | M] (ALWIL Software)
(mfehidk) McAfee Inc. mfehidk [Kernel | System | Running] -> C:\WINDOWS\system32\drivers\mfehidk.sys -> [2009/07/08 13:44:20 | 000,214,024 | ---- | M] (McAfee, Inc.)
(mfeavfk) McAfee Inc. mfeavfk [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mfeavfk.sys -> [2009/07/08 13:44:20 | 000,079,816 | ---- | M] (McAfee, Inc.)
(mfesmfk) McAfee Inc. mfesmfk [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mfesmfk.sys -> [2009/07/08 13:44:20 | 000,040,552 | ---- | M] (McAfee, Inc.)
(mfebopk) McAfee Inc. mfebopk [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mfebopk.sys -> [2009/07/08 13:44:20 | 000,035,272 | ---- | M] (McAfee, Inc.)
(mferkdk) McAfee Inc. mferkdk [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\mferkdk.sys -> [2009/07/08 13:43:46 | 000,034,248 | ---- | M] (McAfee, Inc.)
(amdagp) AMD AGP Bus Filter Driver [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\amdagp.sys -> [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.)
(sisagp) SIS AGP Bus Filter [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\sisagp.sys -> [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation)
(HDAudBus) Microsoft UAA Bus Driver for High Definition Audio [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\hdaudbus.sys -> [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider)
(LMouFilt) Logitech SetPoint KMDF Mouse Filter Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\LMouFilt.Sys -> [2008/02/29 03:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.)
(LHidFilt) Logitech SetPoint KMDF HID Filter Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\LHidFilt.Sys -> [2008/02/29 03:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.)
(BCM43XX) Dell Wireless WLAN Card Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\BCMWL5.SYS -> [2007/12/11 13:22:24 | 001,123,328 | ---- | M] (Broadcom Corp.)
(HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_DPV.sys -> [2007/12/02 18:26:22 | 000,989,952 | ---- | M] (Conexant Systems, Inc.)
(winachsf) winachsf [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSF_CNXT.sys -> [2007/12/02 18:26:20 | 000,731,136 | ---- | M] (Conexant Systems, Inc.)
(HSFHWAZL) HSFHWAZL [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\HSFHWAZL.sys -> [2007/12/02 18:26:20 | 000,211,200 | ---- | M] (Conexant Systems, Inc.)
(LUsbFilt) Logitech SetPoint KMDF USB Filter [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\LUsbFilt.sys -> [2007/11/29 02:18:12 | 000,028,432 | ---- | M] (Logitech, Inc.)
(OEM02Vfx) Creative Camera OEM002 Video VFX Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\OEM02Vfx.sys -> [2007/08/28 14:55:06 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.)
(OEM02Dev) Creative Camera OEM002 Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\OEM02Dev.sys -> [2007/08/28 14:54:56 | 000,235,520 | ---- | M] (Creative Technology Ltd.)
(bcm4sbxp) Broadcom 440x 10/100 Integrated Controller XP Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\bcm4sbxp.sys -> [2007/07/10 15:07:56 | 000,045,568 | ---- | M] (Broadcom Corporation)
(rismxdp) Ricoh xD-Picture Card Driver [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rixdptsk.sys -> [2007/07/10 14:22:22 | 000,037,376 | ---- | M] (REDC)
(rimsptsk) rimsptsk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rimsptsk.sys -> [2007/07/10 14:22:20 | 000,043,520 | ---- | M] (REDC)
(rimmptsk) rimmptsk [Kernel | Auto | Running] -> C:\WINDOWS\system32\drivers\rimmptsk.sys -> [2007/07/10 14:22:18 | 000,032,256 | ---- | M] (REDC)
(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\SynTP.sys -> [2007/07/09 22:21:54 | 000,202,912 | ---- | M] (Synaptics, Inc.)
(STHDA) SigmaTel High Definition Audio CODEC [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\sthda.sys -> [2007/07/09 22:03:04 | 001,222,840 | ---- | M] (SigmaTel, Inc.)
(ialm) ialm [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\igxpmp32.sys -> [2007/07/09 21:58:42 | 005,707,744 | ---- | M] (Intel Corporation)
(iaStor) Intel RAID Controller [Kernel | Boot | Stopped] -> C:\WINDOWS\system32\drivers\iaStor.sys -> [2007/05/08 20:22:58 | 000,277,784 | ---- | M] (Intel Corporation)
(DXEC02) DXEC02 [Kernel | On_Demand | Running] -> C:\WINDOWS\system32\drivers\dxec02.sys -> [2006/11/02 12:31:38 | 000,103,168 | ---- | M] (Knowles Acoustics)
(VNUSB) VN Series Device [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\VNUSB.sys -> [2006/04/07 18:06:38 | 000,038,496 | ---- | M] (OLYMPUS IMAGING CORP.)
(APPDRV) APPDRV [Kernel | System | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -> [2005/08/12 17:50:46 | 000,016,128 | ---- | M] (Dell Inc)
(nv) nv [Kernel | On_Demand | Stopped] -> C:\WINDOWS\system32\drivers\nv4_mini.sys -> [2004/08/03 22:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation)
(Sparrow) Sparrow [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\sparrow.sys -> [2001/08/17 14:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.)
(sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\sym_u3.sys -> [2001/08/17 14:07:42 | 000,030,688 | ---- | M] (LSI Logic)
(sym_hi) sym_hi [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\sym_hi.sys -> [2001/08/17 14:07:40 | 000,028,384 | ---- | M] (LSI Logic)
(symc8xx) symc8xx [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\symc8xx.sys -> [2001/08/17 14:07:36 | 000,032,640 | ---- | M] (LSI Logic)
(symc810) symc810 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\symc810.sys -> [2001/08/17 14:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.)
(ultra) ultra [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\ultra.sys -> [2001/08/17 13:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.)
(ql12160) ql12160 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\ql12160.sys -> [2001/08/17 13:52:20 | 000,045,312 | ---- | M] (QLogic Corporation)
(ql1080) ql1080 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\ql1080.sys -> [2001/08/17 13:52:20 | 000,040,320 | ---- | M] (QLogic Corporation)
(ql1280) ql1280 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\ql1280.sys -> [2001/08/17 13:52:18 | 000,049,024 | ---- | M] (QLogic Corporation)
(dac2w2k) dac2w2k [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -> [2001/08/17 13:52:16 | 000,179,584 | ---- | M] (Mylex Corporation)
(mraid35x) mraid35x [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\mraid35x.sys -> [2001/08/17 13:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.)
(asc) asc [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\asc.sys -> [2001/08/17 13:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.)
(asc3550) asc3550 [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\asc3550.sys -> [2001/08/17 13:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.)
(AliIde) AliIde [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\aliide.sys -> [2001/08/17 13:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.)
(CmdIde) CmdIde [Kernel | Disabled | Stopped] -> C:\WINDOWS\system32\DRIVERS\cmdide.sys -> [2001/08/17 13:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.)

[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Search\\"Default_Page_URL" -> www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3080419 ->
HKEY_LOCAL_MACHINE\: Search\\"Start Page" -> www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3080419 ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: Main\\"Default_Page_URL" -> www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3080419 ->
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
HKEY_USERS\.DEFAULT\: "ProxyOverride" -> *.local ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: Main\\"Default_Page_URL" -> www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3080419 ->
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
HKEY_USERS\S-1-5-18\: "ProxyOverride" -> *.local ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\] > -> ->
HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\: Main\\"SearchMigratedDefaultName" -> Google ->
HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\: Main\\"SearchMigratedDefaultURL" -> http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 ->
HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\: Main\\"Start Page" -> http://www.wwltv.com/ ->
HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\: "ProxyEnable" -> 0 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions -> ->
< FireFox Extensions [User Folders] > ->
< HOSTS File > ([2009/11/02 20:02:29 | 000,000,021 | ---- | M] - 1 lines) -> C:\WINDOWS\system32\drivers\etc\hosts ->
Reset Hosts
127.0.0.1 localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2009/12/18 03:16:54 | 000,061,888 | ---- | M] (Adobe Systems Incorporated)
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} [HKLM] -> C:\Program Files\Lexmark Toolbar\toolband.dll [Lexmark Toolbar] -> [2009/05/06 09:03:44 | 000,372,736 | ---- | M] ()
{724d43a9-0d85-11d4-9908-00400523e39a} [HKLM] -> C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [Reg Error: Value error.] -> [2009/10/17 20:08:45 | 005,976,904 | ---- | M] (Siber Systems Inc.)
{CA6319C0-31B7-401E-A518-A07C3DB8F777} [HKLM] -> C:\Program Files\Dell\BAE\BAE.dll [CBrowserHelperObject Object] -> [2006/11/09 09:56:48 | 000,098,304 | ---- | M] (Dell Inc.)
{D2C5E510-BE6D-42CC-9F61-E4F939078474} [HKLM] -> C:\Program Files\Lexmark Printable Web\bho.dll [Lexmark Printable Web] -> [2008/09/10 04:57:03 | 000,180,224 | ---- | M] ()
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" [HKLM] -> C:\Program Files\Lexmark Toolbar\toolband.dll [Lexmark Toolbar] -> [2009/05/06 09:03:44 | 000,372,736 | ---- | M] ()
"{724d43a0-0d85-11d4-9908-00400523e39a}" [HKLM] -> C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [&RoboForm] -> [2009/10/17 20:08:45 | 005,976,904 | ---- | M] (Siber Systems Inc.)
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\] > -> HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" [HKLM] -> C:\Program Files\Lexmark Toolbar\toolband.dll [Lexmark Toolbar] -> [2009/05/06 09:03:44 | 000,372,736 | ---- | M] ()
WebBrowser\\"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" [HKLM] -> C:\Program Files\Lexmark Toolbar\toolband.dll [Lexmark Toolbar] -> [2009/05/06 09:03:44 | 000,372,736 | ---- | M] ()
WebBrowser\\"{724D43A0-0D85-11D4-9908-00400523E39A}" [HKLM] -> C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [&RoboForm] -> [2009/10/17 20:08:45 | 005,976,904 | ---- | M] (Siber Systems Inc.)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Adobe Reader Speed Launcher" -> C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe ["C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> [2009/12/18 09:58:00 | 000,040,368 | ---- | M] (Adobe Systems Incorporated)
"avast!" -> C:\Program Files\Alwil Software\Avast4\ashDisp.exe [C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] -> [2009/11/24 18:51:40 | 000,081,000 | ---- | M] (ALWIL Software)
"dellsupportcenter" -> C:\Program Files\Dell Support Center\bin\sprtcmd.exe ["C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter] -> [2009/05/21 11:13:58 | 000,206,064 | ---- | M] (SupportSoft, Inc.)
"dscactivate" -> C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ["C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"] -> [2008/03/11 12:44:42 | 000,016,384 | ---- | M] ( )
"ECenter" -> C:\dell\E-Center\EULALauncher.exe [C:\Dell\E-Center\EULALauncher.exe] -> [2008/02/28 13:18:02 | 000,017,920 | ---- | M] ( )
"KADxMain" -> C:\WINDOWS\system32\KADxMain.exe [C:\WINDOWS\system32\KADxMain.exe] -> [2006/11/02 14:05:50 | 000,282,624 | ---- | M] (Knowles Acoustics)
"Kernel and Hardware Abstraction Layer" -> C:\WINDOWS\KHALMNPR.Exe [KHALMNPR.EXE] -> [2008/02/29 03:12:38 | 000,076,304 | ---- | M] (Logitech, Inc.)
"Lexmark 5600-6600 Series Fax Server" -> C:\Program Files\Lexmark 5600-6600 Series\fm3032.exe ["C:\Program Files\Lexmark 5600-6600 Series\fm3032.exe" /s] -> [2008/09/10 06:10:58 | 000,311,976 | ---- | M] ()
"Logitech Utility" -> C:\WINDOWS\LOGI_MWX.EXE [LOGI_MWX.EXE] -> [2003/12/17 09:50:00 | 000,019,968 | ---- | M] (Logitech Inc.)
"lxduamon" -> C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe ["C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe"] -> [2008/09/10 06:11:10 | 000,016,040 | ---- | M] ()
"lxdumon.exe" -> C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe ["C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe"] -> [2008/09/10 06:11:12 | 000,676,520 | ---- | M] ()
"OEM02Mon.exe" -> C:\WINDOWS\OEM02Mon.exe [C:\WINDOWS\OEM02Mon.exe] -> [2007/08/28 14:54:58 | 000,036,864 | ---- | M] (Creative Technology Ltd.)
"SigmatelSysTrayApp" -> C:\WINDOWS\stsystra.exe [stsystra.exe] -> [2007/07/09 22:03:06 | 000,405,504 | ---- | M] (SigmaTel, Inc.)
< Run [HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\] > -> HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"RoboForm" -> C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe ["C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"] -> [2009/10/17 20:08:45 | 000,160,592 | ---- | M] (Siber Systems)
"SUPERAntiSpyware" -> C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe] -> [2010/03/05 14:01:23 | 002,012,912 | ---- | M] (SUPERAntiSpyware.com)
< RunOnce [HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\] > -> HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
"FlashPlayerUpdate" -> C:\WINDOWS\system32\Macromed\Flash\FlashUtil10d.exe [C:\WINDOWS\system32\Macromed\Flash\FlashUtil10d.exe] -> [2009/10/27 22:31:14 | 000,257,440 | R--- | M] (Adobe Systems, Inc.)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Device Detector 3.lnk -> C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe -> [2007/02/22 19:32:12 | 000,118,784 | ---- | M] (OLYMPUS IMAGING CORP.)
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe -> [2008/05/02 02:44:08 | 000,805,392 | ---- | M] (Logitech, Inc.)
< Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup ->
< Rick Startup Folder > -> C:\Documents and Settings\Rick\Start Menu\Programs\Startup ->
< Software Policy Settings [HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006] > -> HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\SOFTWARE\Policies\Microsoft\Internet Explorer ->
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"HonorAutoRunSetting" -> [1] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoDrives" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [149] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006] > -> HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"EditLevel" -> [0] -> File not found
\\"NoFileMenu" -> [0] -> File not found
\\"NoCommonGroups" -> [0] -> File not found
\\"NoDriveTypeAutoRun" -> [323] -> File not found
\\"NoDriveAutoRun" -> [67108863] -> File not found
\\"NoDrives" -> [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006] > -> HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\] > -> HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\Software\Microsoft\Internet Explorer\MenuExt\ ->
Customize Menu -> C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html [file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html] -> [2009/10/17 20:09:23 | 000,000,212 | ---- | M] ()
Fill Forms -> C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html [file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html] -> [2009/10/17 20:09:23 | 000,000,206 | ---- | M] ()
RoboForm Toolbar -> C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html [file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html] -> [2009/10/17 20:09:23 | 000,000,208 | ---- | M] ()
Save Forms -> C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html [file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html] -> [2009/10/17 20:09:23 | 000,000,205 | ---- | M] ()
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{320AF880-6646-11D3-ABEE-C5DBF3571F46}:file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html [HKLM] -> C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html [Button: Fill Forms] -> [2009/10/17 20:09:23 | 000,000,206 | ---- | M] ()
{320AF880-6646-11D3-ABEE-C5DBF3571F46}:file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html [HKLM] -> C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html [Menu: Fill Forms] -> [2009/10/17 20:09:23 | 000,000,206 | ---- | M] ()
{320AF880-6646-11D3-ABEE-C5DBF3571F49}:file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html [HKLM] -> C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html [Button: Save] -> [2009/10/17 20:09:23 | 000,000,205 | ---- | M] ()
{320AF880-6646-11D3-ABEE-C5DBF3571F49}:file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html [HKLM] -> C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html [Menu: Save Forms] -> [2009/10/17 20:09:23 | 000,000,205 | ---- | M] ()
{724d43aa-0d85-11d4-9908-00400523e39a}:file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html [HKLM] -> C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html [Button: RoboForm] -> [2009/10/17 20:09:23 | 000,000,208 | ---- | M] ()
{724d43aa-0d85-11d4-9908-00400523e39a}:file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html [HKLM] -> C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html [Menu: RoboForm Toolbar] -> [2009/10/17 20:09:23 | 000,000,208 | ---- | M] ()
< Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.] -> File not found
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> [Reg Error: Key error.] -> File not found
< Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.] -> File not found
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> [Reg Error: Key error.] -> File not found
< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\] > -> HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.] -> File not found
CmdMapping\\"{320AF880-6646-11D3-ABEE-C5DBF3571F46}" [HKLM] -> [Fill Forms] -> File not found
CmdMapping\\"{320AF880-6646-11D3-ABEE-C5DBF3571F49}" [HKLM] -> [Save] -> File not found
CmdMapping\\"{724d43aa-0d85-11d4-9908-00400523e39a}" [HKLM] -> [RoboForm] -> File not found
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> [Reg Error: Key error.] -> File not found
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\] > -> HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 2 domain(s) found. ->
internet .[about] -> Trusted sites ->
mcafee.com .[http] -> Trusted sites ->
mcafee.com .[https] -> Trusted sites ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\] > -> HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{01A88BB1-1174-41EC-ACCB-963509EAE56B} [HKLM] -> http://support.dell.com/systemprofiler/SysPro.CAB [SysProWmi Class] ->
{6F15128C-E66A-490C-B848-5000B5ABEEAC} [HKLM] -> https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab [HP Download Manager] ->
{73779860-6F88-4D8C-9DAB-30583B9BAAC3} [HKLM] -> https://ssl.jpclerkofcourt.us/JeffNetService/ImageServer/iView2/FileProInet2.CAB [FileProInet2.ImageView] ->
{7530BFB8-7293-4D34-9923-61A11451AFC5} [HKLM] -> http://download.eset.com/special/eos/OnlineScanner.cab [OnlineScanner Control] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab [Java Plug-in 1.6.0_17] ->
{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_17-windows-i586.cab [Java Plug-in 1.5.0_17] ->
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab [Java Plug-in 1.6.0_17] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab [Java Plug-in 1.6.0_17] ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 192.168.2.1 192.168.2.1 ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{5B132E35-730E-4C91-BB7F-BB88F79B53DC}\\DhcpNameServer -> 192.168.2.1 192.168.2.1 (Dell Wireless 1395 WLAN Mini-Card) ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
!SASWinLogon -> C:\Program Files\SUPERAntiSpyware\SASWINLO.dll -> [2009/09/03 15:21:42 | 000,548,352 | ---- | M] (SUPERAntiSpyware.com)
igfxcui -> C:\WINDOWS\System32\igfxdev.dll -> [2007/07/09 21:58:32 | 000,204,800 | ---- | M] (Intel Corporation)
LBTWlgn -> c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll -> [2008/05/02 02:42:30 | 000,072,208 | ---- | M] (Logitech, Inc.)
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" [HKLM] -> C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [] -> [2008/05/13 10:13:36 | 000,077,824 | ---- | M] (SuperAdBlocker.com)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List ->
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List ->
"C:\Program Files\Dell\MediaDirect\PCMService.exe" -> C:\Program Files\Dell\MediaDirect\PCMService.exe [C:\Program Files\Dell\MediaDirect\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program] -> [2007/11/01 15:39:28 | 000,189,736 | ---- | M] (CyberLink Corp.)
"C:\Program Files\iTunes\iTunes.exe" -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> [2008/11/20 14:20:48 | 014,294,824 | ---- | M] (Apple Inc.)
"C:\WINDOWS\system32\lxducoms.exe" -> C:\WINDOWS\System32\lxducoms.exe [C:\WINDOWS\system32\lxducoms.exe:*:Enabled:5600-6600 Series Server] -> [2008/05/23 07:58:34 | 000,594,600 | ---- | M] ( )
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > -> ->
C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2004/08/10 13:04:08 | 000,000,000 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command ->
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< AppCertDlls [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\AppCertDlls ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ ->
.com [@ = ComFile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->

descriptionMy PC is slower & slower EmptyOTS Log - Part 227th March 2010, 7:15 pm

more_horiz
[Registry - Additional Scans - Safe List]
< Disabled MSConfig Folder Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\ ->
C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk -> Reg Error: Value error. -> File not found
C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk -> Reg Error: Value error. -> File not found
< Disabled MSConfig Registry Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ ->
Adobe Reader Speed Launcher hkey=HKLM key=Run -> C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe -> [2009/12/18 09:58:00 | 000,040,368 | ---- | M] (Adobe Systems Incorporated)
Dell QuickSet hkey=HKLM key=Run -> C:\Program Files\Dell\QuickSet\quickset.exe -> [2007/07/03 13:57:38 | 001,228,800 | ---- | M] (Dell Inc.)
DELL Webcam Manager hkey=HKLM key=Run -> C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe -> [2007/07/27 16:43:34 | 000,118,784 | ---- | M] (Creative Technology Ltd.)
DellSupportCenter hkey=HKLM key=Run -> C:\Program Files\Dell Support Center\bin\sprtcmd.exe -> [2009/05/21 11:13:58 | 000,206,064 | ---- | M] (SupportSoft, Inc.)
PCMService hkey=HKLM key=Run -> C:\Program Files\Dell\MediaDirect\PCMService.exe -> [2007/11/01 15:39:28 | 000,189,736 | ---- | M] (CyberLink Corp.)
< Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 ->
"msacm.iac2" -> C:\WINDOWS\system32\iac25_32.ax [C:\WINDOWS\system32\iac25_32.ax] -> [2008/04/13 19:12:42 | 000,199,680 | ---- | M] (Intel Corporation)
"msacm.l3acm" -> C:\WINDOWS\system32\l3codeca.acm [C:\WINDOWS\system32\l3codeca.acm] -> [2008/04/13 19:09:57 | 000,290,816 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS)
"msacm.sl_anet" -> C:\WINDOWS\System32\sl_anet.acm [sl_anet.acm] -> [2008/04/13 19:10:50 | 000,086,016 | ---- | M] (Sipro Lab Telecom Inc.)
"msacm.trspch" -> C:\WINDOWS\System32\tssoft32.acm [tssoft32.acm] -> [2004/08/04 05:00:00 | 000,008,192 | ---- | M] (DSP GROUP, INC.)
"MSVideo8" -> C:\WINDOWS\System32\vfwwdm32.dll [VfWWDM32.dll] -> [2008/04/13 19:12:08 | 000,053,760 | ---- | M] (Microsoft Corporation)
"vidc.cvid" -> C:\WINDOWS\System32\iccvid.dll [iccvid.dll] -> [2008/04/13 19:11:54 | 000,080,384 | ---- | M] (Radius Inc.)
"vidc.DIVX" -> C:\WINDOWS\System32\DivX.dll [DivX.dll] -> [2008/11/06 11:33:52 | 000,684,032 | ---- | M] (DivX, Inc.)
"vidc.iv31" -> C:\WINDOWS\System32\ir32_32.dll [ir32_32.dll] -> [2004/08/04 05:00:00 | 000,199,168 | ---- | M] ()
"vidc.iv32" -> C:\WINDOWS\System32\ir32_32.dll [ir32_32.dll] -> [2004/08/04 05:00:00 | 000,199,168 | ---- | M] ()
"vidc.iv41" -> C:\WINDOWS\System32\ir41_32.ax [ir41_32.ax] -> [2008/04/13 19:12:42 | 000,848,384 | ---- | M] (Intel Corporation)
"vidc.iv50" -> C:\WINDOWS\System32\ir50_32.dll [ir50_32.dll] -> [2008/04/13 19:11:55 | 000,755,200 | ---- | M] (Intel Corporation)
"vidc.yv12" -> C:\WINDOWS\System32\DivX.dll [DivX.dll] -> [2008/11/06 11:33:52 | 000,684,032 | ---- | M] (DivX, Inc.)
< Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ ->
{01010E00-5E80-11D8-9E86-0007E96C65AE} [HKLM] -> C:\Program Files\Common Files\supportsoft\bin\tgctlsi.dll [SupportSoft SmartIssue] -> [2009/05/21 11:14:12 | 001,103,144 | ---- | M] (SupportSoft, Inc.)
{01011300-5E80-11D8-9E86-0007E96C65AE} [HKLM] -> C:\Program Files\Common Files\supportsoft\bin\sdcnetcheck.dll [SdcNetCheckCtl Class] -> [2009/05/21 11:14:10 | 000,386,344 | ---- | M] (SupportSoft, Inc.)
{01012101-5E80-11D8-9E86-0007E96C65AE} [HKLM] -> C:\Program Files\Common Files\supportsoft\bin\tgctlsr.dll [SupportSoft script Runner Class] -> [2009/05/21 11:14:12 | 000,599,336 | ---- | M] (SupportSoft, Inc.)
{01113300-3E00-11D2-8470-0060089874ED} [HKLM] -> C:\Program Files\Common Files\supportsoft\bin\tgctlcm.dll [Support.com Configuration Class] -> [2009/05/21 11:14:10 | 000,296,232 | ---- | M] (SupportSoft, Inc.)
{01118D00-3E00-11D2-8470-0060089874ED} [HKLM] -> C:\Program Files\Common Files\supportsoft\bin\tgctlpw.dll [SupportSoft Password Reset Class] -> [2008/03/11 12:44:54 | 000,284,200 | ---- | M] (SupportSoft, Inc.)
{01119000-3E00-11D2-8470-0060089874ED} [HKLM] -> C:\Program Files\Common Files\supportsoft\bin\ssmail.dll [SdcMail Class] -> [2008/03/11 12:44:54 | 000,661,032 | ---- | M] (SupportSoft, Inc.)
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2008/11/04 11:31:14 | 000,779,568 | ---- | M] (Apple Inc.)
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2008/11/04 11:31:14 | 000,779,568 | ---- | M] (Apple Inc.)
{5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files\Java\jre6\bin\wsdetect.dll [isInstalled Class] -> [2010/03/11 14:56:26 | 000,102,400 | ---- | M] (Sun Microsystems, Inc.)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_17.dll [Java Plug-in 1.6.0_17] -> [2010/03/11 14:56:25 | 000,136,992 | ---- | M] (Sun Microsystems, Inc.)
{CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2009/12/18 03:17:36 | 000,632,240 | ---- | M] (Adobe Systems, Inc.)
{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} [HKLM] -> C:\Program Files\Java\jre1.5.0_17\bin\NPJPI150_17.dll [Java Plug-in 1.5.0_17] -> [2008/11/10 04:47:29 | 000,075,272 | ---- | M] (Sun Microsystems, Inc.)
{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB} [HKLM] -> C:\Program Files\Java\jre1.5.0_17\bin\NPJPI150_17.dll [Java Plug-in 1.5.0_17
{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre1.5.0_17\bin\NPJPI150_17.dll [Java Plug-in 1.5.0_17] -> [2008/11/10 04:47:29 | 000,075,272 | ---- | M] (Sun Microsystems, Inc.)
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_17.dll [Java Plug-in 1.6.0_17] -> [2010/03/11 14:56:25 | 000,136,992 | ---- | M] (Sun Microsystems, Inc.)
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_17.dll [Java Plug-in 1.6.0_17] -> [2010/03/11 14:56:25 | 000,136,992 | ---- | M] (Sun Microsystems, Inc.)
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_17.dll [Java Plug-in 1.6.0_17] -> [2010/03/11 14:56:25 | 000,136,992 | ---- | M] (Sun Microsystems, Inc.)
{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} [HKLM] -> C:\WINDOWS\system32\deploytk.dll [Deployment Toolkit] -> [2010/03/11 14:56:22 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.)
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CB927D12-4FF7-4A9E-A169-56E4B8A75598} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [Behavior Object] -> [2008/11/04 11:31:14 | 000,779,568 | ---- | M] (Apple Inc.)
{CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx [Shockwave Flash Object] -> [2009/10/27 22:31:12 | 003,982,240 | R--- | M] (Adobe Systems, Inc.)
{D719897A-B07A-4C0C-AEA9-9B663A28DFCB} [HKLM] -> C:\Program Files\iTunes\ITDetector.ocx [iTunesDetector Class] -> [2008/11/20 14:20:44 | 000,111,912 | ---- | M] (Apple Inc.)
< Ext (Settings) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\ ->
{01A88BB1-1174-41EC-ACCB-963509EAE56B} [HKLM] -> C:\WINDOWS\system32\Dell\SystemProfiler\SysPro.ocx [SysProWmi Class] -> [2003/01/23 14:23:18 | 000,086,016 | ---- | M] (Dell Computer Corp.)
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2009/12/18 03:16:54 | 000,061,888 | ---- | M] (Adobe Systems Incorporated)
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} [HKLM] -> C:\Program Files\Lexmark Toolbar\toolband.dll [Lexmark Toolbar] -> [2009/05/06 09:03:44 | 000,372,736 | ---- | M] ()
{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{724D43A0-0D85-11D4-9908-00400523E39A} [HKLM] -> C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [&RoboForm] -> [2009/10/17 20:08:45 | 005,976,904 | ---- | M] (Siber Systems Inc.)
{724D43A9-0D85-11D4-9908-00400523E39A} [HKLM] -> C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [Reg Error: Value error.] -> [2009/10/17 20:08:45 | 005,976,904 | ---- | M] (Siber Systems Inc.)
{73779860-6F88-4D8C-9DAB-30583B9BAAC3} [HKLM] -> C:\WINDOWS\Downloaded Program Files\FileProInet2.ocx [FileProInet2.ImageView] -> [2006/07/05 15:25:38 | 000,487,424 | ---- | M] ()
{7530BFB8-7293-4D34-9923-61A11451AFC5} [HKLM] -> C:\Program Files\ESET\ESET Online Scanner\OnlineScanner.ocx [OnlineScanner Control] -> [2009/10/26 15:45:44 | 003,356,232 | ---- | M] (Eset)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_17.dll [Java Plug-in 1.6.0_17] -> [2010/03/11 14:56:25 | 000,136,992 | ---- | M] (Sun Microsystems, Inc.)
{AA58ED58-01DD-4D91-8333-CF10577473F7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{BDD307C3-7BC0-4542-9F8F-A9611FE6C1BF} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{CA6319C0-31B7-401E-A518-A07C3DB8F777} [HKLM] -> C:\Program Files\Dell\BAE\BAE.dll [CBrowserHelperObject Object] -> [2006/11/09 09:56:48 | 000,098,304 | ---- | M] (Dell Inc.)
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx [Shockwave Flash Object] -> [2009/10/27 22:31:12 | 003,982,240 | R--- | M] (Adobe Systems, Inc.)
{D2C5E510-BE6D-42CC-9F61-E4F939078474} [HKLM] -> C:\Program Files\Lexmark Printable Web\bho.dll [Lexmark Printable Web] -> [2008/09/10 04:57:03 | 000,180,224 | ---- | M] ()
< Ext (Stats) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\ ->
{00024512-0000-0000-C000-000000000046} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\REFEDIT.DLL [RefEdit.Ctrl] -> [2003/05/08 21:54:00 | 000,077,824 | ---- | M] (Microsoft Corporation)
{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{01A88BB1-1174-41EC-ACCB-963509EAE56B} [HKLM] -> C:\WINDOWS\system32\Dell\SystemProfiler\SysPro.ocx [SysProWmi Class] -> [2003/01/23 14:23:18 | 000,086,016 | ---- | M] (Dell Computer Corp.)
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2008/11/04 11:31:14 | 000,779,568 | ---- | M] (Apple Inc.)
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2009/12/18 03:16:54 | 000,061,888 | ---- | M] (Adobe Systems Incorporated)
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> Reg Error: Key error. [Reg Error: Value error.] -> File not found
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} [HKLM] -> C:\Program Files\Lexmark Toolbar\toolband.dll [Lexmark Toolbar] -> [2009/05/06 09:03:44 | 000,372,736 | ---- | M] ()
{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx [DHTML Edit Control Safe for scripting for IE5] -> [2009/07/27 17:27:12 | 000,128,512 | ---- | M] (Microsoft Corporation)
{31435657-9980-0010-8000-00AA00389B71} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{320AF880-6646-11D3-ABEE-C5DBF3571F46} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{320AF880-6646-11D3-ABEE-C5DBF3571F49} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{38481807-CA0E-42D2-BF39-B33AF135CC4D} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\Smart Tag\IETAG.DLL [IETag Factory] -> [2003/07/14 22:53:50 | 000,161,336 | ---- | M] (Microsoft Corporation)
{3A65891C-3794-43E5-89C8-20CCD19902CE} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2008/11/04 11:31:14 | 000,779,568 | ---- | M] (Apple Inc.)
{4453D895-F2A1-4A38-A285-1EF9BD3F6D5D} [HKLM] -> C:\Program Files\Microsoft Office\OFFICE11\AUTHZAX.DLL [Microsoft Office Control] -> [2003/07/14 22:57:34 | 000,038,968 | ---- | M] (Microsoft Corporation)
{67DABFBF-D0AB-41FA-9C46-CC0F21721616} [HKLM] -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [DivXBrowserPlugin Object] -> [2008/11/06 11:33:48 | 001,332,224 | ---- | M] (DivX,Inc.)
{724D43A0-0D85-11D4-9908-00400523E39A} [HKLM] -> C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [&RoboForm] -> [2009/10/17 20:08:45 | 005,976,904 | ---- | M] (Siber Systems Inc.)
{724D43A9-0D85-11D4-9908-00400523E39A} [HKLM] -> C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [Reg Error: Value error.] -> [2009/10/17 20:08:45 | 005,976,904 | ---- | M] (Siber Systems Inc.)
{724D43AA-0D85-11D4-9908-00400523E39A} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{73779860-6F88-4D8C-9DAB-30583B9BAAC3} [HKLM] -> C:\WINDOWS\Downloaded Program Files\FileProInet2.ocx [FileProInet2.ImageView] -> [2006/07/05 15:25:38 | 000,487,424 | ---- | M] ()
{7530BFB8-7293-4D34-9923-61A11451AFC5} [HKLM] -> C:\Program Files\ESET\ESET Online Scanner\OnlineScanner.ocx [OnlineScanner Control] -> [2009/10/26 15:45:44 | 003,356,232 | ---- | M] (Eset)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{88D969E5-F192-11D4-A65F-0040963251E5} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll [XML DOM Document 5.0] -> [2006/10/26 13:41:16 | 001,422,088 | ---- | M] (Microsoft Corporation)
{88D969E6-F192-11D4-A65F-0040963251E5} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll [Free Threaded XML DOM Document 5.0] -> [2006/10/26 13:41:16 | 001,422,088 | ---- | M] (Microsoft Corporation)
{88D969E8-F192-11D4-A65F-0040963251E5} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll [XSL Template 5.0] -> [2006/10/26 13:41:16 | 001,422,088 | ---- | M] (Microsoft Corporation)
{88D969EA-F192-11D4-A65F-0040963251E5} [HKLM] -> C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll [XML HTTP 5.0] -> [2006/10/26 13:41:16 | 001,422,088 | ---- | M] (Microsoft Corporation)
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre6\bin\npjpi160_17.dll [Java Plug-in 1.6.0_17] -> [2010/03/11 14:56:25 | 000,136,992 | ---- | M] (Sun Microsystems, Inc.)
{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{AA58ED58-01DD-4D91-8333-CF10577473F7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{BD96C556-65A3-11D0-983A-00C04FC29E36} [HKLM] -> C:\Program Files\Common Files\System\msadc\msadco.dll [RDS.DataSpace] -> [2008/04/13 19:11:58 | 000,143,360 | ---- | M] (Microsoft Corporation)
{CA6319C0-31B7-401E-A518-A07C3DB8F777} [HKLM] -> C:\Program Files\Dell\BAE\BAE.dll [CBrowserHelperObject Object] -> [2006/11/09 09:56:48 | 000,098,304 | ---- | M] (Dell Inc.)
{CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2009/12/18 03:17:36 | 000,632,240 | ---- | M] (Adobe Systems, Inc.)
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx [Shockwave Flash Object] -> [2009/10/27 22:31:12 | 003,982,240 | R--- | M] (Adobe Systems, Inc.)
{D2C5E510-BE6D-42CC-9F61-E4F939078474} [HKLM] -> C:\Program Files\Lexmark Printable Web\bho.dll [Lexmark Printable Web] -> [2008/09/10 04:57:03 | 000,180,224 | ---- | M] ()
{D719897A-B07A-4C0C-AEA9-9B663A28DFCB} [HKLM] -> C:\Program Files\iTunes\ITDetector.ocx [iTunesDetector Class] -> [2008/11/20 14:20:44 | 000,111,912 | ---- | M] (Apple Inc.)
{DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} [HKLM] -> C:\Program Files\QuickTime\QTSystem\QuickTimeCheck.ocx [QuickTimeCheck Class] -> [2008/11/04 11:31:14 | 000,116,016 | ---- | M] (Apple Inc.)
{E2E2DD38-D088-4134-82B7-F2BA38496583} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{e3e02f12-2adb-478c-8742-5f0819f9f0f4} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{e473a65c-8087-49a3-affd-c5bc4a10669b} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{FB5F1910-F110-11D2-BB9E-00C04F795683} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{fc345d4c-b8f4-4674-bff7-3c37d2e535ee} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
{fd6484ed-ebe3-4c3d-938a-8238003b41b7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ ->
.bat [@ = batfile] -> "%1" %* ->
.cmd [@ = cmdfile] -> "%1" %* ->
.com [@ = ComFile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
.pif [@ = piffile] -> "%1" %* ->
.scr [@ = scrfile] -> "%1" /S ->
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> ->
*netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs ->
6to4 -> -> File not found
Ias -> C:\WINDOWS\system32\ias -> [2004/08/10 12:52:56 | 000,000,000 | ---D | M]
Iprip -> -> File not found
Irmon -> -> File not found
NWCWorkstation -> -> File not found
Nwsapagent -> -> File not found
Wmi -> C:\WINDOWS\system32\wmi.dll -> [2008/04/13 19:11:15 | 000,005,632 | ---- | M] (Microsoft Corporation)
WmdmPmSp -> -> File not found
*MultiFile Done* -> ->
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
< SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ ->
{36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
{4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
{4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
{4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
{4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
{4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
{4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
{4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
{4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
{4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
{4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
{533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy
{71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
Base -> Driver Group
Boot Bus Extender -> Driver Group
Boot file system -> Driver Group
File system -> Driver Group
Filter -> Driver Group
PCI Configuration -> Driver Group
PNP Filter -> Driver Group
Primary disk -> Driver Group
SCSI Class -> Driver Group
sdauxservice -> Reg Error: Value error.
sdcoreservice -> -> File not found
sermouse.sys -> Driver
System Bus Extender -> Driver Group
vds -> Service
vga.sys -> Driver
WdfLoadGroup ->
< SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ ->
{36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers
{4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive
{4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive
{4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller
{4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc
{4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard
{4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse
{4D36E972-E325-11CE-BFC1-08002BE10318} -> Net
{4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient
{4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService
{4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans
{4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters
{4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter
{4D36E97D-E325-11CE-BFC1-08002BE10318} -> System
{4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive
{71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume
{745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices
Base -> Driver Group
Boot Bus Extender -> Driver Group
Boot file system -> Driver Group
File system -> Driver Group
Filter -> Driver Group
MpfService -> Service
NDIS Wrapper -> Driver Group
NetBIOSGroup -> Driver Group
NetDDEGroup -> Driver Group
Network -> Driver Group
NetworkProvider -> Driver Group
PCI Configuration -> Driver Group
PNP Filter -> Driver Group
PNP_TDI -> Driver Group
Primary disk -> Driver Group
SCSI Class -> Driver Group
sdauxservice -> Reg Error: Value error.
sdcoreservice -> -> File not found
sermouse.sys -> Driver
Streams Drivers -> Driver Group
System Bus Extender -> Driver Group
TDI -> Driver Group
vga.sys -> Driver
WdfLoadGroup ->
< Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
\\"FirstRunDisabled" -> [1] -> File not found
\\"UpdatesDisableNotify" -> [0] -> File not found
\\"AntiVirusOverride" -> [0] -> File not found
\\"FirewallOverride" -> [0] -> File not found
\\"AntiVirusDisableNotify" -> [0] -> File not found
\\"FirewallDisableNotify" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
\\"EnableFirewall" -> [1] -> File not found
\\"DoNotAllowExceptions" -> [0] -> File not found
\\"DisableNotifications" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> ->
< Default Protocols [HKEY_USERS\S-1-5-19\] - Select to Repair > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
@ivt -> @ivt protocol not assigned ->
file -> file protocol not assigned ->
ftp -> ftp protocol not assigned ->
http -> http protocol not assigned ->
https -> https protocol not assigned ->
shell -> shell protocol not assigned ->
< Default Protocols [HKEY_USERS\S-1-5-20\] - Select to Repair > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
@ivt -> @ivt protocol not assigned ->
file -> file protocol not assigned ->
ftp -> ftp protocol not assigned ->
http -> http protocol not assigned ->
https -> https protocol not assigned ->
shell -> shell protocol not assigned ->
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
{08E81ABD-79F7-49C2-881F-FD6CB0975693} -> Roxio Creator Data
{09760D42-E223-42AD-8C3E-55B47D0DDAC3} -> Roxio Creator DE
{0C826C5B-B131-423A-A229-C71B3CACCD6A} -> CDDRV_Installer
{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B} -> Microsoft Plus! Photo Story 2 LE
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} -> Lexmark Toolbar
{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4} -> Roxio Creator Tools
{26A24AE4-039D-4CA4-87B4-2F83216017FF} -> Java(TM) 6 Update 17
{30465B6C-B53F-49A1-9EBA-A3F187AD502E} -> Roxio Update Manager
{3101CB58-3482-4D21-AF1A-7057FC935355} -> KhalInstallWrapper
{318AB667-3230-41B5-A617-CB3BF748D371} -> iTunes
{3248F0A8-6813-11D6-A77B-00B0D0150170} -> J2SE Runtime Environment 5.0 Update 17
{33BB4982-DC52-4886-A03B-F4C5C80BEE89} -> Windows Media Player 10
{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} -> WebFldrs XP
{3F92ABBB-6BBF-11D5-B229-002078017FBF} -> NetWaiting
{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED} -> Dell DataSafe Online
{5809E7CF-4DCF-11D4-9875-00105ACE7734} -> Logitech MouseWare 9.79.1
{595D0DE8-C38A-4432-B851-47DECC1A99BD} -> HP Unload DLL Patch
{62230596-37E5-4618-A329-0D21F529A86F} -> Browser Address Error Redirector
{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} -> Roxio Express Labeler 3
{6956856F-B6B3-4BE0-BA0B-8F495BE32033} -> Apple Software Update
{6E45BA47-383C-4C1E-8ED0-0D4845C293D7} -> Microsoft Plus! Digital Media Edition Installer
{7299052b-02a4-4627-81f2-1818da5d550d} -> Microsoft Visual C++ 2005 Redistributable
{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83} -> Roxio Creator Audio
{74F7662C-B1DB-489E-A8AC-07A06B24978B} -> Dell System Restore
{767CC44C-9BBC-438D-BAD3-FD4595DD148B} -> VC80CRTRedist - 8.0.50727.762
{7B63B2922B174135AFC0E1377DD81EC2} -> DivX Codec
{8ADFC4160D694100B5B8A22DE9DCABD9} -> DivX Player
{90120000-0020-0409-0000-0000000FF1CE} -> Compatibility Pack for the 2007 Office system
{91120409-6000-11D3-8CFE-0150048383C9} -> Microsoft Office Standard Edition 2003
{94824ADD-8F26-43D2-84DB-22E11F377E5E} -> Microsoft English TTS Engine
{95120000-00AF-0409-0000-0000000FF1CE} -> Microsoft Office PowerPoint Viewer 2007 (English)
{97D0C0A1-7E64-4B05-A2EE-61D2CE23F154} -> TTS Wrapper
{9BDEF074-020E-458D-ADC5-8FF68E0C9B56} -> OutlookAddinSetup
{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745} -> MediaDirect
{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} -> Microsoft .NET Framework 3.0 Service Pack 2
{AC76BA86-7AD7-1033-7B44-A82000000003} -> Adobe Reader 8.2.1
{AC76BA86-7AD7-5464-3428-800000000003} -> Spelling Dictionaries Support For Adobe Reader 8
{B0DF58A2-40DF-4465-AA56-38623EC9938C} -> Documentation & Support Launcher
{B13A7C41581B411290FBC0395694E2A9} -> DivX Converter
{B6884A07-0305-47AE-9969-8F26FADC17DE} -> Games, Music, & Photos Launcher
{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD} -> Roxio Creator Copy
{B7050CBDB2504B34BC2A9CA0A692CC29} -> DivX Web Player
{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} -> Microsoft .NET Framework 2.0 Service Pack 2
{C5074CC4-0E26-4716-A307-960272A90040} -> QuickSet
{C82185E8-C27B-4EF4-2007-4444BC2C2B6D} -> Microsoft Streets & Trips 2007 with GPS Locator
{C99C0593-3B48-41D9-B42F-6E035B320449} -> Broadcom Management Programs
{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} -> Microsoft .NET Framework 1.1
{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} -> SUPERAntiSpyware Free Edition
{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} -> Microsoft .NET Framework 3.5 SP1
{D1B5E9C8-4CCF-44E3-87D6-7C00D7DA5370} -> IntelliSonic Speech Enhancement
{D2C5E510-BE6D-42CC-9F61-E4F939078474} -> Lexmark Printable Web
{E3BFEE55-39E2-4BE0-B966-89FE583822C1} -> Dell Support Center (Support Software)
{E93E5EF6-D361-481E-849D-F16EF5C78EBC} -> Musicmatch for Windows Media Player
{EC4455AB-F155-4CC1-A4C5-88F3777F9886} -> Apple Mobile Device Support
{ED439A64-F018-4DD4-8BA5-328D85AB09AB} -> Roxio Creator DE
{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E} -> Logitech SetPoint
{F63A3748-B93D-4360-9AD4-B064481A5C7B} -> Modem Diagnostic Tool
{F958CA02-BB40-4007-894B-258729456EE4} -> QuickTime
{FB91E774-867B-4567-ACE7-8144EF036068} -> Olympus Digital Wave Player

Last edited by rjuneau on 27th March 2010, 7:51 pm; edited 2 times in total (Reason for editing : too long)

descriptionMy PC is slower & slower EmptyOTS Log Part 327th March 2010, 7:53 pm

more_horiz
Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX
Advanced Audio FX Engine -> Advanced Audio FX Engine
Advanced Video FX Engine -> Advanced Video FX Engine
AI RoboForm -> AI RoboForm (All Users)
avast! -> avast! Antivirus
Broadcom 802.11b Network Adapter -> Dell Wireless WLAN Card
CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F -> Conexant HDA D330 MDC V.92 Modem
Dell Webcam Center -> Dell Webcam Center
Dell Webcam Manager -> Dell Webcam Manager
DivX Plus DirectShow Filters -> DivX Plus DirectShow Filters
DTCLookup -> DTCLookup
ESET Online Scanner -> ESET Online Scanner v3
HDMI -> Intel(R) Graphics Media Accelerator Driver
IDNMitigationAPIs -> Microsoft Internationalized Domain Names Mitigation APIs
ie7 -> Windows Internet Explorer 7
ie8 -> Windows Internet Explorer 8
Lexmark 5600-6600 Series -> Lexmark 5600-6600 Series
Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1 (1033) -> Microsoft .NET Framework 1.1
Microsoft .NET Framework 3.5 SP1 -> Microsoft .NET Framework 3.5 SP1
MSCompPackV1 -> Microsoft Compression Client Pack 1.0 for Windows XP
NLSDownlevelMapping -> Microsoft National Language Support Downlevel APIs
SearchAssist -> SearchAssist
Spyware Doctor -> Spyware Doctor 6.0
SynTPDeinstKey -> Dell Touchpad
Wdf01005 -> Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Windows Media Format Runtime -> Windows Media Format 11 runtime
Windows Media Player -> Windows Media Player 11
Windows XP Service Pack -> Windows XP Service Pack 3
WMFDist11 -> Windows Media Format 11 runtime
wmp11 -> Windows Media Player 11
Wudf01000 -> Microsoft User-Mode Driver Framework Feature Pack 1.0
< Uninstall List [HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\] > -> HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
Move Media Player -> Move Media Player
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Application [ Error ] 3/16/2010 12:41:34 AM Computer Name = RICK-NEW | Source = Application Hang | ID = 1002 -> Description = Hanging application OUTLOOK.EXE, version 11.0.5510.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Application [ Error ] 3/17/2010 1:17:26 AM Computer Name = RICK-NEW | Source = Application Hang | ID = 1002 -> Description = Hanging application OUTLOOK.EXE, version 11.0.5510.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Application [ Error ] 3/17/2010 1:22:05 AM Computer Name = RICK-NEW | Source = Application Hang | ID = 1002 -> Description = Hanging application OUTLOOK.EXE, version 11.0.5510.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Application [ Error ] 3/17/2010 1:22:26 AM Computer Name = RICK-NEW | Source = Application Hang | ID = 1002 -> Description = Hanging application OUTLOOK.EXE, version 11.0.5510.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Application [ Error ] 3/17/2010 1:43:36 AM Computer Name = RICK-NEW | Source = Application Hang | ID = 1002 -> Description = Hanging application OUTLOOK.EXE, version 11.0.5510.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Application [ Error ] 3/17/2010 2:04:13 AM Computer Name = RICK-NEW | Source = Application Hang | ID = 1002 -> Description = Hanging application ashSimpl.exe, version 4.8.1367.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Application [ Error ] 3/17/2010 2:06:38 AM Computer Name = RICK-NEW | Source = Application Hang | ID = 1002 -> Description = Hanging application OUTLOOK.EXE, version 11.0.5510.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Application [ Error ] 3/17/2010 10:58:06 PM Computer Name = RICK-NEW | Source = Application Hang | ID = 1002 -> Description = Hanging application OUTLOOK.EXE, version 11.0.5510.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Application [ Error ] 3/17/2010 10:58:25 PM Computer Name = RICK-NEW | Source = Application Hang | ID = 1002 -> Description = Hanging application OUTLOOK.EXE, version 11.0.5510.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Application [ Error ] 3/17/2010 11:09:46 PM Computer Name = RICK-NEW | Source = Application Hang | ID = 1002 -> Description = Hanging application OUTLOOK.EXE, version 11.0.5510.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
System [ Error ] 3/17/2010 11:07:13 PM Computer Name = RICK-NEW | Source = Service Control Manager | ID = 7001 -> Description = The Computer Browser service depends on the Server service which failed to start because of the following error: %%1070
System [ Error ] 3/17/2010 11:10:38 PM Computer Name = RICK-NEW | Source = Service Control Manager | ID = 7022 -> Description = The Fax service hung on starting.
System [ Error ] 3/17/2010 11:26:17 PM Computer Name = RICK-NEW | Source = Service Control Manager | ID = 7022 -> Description = The Fax service hung on starting.
System [ Error ] 3/17/2010 11:40:25 PM Computer Name = RICK-NEW | Source = Service Control Manager | ID = 7022 -> Description = The Server service hung on starting.
System [ Error ] 3/17/2010 11:40:25 PM Computer Name = RICK-NEW | Source = Service Control Manager | ID = 7001 -> Description = The Computer Browser service depends on the Server service which failed to start because of the following error: %%1070
System [ Error ] 3/18/2010 12:52:51 AM Computer Name = RICK-NEW | Source = sr | ID = 1 -> Description = The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
System [ Error ] 3/18/2010 12:55:11 AM Computer Name = RICK-NEW | Source = Service Control Manager | ID = 7022 -> Description = The Fax service hung on starting.
System [ Error ] 3/18/2010 1:09:12 AM Computer Name = RICK-NEW | Source = Service Control Manager | ID = 7022 -> Description = The Server service hung on starting.
System [ Error ] 3/18/2010 1:09:12 AM Computer Name = RICK-NEW | Source = Service Control Manager | ID = 7001 -> Description = The Computer Browser service depends on the Server service which failed to start because of the following error: %%1070
System [ Error ] 3/18/2010 1:09:12 AM Computer Name = RICK-NEW | Source = Service Control Manager | ID = 7026 -> Description = The following boot-start or system-start driver(s) failed to load: iaStor
TuneUp [ Error ] 8/13/2009 6:29:54 PM Computer Name = RICK-NEW | Source = TuneUp Program Statistics | ID = 131840 -> Description =
TuneUp [ Error ] 8/13/2009 6:30:14 PM Computer Name = RICK-NEW | Source = TuneUp Program Statistics | ID = 131840 -> Description =
TuneUp [ Error ] 8/13/2009 6:30:59 PM Computer Name = RICK-NEW | Source = TuneUp Program Statistics | ID = 131840 -> Description =
TuneUp [ Error ] 8/13/2009 6:31:04 PM Computer Name = RICK-NEW | Source = TuneUp Program Statistics | ID = 131840 -> Description =
TuneUp [ Error ] 8/13/2009 6:31:19 PM Computer Name = RICK-NEW | Source = TuneUp Program Statistics | ID = 131840 -> Description =
TuneUp [ Error ] 8/14/2009 3:10:44 PM Computer Name = RICK-NEW | Source = TuneUp Program Statistics | ID = 131840 -> Description =
TuneUp [ Error ] 8/14/2009 3:24:41 PM Computer Name = RICK-NEW | Source = TuneUp Program Statistics | ID = 131840 -> Description =
TuneUp [ Error ] 8/14/2009 3:26:30 PM Computer Name = RICK-NEW | Source = TuneUp Program Statistics | ID = 131840 -> Description =
TuneUp [ Error ] 8/14/2009 3:26:55 PM Computer Name = RICK-NEW | Source = TuneUp Program Statistics | ID = 131840 -> Description =
TuneUp [ Error ] 8/14/2009 3:26:55 PM Computer Name = RICK-NEW | Source = TuneUp Program Statistics | ID = 131840 -> Description =

[Files/Folders - Created Within 90 Days]
OTS.exe -> C:\Documents and Settings\Rick\Desktop\OTS.exe -> [2010/03/21 08:35:14 | 000,637,440 | ---- | C] (OldTimer Tools)
ESET -> C:\Program Files\ESET -> [2010/03/19 17:58:35 | 000,000,000 | ---D | C]
SWXCACLS.exe -> C:\WINDOWS\SWXCACLS.exe -> [2010/03/17 11:42:14 | 000,212,480 | ---- | C] (SteelWerX)
SWREG.exe -> C:\WINDOWS\SWREG.exe -> [2010/03/17 11:42:14 | 000,161,792 | ---- | C] (SteelWerX)
SWSC.exe -> C:\WINDOWS\SWSC.exe -> [2010/03/17 11:42:14 | 000,136,704 | ---- | C] (SteelWerX)
NIRCMD.exe -> C:\WINDOWS\NIRCMD.exe -> [2010/03/17 11:42:14 | 000,031,232 | ---- | C] (NirSoft)
Qoobox -> C:\Qoobox -> [2010/03/17 11:41:54 | 000,000,000 | ---D | C]
HijackThis -> C:\Program Files\HijackThis -> [2010/03/17 01:17:02 | 000,000,000 | ---D | C]
deploytk.dll -> C:\WINDOWS\System32\deploytk.dll -> [2010/03/11 14:56:37 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.)
javaws.exe -> C:\WINDOWS\System32\javaws.exe -> [2010/03/11 14:56:37 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.)
javaw.exe -> C:\WINDOWS\System32\javaw.exe -> [2010/03/11 14:56:37 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.)
java.exe -> C:\WINDOWS\System32\java.exe -> [2010/03/11 14:56:37 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.)
javacpl.cpl -> C:\WINDOWS\System32\javacpl.cpl -> [2010/03/11 14:56:37 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.)
sqltp28.dll -> C:\WINDOWS\System32\sqltp28.dll -> [2009/12/28 14:23:21 | 000,335,872 | ---- | C] (EzTools Software Corporation)
sqlt28_8859_1m.dll -> C:\WINDOWS\System32\sqlt28_8859_1m.dll -> [2009/12/28 14:23:21 | 000,266,240 | ---- | C] (EzTools Software)
vbar332.dll -> C:\WINDOWS\System32\vbar332.dll -> [2009/12/28 14:23:20 | 000,368,912 | ---- | C] (Microsoft Corporation)
xadb7.ocx -> C:\WINDOWS\System32\xadb7.ocx -> [2009/12/28 14:23:20 | 000,106,496 | ---- | C] (ComponentOne LLC)
DTCLookup -> C:\Program Files\DTCLookup -> [2009/12/28 14:23:20 | 000,000,000 | ---D | C]
COMDLG32.OCX -> C:\WINDOWS\System32\COMDLG32.OCX -> [2009/12/28 14:23:19 | 000,140,288 | ---- | C] (Microsoft Corporation)
Microsoft -> C:\Documents and Settings\LocalService\Application Data\Microsoft -> [2009/09/16 15:49:12 | 000,000,000 | --SD | M]
Microsoft -> C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft -> [2009/03/30 11:49:38 | 000,000,000 | ---D | M]
LXDUhcp.dll -> C:\WINDOWS\System32\LXDUhcp.dll -> [2009/01/25 20:13:27 | 000,438,272 | ---- | C] ( )
lxduinpa.dll -> C:\WINDOWS\System32\lxduinpa.dll -> [2009/01/25 20:13:27 | 000,364,544 | ---- | C] ( )
lxduserv.dll -> C:\WINDOWS\System32\lxduserv.dll -> [2009/01/25 20:13:26 | 001,069,056 | ---- | C] ( )
lxduusb1.dll -> C:\WINDOWS\System32\lxduusb1.dll -> [2009/01/25 20:13:26 | 000,851,968 | ---- | C] ( )
lxduiesc.dll -> C:\WINDOWS\System32\lxduiesc.dll -> [2009/01/25 20:13:26 | 000,339,968 | ---- | C] ( )
lxdupmui.dll -> C:\WINDOWS\System32\lxdupmui.dll -> [2009/01/25 20:13:25 | 000,651,264 | ---- | C] ( )
lxdulmpm.dll -> C:\WINDOWS\System32\lxdulmpm.dll -> [2009/01/25 20:13:25 | 000,577,536 | ---- | C] ( )
lxduhbn3.dll -> C:\WINDOWS\System32\lxduhbn3.dll -> [2009/01/25 20:13:24 | 000,679,936 | ---- | C] ( )
lxducomc.dll -> C:\WINDOWS\System32\lxducomc.dll -> [2009/01/25 20:13:22 | 000,765,952 | ---- | C] ( )
lxducomm.dll -> C:\WINDOWS\System32\lxducomm.dll -> [2009/01/25 20:13:22 | 000,376,832 | ---- | C] ( )
SupportSoft -> C:\Documents and Settings\NetworkService\Local Settings\Application Data\SupportSoft -> [2008/11/20 12:10:11 | 000,000,000 | ---D | M]
Apple -> C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple -> [2008/11/20 09:21:01 | 000,000,000 | ---D | M]
Microsoft -> C:\Documents and Settings\NetworkService\Application Data\Microsoft -> [2008/04/24 03:03:23 | 000,000,000 | --SD | M]
Microsoft -> C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft -> [2004/08/10 13:08:14 | 000,000,000 | ---D | M]
9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->
13 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp ->
1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp ->
1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->

[Files/Folders - Modified Within 90 Days]
OTS.exe -> C:\Documents and Settings\Rick\Desktop\OTS.exe -> [2010/03/21 08:35:16 | 000,637,440 | ---- | M] (OldTimer Tools)
Zeva.doc -> C:\Documents and Settings\Rick\My Documents\Zeva.doc -> [2010/03/19 13:34:01 | 000,125,952 | ---- | M] ()
PerfStringBackup.INI -> C:\WINDOWS\System32\PerfStringBackup.INI -> [2010/03/18 00:10:19 | 000,532,358 | ---- | M] ()
perfh009.dat -> C:\WINDOWS\System32\perfh009.dat -> [2010/03/18 00:10:19 | 000,448,566 | ---- | M] ()
perfc009.dat -> C:\WINDOWS\System32\perfc009.dat -> [2010/03/18 00:10:19 | 000,074,532 | ---- | M] ()
SA.DAT -> C:\WINDOWS\tasks\SA.DAT -> [2010/03/17 23:52:48 | 000,000,006 | -H-- | M] ()
bootstat.dat -> C:\WINDOWS\bootstat.dat -> [2010/03/17 23:52:39 | 000,002,048 | --S- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/03/17 23:52:37 | 1063,297,024 | -HS- | M] ()
ntuser.dat -> C:\Documents and Settings\Rick\ntuser.dat -> [2010/03/17 23:52:07 | 004,231,168 | ---- | M] ()
ntuser.ini -> C:\Documents and Settings\Rick\ntuser.ini -> [2010/03/17 23:51:56 | 000,000,178 | -HS- | M] ()
system.ini -> C:\WINDOWS\system.ini -> [2010/03/17 11:47:33 | 000,000,227 | ---- | M] ()
ComboFix.exe -> C:\Documents and Settings\Rick\Desktop\ComboFix.exe -> [2010/03/17 11:39:26 | 003,893,315 | R--- | M] ()
IconCache.db -> C:\Documents and Settings\Rick\Local Settings\Application Data\IconCache.db -> [2010/03/17 00:07:16 | 004,844,670 | -H-- | M] ()
javaws.exe -> C:\WINDOWS\System32\javaws.exe -> [2010/03/11 14:56:23 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.)
javaw.exe -> C:\WINDOWS\System32\javaw.exe -> [2010/03/11 14:56:23 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.)
java.exe -> C:\WINDOWS\System32\java.exe -> [2010/03/11 14:56:23 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.)
javacpl.cpl -> C:\WINDOWS\System32\javacpl.cpl -> [2010/03/11 14:56:23 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.)
deploytk.dll -> C:\WINDOWS\System32\deploytk.dll -> [2010/03/11 14:56:22 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.)
Streets & Trips.lnk -> C:\Documents and Settings\Rick\Desktop\Streets & Trips.lnk -> [2010/03/01 17:08:22 | 000,002,431 | ---- | M] ()
AppleSoftwareUpdate.job -> C:\WINDOWS\tasks\AppleSoftwareUpdate.job -> [2010/02/25 09:21:05 | 000,000,284 | ---- | M] ()
imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2010/02/24 01:10:05 | 000,001,374 | ---- | M] ()
Adobe Reader 8.lnk -> C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk -> [2010/02/18 11:53:42 | 000,001,729 | ---- | M] ()
System Restore (2).lnk -> C:\Documents and Settings\Rick\Desktop\System Restore (2).lnk -> [2010/02/11 14:01:30 | 000,001,598 | ---- | M] ()
wpa.dbl -> C:\WINDOWS\System32\wpa.dbl -> [2010/02/11 13:51:47 | 000,002,206 | ---- | M] ()
mbamswissarmy.sys -> C:\WINDOWS\System32\drivers\mbamswissarmy.sys -> [2010/01/07 16:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation)
mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2010/01/07 16:07:04 | 000,019,160 | ---- | M] (Malwarebytes Corporation)
srv.sys -> C:\WINDOWS\System32\dllcache\srv.sys -> [2009/12/31 11:50:03 | 000,353,792 | ---- | M] (Microsoft Corporation)
DTC Lookup.lnk -> C:\Documents and Settings\All Users\Desktop\DTC Lookup.lnk -> [2009/12/28 14:23:25 | 000,000,640 | ---- | M] ()
urlmon.dll -> C:\WINDOWS\System32\dllcache\urlmon.dll -> [2009/12/21 14:14:05 | 001,208,832 | ---- | M] (Microsoft Corporation)
wininet.dll -> C:\WINDOWS\System32\dllcache\wininet.dll -> [2009/12/21 14:14:05 | 000,916,480 | ---- | M] (Microsoft Corporation)
mshtml.dll -> C:\WINDOWS\System32\dllcache\mshtml.dll -> [2009/12/21 14:14:04 | 005,942,784 | ---- | M] (Microsoft Corporation)
occache.dll -> C:\WINDOWS\System32\dllcache\occache.dll -> [2009/12/21 14:14:04 | 000,206,848 | ---- | M] (Microsoft Corporation)
iertutil.dll -> C:\WINDOWS\System32\dllcache\iertutil.dll -> [2009/12/21 14:14:03 | 001,985,536 | ---- | M] (Microsoft Corporation)
inetcpl.cpl -> C:\WINDOWS\System32\inetcpl.cpl -> [2009/12/21 14:14:03 | 001,469,440 | ---- | M] (Microsoft Corporation)
inetcpl.cpl -> C:\WINDOWS\System32\dllcache\inetcpl.cpl -> [2009/12/21 14:14:03 | 001,469,440 | ---- | M] (Microsoft Corporation)
msfeeds.dll -> C:\WINDOWS\System32\msfeeds.dll -> [2009/12/21 14:14:03 | 000,594,432 | ---- | M] (Microsoft Corporation)
msfeeds.dll -> C:\WINDOWS\System32\dllcache\msfeeds.dll -> [2009/12/21 14:14:03 | 000,594,432 | ---- | M] (Microsoft Corporation)
iepeers.dll -> C:\WINDOWS\System32\iepeers.dll -> [2009/12/21 14:14:03 | 000,184,320 | ---- | M] (Microsoft Corporation)
iepeers.dll -> C:\WINDOWS\System32\dllcache\iepeers.dll -> [2009/12/21 14:14:03 | 000,184,320 | ---- | M] (Microsoft Corporation)
msfeedsbs.dll -> C:\WINDOWS\System32\msfeedsbs.dll -> [2009/12/21 14:14:03 | 000,055,296 | ---- | M] (Microsoft Corporation)
msfeedsbs.dll -> C:\WINDOWS\System32\dllcache\msfeedsbs.dll -> [2009/12/21 14:14:03 | 000,055,296 | ---- | M] (Microsoft Corporation)
jsproxy.dll -> C:\WINDOWS\System32\jsproxy.dll -> [2009/12/21 14:14:03 | 000,025,600 | ---- | M] (Microsoft Corporation)
jsproxy.dll -> C:\WINDOWS\System32\dllcache\jsproxy.dll -> [2009/12/21 14:14:03 | 000,025,600 | ---- | M] (Microsoft Corporation)
ieframe.dll -> C:\WINDOWS\System32\dllcache\ieframe.dll -> [2009/12/21 14:14:02 | 011,070,464 | ---- | M] (Microsoft Corporation)
iedkcs32.dll -> C:\WINDOWS\System32\iedkcs32.dll -> [2009/12/21 14:14:01 | 000,387,584 | ---- | M] (Microsoft Corporation)
iedkcs32.dll -> C:\WINDOWS\System32\dllcache\iedkcs32.dll -> [2009/12/21 14:14:01 | 000,387,584 | ---- | M] (Microsoft Corporation)
9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp ->
13 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp ->
1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp ->
1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp ->
1 C:\Documents and Settings\Rick\Local Settings\temp\*.tmp files -> C:\Documents and Settings\Rick\Local Settings\temp\*.tmp ->

[Files - No Company Name]
Zeva.doc -> C:\Documents and Settings\Rick\My Documents\Zeva.doc -> [2010/03/17 22:46:13 | 000,125,952 | ---- | C] ()
PEV.exe -> C:\WINDOWS\PEV.exe -> [2010/03/17 11:42:14 | 000,261,632 | ---- | C] ()
sed.exe -> C:\WINDOWS\sed.exe -> [2010/03/17 11:42:14 | 000,098,816 | ---- | C] ()
grep.exe -> C:\WINDOWS\grep.exe -> [2010/03/17 11:42:14 | 000,080,412 | ---- | C] ()
MBR.exe -> C:\WINDOWS\MBR.exe -> [2010/03/17 11:42:14 | 000,077,312 | ---- | C] ()
zip.exe -> C:\WINDOWS\zip.exe -> [2010/03/17 11:42:14 | 000,068,096 | ---- | C] ()
ComboFix.exe -> C:\Documents and Settings\Rick\Desktop\ComboFix.exe -> [2010/03/17 11:39:26 | 003,893,315 | R--- | C] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/02/11 14:20:34 | 1063,297,024 | -HS- | C] ()
ntuser.dat -> C:\Documents and Settings\Rick\ntuser.dat -> [2010/02/08 11:54:20 | 004,231,168 | ---- | C] ()
Adobe Reader 8.lnk -> C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk -> [2010/01/16 16:13:34 | 000,001,729 | ---- | C] ()
DTC Lookup.lnk -> C:\Documents and Settings\All Users\Desktop\DTC Lookup.lnk -> [2009/12/28 14:23:25 | 000,000,640 | ---- | C] ()
lxduvs.dll -> C:\WINDOWS\System32\lxduvs.dll -> [2009/01/25 20:18:00 | 000,040,960 | ---- | C] ()
lxducoin.dll -> C:\WINDOWS\System32\lxducoin.dll -> [2009/01/25 20:17:56 | 000,360,448 | ---- | C] ()
lxdudrs.dll -> C:\WINDOWS\System32\lxdudrs.dll -> [2009/01/25 20:17:01 | 001,036,288 | ---- | C] ()
lxducaps.dll -> C:\WINDOWS\System32\lxducaps.dll -> [2009/01/25 20:17:01 | 000,081,920 | ---- | C] ()
lxducnv4.dll -> C:\WINDOWS\System32\lxducnv4.dll -> [2009/01/25 20:17:01 | 000,069,632 | ---- | C] ()
LXDUPMON.DLL -> C:\WINDOWS\System32\LXDUPMON.DLL -> [2009/01/25 20:16:45 | 000,045,056 | ---- | C] ()
LXDUFXPU.DLL -> C:\WINDOWS\System32\LXDUFXPU.DLL -> [2009/01/25 20:16:45 | 000,032,768 | ---- | C] ()
lxduoem.dll -> C:\WINDOWS\System32\lxduoem.dll -> [2009/01/25 20:16:25 | 000,086,016 | ---- | C] ()
lxdurwrd.ini -> C:\WINDOWS\System32\lxdurwrd.ini -> [2009/01/25 20:14:28 | 000,000,044 | ---- | C] ()
LXDUinst.dll -> C:\WINDOWS\System32\LXDUinst.dll -> [2009/01/25 20:13:27 | 000,389,120 | ---- | C] ()
lxdugrd.dll -> C:\WINDOWS\System32\lxdugrd.dll -> [2009/01/25 20:13:24 | 000,208,896 | ---- | C] ()
OdiOlDVR.dll -> C:\WINDOWS\System32\OdiOlDVR.dll -> [2009/01/20 23:11:19 | 000,114,688 | ---- | C] ()
OdiAPI.dll -> C:\WINDOWS\System32\OdiAPI.dll -> [2009/01/20 23:11:19 | 000,053,248 | ---- | C] ()
qt-dx331.dll -> C:\WINDOWS\System32\qt-dx331.dll -> [2008/11/06 11:37:32 | 003,596,288 | ---- | C] ()
dtu100.dll.manifest -> C:\WINDOWS\System32\dtu100.dll.manifest -> [2008/11/06 11:34:00 | 000,000,416 | ---- | C] ()
dpl100.dll.manifest -> C:\WINDOWS\System32\dpl100.dll.manifest -> [2008/11/06 11:34:00 | 000,000,416 | ---- | C] ()
DivXWMPExtType.dll -> C:\WINDOWS\System32\DivXWMPExtType.dll -> [2008/11/06 11:33:02 | 000,012,288 | ---- | C] ()
WinInit.Ini -> C:\WINDOWS\WinInit.Ini -> [2008/07/25 16:31:05 | 000,000,460 | ---- | C] ()
ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2008/04/23 17:29:56 | 000,000,376 | ---- | C] ()
smscfg.ini -> C:\WINDOWS\smscfg.ini -> [2008/04/18 20:35:00 | 000,000,061 | ---- | C] ()
_psisdecd.dll -> C:\WINDOWS\System32\_psisdecd.dll -> [2008/04/18 20:25:46 | 000,198,144 | ---- | C] ()
preflib.dll -> C:\WINDOWS\System32\preflib.dll -> [2008/04/18 20:15:25 | 000,139,264 | ---- | C] ()
bcm1xsup.dll -> C:\WINDOWS\System32\bcm1xsup.dll -> [2008/04/18 20:15:24 | 000,753,664 | ---- | C] ()
igmedkrn.dll -> C:\WINDOWS\System32\igmedkrn.dll -> [2008/04/18 19:49:16 | 000,910,304 | ---- | C] ()
igfxCoIn_v4831.dll -> C:\WINDOWS\System32\igfxCoIn_v4831.dll -> [2008/04/18 19:49:16 | 000,204,800 | ---- | C] ()
rixdicon.dll -> C:\WINDOWS\System32\rixdicon.dll -> [2008/04/18 19:49:14 | 000,016,480 | ---- | C] ()
OEMINFO.INI -> C:\WINDOWS\System32\OEMINFO.INI -> [2008/04/18 19:47:39 | 000,001,121 | ---- | C] ()
GlobalUserInterface.CompositeFont -> C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont -> [2006/06/29 14:58:52 | 000,030,808 | ---- | C] ()
GlobalSansSerif.CompositeFont -> C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont -> [2006/06/29 14:53:56 | 000,026,489 | ---- | C] ()
GlobalSerif.CompositeFont -> C:\WINDOWS\Fonts\GlobalSerif.CompositeFont -> [2006/04/18 15:39:28 | 000,029,779 | ---- | C] ()
GlobalMonospace.CompositeFont -> C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont -> [2006/04/18 15:39:28 | 000,026,040 | ---- | C] ()
orun32.ini -> C:\WINDOWS\orun32.ini -> [2004/08/10 13:12:05 | 000,000,780 | ---- | C] ()
fxsperf.ini -> C:\WINDOWS\System32\fxsperf.ini -> [2004/08/10 13:01:18 | 000,001,793 | ---- | C] ()
OUTLPERF.INI -> C:\WINDOWS\System32\OUTLPERF.INI -> [2003/01/07 15:05:08 | 000,002,695 | ---- | C] ()

[File - Lop Check]
5600-6600 Series -> C:\Documents and Settings\All Users\Application Data\5600-6600 Series -> [2009/01/25 20:16:17 | 000,000,000 | ---D | M]
Citrix -> C:\Documents and Settings\All Users\Application Data\Citrix -> [2009/02/08 13:34:45 | 000,000,000 | ---D | M]
Lexmark 5600-6600 Series -> C:\Documents and Settings\All Users\Application Data\Lexmark 5600-6600 Series -> [2009/07/01 11:08:48 | 000,000,000 | ---D | M]
RoboForm -> C:\Documents and Settings\All Users\Application Data\RoboForm -> [2008/04/23 18:42:42 | 000,000,000 | ---D | M]
SupportSoft -> C:\Documents and Settings\All Users\Application Data\SupportSoft -> [2008/04/18 20:25:20 | 000,000,000 | ---D | M]
TEMP -> C:\Documents and Settings\All Users\Application Data\TEMP -> [2010/03/17 01:08:56 | 000,000,000 | ---D | M]
ThumbnailCache4R -> C:\Documents and Settings\All Users\Application Data\ThumbnailCache4R -> [2009/07/12 18:11:42 | 000,000,000 | ---D | M]
TuneUp Software -> C:\Documents and Settings\All Users\Application Data\TuneUp Software -> [2009/03/12 11:31:37 | 000,000,000 | ---D | M]
Uninstall -> C:\Documents and Settings\All Users\Application Data\Uninstall -> [2008/04/18 20:29:09 | 000,000,000 | ---D | M]
{3276BE95_AF08_429F_A64F_CA64CB79BCF6} -> C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} -> [2008/12/11 09:36:05 | 000,000,000 | ---D | M]
{55A29068-F2CE-456C-9148-C869879E2357} -> C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} -> [2009/03/12 11:30:58 | 000,000,000 | -HSD | M]
5600-6600 Series -> C:\Documents and Settings\Rick\Application Data\5600-6600 Series -> [2009/02/15 12:23:08 | 000,000,000 | ---D | M]
Argali -> C:\Documents and Settings\Rick\Application Data\Argali -> [2009/07/27 12:54:25 | 000,000,000 | ---D | M]
DataSafeOnline -> C:\Documents and Settings\Rick\Application Data\DataSafeOnline -> [2008/04/23 22:22:33 | 000,000,000 | ---D | M]
Lexmark Productivity Studio -> C:\Documents and Settings\Rick\Application Data\Lexmark Productivity Studio -> [2009/02/01 15:59:50 | 000,000,000 | ---D | M]
TuneUp Software -> C:\Documents and Settings\Rick\Application Data\TuneUp Software -> [2009/03/12 11:32:08 | 000,000,000 | ---D | M]

[File - Purity Scan]


[Alternate Data Streams]
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
[/code]

descriptionMy PC is slower & slower EmptyRe: My PC is slower & slower27th March 2010, 8:33 pm

more_horiz
Please download OTM

  • Save it to your desktop.
  • Please double-click OTM to run it. (Note for Vista: Right-click on the file and choose Run As Administrator).
  • Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL C (or, after highlighting, right-click and choose Copy):

    :processes
    C:\Windows\explorer.exe

    :reg
    [-HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com]
    [-HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\internet]

    :files
    @C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [EMPTYFLASH]
    [Reboot]

  • Return to OTM, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  • This will hide your Desktop and Start Menu so it can do the fix correctly. Save all of your work in Programs and exit them.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTM and reboot your PC.

Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and
open the newest .log file present, and copy/paste the contents of that document back here in your next post.

descriptionMy PC is slower & slower EmptyRe: My PC is slower & slower6th April 2010, 9:55 pm

more_horiz
Here's the log from OTM:

All processes killed
========== PROCESSES ==========
No active process named C:\Windows\explorer.exe was found!
========== REGISTRY ==========
Registry key HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-3653475573-2416755748-3330789705-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\internet\ deleted successfully.
========== FILES ==========
ADS C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrator.RICK-NEW
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 49152 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1146785 bytes

User: Rick
->Temp folder emptied: 30766750 bytes
->Temporary Internet Files folder emptied: 73321415 bytes
->Java cache emptied: 14611924 bytes
->Apple Safari cache emptied: 5672315 bytes
->Flash cache emptied: 2266703 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 4005393 bytes
%systemroot%\System32\dllcache .tmp files removed: 33792 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 180224 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34318 bytes
RecycleBin emptied: 189 bytes

Total Files Cleaned = 126.00 mb

Restore point Set: OTM Restore Point (64424509440)

OTM by OldTimer - Version 3.1.10.1 log created on 04062010_155656

Files moved on Reboot...
File C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
C:\WINDOWS\temp\Perflib_Perfdata_238.dat moved successfully.

Registry entries deleted on Reboot...

descriptionMy PC is slower & slower EmptyRe: My PC is slower & slower7th April 2010, 2:50 am

more_horiz
Please run a free online scan with the ESET Online Scanner
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic

descriptionMy PC is slower & slower EmptyRe: My PC is slower & slower7th April 2010, 4:49 am

more_horiz
The log from ESET:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# IEXPLORE.EXE=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=280c1d5555394d47bc07d47b3ef67078
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-03-19 11:52:36
# local_time=2010-03-19 06:52:36 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 18754635 18754635 0 0
# compatibility_mode=769 16775125 100 98 0 204399435 0 0
# compatibility_mode=2560 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=61292
# found=0
# cleaned=0
# scan_time=2877
# version=7
# IEXPLORE.EXE=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=280c1d5555394d47bc07d47b3ef67078
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-04-07 04:47:42
# local_time=2010-04-06 11:47:42 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 20327181 20327181 0 0
# compatibility_mode=769 16775141 100 98 0 205971981 0 0
# compatibility_mode=2560 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 1486512 1486512 0 0
# scanned=62775
# found=0
# cleaned=0
# scan_time=3237

descriptionMy PC is slower & slower EmptyRe: My PC is slower & slower7th April 2010, 4:50 am

more_horiz
Now to get you off to a good start we will clean your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points, but this is my method:
  • Select Start > All Programs > Accessories > System tools > System Restore.
  • On the dialogue box that appears select Create a Restore Point
  • Click NEXT
  • Enter a name e.g. Clean
  • Click CREATE

You now have a clean restore point, to get rid of the bad ones:
  • Select Start > All Programs > Accessories > System tools > Disk Cleanup.
  • In the Drop down box that appears select your main drive e.g. C
  • Click OK
  • The System will do some calculation and the display a dialogue box with TABS
  • Select the More Options Tab.
  • At the bottom will be a system restore box with a CLEANUP button click this
  • Accept the Warning and select OK again, the program will close and you are done


To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTC.exe by OldTimer:

  • Save it to your Desktop.
  • Double click OTC.exe.
  • Click the CleanUp! button.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

==

Please download TFC by OldTimer to your desktop
  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start
    button to begin the process. Depending on how often you clean temp
    files, execution time should be anywhere from a few seconds to a minute
    or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.


==

Download Security Check by screen317 from SpywareInfoforum.org or Changelog.fr.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

descriptionMy PC is slower & slower EmptyRe: My PC is slower & slower7th April 2010, 7:30 pm

more_horiz
Here's the log:

Results of screen317's Security Check version 0.99.2
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
avast! Antivirus
ESET Online Scanner v3
avast! successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java(TM) 6 Update 17
Out of date Java installed!
Adobe Flash Player 10
Adobe Reader 8.2.1
Out of date Adobe Reader installed!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Alwil Software Avast4 aswUpdSv.exe
Alwil Software Avast4 ashServ.exe
Alwil Software Avast4 ashDisp.exe
Alwil Software Avast4 ashMaiSv.exe
Alwil Software Avast4 ashWebSv.exe
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

descriptionMy PC is slower & slower EmptyRe: My PC is slower & slower8th April 2010, 1:40 am

more_horiz
Please download the newest version of Adobe Acrobat Reader from Adobe.com

Before installing: it is important to remove older versions of Acrobat Reader since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs (Programs and Features in Vista/7).
Search in the list for all previous installed versions of Adobe Acrobat Reader. Uninstall/Remove each of them.

Once old versions are gone, please install the newest version.

==

Please download the newest version of Java from Java.com.

Before installing: it is important to remove older versions of Java since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs (Programs and Features in Vista/7).
Search in the list for all previous installed versions of Java. (J2SE Runtime Environment). Please uninstall/remove each of them.

Once old versions are gone, please install the newest version.

===========

Please read the following information that I have provided, which will help you prevent malicious software in the future. Please keep in mind, malware is a continuous danger on the Internet. It is highly important to stay safe while browsing, to prevent re-infection.

Software recommendations

Firewall

  • Tallemu Online Armor: the free version is just as good as the premium. I have linked you to the free version.
  • Comodo Firewall: the free version is just as good as the premium. I have linked you to the free version. The optional security suite enhances the firewall by 40% increase. If you would like to install the suite that includes antivirus, then remove your old antivirus first.
  • PC Tools Firewall Plus: free and excellent firewall.


AntiSpyware

  • SpywareBlaster
    SpywareBlaster is a program that prevents spyware from installing on your computer. A tutorial on using SpywareBlaster may be found here.
  • Spybot - Search & Destroy.
    Spybot - Search & Destroy is a spyware and adware removal program. It also has realtime protection, TeaTimer to help safeguard your computer against spyware. (The link for Spybot - Search & Destroy contains a tutorial that will help you download, install, and begin using Spybot).


NOTE: Please keep ALL of these programs up-to-date and run them whenever you suspect a problem to prevent malware problems.

Resident Protection help
A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall, and scanning anti-spyware program at a time. Passive protectors such as SpywareBlaster can be run with any of them.

Rogue programs help
There are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:
http://www.spywarewarrior.com/rogue_anti-spyware.htm

Securing your computer

  • Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  • hpHosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites by redirecting them to 127.0.0.1, which is your local computer's loopback address, meaning it will be difficult to infect your computer in the future.


Please consider using an alternate browser
Mozilla's Firefox browser is a very good alternative. In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like NoScript, can make it even more secure. Opera is another good option.

If you are interested:


See this page for more info about malware and prevention.

Thank you for choosing GeekPolice. Please see this page if you would like to leave feedback or contribute to our site. Do you have any more questions?

descriptionMy PC is slower & slower EmptyRe: My PC is slower & slower8th April 2010, 3:14 pm

more_horiz
Is Avast considered firewall? Should this be replaced?

descriptionMy PC is slower & slower EmptyRe: My PC is slower & slower8th April 2010, 3:29 pm

more_horiz
No it is not, and no don't replace it. It is an antivirus, which is crucial to computer security.

Those firewalls I listed above are free and easy to use. Smile...

descriptionMy PC is slower & slower EmptyRe: My PC is slower & slower13th April 2010, 9:01 pm

more_horiz
You guys are the absoƖute greatest!! Everything is running so much better & hopefully I now have the tools to keep it that way. Thanks so very much.

descriptionMy PC is slower & slower EmptyRe: My PC is slower & slower14th April 2010, 3:52 am

more_horiz
You're welcome.

descriptionMy PC is slower & slower EmptyRe: My PC is slower & slower

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum