Computer running slow as poop. Possible virus or just too much junk?

SO! Recently, my laptop's been going haywire with lag. Like, you can't do anything for 30 seconds while you click frustrated lag. Is this a virus? Or maybe there's just a lot of junk on my laptop. Solutions or tips?

Hi,

Welcome to GeekPolice.net!

Please download OTL to your Desktop. (If you already have it downloaded, then just follow the instructions below).

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  
• Under the Custom Scan box paste this in
  
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\*.exe /lockedfiles
  %systemroot%\Tasks\*.job /lockedfiles
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.sys
  %systemroot%\system32\drivers\*.dll
  %systemroot%\system32\drivers\*.ini
  %systemroot%\system32\drivers\*.exe
  %SYSTEMDRIVE%\*.*
  %PROGRAMFILES%\*.
  %appdata%\*.*
  netsvcs
  msconfig
  safebootminimal
  safebootnetwork
  activex
  drivers32
  /md5start
  eventlog.dll
  scecli.dll
  netlogon.dll
  cngaudit.dll
  sceclt.dll
  ntelogon.dll
  logevent.dll
  iaStor.sys
  nvstor.sys
  atapi.sys
  IdeChnDr.sys
  viasraid.sys
  AGP440.sys
  vaxscsi.sys
  nvatabus.sys
  viamraid.sys
  nvata.sys
  nvgts.sys
  iastorv.sys
  ViPrt.sys
  eNetHook.dll
  ahcix86.sys
  KR10N.sys
  disk.sys
  nvstor32.sys
  ahcix86s.sys
  nvrd32.sys
  symmpi.sys
  adp3132.sys
  mv61xx.sys
  usbstor.sys
  /md5stop
  CREATERESTOREPOINT
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
  
  
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
  
  
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    
  • Please copy (Edit->Select All, Edit->Copy) and paste (Edit->Paste) the contents of these files, one at a time

Note: in the event that OTL fails to run, please use alternate download links to try again:

http://itxassociates.com/OT-Tools/OTL.com
http://itxassociates.com/OT-Tools/OTL.scr

It keeps on saying "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access this item." The wierd thing is, it never asked me that before whenever I run other files. O_O

Hi,

Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer for this scan

• Tick the box next to YES, I accept the Terms of Use
  
• Click Start
  
• When asked, allow the ActiveX control to install
  
• Click Start
  
• Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  
• Click Scan (This scan can take several hours, so please be patient)
  
• Once the scan is completed, you may close the window
  
• Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  
• Copy and paste that log as a reply to this topic
  

Whenever I try to install Active X, I wait for a while and nothing happens. I clicked install when the button came out, but after that, there's nothing. Is my firewall killing the download or something?

Thanks!

Hi,

Try this one:

Please do a scan with Kaspersky Online Scanner

Click on the Accept button and install any components it needs.

• The program will install and then begin downloading the latest definition files.
  
• After the files have been downloaded on the left side of the page in the Scan section select My Computer.
  
• This will start the program and scan your system.
  
• The scan will take a while, so be patient and let it run.
  
• Once the scan is complete, click on View scan report
  
• Now, click on the Save Report as button.
  
• Save the file to your desktop.
  
• Copy and paste that information in your next post.
  

I get this error if I update it.

Update has failed The program could not be started. Please close the window of Kaspersky Online Scanner 7.0 and start the program again from the web site of Kaspersky Lab.



Successful updating of Kaspersky Online Scanner 7.0 and scanning of your computer requires uninterrupted Internet connection. Please make sure that the Internet connection is established. [ERROR: License has expired]

Hi,

Please reboot and tab F8 quickly until it asks you what mode you would want to boot into, then choose Safe mode with networking and choose this:

Please download ComboFix from BleepingComputer.com

Alternate link: GeeksToGo.com

Alternate link: Forospyware.com


Rename ComboFix.exe to commy.exe before you save it to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  
• Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
  
• When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.

Whenever I go on Safe Mode and try to disable AVG 2010, it always loads up to a smaller scanner. It only lets me scan, and doesn't let me go on to the interface to disable it. Is this normal?

Hi,

A smaller scanner? I am not sure what you mean?

It says its a "1 line scanner" or something like that.

Hi,

Don't worry about disabling it just click ok and let ComboFix run.

So, when I tried to run commy.exe, it wouldn't let me, as it said that AVG Free 2011 was blocking me. I uninstalled it to have a try, but it said that AVG was still running, and that it could continue, but only at my own risk. Should I just go?

Hi,

Yes, please ignore the warning and continue. As long as it is gone it won't bother ComboFix.

Alright. I did what you told me to, but I can't find the log. Do you know where it might be?

Hi,

It should be located on your C:\ Drive. C:\ComboFix.txt

Alright. Here it is.

ComboFix 10-11-23.02 - Brian Juon 3/2010 Tue 21:29:45.1.2 - x86 NETWORK
Microsoft Windows XP Professional 5.1.2600.3.949.82.1033.18.2045.1784 [GMT -6:00]
Running from: c:\documents and settings\Brian Juon\Desktop\commy.exe.exe
AV: AVG Internet Security 2011 *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}
FW: AVG Firewall *enabled* {8decf618-9569-4340-b34a-d78d28969b66}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Search Toolbar
c:\program files\Search Toolbar\icon.ico
c:\program files\Search Toolbar\SearchToolbar.dll
c:\program files\Search Toolbar\SearchToolbarUninstall.exe
c:\program files\Search Toolbar\SearchToolbarUpdater.exe

.
((((((((((((((((((((((((( Files Created from 2010-10-24 to 2010-11-24 )))))))))))))))))))))))))))))))
.

2010-11-14 00:32 . 2010-11-14 00:32 -------- d-----w- c:\program files\Common Files\Java
2010-11-14 00:32 . 2010-11-14 00:32 -------- d-----w- c:\windows\Sun
2010-11-14 00:32 . 2010-11-14 00:32 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2010-11-14 00:32 . 2010-11-14 00:32 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-11-14 00:32 . 2010-11-14 00:32 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-14 00:32 . 2010-11-14 00:32 -------- d-----w- c:\program files\Java
2010-11-12 03:30 . 2010-11-12 03:31 -------- d-----w- c:\documents and settings\Brian Juon\Application Data\ooVoo Details
2010-11-12 03:30 . 2010-11-12 03:30 -------- d-----w- c:\program files\ooVoo
2010-11-12 03:28 . 2010-11-12 03:28 -------- d-----w- c:\program files\Common Files\logishrd
2010-11-12 03:28 . 2008-04-14 11:42 91136 ----a-w- c:\windows\system32\kswdmcap.ax
2010-11-12 03:28 . 2008-04-14 11:42 61952 ----a-w- c:\windows\system32\kstvtune.ax
2010-11-12 03:28 . 2008-04-14 11:42 53760 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2010-11-12 03:28 . 2008-04-14 11:42 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2010-11-12 03:28 . 2008-04-14 11:42 43008 ----a-w- c:\windows\system32\ksxbar.ax
2010-11-12 03:26 . 2008-04-14 06:15 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2010-11-12 03:26 . 2008-04-14 06:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-11-11 13:41 . 2010-11-11 13:41 -------- d-----w- c:\documents and settings\Mom\Application Data\AVG10
2010-11-11 13:41 . 2010-11-11 13:41 -------- d-----w- c:\documents and settings\Mom\Application Data\OnlineArmor
2010-11-07 05:52 . 2010-11-07 06:46 -------- d-----w- c:\documents and settings\Brian Juon\Application Data\AVG
2010-11-07 05:52 . 2010-11-22 02:59 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-11-06 17:37 . 2010-11-06 17:37 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2010-11-06 17:37 . 2010-11-06 17:37 103864 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2010-11-06 04:05 . 2010-11-06 04:35 -------- d-----w- c:\documents and settings\Brian Juon\Local Settings\Application Data\PMB Files
2010-11-06 04:05 . 2010-11-06 04:05 -------- d-----w- c:\documents and settings\All Users\Application Data\PMB Files
2010-11-05 04:25 . 2010-11-05 04:25 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files
2010-11-05 04:24 . 2010-11-24 03:22 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG10
2010-11-05 04:24 . 2010-11-22 02:59 -------- d-----w- c:\program files\AVG
2010-11-05 04:21 . 2010-11-05 04:24 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData
2010-10-30 05:25 . 2010-10-30 05:33 -------- d-----w- c:\documents and settings\Mom\Local Settings\Application Data\Adobe
2010-10-29 06:56 . 2010-10-29 06:56 -------- d-----w- c:\documents and settings\Brian Juon\Local Settings\Application Data\Identities
2010-10-26 04:39 . 2010-10-26 04:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2010-10-26 04:39 . 2010-10-26 04:39 -------- d-----w- c:\documents and settings\Brian Juon\Application Data\Office Genuine Advantage

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-18 17:23 . 2004-08-04 05:56 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2004-08-04 05:56 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2001-08-23 12:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2001-08-23 12:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-09 14:16 . 2004-08-04 05:56 667136 ----a-w- c:\windows\system32\wininet.dll
2010-09-09 14:16 . 2004-08-04 03:59 61952 ----a-w- c:\windows\system32\tdc.ocx
2010-09-09 14:16 . 2004-08-04 05:56 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-09-08 16:49 . 2004-08-04 03:59 369664 ----a-w- c:\windows\system32\html.iec
2010-09-01 11:51 . 2004-08-04 05:56 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42 . 2004-08-04 04:17 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02 . 2004-08-04 05:56 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57 . 2004-08-04 05:56 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 13:39 . 2004-08-04 04:14 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-26 12:52 . 2010-07-27 21:18 5120 ----a-w- c:\windows\system32\xpsp4res.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-07-27 39408]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"ooVoo.exe"="c:\program files\ooVoo\oovoo.exe" [2010-10-31 19071672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"LG Intelligent Update"="c:\program files\lg_swupdate\autoupdate.exe" [2008-07-17 126976]
"RTHDCPL"="RTHDCPL.EXE" [2008-11-17 17676288]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-11 13594624]
"nwiz"="nwiz.exe" [2009-02-11 1657376]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1024000]
"KeybdUtility"="c:\program files\LG Software\On Screen Display\HotKey.exe" [2009-01-10 2830336]
"zOSD"="c:\program files\LG Software\On Screen Display\HotKey.exe" [2009-01-10 2830336]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2004-06-10 66680]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2004-10-06 161096]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Acrobat Assistant.lnk - c:\program files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-5-15 217193]
EmEditor v3.lnk - c:\program files\EmEditor3\EMEDTRAY.EXE [2001-12-13 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Nexon\\Vindictus\\en-US\\NMService.exe"=
"c:\\Nexon\\PopTag\\CA.exe"=
"c:\\Nexon\\PopTag\\NMCOSrv.exe"=
"d:\combat arms\CombatArms.exe"= d:\combat arms\CombatArms.exe:*Enabled:CombatArms.exe
"d:\\Combat Arms\\NMService.exe"=
"d:\\Combat Arms\\Engine.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\ooVoo\\ooVoo.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"56081:TCP"= 56081:TCP:Pando Media Booster
"56081:UDP"= 56081:UDP:Pando Media Booster
"443:TCP"= 443:TCP:ooVoo TCP port 443
"443:UDP"= 443:UDP:ooVoo UDP port 443
"37674:TCP"= 37674:TCP:ooVoo TCP port 37674
"37674:UDP"= 37674:UDP:ooVoo UDP port 37674
"37675:UDP"= 37675:UDP:ooVoo UDP port 37675

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [7/26/2010 4:20 PM 165888]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [8/17/2010 12:39 PM 691696]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7/27/2010 7:51 AM 136176]
S2 SRS_PostInstaller;SRS PostInstaller Service;c:\program files\SRS Labs\WOWHD and TSXT Driver\SRS_PostInstaller.exe [8/10/2007 8:37 AM 69632]
S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [7/26/2010 2:56 PM 20160]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [7/26/2010 3:57 PM 41376]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
S3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [10/6/2004 4:56 PM 173392]
S3 wowfilter;WOW XT Filter Driver;c:\windows\system32\drivers\WOWFilter.sys [8/10/2007 8:35 AM 22528]
.
Contents of the 'Scheduled Tasks' folder

2010-11-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cb6d7363c4237a.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-27 13:51]

2010-11-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cb6d7364106eba.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-27 13:51]
.
.
------- Supplementary Scan -------
.
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\Brian Juon\Application Data\Mozilla\Firefox\Profiles\p69zwx7b.Mah Profile\
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
------- File Associations -------
.
.txt=emeditor.txt
.
- - - - ORPHANS REMOVED - - - -

ShellExecuteHooks-{4F07DA45-8170-4859-9B5F-037EF2970034} - (no file)
AddRemove-Search Toolbar - c:\program files\Search Toolbar\SearchToolbarUninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-23 21:32
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2010-11-23 21:33:54
ComboFix-quarantined-files.txt 2010-11-24 03:33

Pre-Run: 18,480,656,384 bytes free
Post-Run: 19,102,081,024 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 8EFDC4052445699E0BC7DC25BF52A7E1

Hi,

Please download Malwarebytes Anti-Malware from Here.


Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy&Paste the entire report in your next reply.
  

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.