computer slowing down!!!

2 posters

GeekPolice :: GeekPolice tech support archive :: Technical Support

computer slowing down!!!30th October 2011, 7:22 pm

Hi i have been in touch with you before for various things but recently my computer seems to be slowing down even though i have Macafee protection on it. Is there anything you can do for me to solve this problem?

Kind regards
Mrs Debbie Hornshaw

Re: computer slowing down!!!31st October 2011, 1:31 am

Hello.
Please read this topic:
http://www.GeekPolice.net/t3821-read-this-before-posting

Follow the instructions and post the required logs.

Re: computer slowing down!!!1st November 2011, 8:33 pm

OTL logfile created on: 01/11/2011 20:21:32 - Run 5
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Robert Hornshaw\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.22 Gb Total Physical Memory | 1.60 Gb Available Physical Memory | 49.73% Memory free
6.63 Gb Paging File | 5.00 Gb Available in Paging File | 75.35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 450.70 Gb Total Space | 337.22 Gb Free Space | 74.82% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 8.62 Gb Free Space | 57.47% Space Free | Partition Type: NTFS

Computer Name: ROBERT | User Name: Robert Hornshaw | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/01 19:14:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Robert Hornshaw\Desktop\OTL.com
PRC - [2011/10/06 15:41:16 | 000,166,024 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mcshield.exe
PRC - [2011/09/16 17:38:10 | 001,318,552 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2011/09/03 08:32:44 | 002,424,192 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2011/08/19 14:59:30 | 000,148,520 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2011/08/19 14:55:34 | 000,160,344 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
PRC - [2011/08/06 06:37:41 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011/04/01 17:21:30 | 000,235,168 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10o_ActiveX.exe
PRC - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
PRC - [2010/12/15 22:46:06 | 000,151,056 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\Mcafee\Core\mchost.exe
PRC - [2010/04/13 20:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe
PRC - [2010/01/15 12:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/06/21 11:26:36 | 000,581,632 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\ST330\service\st330service.exe
PRC - [2009/06/21 11:26:36 | 000,557,149 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe
PRC - [2009/06/03 13:46:38 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/02/27 14:10:16 | 001,316,192 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DellDock.exe
PRC - [2009/01/29 23:50:06 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/12/18 12:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/07/18 12:42:10 | 006,246,400 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/07/18 12:42:08 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe
PRC - [2008/05/16 05:11:44 | 000,648,504 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2008/02/27 23:07:26 | 000,594,600 | ---- | M] ( ) -- C:\Windows\System32\lxdncoms.exe
PRC - [2008/02/27 23:07:14 | 000,098,984 | ---- | M] (Lexmark International, Inc.) -- C:\Windows\System32\spool\drivers\w32x86\3\lxdnserv.exe

========== Modules (No Company Name) ==========

MOD - [2011/11/01 19:08:31 | 000,052,736 | ---- | M] () -- C:\Users\Robert Hornshaw\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2011/10/14 07:10:17 | 015,881,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MenuSkinning\20b730293740ca779552bdb6fa0b650e\MenuSkinning.ni.dll
MOD - [2011/10/14 07:10:02 | 000,284,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\77e2e010d880be3d9d1a38c400a9bb7c\VistaBridgeLibrary.ni.dll
MOD - [2011/10/14 07:09:57 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6bc98e9b5eedaa8f71c5454d36a4b772\System.Management.ni.dll
MOD - [2011/10/14 07:09:56 | 002,557,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DellDock\53310c02d109b1981d817d4b21d2770a\DellDock.ni.exe
MOD - [2011/10/14 07:09:55 | 000,286,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\MyDock.Util\9da54ae40eef7103114335191945aafb\MyDock.Util.ni.dll
MOD - [2011/10/14 07:09:29 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll
MOD - [2011/10/14 07:09:24 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\bcb66dbad2b45d05235b37a02f737eb5\Accessibility.ni.dll
MOD - [2011/10/14 07:08:08 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MOD - [2011/10/14 07:07:55 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MOD - [2011/10/14 07:07:47 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MOD - [2011/10/14 07:06:48 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2011/10/14 07:06:29 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011/04/08 11:24:35 | 000,063,488 | ---- | M] () -- C:\Users\Robert Hornshaw\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2011/04/08 11:24:34 | 000,052,224 | ---- | M] () -- C:\Users\Robert Hornshaw\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011/04/08 11:24:33 | 000,117,760 | ---- | M] () -- C:\Users\Robert Hornshaw\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2009/06/21 11:26:36 | 004,222,976 | ---- | M] () -- C:\Program Files\Thomson\ST330\diagnostics\qt-mt332.dll
MOD - [2009/06/21 11:26:36 | 000,364,544 | ---- | M] () -- C:\Program Files\Thomson\ST330\diagnostics\qwt.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (Mp3Rocket Toolbar Helper)
SRV - File not found [On_Demand | Stopped] -- -- (jswpsapi)
SRV - File not found [Auto | Stopped] -- -- (ABP_InstallCheckerService)
SRV - [2011/10/06 15:41:16 | 000,166,024 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/08/19 14:59:30 | 000,148,520 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2011/08/19 14:55:34 | 000,160,344 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2011/03/17 15:38:42 | 000,361,712 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/12/16 10:25:42 | 000,013,160 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe -- (GoToAssist)
SRV - [2010/04/13 20:11:14 | 000,229,688 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2010/01/15 12:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/06/21 11:26:36 | 000,581,632 | ---- | M] (THOMSON Telecom Belgium) [Auto | Running] -- C:\Program Files\Thomson\ST330\service\st330service.exe -- (st330service)
SRV - [2009/01/29 23:50:06 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
SRV - [2008/12/18 12:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008/07/18 12:42:08 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters)
SRV - [2008/05/21 16:25:30 | 000,012,800 | ---- | M] (Pure Networks, Inc.) [On_Demand | Stopped] -- C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe -- (nmraapache)
SRV - [2008/05/16 05:11:44 | 000,648,504 | ---- | M] (Pure Networks, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008/02/27 23:07:26 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxdncoms.exe -- (lxdn_device)
SRV - [2008/02/27 23:07:14 | 000,098,984 | ---- | M] () [Auto | Running] -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\lxdnserv.exe -- (lxdnCATSCustConnectService)
SRV - [2008/01/21 02:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2011/08/15 09:00:06 | 000,461,864 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/08/15 09:00:06 | 000,338,040 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011/08/15 09:00:06 | 000,180,072 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/08/15 09:00:06 | 000,164,776 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2011/08/15 09:00:06 | 000,119,808 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/08/15 09:00:06 | 000,087,808 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/08/15 09:00:06 | 000,064,712 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
DRV - [2011/08/15 09:00:06 | 000,059,288 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2011/08/15 09:00:06 | 000,057,432 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/04/13 20:10:22 | 000,054,776 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\System32\drivers\MOBK.sys -- (MOBKFilter)
DRV - [2010/02/17 18:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/12/30 11:21:16 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/02/23 09:35:56 | 000,112,128 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - [2008/11/04 23:16:40 | 000,022,904 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Dell Support Center\HWDiag\bin\pcd5srvc.pkms -- (PCD5SRVC{3F6A8B78-EC003E00-05040104})
DRV - [2008/10/01 15:44:02 | 000,020,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2008/07/21 11:18:20 | 000,027,648 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV - [2008/07/10 11:28:50 | 000,123,904 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/05/16 05:10:32 | 000,024,888 | ---- | M] (Pure Networks, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\pnarp.sys -- (pnarp)
DRV - [2008/05/16 05:10:30 | 000,026,424 | ---- | M] (Pure Networks, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\purendis.sys -- (purendis)
DRV - [2008/01/21 02:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2006/11/02 07:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2005/08/17 06:46:26 | 000,093,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005/08/17 06:46:20 | 000,008,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005/08/17 06:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.karoo.co.uk/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2897: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2955: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1675: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Robert Hornshaw\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Robert Hornshaw\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Robert Hornshaw\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2011/11/01 10:42:07 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Robert Hornshaw\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\Robert Hornshaw\AppData\Local\Google\Chrome\Application\14.0.835.202\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Robert Hornshaw\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.2 (Enabled) = C:\Users\Robert Hornshaw\AppData\Local\Yahoo!\BrowserPlus\2.9.2\Plugins\npybrowserplus_2.9.2.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: McAfee SiteAdvisor = C:\Users\Robert Hornshaw\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.30.153.1_0\

O1 HOSTS File: ([2011/04/20 19:27:19 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\Mcafee\SystemCore\ScriptSn.20111012195922.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (LiveFoBHO Class) - {D9B924B9-98DF-4E68-BFFF-F11F3CD601E1} - C:\Program Files\LiveFo\LiveFo.dll (TODO: )
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [diagnostics] C:\Program Files\Thomson\ST330\diagnostics\diagnostics.exe (THOMSON Telecom Belgium)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\Robert Hornshaw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUplden-gb.cab (MSN Photo Upload Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUplden-gb.cab (Windows Live Hotmail Photo Upload Tool)
O16 - DPF: Garmin Communicator Plug-In https://my.garmin.com/static/m/cab/2.8.1/GarminAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23F8F30E-A565-4AFC-983A-B3BC8A2D707A}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Pure Networks, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\615\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Users\Robert Hornshaw\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Robert Hornshaw\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = ComFile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/11/01 19:14:05 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Robert Hornshaw\Desktop\OTL.com
[2011/11/01 19:11:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/11/01 19:04:09 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Robert Hornshaw\Documents\OTL.com
[2011/10/13 09:19:30 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/10/13 09:19:30 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/10/13 09:19:30 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2011/10/13 09:19:28 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011/10/13 09:19:27 | 002,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/10/13 09:19:19 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/10/13 09:19:18 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/10/13 09:19:15 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/10/13 09:19:14 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/10/13 09:19:14 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/10/13 09:19:14 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/10/13 09:19:14 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/10/13 09:19:13 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/10/13 09:19:13 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/10/13 09:19:13 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/10/13 09:19:13 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/10/13 09:19:12 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/10/13 09:19:12 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/10/13 09:19:12 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/10/13 09:19:12 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/10/13 09:19:11 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/10/13 09:19:11 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/10/13 09:19:11 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/10/13 09:18:55 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2011/10/13 09:18:55 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2010/08/25 18:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2009/06/21 13:22:33 | 000,438,272 | ---- | C] ( ) -- C:\Windows\System32\LXDNhcp.dll
[2009/06/21 13:22:32 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\lxdninpa.dll
[2009/06/21 13:22:32 | 000,339,968 | ---- | C] ( ) -- C:\Windows\System32\lxdniesc.dll
[2009/06/21 13:22:31 | 000,843,776 | ---- | C] ( ) -- C:\Windows\System32\lxdnusb1.dll
[2009/06/21 13:22:30 | 001,101,824 | ---- | C] ( ) -- C:\Windows\System32\lxdnserv.dll
[2009/06/21 13:22:30 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\lxdnprox.dll
[2009/06/21 13:22:29 | 000,647,168 | ---- | C] ( ) -- C:\Windows\System32\lxdnpmui.dll
[2009/06/21 13:22:29 | 000,569,344 | ---- | C] ( ) -- C:\Windows\System32\lxdnlmpm.dll
[2009/06/21 13:22:27 | 000,663,552 | ---- | C] ( ) -- C:\Windows\System32\lxdnhbn3.dll
[2009/06/21 13:22:27 | 000,320,168 | ---- | C] ( ) -- C:\Windows\System32\lxdnih.exe
[2009/06/21 13:22:25 | 000,594,600 | ---- | C] ( ) -- C:\Windows\System32\lxdncoms.exe
[2009/06/21 13:22:24 | 000,851,968 | ---- | C] ( ) -- C:\Windows\System32\lxdncomc.dll
[2009/06/21 13:22:24 | 000,376,832 | ---- | C] ( ) -- C:\Windows\System32\lxdncomm.dll
[2009/06/21 13:22:24 | 000,365,224 | ---- | C] ( ) -- C:\Windows\System32\lxdncfg.exe
[111 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[111 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/01 20:09:42 | 000,000,412 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{382A7587-33DD-4808-8928-734712285AAF}.job
[2011/11/01 19:55:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/01 19:34:00 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2587230002-3812537154-1661091937-1000UA.job
[2011/11/01 19:14:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Robert Hornshaw\Desktop\OTL.com
[2011/11/01 19:12:30 | 000,599,942 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/01 19:12:30 | 000,109,752 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/01 19:07:39 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/01 19:07:39 | 000,000,276 | ---- | M] () -- C:\Windows\tasks\RtlNICDiagVistaStart.job
[2011/11/01 19:07:25 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/01 19:07:25 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/01 19:07:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/01 19:07:19 | 3453,149,184 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/01 19:04:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Robert Hornshaw\Documents\OTL.com
[2011/11/01 09:59:57 | 000,002,627 | ---- | M] () -- C:\Users\Robert Hornshaw\Desktop\Microsoft Office Word 2007.lnk
[2011/10/31 21:35:24 | 000,002,094 | ---- | M] () -- C:\Users\Robert Hornshaw\Desktop\Google Chrome.lnk
[2011/10/31 21:35:24 | 000,002,056 | ---- | M] () -- C:\Users\Robert Hornshaw\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/10/30 07:34:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2587230002-3812537154-1661091937-1000Core.job
[2011/10/29 08:07:28 | 000,105,984 | ---- | M] () -- C:\Users\Robert Hornshaw\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/26 21:11:54 | 000,031,036 | ---- | M] () -- C:\Users\Robert Hornshaw\Documents\$(KGrHqMOKj0E5vO8LzQlBOjwEwY70w~~60_12[1].jpg
[2011/10/26 21:05:31 | 000,046,872 | ---- | M] () -- C:\Users\Robert Hornshaw\Documents\$(KGrHqYOKm8E4TU7BR8FBOO6b74-gQ~~0_12[1].jpg
[2011/10/19 16:13:22 | 000,806,234 | ---- | M] () -- C:\Users\Robert Hornshaw\Documents\PICT4121.JPG
[2011/10/19 16:12:34 | 001,105,631 | ---- | M] () -- C:\Users\Robert Hornshaw\Documents\PICT4123.JPG
[2011/10/14 07:05:50 | 000,293,576 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/10/09 17:03:28 | 001,132,708 | ---- | M] () -- C:\Users\Robert Hornshaw\Documents\PICT4127.JPG
[2011/10/03 08:28:17 | 286,209,840 | ---- | M] () -- C:\Users\Robert Hornshaw\Documents\PICT3877.AVI
[111 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[111 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/10/26 21:12:09 | 000,031,036 | ---- | C] () -- C:\Users\Robert Hornshaw\Documents\$(KGrHqMOKj0E5vO8LzQlBOjwEwY70w~~60_12[1].jpg
[2011/10/26 21:05:53 | 000,046,872 | ---- | C] () -- C:\Users\Robert Hornshaw\Documents\$(KGrHqYOKm8E4TU7BR8FBOO6b74-gQ~~0_12[1].jpg
[2011/10/19 16:15:15 | 001,105,631 | ---- | C] () -- C:\Users\Robert Hornshaw\Documents\PICT4123.JPG
[2011/10/19 16:13:42 | 000,806,234 | ---- | C] () -- C:\Users\Robert Hornshaw\Documents\PICT4121.JPG
[2011/10/19 16:13:03 | 001,132,708 | ---- | C] () -- C:\Users\Robert Hornshaw\Documents\PICT4127.JPG
[2011/04/07 13:08:01 | 000,011,100 | -HS- | C] () -- C:\Users\Robert Hornshaw\AppData\Local\325cq8r6ceko405fg
[2011/04/07 13:08:01 | 000,011,100 | -HS- | C] () -- C:\ProgramData\325cq8r6ceko405fg
[2010/10/25 06:51:22 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2010/08/25 19:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010/08/25 19:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010/08/25 19:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010/08/25 18:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010/08/25 18:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010/08/25 18:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2009/10/13 14:42:06 | 000,001,356 | ---- | C] () -- C:\Users\Robert Hornshaw\AppData\Local\d3d9caps.dat
[2009/09/26 07:31:55 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2009/09/26 07:31:55 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2009/09/26 07:31:55 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2009/09/26 07:31:55 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2009/08/21 12:31:01 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/21 12:31:01 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/06/22 10:58:55 | 000,000,186 | ---- | C] () -- C:\Users\Robert Hornshaw\AppData\Roaming\wklnhst.dat
[2009/06/21 20:18:54 | 000,105,984 | ---- | C] () -- C:\Users\Robert Hornshaw\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/21 13:28:09 | 000,348,160 | ---- | C] () -- C:\Windows\System32\lxdncoin.dll
[2009/06/21 13:22:44 | 000,000,044 | ---- | C] () -- C:\Windows\System32\lxdnrwrd.ini
[2009/06/21 13:22:33 | 000,348,160 | ---- | C] () -- C:\Windows\System32\LXDNinst.dll
[2009/06/21 13:22:27 | 000,208,896 | ---- | C] () -- C:\Windows\System32\lxdngrd.dll
[2009/06/20 14:57:53 | 000,005,606 | ---- | C] () -- C:\Windows\System32\stci.dll
[2009/05/07 12:04:42 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2009/05/07 12:01:15 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/05/07 11:39:12 | 000,139,824 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2008/02/03 23:11:25 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007/11/28 17:51:49 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxdnvs.dll
[2007/11/21 00:02:39 | 000,782,336 | ---- | C] () -- C:\Windows\System32\lxdndrs.dll
[2007/11/20 23:44:48 | 000,081,920 | ---- | C] () -- C:\Windows\System32\lxdncaps.dll
[2007/10/02 22:51:09 | 000,069,632 | ---- | C] () -- C:\Windows\System32\lxdncnv4.dll
[2006/11/02 12:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 12:47:37 | 000,293,576 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 12:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 10:33:01 | 000,599,942 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 10:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 10:33:01 | 000,109,752 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 10:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 10:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 10:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 08:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 08:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 07:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 07:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Robert Hornshaw\Documents\PICT3877.AVI:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Robert Hornshaw\Documents\PICT3876.AVI:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Robert Hornshaw\Documents\PICT3875.AVI:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Robert Hornshaw\Documents\PICT3874.AVI:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Robert Hornshaw\Documents\PICT3873.AVI:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Robert Hornshaw\Documents\PICT3872.AVI:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Robert Hornshaw\Documents\PICT3870.AVI:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Robert Hornshaw\Documents\PICT3869.AVI:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Robert Hornshaw\Documents\PICT3868.AVI:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Robert Hornshaw\Documents\PICT3867.AVI:TOC.WMV

< End of report >
I think i have done as you have asked but there is no link to download the AWSBER thing that you posted into my reply.
Regards Debbie Hornshaw

Re: computer slowing down!!!3rd November 2011, 1:54 am

Please download aswMBR from here

Save aswMBR.exe to your Desktop
Double click aswMBR.exe to run it
Click the Scan button to start the scan as illustrated below

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives

Once the scan finishes click Save log to save the log to your Desktop
Copy and paste the contents of aswMBR.txt back here for review

Re: computer slowing down!!!3rd November 2011, 8:34 am

There is still no link to download the aswMBR as recommended!!!

Regards Debbie

Re: computer slowing down!!!4th November 2011, 11:11 am

bump!!!

Re: computer slowing down!!!4th November 2011, 3:50 pm

The download link is a hyperlink in my above post, where it says "here"

Does it not let you download it?

Re: computer slowing down!!!6th November 2011, 8:18 am

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-06 07:12:16
-----------------------------
07:12:16.748 OS Version: Windows 6.0.6002 Service Pack 2
07:12:16.748 Number of processors: 4 586 0x1707
07:12:16.748 ComputerName: ROBERT UserName:
07:12:55.296 Initialize success
07:13:00.537 AVAST engine defs: 11110503aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-06 07:12:16
-----------------------------
07:12:16.748 OS Version: Windows 6.0.6002 Service Pack 2
07:12:16.748 Number of processors: 4 586 0x1707
07:12:16.748 ComputerName: ROBERT UserName:
07:12:55.296 Initialize success
07:13:00.537 AVAST engine defs: 11110503
07:13:05.997 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
07:13:06.013 Disk 0 Vendor: WDC_WD5000AAKS-75A7B2 01.03B01 Size: 476940MB BusType: 3
07:13:08.041 Disk 0 MBR read successfully
07:13:08.041 Disk 0 MBR scan
07:13:08.056 Disk 0 Windows VISTA default MBR code
07:13:08.056 Disk 0 scanning sectors +976771072
07:13:08.212 Disk 0 scanning C:\Windows\system32\drivers
07:13:21.628 Service scanning
07:13:23.922 Modules scanning
07:13:32.065 Disk 0 trace - called modules:
07:13:32.096 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys
07:13:32.096 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x870cc680]
07:13:32.096 3 CLASSPNP.SYS[83fa88b3] -> nt!IofCallDriver -> [0x8673c4e8]
07:13:32.096 5 acpi.sys[806a06bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8670bb98]
07:13:34.046 AVAST engine scan C:\Windows
07:13:39.849 AVAST engine scan C:\Windows\system32
07:18:34.845 AVAST engine scan C:\Windows\system32\drivers
07:18:59.899 AVAST engine scan C:\Users\Robert Hornshaw
07:35:58.189 AVAST engine scan C:\ProgramData
08:06:24.288 Scan finished successfully
08:15:40.033 Disk 0 MBR has been saved successfully to "C:\Users\Robert Hornshaw\Desktop\MBR.dat"
08:15:40.048 The log file has been saved successfully to "C:\Users\Robert Hornshaw\Desktop\aswMBR.txt"

07:13:05.997 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
07:13:06.013 Disk 0 Vendor: WDC_WD5000AAKS-75A7B2 01.03B01 Size: 476940MB BusType: 3
07:13:08.041 Disk 0 MBR read successfully
07:13:08.041 Disk 0 MBR scan
07:13:08.056 Disk 0 Windows VISTA default MBR code
07:13:08.056 Disk 0 scanning sectors +976771072
07:13:08.212 Disk 0 scanning C:\Windows\system32\drivers
07:13:21.628 Service scanning
07:13:23.922 Modules scanning
07:13:32.065 Disk 0 trace - called modules:
07:13:32.096 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys
07:13:32.096 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x870cc680]
07:13:32.096 3 CLASSPNP.SYS[83fa88b3] -> nt!IofCallDriver -> [0x8673c4e8]
07:13:32.096 5 acpi.sys[806a06bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8670bb98]
07:13:34.046 AVAST engine scan C:\Windows
07:13:39.849 AVAST engine scan C:\Windows\system32
07:18:34.845 AVAST engine scan C:\Windows\system32\drivers
07:18:59.899 AVAST engine scan C:\Users\Robert Hornshaw
07:35:58.189 AVAST engine scan C:\ProgramData
08:06:24.288 Scan finished successfully
08:15:40.033 Disk 0 MBR has been saved successfully to "C:\Users\Robert Hornshaw\Desktop\MBR.dat"
08:15:40.048 The log file has been saved successfully to "C:\Users\Robert Hornshaw\Desktop\aswMBR.txt"

Re: computer slowing down!!!8th November 2011, 11:37 am

Above are the listings you requested as the link did work it was just me being dumb!

Regards Debbie

Re: computer slowing down!!!9th November 2011, 12:54 am

Hello.

Please download ComboFix computer slowing down!!! Combofix

from BleepingComputer.com

Alternate link: GeeksToGo.com

Rename ComboFix.exe to commy.exe before you save it to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.

Re: computer slowing down!!!9th November 2011, 7:55 pm

ComboFix 11-11-09.01 - Robert Hornshaw 09/11/2011 19:39:56.5.4 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3292.1542 [GMT 0:00]
Running from: c:\users\Robert Hornshaw\Desktop\commy.exe
Command switches used :: /stepdel
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\SPL12D4.tmp
c:\programdata\SPL163E.tmp
c:\programdata\SPL168F.tmp
c:\programdata\SPL1827.tmp
c:\programdata\SPL191B.tmp
c:\programdata\SPL1C1D.tmp
c:\programdata\SPL1CA5.tmp
c:\programdata\SPL235A.tmp
c:\programdata\SPL23C6.tmp
c:\programdata\SPL254C.tmp
c:\programdata\SPL280B.tmp
c:\programdata\SPL298F.tmp
c:\programdata\SPL2BE4.tmp
c:\programdata\SPL2E63.tmp
c:\programdata\SPL2F5B.tmp
c:\programdata\SPL2FF6.tmp
c:\programdata\SPL3552.tmp
c:\programdata\SPL363C.tmp
c:\programdata\SPL36FC.tmp
c:\programdata\SPL3AE6.tmp
c:\programdata\SPL3B79.tmp
c:\programdata\SPL3C08.tmp
c:\programdata\SPL3F24.tmp
c:\programdata\SPL40BD.tmp
c:\programdata\SPL40E6.tmp
c:\programdata\SPL4942.tmp
c:\programdata\SPL4A38.tmp
c:\programdata\SPL4E38.tmp
c:\programdata\SPL4EFC.tmp
c:\programdata\SPL5038.tmp
c:\programdata\SPL518C.tmp
c:\programdata\SPL54C8.tmp
c:\programdata\SPL582E.tmp
c:\programdata\SPL587E.tmp
c:\programdata\SPL63E1.tmp
c:\programdata\SPL6449.tmp
c:\programdata\SPL645F.tmp
c:\programdata\SPL650B.tmp
c:\programdata\SPL655A.tmp
c:\programdata\SPL6576.tmp
c:\programdata\SPL6641.tmp
c:\programdata\SPL66E3.tmp
c:\programdata\SPL696.tmp
c:\programdata\SPL6F09.tmp
c:\programdata\SPL707F.tmp
c:\programdata\SPL7512.tmp
c:\programdata\SPL7A0.tmp
c:\programdata\SPL7BEE.tmp
c:\programdata\SPL7FCD.tmp
c:\programdata\SPL82D2.tmp
c:\programdata\SPL82FC.tmp
c:\programdata\SPL83FD.tmp
c:\programdata\SPL87A.tmp
c:\programdata\SPL88EF.tmp
c:\programdata\SPL90BA.tmp
c:\programdata\SPL9117.tmp
c:\programdata\SPL9359.tmp
c:\programdata\SPL94A2.tmp
c:\programdata\SPL9A99.tmp
c:\programdata\SPL9B35.tmp
c:\programdata\SPL9BC5.tmp
c:\programdata\SPL9BC7.tmp
c:\programdata\SPL9D67.tmp
c:\programdata\SPL9D95.tmp
c:\programdata\SPL9F5C.tmp
c:\programdata\SPLA106.tmp
c:\programdata\SPLA30F.tmp
c:\programdata\SPLA6DA.tmp
c:\programdata\SPLA6E.tmp
c:\programdata\SPLA92A.tmp
c:\programdata\SPLA968.tmp
c:\programdata\SPLAAEE.tmp
c:\programdata\SPLACBF.tmp
c:\programdata\SPLADB0.tmp
c:\programdata\SPLB010.tmp
c:\programdata\SPLB50D.tmp
c:\programdata\SPLB5D8.tmp
c:\programdata\SPLB640.tmp
c:\programdata\SPLBA4.tmp
c:\programdata\SPLBB10.tmp
c:\programdata\SPLBC24.tmp
c:\programdata\SPLBD46.tmp
c:\programdata\SPLC24A.tmp
c:\programdata\SPLC5A1.tmp
c:\programdata\SPLC77.tmp
c:\programdata\SPLC87E.tmp
c:\programdata\SPLC947.tmp
c:\programdata\SPLC98B.tmp
c:\programdata\SPLC9E4.tmp
c:\programdata\SPLCA8F.tmp
c:\programdata\SPLD08B.tmp
c:\programdata\SPLD127.tmp
c:\programdata\SPLD1D6.tmp
c:\programdata\SPLDA28.tmp
c:\programdata\SPLDB33.tmp
c:\programdata\SPLDD05.tmp
c:\programdata\SPLDF18.tmp
c:\programdata\SPLDF28.tmp
c:\programdata\SPLE107.tmp
c:\programdata\SPLE308.tmp
c:\programdata\SPLE59E.tmp
c:\programdata\SPLE649.tmp
c:\programdata\SPLE820.tmp
c:\programdata\SPLE966.tmp
c:\programdata\SPLEC05.tmp
c:\programdata\SPLEE92.tmp
c:\programdata\SPLEFC3.tmp
c:\programdata\SPLF6B3.tmp
c:\programdata\SPLF739.tmp
c:\programdata\SPLF7B6.tmp
c:\programdata\SPLF8A8.tmp
c:\windows\system32\CF25417.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-10-09 to 2011-11-09 )))))))))))))))))))))))))))))))
.
.
2011-11-09 19:48 . 2011-11-09 19:48 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-11-09 19:48 . 2011-11-09 19:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-13 09:18 . 2011-08-25 16:15 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-10-13 09:18 . 2011-08-25 13:31 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-10-13 09:18 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-13 09:18 . 2011-08-25 16:14 238080 ----a-w- c:\windows\system32\oleacc.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-07 07:46 . 2011-10-07 07:46 784136 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-08-19 14:59 . 2010-12-16 11:14 148520 ----a-w- c:\windows\system32\mfevtps.exe
2011-08-15 09:00 . 2010-12-16 11:25 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2011-08-15 09:00 . 2010-12-16 11:24 87808 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2011-08-15 09:00 . 2010-12-16 11:24 64712 ----a-w- c:\windows\system32\drivers\mfenlfk.sys
2011-08-15 09:00 . 2010-12-16 11:24 164776 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2011-08-15 09:00 . 2010-12-16 11:24 59288 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2011-08-15 09:00 . 2010-12-16 11:24 57432 ----a-w- c:\windows\system32\drivers\cfwids.sys
2011-08-15 09:00 . 2010-12-16 11:24 338040 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2011-08-15 09:00 . 2010-12-16 11:24 180072 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2011-08-15 09:00 . 2010-10-13 22:28 461864 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2011-08-15 09:00 . 2010-10-13 22:28 119808 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D9B924B9-98DF-4E68-BFFF-F11F3CD601E1}]
2010-08-19 03:12 109056 ----a-w- c:\program files\LiveFo\LiveFo.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]
@="{3c3f3c1a-9153-7c05-f938-622e7003894d}"
[HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]
2010-04-13 20:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]
@="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"
[HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]
2010-04-13 20:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]
@="{b4caf489-1eec-c617-49ad-8d7088598c06}"
[HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]
2010-04-13 20:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-20 39408]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-09-03 2424192]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-07-18 6246400]
"diagnostics"="c:\program files\Thomson\ST330\diagnostics\diagnostics.exe" [2009-06-21 557149]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-06-03 206064]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-09-16 1318552]
.
c:\users\Robert Hornshaw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-2-27 1316192]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-2-27 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2010-12-16 10:25 13672 ----a-w- c:\program files\Citrix\GoToAssist\615\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-06-08 04:02 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dellsupportcenter]
2009-06-03 13:46 206064 ----a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-03-18 09:00 136176 ----atw- c:\users\Robert Hornshaw\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxdnamon]
2008-03-27 15:13 16040 ----a-w- c:\program files\Lexmark 2600 Series\lxdnamon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxdnmon.exe]
2008-03-27 15:13 660136 ----a-w- c:\program files\Lexmark 2600 Series\lxdnmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-12-20 17:08 963976 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (rootkit-scan)]
2010-12-20 17:08 963976 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcui_exe]
2011-09-16 17:38 1318552 ----a-w- c:\program files\McAfee.com\Agent\mcagent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 16:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nmapp]
2008-05-21 16:26 451896 ----a-w- c:\program files\Pure Networks\Network Magic\nmapp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-10-29 13:49 249064 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2011-09-03 08:32 2424192 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-08-20 08:41 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2587230002-3812537154-1661091937-1000]
"EnableNotificationsRef"=dword:00000007
.
R1 SASKUTIL;SASKUTIL;c:\users\ROBERT~1\AppData\Local\Temp\SASKUTIL.SYS [x]
R2 ABP_InstallCheckerService;ABP_InstallCheckerService;c:\users\ROBERT~1\AppData\Local\Temp\nsgB854.tmp\ABP_InstallChecker.exe [x]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 135664]
R2 Mp3Rocket Toolbar Helper;Mp3Rocket Toolbar Helper;c:\program files\MP3 Rocket Toolbar\Mp3RocketSvc.exe [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 135664]
R3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\NETGEAR\WN111v2\jswpsapi.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-08-15 87808]
R3 PCD5SRVC{3F6A8B78-EC003E00-05040104};PCD5SRVC{3F6A8B78-EC003E00-05040104} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\DELLSU~1\HWDiag\bin\PCD5SRVC.pkms [2008-11-04 22904]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\DRIVERS\jswpslwf.sys [2008-10-01 20384]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2011-08-15 64712]
S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-08-15 164776]
S1 MOBKFilter;MOBKFilter;c:\windows\system32\DRIVERS\MOBK.sys [2010-04-13 54776]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2008-07-18 73728]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
S2 lxdn_device;lxdn_device;c:\windows\system32\lxdncoms.exe [2008-02-27 594600]
S2 lxdnCATSCustConnectService;lxdnCATSCustConnectService;c:\windows\system32\spool\DRIVERS\W32X86\3\\lxdnserv.exe [2008-02-27 98984]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-08-19 160344]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-08-19 148520]
S2 MOBKbackup;McAfee Online Backup;c:\program files\McAfee Online Backup\MOBKbackup.exe [2010-04-13 229688]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2008-07-21 27648]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-08-15 57432]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-02-23 112128]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-08-15 338040]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 09:47]
.
2011-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 09:47]
.
2011-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2587230002-3812537154-1661091937-1000Core.job
- c:\users\Robert Hornshaw\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-21 09:00]
.
2011-11-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2587230002-3812537154-1661091937-1000UA.job
- c:\users\Robert Hornshaw\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-21 09:00]
.
2011-11-09 c:\windows\Tasks\RtlNICDiagVistaStart.job
- c:\program files\Realtek\RTNICDiag\RTNICDiag.exe [2009-05-07 11:18]
.
2011-11-09 c:\windows\Tasks\User_Feed_Synchronization-{382A7587-33DD-4808-8928-734712285AAF}.job
- c:\windows\system32\msfeedssync.exe [2011-10-13 21:29]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.karoo.co.uk/
TCP: DhcpNameServer = 192.168.0.1
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.8.1/GarminAxControl.CAB
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-09 19:48
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCD5SRVC{3F6A8B78-EC003E00-05040104}]
"ImagePath"="\??\c:\progra~1\DELLSU~1\HWDiag\bin\PCD5SRVC.pkms"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\st330service]
"ImagePath"="C:\Program Files/Thomson/ST330/service/st330service.exe -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2587230002-3812537154-1661091937-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*y*æ*i%\OpenWithList]
@Class="Shell"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2011-11-09 19:50:04
ComboFix-quarantined-files.txt 2011-11-09 19:50
ComboFix2.txt 2011-04-20 19:29
ComboFix3.txt 2010-10-25 07:01
ComboFix4.txt 2009-09-26 07:44
.
Pre-Run: 361,072,242,688 bytes free
Post-Run: 361,315,418,112 bytes free
.
- - End Of File - - E35336BF0E9D02F3AE965B982605FD2E

Re: computer slowing down!!!11th November 2011, 7:53 am

I have postedthe beeping.com results above as requested.

Re: computer slowing down!!!14th November 2011, 12:19 am

Run ESET Online Scan
Please do an online scan with ESET Online Scanner. Please use Internet Explorer as it uses ActiveX.

Check (tick) this box: YES, I accept the Terms of Use.
Click on the Start button next to it.
When prompted to run ActiveX. click Yes.
You will be asked to install an ActiveX. Click Install.
Once installed, the scanner will be initialized.
After the scanner is initialized, click Start.
Check (tick) Remove found threats box.
Check (tick) Scan unwanted applications.
Click on Scan.
It will start scanning. Please be patient.
Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.

Re: computer slowing down!!!20th November 2011, 8:50 pm

I ran the scan but it didn't save anywhere!!! looked into the c drive and cannot be found. Does it automatically save or am i supposed to save it?

Regards Debbie Hornshaw

Re: computer slowing down!!!22nd November 2011, 6:23 am

bump!

Re: computer slowing down!!!24th November 2011, 6:17 pm

Hello.
Sorry for the delay, been busy.

How is the machine running now?

Re: computer slowing down!!!26th November 2011, 7:33 am

bump!!!

computer slowing down!!!

descriptioncomputer slowing down!!!30th October 2011, 7:22 pm

descriptionRe: computer slowing down!!!31st October 2011, 1:31 am

descriptionRe: computer slowing down!!!1st November 2011, 8:33 pm

descriptionRe: computer slowing down!!!3rd November 2011, 1:54 am

descriptionRe: computer slowing down!!!3rd November 2011, 8:34 am

descriptionRe: computer slowing down!!!4th November 2011, 11:11 am

descriptionRe: computer slowing down!!!4th November 2011, 3:50 pm

descriptionRe: computer slowing down!!!6th November 2011, 8:18 am

descriptionRe: computer slowing down!!!8th November 2011, 11:37 am

descriptionRe: computer slowing down!!!9th November 2011, 12:54 am

descriptionRe: computer slowing down!!!9th November 2011, 7:55 pm

descriptionRe: computer slowing down!!!11th November 2011, 7:53 am

descriptionRe: computer slowing down!!!14th November 2011, 12:19 am

descriptionRe: computer slowing down!!!20th November 2011, 8:50 pm

descriptionRe: computer slowing down!!!22nd November 2011, 6:23 am

descriptionRe: computer slowing down!!!24th November 2011, 6:17 pm

descriptionRe: computer slowing down!!!26th November 2011, 7:33 am

descriptionRe: computer slowing down!!!