Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

XP, something is running slowing computer to a crawl

Started by gcdi , Jul 31 2014 08:04 PM

  • Please log in to reply
122 replies to this topic

#106 oldman960

oldman960

    Forum God

  • Retired Classroom Teacher
  • 14,770 posts

Posted 23 October 2014 - 06:51 AM

Hi gcgi,

There's a bit showing but nothing that should give you those symptoms. Let me check a few other things. I'll post back in a bit.


Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation 5Iv60h9.jpg
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

    Advertisements

Register to Remove

#107 oldman960

oldman960

    Forum God

  • Retired Classroom Teacher
  • 14,770 posts

Posted 23 October 2014 - 11:59 PM

Hi gcdi,

Uninstall Spybot and make sure that MBAM is not running in real time.

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation 5Iv60h9.jpg
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

#108 gcdi

gcdi

    Authentic Member

  • Authentic Member
  • PipPip
  • 119 posts

Posted 25 October 2014 - 01:36 PM

Spybot doesn't show up on add remove programs.

MBAM says you have to have premium to run in real time and I don't have premium.


#109 oldman960

oldman960

    Forum God

  • Retired Classroom Teacher
  • 14,770 posts

Posted 26 October 2014 - 12:09 AM

Hi gcdi,

Try this.
[list]
  • click start button,
  • then click All Programs
  • highlight Spybot - Search & Destroy 2
  • click Uninstall Spybot-S&D

    If you can't find it there see if the uninstaller is in the Spybot folder. The default folder is C:\Program files\Spybot - Search&Destroy 2. The file you are looking for is named unins000.

    During the uninstall you may be asked for some input. If given a screen which allows you to ubdo all browser blocks click the button Open Immunizer. Follow the prompts from there.

    You may recieve a screen asking you why you have chosen to uninstall Spybot. Add a reason or comment if you wish then click Submit and uninstall.

  • Click yes to complete the uninstall.

    See if it's any better after the reboot.

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation 5Iv60h9.jpg
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

#110 gcdi

gcdi

    Authentic Member

  • Authentic Member
  • PipPip
  • 119 posts

Posted 26 October 2014 - 01:53 AM

Still not seeing it. In program files I don't see any spybot. Searched for unins000, found some but not for spybot.

Searched for spybot and this is what it found:

 

SpybotSD.evt

cnet_spybotsd162_exe

spybotsd162


#111 oldman960

oldman960

    Forum God

  • Retired Classroom Teacher
  • 14,770 posts

Posted 28 October 2014 - 07:05 AM

Hi gcgi,

Strange you can't locate the Spybot folder as it showed in the last OTL log.

Get a new OTL scan log. Check the box beside scan all users then click the Run Scan button.


Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation 5Iv60h9.jpg
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

#112 gcdi

gcdi

    Authentic Member

  • Authentic Member
  • PipPip
  • 119 posts

Posted 30 October 2014 - 10:59 PM

OTL logfile created on: 10/30/2014 11:48:43 PM - Run 5
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\MIKE\Desktop\OTL
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.12 Gb Total Physical Memory | 1.94 Gb Available Physical Memory | 62.21% Memory free
4.96 Gb Paging File | 3.95 Gb Available in Paging File | 79.50% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931.50 Gb Total Space | 800.36 Gb Free Space | 85.92% Space Free | Partition Type: NTFS
Drive D: | 1.46 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 69.23 Gb Total Space | 28.20 Gb Free Space | 40.74% Space Free | Partition Type: NTFS
Drive F: | 232.88 Gb Total Space | 175.50 Gb Free Space | 75.36% Space Free | Partition Type: NTFS

Computer Name: GCDI | User Name: MIKE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.187.802.0.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\MpSigStub.exe (Microsoft Corporation)
PRC - C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Documents and Settings\MIKE\Desktop\OTL\OTL(1).exe (OldTimer Tools)
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - c:\Program Files\Microsoft Security Client\MpCmdRun.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe (Autodesk, Inc.)
PRC - C:\WINDOWS\system32\Ctxfihlp.exe (Creative Technology Ltd)
PRC - C:\WINDOWS\system32\CTxfispi.exe (Creative Technology Ltd)
PRC - C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
PRC - C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
PRC - C:\Program Files\Gigabyte\EasySaver\essvr.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\tsnp2std.exe ()
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)
PRC - C:\WINDOWS\vsnp2std.exe (Sonix)
PRC - C:\WINDOWS\FixCamera.exe ()
PRC - C:\Program Files\Gigabyte\ET5\GUI.exe ()
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe (HP)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files\Gigabyte\EasySaver\essvr.exe ()
MOD - C:\WINDOWS\CTXFIRES.DLL ()
MOD - C:\Program Files\Gigabyte\EasySaver\ycc.dll ()
MOD - C:\Program Files\Gigabyte\ET5\work.dll ()
MOD - C:\Program Files\Gigabyte\ET5\Normal.dll ()
MOD - C:\WINDOWS\tsnp2std.exe ()
MOD - C:\Program Files\Gigabyte\ET5\MarkFunDrv.dll ()
MOD - C:\WINDOWS\FixCamera.exe ()
MOD - C:\Program Files\Gigabyte\ET5\W83781D.DLL ()
MOD - C:\Program Files\Gigabyte\ET5\etiv.dll ()
MOD - C:\Program Files\Gigabyte\ET5\GUI.exe ()
MOD - C:\Program Files\Gigabyte\ET5\mibdata.dll ()
MOD - C:\Program Files\Gigabyte\ET5\Sound.dll ()


========== Services (SafeList) ==========

SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (ES lite Service) -- C:\Program Files\Gigabyte\EasySaver\essvr.exe ()
SRV - (SandraAgentSrv) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe (SiSoftware)
SRV - (CTAudSvcService) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (pr2ah4nc) -- C:\WINDOWS\System32\pr2ah4nc.exe (CODEMASTERS)


========== Driver Services (SafeList) ==========

DRV - (WDICA) --  File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (MRESP50a64) -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS File not found
DRV - (MRENDIS5) -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS File not found
DRV - (MREMPR5) -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS File not found
DRV - (MREMP50a64) -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS File not found
DRV - (mosuport) -- system32\DRIVERS\mosuport.sys File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (AODDriver) -- C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys File not found
DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows ® 2000 DDK provider)
DRV - (NVHDA) -- C:\WINDOWS\system32\drivers\nvhda32.sys (NVIDIA Corporation)
DRV - (GVTDrv) -- C:\WINDOWS\system32\drivers\GVTDrv.sys ()
DRV - (etdrv) -- C:\WINDOWS\etdrv.sys (Windows ® 2000 DDK provider)
DRV - (ha20x2k) -- C:\WINDOWS\system32\drivers\ha20x2k.sys (Creative Technology Ltd)
DRV - (emupia) -- C:\WINDOWS\system32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (ctprxy2k) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (ctdvda2k) -- C:\WINDOWS\system32\drivers\ctdvda2k.sys (Creative Technology Ltd)
DRV - (ctaud2k) -- C:\WINDOWS\system32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (ctac32k) -- C:\WINDOWS\system32\drivers\ctac32k.sys (Creative Technology Ltd)
DRV - (CTEXFIFX.SYS) -- C:\WINDOWS\system32\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV - (CTEXFIFX) -- C:\WINDOWS\system32\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV - (CTHWIUT.SYS) -- C:\WINDOWS\system32\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV - (CTHWIUT) -- C:\WINDOWS\system32\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV - (CT20XUT.SYS) -- C:\WINDOWS\system32\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV - (CT20XUT) -- C:\WINDOWS\system32\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV - (WmXlCore) -- C:\WINDOWS\system32\drivers\WmXlCore.sys (Logitech Inc.)
DRV - (WmVirHid) -- C:\WINDOWS\system32\drivers\WmVirHid.sys (Logitech Inc.)
DRV - (WmHidLo) -- C:\WINDOWS\system32\drivers\WmHidLo.sys (Logitech Inc.)
DRV - (WmBEnum) -- C:\WINDOWS\system32\drivers\WmBEnum.sys (Logitech Inc.)
DRV - (WmFilter) -- C:\WINDOWS\system32\drivers\WmFilter.sys (Logitech Inc.)
DRV - (MREMP50) -- C:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50) -- C:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (FTDIBUS) -- C:\WINDOWS\system32\drivers\ftdibus.sys (FTDI Ltd.)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (RTLTEAMING) -- C:\WINDOWS\system32\drivers\RTLTEAMING.SYS (Realtek Semiconductor Corporation)
DRV - (JRAID) -- C:\WINDOWS\system32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (nusb3xhc) -- C:\WINDOWS\system32\drivers\nusb3xhc.sys (NEC Electronics Corporation)
DRV - (nusb3hub) -- C:\WINDOWS\system32\drivers\nusb3hub.sys (NEC Electronics Corporation)
DRV - (SANDRA) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x86\sandra.sys (SiSoftware)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (RTLVLAN) -- C:\WINDOWS\system32\drivers\RTLVLAN.SYS (Realtek Semiconductor Corporation                           )
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (RtNdPt5x) -- C:\WINDOWS\system32\drivers\RtNdPt5x.sys (Realtek Semiconductor Corporation                           )
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (SNP2STD) -- C:\WINDOWS\system32\drivers\snp2sxp.sys ()
DRV - (MarkFun_NT) -- C:\Program Files\Gigabyte\ET5\MARKFUN.W32 (Windows ® 2000 DDK provider)
DRV - (FETNDISB) -- C:\WINDOWS\system32\drivers\dlkfet5b.sys (D-Link                              )
DRV - (pe3ah4nc) -- C:\WINDOWS\system32\drivers\pe3ah4nc.sys (CODEMASTERS)
DRV - (ps6ah4nc) -- C:\WINDOWS\system32\drivers\ps6ah4nc.sys (CODEMASTERS)
DRV - (AmdPPM) -- C:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices)
DRV - (RemoteControl-USBLAN) -- C:\WINDOWS\system32\drivers\rcblan.sys (Belcarra Technologies)
DRV - (ET5Drv) -- C:\WINDOWS\system32\drivers\ET5Drv.sys (Microsoft Corporation)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (sfvfs02) -- C:\WINDOWS\system32\drivers\sfvfs02.sys (Protection Technology)
DRV - (sfsync02) -- C:\WINDOWS\system32\drivers\sfsync02.sys (Protection Technology)
DRV - (sfdrv01) -- C:\WINDOWS\system32\drivers\sfdrv01.sys (Protection Technology)
DRV - (LHidKE) -- C:\WINDOWS\system32\drivers\LHidKE.Sys (Logitech, Inc.)
DRV - (LMouKE) -- C:\WINDOWS\system32\drivers\LMouKE.Sys (Logitech, Inc.)
DRV - (sfhlp02) -- C:\WINDOWS\system32\drivers\sfhlp02.sys (Protection Technology)
DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV - (MDC8021X) -- C:\WINDOWS\system32\drivers\mdc8021x.sys (Meetinghouse Data Communications)
DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{1D0C0448-EB8B-4bc6-943B-AAC32A1C7BFC}: "URL" = http://www.google.co...g}&sourceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1085031214-2000478354-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-1085031214-2000478354-839522115-1003\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-1085031214-2000478354-839522115-1003\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - SOFTWARE\Classes\CLSID\{BC86E1AB-EDA5-4059-938F-CE307B0C6F0A}\InprocServer32 File not found
IE - HKU\S-1-5-21-1085031214-2000478354-839522115-1003\..\SearchScopes,DefaultScope = {3906D159-82FC-450d-A57A-92D10437A2F5}
IE - HKU\S-1-5-21-1085031214-2000478354-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1085031214-2000478354-839522115-1003\..\SearchScopes\{1D0C0448-EB8B-4bc6-943B-AAC32A1C7BFC}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKU\S-1-5-21-1085031214-2000478354-839522115-1003\..\SearchScopes\{3906D159-82FC-450d-A57A-92D10437A2F5}: "URL" = http://search.yahoo....cevm&type=STDVM
IE - HKU\S-1-5-21-1085031214-2000478354-839522115-1003\..\SearchScopes\{69375861-28F5-4c72-B52E-5C6DA8270101}: "URL" = http://www.bing.com/...=SPLBR2&pc=SPLH
IE - HKU\S-1-5-21-1085031214-2000478354-839522115-1003\..\SearchScopes\{6E8FEB12-4AFD-4c88-A16F-6EBD16138199}: "URL" = http://www.google.co...2788:4067623346
IE - HKU\S-1-5-21-1085031214-2000478354-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1085031214-2000478354-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-1085031214-2000478354-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:8080

IE - HKU\S-1-5-21-1085031214-2000478354-839522115-1009\..\SearchScopes,DefaultScope =

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.3
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\ATT\8.3.1.18\ma\bin\npMotive.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\Documents and Settings\All Users\Application Data\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\MIKE\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/10/02 15:48:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/10/02 15:48:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/10/02 15:48:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/07/03 09:27:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/10/10 07:39:08 | 000,000,000 | ---D | M]

[2010/03/27 01:41:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\MIKE\Application Data\Mozilla\Extensions
[2014/10/23 00:34:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\MIKE\Application Data\Mozilla\Firefox\Profiles\as3v4wm6.default-1413528587453\extensions
[2014/09/25 01:43:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014/09/25 01:43:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2014/09/25 01:43:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2014/09/25 01:42:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/09/25 01:49:06 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/07/31 13:06:48 | 001,654,784 | ---- | M] (LizardTech) -- C:\Program Files\mozilla firefox\plugins\npdjvu.dll
[2013/09/12 03:18:29 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll

========== Chrome  ==========

CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_1\
CHR - Extension: No name found = C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0\
CHR - Extension: No name found = C:\Documents and Settings\MIKE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\

O1 HOSTS File: ([2014/09/07 17:52:30 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-1085031214-2000478354-839522115-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (Gigabyte Technology Corp.)
O4 - HKLM..\Run: [ADSK DLMSession] C:\Program Files\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe (Autodesk, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [EasyTuneV] C:\Program Files\Gigabyte\ET5\ETcall.exe ()
O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe ()
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe (HP)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Nvtmru] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe (Sonix)
O4 - HKLM..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1085031214-2000478354-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1085031214-2000478354-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1085031214-2000478354-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1085031214-2000478354-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1085031214-2000478354-839522115-1009\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1085031214-2000478354-839522115-1009\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O15 - HKU\S-1-5-21-1085031214-2000478354-839522115-1003\..Trusted Domains: $talisma_url$ ([]https in Trusted sites)
O15 - HKU\S-1-5-21-1085031214-2000478354-839522115-1003\..Trusted Domains: gigabyte.us ([www] https in Trusted sites)
O16 - DPF: {01025D1C-BB03-4369-8344-732CD0DCCCF0} http://www.geforce.c.../GPU_Reader.cab (NVIDIA GPU Reader Class)
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} http://download.giga...bject/Dldrv.ocx (Dldrv2 Control)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcp...ols/pcmatic.cab (PCPitstop Utility)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creat...102/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {714E667D-360C-4BFB-8C1A-E4812B608CC1} http://service.samsu...rustChecker.cab (ACUBETrustChecker Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: {E0FEE963-BB53-4215-81AD-B28C77384644} https://pbells.broad...otiveClient.cab (Reg Error: Key error.)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creat...015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...21022/CTPID.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{49581C7F-1CFC-4C55-B4EF-8588276CD04B}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A58FF43-D0E1-4ABF-AF28-71D624F648EF}: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/07/31 08:49:10 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2010/03/26 22:18:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/08/16 21:23:37 | 000,000,062 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2006/02/11 21:54:47 | 000,000,000 | -HS- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2014/07/31 08:48:18 | 000,000,000 | ---D | M] - F:\AUTO -- [ NTFS ]
O32 - AutoRun File - [2006/02/11 21:54:47 | 000,000,000 | -HS- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005/11/28 12:44:10 | 008,188,928 | ---- | M] () - F:\Autotap 3.00.msi -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/10/21 04:27:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\RogueKiller
[2014/10/21 04:20:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\MIKE\Desktop\New Folder
[2014/10/09 02:56:04 | 002,480,312 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Documents and Settings\MIKE\Desktop\procexp.exe

========== Files - Modified Within 30 Days ==========

[2014/10/30 23:44:13 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/10/30 23:43:46 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2014/10/30 23:43:27 | 000,020,506 | ---- | M] () -- C:\WINDOWS\System32\nvAppTimestamps
[2014/10/30 23:36:16 | 000,011,936 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/10/30 23:33:24 | 000,017,488 | ---- | M] (Windows ® 2000 DDK provider) -- C:\WINDOWS\gdrv.sys
[2014/10/30 23:33:05 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/10/30 23:32:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/10/30 06:24:45 | 000,229,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2014/10/29 03:03:45 | 000,055,468 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000005-00000000-00000006-00001102-00000005-00231102}.rfx
[2014/10/29 03:03:45 | 000,055,468 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000005-00000000-00000006-00001102-00000005-00231102}.rfx
[2014/10/29 03:03:45 | 000,000,788 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000005-00000000-00000006-00001102-00000005-00231102}.rfx
[2014/10/25 14:27:18 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014/10/21 04:53:50 | 000,034,808 | ---- | M] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2014/10/10 07:18:51 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2014/10/10 06:02:39 | 000,002,311 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Radio Tuna.lnk
[2014/10/09 15:24:45 | 000,000,214 | ---- | M] () -- C:\Documents and Settings\MIKE\Desktop\Xpand Rally.url
[2014/10/06 01:06:54 | 000,002,064 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2014/10/06 01:06:54 | 000,002,064 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm

========== Files Created - No Company Name ==========

[2014/10/21 04:28:15 | 000,034,808 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2014/10/10 07:18:50 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader XI.lnk
[2014/10/10 07:18:49 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
[2014/10/09 15:24:45 | 000,000,214 | ---- | C] () -- C:\Documents and Settings\MIKE\Desktop\Xpand Rally.url
[2014/09/13 21:12:04 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014/09/12 02:16:45 | 000,000,079 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2014/02/20 18:14:02 | 000,179,377 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2013/06/13 00:47:43 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\MIKE\Application Data\$_hpcst$.hpc
[2012/01/14 05:06:20 | 000,000,042 | ---- | C] () -- C:\Documents and Settings\MIKE\default.pls
[2011/11/28 05:08:50 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\MIKE\RoomEQWizardV5-Path
[2011/07/22 10:26:46 | 001,146,752 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1085031214-2000478354-839522115-1003-0.dat
[2011/07/22 10:26:45 | 000,145,058 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/01/24 02:47:44 | 010,964,992 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\sandra.mda
[2010/03/29 07:58:51 | 000,037,888 | ---- | C] () -- C:\Documents and Settings\MIKE\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2010/03/27 18:47:49 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 1472 bytes -> C:\WINDOWS\System32\drivers\mrckvjsi.sys:changelist

< End of report >


#113 oldman960

oldman960

    Forum God

  • Retired Classroom Teacher
  • 14,770 posts

Posted 03 November 2014 - 12:34 AM

Hi gcdi,

Don't know where Spybot went. It showed in the previous logs as installed and active but not in this one. Nothing we did would have removed it.

There isn't anything in the logs that point to why the computer is slow.

Let's see if anything will show up or help in msconfig.

Once you enter msconfig you will be able to see if the computer is in either Normal Startup or Selective Startup by which box is checked. Follow the appropriate instructions.
  • Click the Start button and select Run.
  • Type msconfig and click Ok.
If your computer is in Normal Startup do the following:
  • Click the Selective Startup button.
  • Uncheck the Load Startup items (or Load Startup Group items) box.
  • Select the Services tab and check Hide all Microsoft services.
  • Click Disable all.
  • Click Apply and Close.
  • Restart the computer when prompted.
  • Once restarted, if the system configuration window appears, close the window. Select No to restarting if prompted.
  • If your computer is set for Selective Startup do the following:
  • Click the Startup tab at the top.
  • Make a note of the items that have checkmarks next to them.
  • Select Disable all.
  • Go to the Services tab and check Hide all Microsoft services.
  • Make a note of the services that have checkmarks next to them.
  • Click Disable all.
  • Click Apply and Close.
  • Restart the computer when prompted.
  • Once restarted, if the system configuration window appears, close the window. Select No to restarting if prompted.
Any better?

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation 5Iv60h9.jpg
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

#114 gcdi

gcdi

    Authentic Member

  • Authentic Member
  • PipPip
  • 119 posts

Posted 09 November 2014 - 08:41 PM

 no,   i couldn't tell much of a difference.


#115 oldman960

oldman960

    Forum God

  • Retired Classroom Teacher
  • 14,770 posts

Posted 11 November 2014 - 12:43 PM

Hi gcdi,

This is looking like a Windows problem. The operating system could have been damaged by the infection(s) you had.

What is the Service pack of your Wndows CD?

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation 5Iv60h9.jpg
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

    Advertisements

Register to Remove

#116 gcdi

gcdi

    Authentic Member

  • Authentic Member
  • PipPip
  • 119 posts

Posted 13 November 2014 - 01:08 AM

Service Pack 2 Version 2002


#117 oldman960

oldman960

    Forum God

  • Retired Classroom Teacher
  • 14,770 posts

Posted 15 November 2014 - 02:03 PM

Hi gcdi,

You have some options.

We can try running System File Checker. Since your disk is only at SP2 you may need the SP3 files in case you are asked for the disk. We can get them but it's a fairly big download (316mb).

You could bo a parallel install and move your personal data over to the new install.

I'm not sure how well a repair install would work given the differences in the Service Packs.

You could simply backup your data and wipe the hard drive clean and reinstall Windows.

Note: XP is no longer supported and no updates or patches are being released. You may be better off in the long run updating the computer to Windows7.

Let me know how you want to proceed.

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation 5Iv60h9.jpg
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

#118 gcdi

gcdi

    Authentic Member

  • Authentic Member
  • PipPip
  • 119 posts

Posted 26 November 2014 - 11:43 PM

I'm not sure what I should do but I do have a question.

I'm not knowledgeable enough with computers to know but I have done some troubleshooting with other electronics, with computers is there no way to log or look at what's happening when the computer is slow? Example, when I click on a desktop icon for a browser and it takes such a long time for the browser page to open is there a way to see what is occuring during that time?


#119 oldman960

oldman960

    Forum God

  • Retired Classroom Teacher
  • 14,770 posts

Posted 29 November 2014 - 12:42 PM

Hi gcdi,

You can try Process Monitor. .

Proud Graduate of the WTT Classroon
If you are happy with the help you recieved, please consider making a Donation 5Iv60h9.jpg
Curiosity didn't kill the cat. Ignorance did, curiosity was framed.
Learn how to protect Yourself

Microsoft MVP 2011-2015

Threads will be closed if no response after 5 days.

#120 gcdi

gcdi

    Authentic Member

  • Authentic Member
  • PipPip
  • 119 posts

Posted 05 December 2014 - 04:26 AM

Well, I downloaded it but it would probably take me years to learn how to use it properly and what all the info meant.

So from the previous choices you mrntioned what would you do?


Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·