Solved Internet Explorer keeps running on its own..

Status
Not open for further replies.
I don't see any iexplore.exe processes running, but...

Something is still not right there.
svchost.exe uses a lot of CPU.

First of all, you're running extremely low on C drive free space:
Drive C: | 79.99 Gb Total Space | 1.62 Gb Free Space | 2.02% Space Free
Click to expand...

You need to start moving some stuff out.
Let me know when you have at least 7-8GB free.

When you're there post new Process Explorer log.
 
The process is explorer.exe, not iexplorer.exe. I'll try to transfer some things off but I have to warn, it may take a while as I don't have an external drive with me right now to put things on.
 
Error message

By the way I just restarted my machine and saw the error message I described before. It says that AppleSyncNotifier can't run because it can't find CoreFoundation.dll. I think it might be related to the software for my back-up drive, which I don't have plugged in at the moment.

As I mentioned before, my system seems to be running a lot slower since yesterday. I watched a video earlier and it was particularly noticeable then. Do you have any idea what it might be?
 
The process is explorer.exe, not iexplorer.exe.
Click to expand...
That's a crucial Windows process. It must be running all the time.

As I mentioned before, my system seems to be running a lot slower since yesterday. I watched a video earlier and it was particularly noticeable then. Do you have any idea what it might be?
Click to expand...
As I said something is not right there, but I need to you to free some space on drive C to make sure that's not the culprit.

It says that AppleSyncNotifier can't run because it can't find CoreFoundation.dll
Click to expand...
We'll take care of it.
 
Problem getting really bad...

In the last few hours, my computer has become so slow as to be almost unusable. I managed to clear about 6.5 GBs off C drive, which took forever given how slow everything is running. Here's the latest Procexp log. Please tell me what's wrong!

Process PID CPU Private Bytes Working Set Description Company Name Command Line
System Idle Process 0 54.41 0 K 28 K
System 4 0.28 0 K 240 K
Interrupts n/a 34.16 0 K 0 K Hardware Interrupts and DPCs
smss.exe 768 172 K 440 K Windows NT Session Manager Microsoft Corporation \SystemRoot\System32\smss.exe
csrss.exe 828 0.69 1,984 K 5,548 K Client Server Runtime Process Microsoft Corporation C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
winlogon.exe 852 6,344 K 1,472 K Windows NT Logon Application Microsoft Corporation winlogon.exe
services.exe 896 0.28 3,676 K 5,712 K Services and Controller app Microsoft Corporation C:\WINDOWS\system32\services.exe
svchost.exe 1072 3,280 K 5,420 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k DcomLaunch
igfxsrvc.exe 2780 1,112 K 3,332 K igfxsrvc Module Intel Corporation C:\WINDOWS\system32\igfxsrvc.exe -Embedding
igfxext.exe 3216 824 K 3,116 K igfxext Module Intel Corporation C:\WINDOWS\system32\igfxext.exe -Embedding
wmiprvse.exe 3508 2,600 K 5,108 K WMI Microsoft Corporation C:\WINDOWS\system32\wbem\wmiprvse.exe
svchost.exe 1156 2,068 K 4,708 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k rpcss
MsMpEng.exe 1196 0.41 102,160 K 65,760 K Antimalware Service Executable Microsoft Corporation "c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
svchost.exe 1232 1.52 20,156 K 31,240 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\System32\svchost.exe -k netsvcs
wuauclt.exe 1124 2,488 K 4,904 K Windows Update Microsoft Corporation "C:\WINDOWS\system32\wuauclt.exe"
svchost.exe 1320 1,584 K 3,896 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k NetworkService
svchost.exe 1416 4,756 K 6,860 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k LocalService
spoolsv.exe 1700 3,672 K 5,824 K Spooler SubSystem App Microsoft Corporation C:\WINDOWS\system32\spoolsv.exe
svchost.exe 1780 1,336 K 3,620 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k LocalService
AppleMobileDeviceService.exe 1808 5,036 K 7,908 K MobileDeviceService Apple Inc. "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
mDNSResponder.exe 2000 1,364 K 3,996 K Bonjour Service Apple Inc. "C:\Program Files\Bonjour\mDNSResponder.exe"
FreeAgentService.exe 132 4,184 K 5,048 K Sync Windows Services Seagate Technology LLC "C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe"
jqs.exe 380 1.65 2,344 K 1,392 K Java(TM) Quick Starter Service Sun Microsystems, Inc. "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
svchost.exe 536 2,892 K 4,996 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\system32\svchost.exe -k imgsvc
wdfmgr.exe 628 1,656 K 1,988 K Windows User Mode Driver Manager Microsoft Corporation C:\WINDOWS\system32\wdfmgr.exe
VmbService.exe 960 13,596 K 13,080 K VmbService Vodafone "C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe"
alg.exe 364 1,308 K 3,772 K Application Layer Gateway Service Microsoft Corporation C:\WINDOWS\System32\alg.exe
svchost.exe 4044 1,732 K 3,684 K Generic Host Process for Win32 Services Microsoft Corporation C:\WINDOWS\System32\svchost.exe -k HTTPFilter
iPodService.exe 3360 2,528 K 4,128 K iPodService Module (32-bit) Apple Inc. "C:\Program Files\iPod\bin\iPodService.exe"
lsass.exe 908 0.41 4,080 K 1,408 K LSA Shell (Export Version) Microsoft Corporation C:\WINDOWS\system32\lsass.exe
explorer.exe 640 0.14 24,312 K 34,332 K Windows Explorer Microsoft Corporation C:\WINDOWS\Explorer.EXE
jusched.exe 2304 836 K 2,796 K Java(TM) Update Scheduler Sun Microsystems, Inc. "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
RTHDCPL.EXE 2564 21,684 K 22,816 K Realtek HD Audio Control Panel Realtek Semiconductor Corp. "C:\WINDOWS\RTHDCPL.EXE"
stxmenumgr.exe 2624 1,232 K 4,208 K FreeAgent™ Launcher Seagate LLC "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
igfxtray.exe 2632 1,172 K 3,768 K igfxTray Module Intel Corporation "C:\WINDOWS\system32\igfxtray.exe"
hkcmd.exe 2640 1,168 K 3,752 K hkcmd Module Intel Corporation "C:\WINDOWS\system32\hkcmd.exe"
GrooveMonitor.exe 2812 1,748 K 6,472 K GrooveMonitor Utility Microsoft Corporation "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
ETDDECT.EXE 2868 1,308 K 5,032 K ETD Ware Detect ELANTECH Devices Corp. "C:\Program Files\Elantech\ETDDect.exe"
ETDCTRL.EXE 2928 2,844 K 4,476 K ETD Ware TSR Enhancements ELANTECH Devices Corp. "C:\Program Files\Elantech\ETDCtrl.exe"
AsTray.exe 2976 1,020 K 3,720 K Eee PC Tray Utility ASUSTeK Computer Inc. "C:\Program Files\EeePC\ACPI\AsTray.exe"
AsEPCMon.exe 2988 564 K 2,052 K AsEPCMon ASUSTeK Computer Inc. "C:\Program Files\EeePC\ACPI\AsEPCMon.exe"
AsAcpiSvr.exe 3044 2,224 K 4,292 K Asus Eee PC ACPI Service ASUSTeK Computer Inc. "C:\PROGRAM FILES\EEEPC\ACPI\ASACPISVR.EXE"
msseces.exe 3140 4,480 K 8,932 K Microsoft Security Client User Interface Microsoft Corporation "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
realsched.exe 3636 1,248 K 164 K RealNetworks Scheduler RealNetworks, Inc. "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
iTunesHelper.exe 3884 8,648 K 13,796 K iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
MobileBroadband.exe 3940 0.41 88,908 K 102,960 K MobileBroadband Vodafone "C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe" /silent
Skype.exe 4000 0.28 54,200 K 60,516 K Skype Skype Technologies S.A. "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
ctfmon.exe 4012 1,220 K 4,732 K CTF Loader Microsoft Corporation "C:\WINDOWS\system32\ctfmon.exe"
SuperHybridEngine.exe 1116 1,192 K 4,588 K Eee Super Hybrid Engine ASUSTeK Computer Inc. "C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe"
msimn.exe 1540 9,624 K 2,780 K Outlook Express Microsoft Corporation "C:\Program Files\Outlook Express\msimn.exe"
uTorrent.exe 1336 0.41 13,404 K 5,524 K µTorrent BitTorrent, Inc. "C:\Program Files\uTorrent\uTorrent.exe"
firefox.exe 2104 106,712 K 123,352 K Firefox Mozilla Corporation "C:\Program Files\Mozilla Firefox\firefox.exe"
plugin-container.exe 912 0.83 20,152 K 25,708 K Plugin Container for Firefox Mozilla Corporation "C:\Program Files\Mozilla Firefox\plugin-container.exe" --channel=2104.69d5160.67415715 "C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll" - -omnijar C:\Program Files\Mozilla Firefox\omni.jar 2104 \\.\pipe\gecko-crash-server-pipe.2104 plugin
procexp.exe 1056 4.13 10,908 K 17,168 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com "C:\Documents and Settings\John B. Morgan IV\Desktop\procexp.exe"
 
You have a huge CPU usage by Hardware Interrupts (34.16%).
Possible hard drive issue.

Check Primary and Secondary IDE settings: Device Manager -> IDE ATA/ATAPI controllers -> Primary or Secondary IDE Channel -> Properties -> Advanced Settings. Look at the Current Transfer Mode field.
See, if it's in PIO mode instead of DMA mode.
 
I was able to follow you to Primary or Secondary IDE channel. I don't see anything marked Properties in either one.
 
Run hard drive diagnostics: http://www.tacktech.com/display.cfm?ttid=287 (or http://www.bleepingcomputer.com/forums/index.php?showtopic=28744&hl=hard+drive+diagnostic)
Make sure, you select tool, which is appropriate for the brand of your hard drive.
Depending on the program, it'll create bootable floppy, or bootable CD.
If downloaded file is of .iso type, use ImgBurn: http://www.imgburn.com/ to burn .iso file to a CD (select "Write image file to disc" option), to make the CD bootable.
For Toshiba hard drives, see here: http://sdd.toshiba.com/main.aspx?Pa...rivesUSandCanada/SoftwareUtilities#diagnostic

Note : If you do not know how to set your computer to boot from CD follow the steps HERE
 
Please re-run OTL....
Only one log will be produced.

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox.
  • Under the Custom Scan box paste this in:


netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
atapi.sys
/md5stop


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
New OTL log

There was only one OTL log. There was no screen called Extras.

Here it is:

OTL logfile created on: 7/29/2011 6:39:40 PM - Run 12
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\John B. Morgan IV\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.97 Gb Available Physical Memory | 48.67% Memory free
3.84 Gb Paging File | 3.02 Gb Available in Paging File | 78.56% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 79.99 Gb Total Space | 6.38 Gb Free Space | 7.98% Space Free | Partition Type: NTFS
Drive D: | 61.20 Gb Total Space | 0.19 Gb Free Space | 0.31% Space Free | Partition Type: NTFS
Drive E: | 7.82 Gb Total Space | 0.15 Gb Free Space | 1.91% Space Free | Partition Type: NTFS
Drive F: | 298.09 Gb Total Space | 2.91 Gb Free Space | 0.98% Space Free | Partition Type: NTFS
Drive H: | 232.83 Gb Total Space | 0.17 Gb Free Space | 0.07% Space Free | Partition Type: FAT32

Computer Name: ATHENA | User Name: John B. Morgan IV | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/29 18:38:10 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\John B. Morgan IV\Desktop\OTL.exe
PRC - [2011/06/05 02:42:23 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2011/05/22 06:03:22 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/03/26 02:15:25 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2010/11/30 03:50:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 02:56:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/06/16 07:49:06 | 000,269,824 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
PRC - [2010/06/16 07:49:06 | 000,008,704 | ---- | M] (Vodafone) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
PRC - [2009/12/18 01:55:16 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/12/18 01:54:24 | 000,197,928 | ---- | M] (Seagate LLC) -- C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2008/09/03 22:49:56 | 000,311,296 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
PRC - [2008/09/03 14:34:42 | 000,335,872 | ---- | M] (ELANTECH Devices Corp.) -- C:\Program Files\Elantech\ETDCTRL.EXE
PRC - [2008/09/02 23:32:00 | 000,593,920 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
PRC - [2008/09/02 23:28:14 | 000,106,496 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsTray.exe
PRC - [2008/08/22 20:18:44 | 000,204,800 | ---- | M] (ELANTECH Devices Corp.) -- C:\Program Files\Elantech\ETDDECT.EXE
PRC - [2008/05/21 04:56:24 | 000,094,208 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\ACPI\AsEPCMon.exe
PRC - [2008/04/13 20:12:28 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Outlook Express\msimn.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/07/29 18:38:10 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\John B. Morgan IV\Desktop\OTL.exe
MOD - [2011/04/18 13:21:18 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
MOD - [2011/04/18 13:21:18 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
MOD - [2011/03/26 02:16:07 | 000,040,448 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (PavPrSrv)
SRV - File not found [Auto | Stopped] -- -- (LanmanSrv)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/11/11 02:56:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/06/16 07:49:06 | 000,008,704 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- (VmbService)
SRV - [2010/02/19 04:07:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/12/18 01:55:16 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2007/01/04 22:48:52 | 000,112,152 | R--- | M] (InterVideo) [Disabled | Stopped] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV - [2011/07/29 16:32:10 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A29D2DA5-91B9-43C6-BA6F-E8801A20D7DB}\MpKslf7026968.sys -- (MpKslf7026968)
DRV - [2010/06/14 03:07:58 | 000,009,216 | R--- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter.sys -- (massfilter)
DRV - [2010/04/19 09:59:20 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/03/16 09:01:00 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zteusbvoice.sys -- (ZTEusbvoice)
DRV - [2010/03/16 09:01:00 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2010/03/16 09:01:00 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2010/03/16 09:01:00 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2010/01/25 09:43:10 | 000,114,688 | R--- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV - [2008/08/12 19:10:50 | 004,751,360 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/04/29 02:03:20 | 000,016,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rkpavproc1.sys -- (RkPavproc1)
DRV - [2008/04/13 14:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\changer.sys -- (Changer)
DRV - [2008/04/13 14:40:26 | 000,034,688 | ---- | M] (Toshiba Corp.) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\lbrtfdc.sys -- (lbrtfdc)
DRV - [2008/04/08 18:59:28 | 000,010,752 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASUSACPI.SYS -- (AsusACPI)
DRV - [2008/03/11 22:37:00 | 000,036,864 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2007/05/03 07:00:58 | 000,546,976 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2007/03/28 10:22:18 | 000,057,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-835585458-1146130675-857608242-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.integraltradition.com/
IE - HKU\S-1-5-21-835585458-1146130675-857608242-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Softonic_English Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1142338&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.arktos.com/"
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.8.0552
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..keyword.URL: "http://in.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_in&p="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.633: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.633: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.633: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.633: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010/08/01 12:59:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/03/26 02:16:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/22 06:03:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/22 06:03:37 | 000,000,000 | ---D | M]

[2009/03/07 13:36:09 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\John B. Morgan IV\Application Data\Mozilla\Extensions
[2011/06/02 04:40:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\John B. Morgan IV\Application Data\Mozilla\Firefox\Profiles\wlrr7xnj.default\extensions
[2010/08/09 23:27:03 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\John B. Morgan IV\Application Data\Mozilla\Firefox\Profiles\wlrr7xnj.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/05/23 00:26:31 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\John B. Morgan IV\Application Data\Mozilla\Firefox\Profiles\wlrr7xnj.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/05/06 03:54:18 | 000,000,000 | ---D | M] (Softonic English Toolbar) -- C:\Documents and Settings\John B. Morgan IV\Application Data\Mozilla\Firefox\Profiles\wlrr7xnj.default\extensions\{930f1200-f5f1-4870-bac6-e233ec8e7023}
[2009/05/20 09:11:27 | 000,000,681 | ---- | M] () -- C:\Documents and Settings\John B. Morgan IV\Application Data\Mozilla\Firefox\Profiles\wlrr7xnj.default\searchplugins\ask.xml
[2009/03/25 02:22:56 | 000,000,894 | ---- | M] () -- C:\Documents and Settings\John B. Morgan IV\Application Data\Mozilla\Firefox\Profiles\wlrr7xnj.default\searchplugins\conduit.xml
[2010/06/19 03:41:56 | 000,002,395 | ---- | M] () -- C:\Documents and Settings\John B. Morgan IV\Application Data\Mozilla\Firefox\Profiles\wlrr7xnj.default\searchplugins\daemon-search.xml
[2011/05/21 07:50:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2011/03/26 02:16:08 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2010/03/15 03:44:47 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/05/22 06:03:21 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009/10/19 09:29:44 | 000,047,104 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\mozilla firefox\components\FFComm.dll
[2011/05/22 06:03:29 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/07/29 01:26:29 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O3 - HKU\S-1-5-21-835585458-1146130675-857608242-1006\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCTRL.EXE (ELANTECH Devices Corp.)
O4 - HKLM..\Run: [ETDWareDetect] C:\Program Files\Elantech\ETDDECT.EXE (ELANTECH Devices Corp.)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SuperHybridEngine.lnk = C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe (ASUSTeK Computer Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-835585458-1146130675-857608242-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-835585458-1146130675-857608242-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-835585458-1146130675-857608242-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-835585458-1146130675-857608242-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-835585458-1146130675-857608242-1006\..Trusted Domains: bobibanking.com ([www] https in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1263849575053 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1263849552381 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.254.1 167.206.254.2 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\John B. Morgan IV\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\John B. Morgan IV\Application Data\Mozilla\Firefox\Desktop Background.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/08/02 13:33:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/07/19 22:25:09 | 000,000,062 | ---- | M] () - F:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/07/29 18:38:12 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\John B. Morgan IV\Desktop\OTL.exe
[2011/07/29 11:03:32 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/07/28 19:21:13 | 001,436,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\John B. Morgan IV\Desktop\tdsskiller.exe
[2011/07/28 15:25:33 | 000,000,000 | R--D | C] -- C:\Documents and Settings\John B. Morgan IV\Start Menu\Programs\Administrative Tools
[2011/07/24 18:51:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\John B. Morgan IV\Desktop\Anders Breivik
[2011/07/14 02:36:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2011/07/07 12:09:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\John B. Morgan IV\Desktop\Counter-Currents
[2011/07/02 07:05:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\John B. Morgan IV\Desktop\Vedic Technology
[2010/04/09 04:51:33 | 000,190,464 | ---- | C] (Microsoft) -- C:\Program Files\Common Files\OnlineFilesManager.dll.old
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/29 18:40:26 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-835585458-1146130675-857608242-1006.job
[2011/07/29 18:40:24 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-835585458-1146130675-857608242-1006.job
[2011/07/29 18:38:10 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\John B. Morgan IV\Desktop\OTL.exe
[2011/07/29 18:02:01 | 000,000,908 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/29 16:37:24 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/07/29 16:30:25 | 000,000,904 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/29 16:29:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/29 12:06:25 | 000,115,712 | ---- | M] () -- C:\Documents and Settings\John B. Morgan IV\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/07/29 10:59:18 | 000,012,620 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/07/29 01:26:29 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/07/28 19:21:25 | 001,436,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\John B. Morgan IV\Desktop\tdsskiller.exe
[2011/07/28 02:00:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-ATHENA-John B. Morgan IV.job
[2011/07/27 11:40:02 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\John B. Morgan IV\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/07/26 18:03:50 | 094,725,921 | ---- | M] () -- C:\Documents and Settings\John B. Morgan IV\Desktop\Dyal Dissertation.pdf
[2011/07/24 11:28:04 | 000,446,478 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/07/24 11:28:04 | 000,073,594 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/07/24 10:57:14 | 000,003,528 | ---- | M] () -- C:\Documents and Settings\John B. Morgan IV\Application Data\10F2.BF7
[2011/07/23 13:58:11 | 000,002,485 | ---- | M] () -- C:\Documents and Settings\John B. Morgan IV\.11.838163682.838163682.axisweb.3.2.25
[2011/07/18 02:48:24 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/15 14:47:44 | 956,301,312 | ---- | M] () -- C:\Documents and Settings\John B. Morgan IV\Desktop\King Lear.avi
[2011/07/14 02:32:38 | 003,685,400 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/07/13 16:31:08 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/07/07 09:37:18 | 971,637,760 | ---- | M] () -- C:\Documents and Settings\John B. Morgan IV\My Documents\jbmorgan.pst
[2011/07/06 10:22:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/07/06 10:22:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/07/04 12:58:26 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_netaapl_01009.Wdf
[2011/07/04 12:58:10 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/29 16:31:35 | 000,000,302 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-835585458-1146130675-857608242-1006.job
[2011/07/26 18:03:21 | 094,725,921 | ---- | C] () -- C:\Documents and Settings\John B. Morgan IV\Desktop\Dyal Dissertation.pdf
[2011/07/23 20:04:01 | 000,003,528 | ---- | C] () -- C:\Documents and Settings\John B. Morgan IV\Application Data\10F2.BF7
[2011/07/15 14:20:22 | 956,301,312 | ---- | C] () -- C:\Documents and Settings\John B. Morgan IV\Desktop\King Lear.avi
[2011/07/04 12:58:26 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_netaapl_01009.Wdf
[2011/07/04 12:58:10 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011/06/02 04:48:28 | 000,000,126 | ---- | C] () -- C:\WINDOWS\{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}.ini
[2011/04/20 00:33:26 | 000,452,148 | ---- | C] () -- C:\Program Files\Drivers_pack_v4.55.63_fix.exe
[2011/03/01 13:06:14 | 000,000,110 | ---- | C] () -- C:\WINDOWS\SILCMD.INI
[2010/09/29 14:23:08 | 000,015,228 | ---- | C] () -- C:\WINDOWS\alchemy.ini
[2010/08/02 17:00:20 | 000,016,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2010/08/01 16:12:03 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/08/01 16:12:03 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/08/01 16:12:03 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/08/01 16:12:03 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/08/01 16:12:03 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/07/19 15:28:03 | 000,000,054 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/07/11 10:43:48 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\asdict.dat
[2010/07/11 10:43:48 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\aspdict-en.dat
[2010/07/09 03:46:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\wsbl.dat
[2010/07/09 03:46:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_white.dat
[2010/07/09 03:46:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_summ.dat
[2010/07/09 03:46:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\ph_black.dat
[2010/07/09 03:46:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pcwords2.dat
[2010/07/09 03:46:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\pcwords.dat
[2010/07/09 02:48:18 | 000,000,132 | ---- | C] () -- C:\WINDOWS\System32\rezumatenoi.dat
[2010/06/15 03:50:14 | 000,157,470 | R--- | C] () -- C:\Documents and Settings\All Users\Application Data\DeviceManager.xml.rc4
[2010/04/09 04:51:33 | 000,052,355 | ---- | C] () -- C:\Program Files\Common Files\OnlineFilesManager.dll
[2010/02/11 01:19:16 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Mkunuwamoheyev.dat
[2010/02/11 01:19:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Cyikah.bin
[2009/12/27 17:35:36 | 000,076,188 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/11/24 16:45:16 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/11/24 16:45:03 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2009/11/24 16:45:03 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2009/11/24 16:45:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2009/11/24 16:44:58 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2009/11/24 16:44:26 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2009/11/24 16:44:25 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2009/11/24 16:43:48 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2009/11/24 16:43:35 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2009/08/19 11:28:15 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/04/24 07:53:26 | 000,016,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\rkpavproc1.sys
[2009/03/17 02:01:54 | 000,115,712 | ---- | C] () -- C:\Documents and Settings\John B. Morgan IV\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/07 13:36:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/03/06 13:12:39 | 000,001,530 | ---- | C] () -- C:\Documents and Settings\John B. Morgan IV\Application Data\wklnhst.dat
[2009/03/06 12:02:52 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2009/02/13 09:45:41 | 000,000,140 | ---- | C] () -- C:\Documents and Settings\John B. Morgan IV\Local Settings\Application Data\fusioncache.dat
[2008/09/11 23:22:29 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/09/11 09:07:09 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2008/09/11 09:07:09 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2008/09/11 09:07:09 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2008/09/11 09:07:09 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2008/09/11 09:07:09 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2008/09/11 09:07:09 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2008/09/11 07:26:58 | 000,049,152 | ---- | C] () -- C:\WINDOWS\INSTALLEEE.EXE
[2008/09/11 06:59:45 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4906.dll
[2008/09/11 06:58:10 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat
[2008/08/09 10:53:16 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/08/09 10:47:29 | 000,023,444 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/08/09 10:32:28 | 000,005,312 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2008/08/09 10:32:15 | 000,446,478 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/08/09 10:32:15 | 000,073,594 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/08/09 10:32:14 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/08/09 03:41:18 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/08/09 03:40:17 | 003,685,400 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/07/30 22:31:52 | 000,021,864 | ---- | C] () -- C:\WINDOWS\AsAcpiSvrLang.ini
[2008/03/19 21:58:28 | 000,000,173 | ---- | C] () -- C:\WINDOWS\explorer.exe.config
[2008/03/17 18:54:36 | 000,012,208 | ---- | C] () -- C:\WINDOWS\AsTrayLang.ini

========== LOP Check ==========

[2010/08/04 12:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/08/01 13:00:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender
[2009/09/11 00:49:51 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2010/06/19 03:42:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011/07/14 02:35:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easybits GO
[2010/08/04 11:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2010/09/01 01:05:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Novatel Wireless
[2011/04/15 10:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2010/03/30 11:35:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
[2010/08/04 14:08:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/06/21 17:24:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Vodafone
[2011/04/30 06:02:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/29 22:03:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/05/15 10:40:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2008/09/11 23:15:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\InterVideo
[2011/04/23 09:40:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John B. Morgan IV\Application Data\Canon
[2010/11/11 15:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John B. Morgan IV\Application Data\com.adobe.ExMan
[2010/06/19 04:11:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John B. Morgan IV\Application Data\DAEMON Tools Lite
[2010/07/01 10:06:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John B. Morgan IV\Application Data\DataCast
[2011/07/26 10:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John B. Morgan IV\Application Data\Dropbox
[2011/07/28 01:19:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John B. Morgan IV\Application Data\foobar2000
[2011/07/14 02:35:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John B. Morgan IV\Application Data\go
[2008/09/11 23:15:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John B. Morgan IV\Application Data\InterVideo
[2010/09/15 17:11:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John B. Morgan IV\Application Data\Kernel for Outlook
[2010/03/30 11:13:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John B. Morgan IV\Application Data\Leadertech
[2011/01/24 15:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John B. Morgan IV\Application Data\MP3Rocket
[2009/03/06 13:12:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John B. Morgan IV\Application Data\Template
[2010/06/19 06:14:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John B. Morgan IV\Application Data\Uniblue
[2011/07/29 18:54:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John B. Morgan IV\Application Data\uTorrent
[2011/05/16 19:16:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John B. Morgan IV\Application Data\Vodafone
[2009/02/16 03:23:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John B. Morgan IV\Application Data\Windows Live Writer
[2010/06/21 08:48:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John B. Morgan IV\Application Data\ZTEEVDO
[2010/06/21 08:48:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John B. Morgan IV\Application Data\ZTEMTUI
[2011/07/29 16:37:24 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========
 
OTL log, continued

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/08/02 13:33:22 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2010/08/01 12:56:39 | 000,006,459 | ---- | M] () -- C:\bdlog.txt
[2010/08/02 13:24:54 | 000,000,212 | -HS- | M] () -- C:\BOOT.001
[2010/08/02 15:18:20 | 000,000,345 | ---- | M] () -- C:\Boot.bak
[2010/08/14 00:50:00 | 000,000,415 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr
[2011/07/29 01:37:49 | 000,015,660 | ---- | M] () -- C:\ComboFix.txt
[2010/08/02 13:33:22 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008/08/09 10:50:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/08/09 10:50:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/04/14 12:30:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/04/14 12:30:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/07/29 16:28:59 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
[2008/09/11 06:58:41 | 000,000,675 | ---- | M] () -- C:\RHDSetup.log
[2010/08/02 16:53:38 | 000,000,416 | ---- | M] () -- C:\rkill.log
[2010/10/18 00:15:27 | 000,000,275 | ---- | M] () -- C:\Shortcut to Local Disk (D).lnk
[2011/07/28 19:25:11 | 000,042,156 | ---- | M] () -- C:\TDSSKiller.2.5.11.0_28.07.2011_19.21.54_log.txt

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2010/08/02 13:30:27 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2007/03/18 19:30:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD8R.DLL
[2007/03/18 19:30:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP8R.DLL
[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2006/10/26 10:26:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
[2008/07/06 06:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2010/06/18 12:29:39 | 000,001,690 | -H-- | M] () -- C:\Documents and Settings\John B. Morgan IV\Application Data\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >
[2011/06/12 23:32:09 | 000,452,148 | ---- | M] () -- C:\Program Files\Drivers_pack_v4.55.63_fix.exe

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2010/08/02 08:31:53 | 000,524,288 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010/08/02 12:05:51 | 000,262,144 | ---- | M] () -- C:\WINDOWS\System32\config\security.sav
[2010/08/02 08:31:53 | 037,224,448 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010/08/02 08:31:53 | 010,485,760 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2011/06/02 05:45:45 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >
[2008/03/19 21:58:28 | 000,000,173 | ---- | M] () -- C:\WINDOWS\explorer.exe.config
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2011/06/02 06:15:56 | 000,000,140 | -HS- | M] () -- C:\Documents and Settings\John B. Morgan IV\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2008/08/09 10:55:07 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\John B. Morgan IV\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2011/07/29 18:38:10 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\John B. Morgan IV\Desktop\OTL.exe
[2011/07/28 19:21:25 | 001,436,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\John B. Morgan IV\Desktop\tdsskiller.exe

< %PROGRAMFILES%\Common Files\*.* >
[2010/05/23 10:37:19 | 000,052,355 | ---- | M] () -- C:\Program Files\Common Files\OnlineFilesManager.dll
[2010/04/23 11:27:35 | 000,190,464 | ---- | M] (Microsoft) -- C:\Program Files\Common Files\OnlineFilesManager.dll.old

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >
[2010/04/05 05:32:43 | 001,228,288 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\John B. Morgan IV\My Documents\ADBEIDSNCS4_LS1.exe
[2010/03/03 10:07:10 | 044,696,968 | ---- | M] () -- C:\Documents and Settings\John B. Morgan IV\My Documents\setup_av_free.exe

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2009/02/13 09:45:54 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\John B. Morgan IV\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2011/07/29 18:40:22 | 000,245,760 | ---- | M] () -- C:\Documents and Settings\John B. Morgan IV\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2008/04/13 20:12:38 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe
[1 C:\WINDOWS\inf\*.tmp files -> C:\WINDOWS\inf\*.tmp -> ]

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008/04/14 08:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2007/04/03 02:37:24 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2007/04/03 02:37:24 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2008/05/02 10:01:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008/04/14 02:00:30 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008/04/14 08:42:30 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2007/04/03 02:37:24 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2007/04/03 02:37:24 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2007/04/03 02:37:26 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2007/04/03 02:37:28 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2007/04/03 02:34:02 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< MD5 for: ATAPI.SYS >
[2004/08/04 03:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011/06/02 05:29:27 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 08:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:atapi.sys
[2011/06/02 05:29:27 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download.bak\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 03:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >
 
1. Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

2. Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it to its own folder
  • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.

====================================================================

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code: 
    :OTL
SRV - File not found [Auto | Stopped] -- -- (PavPrSrv)
SRV - File not found [Auto | Stopped] -- -- (LanmanSrv)
DRV - [2008/04/29 02:03:20 | 000,016,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rkpavproc1.sys -- (RkPavproc1)
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
[2009/05/20 09:11:27 | 000,000,681 | ---- | M] () -- C:\Documents and Settings\John B. Morgan IV\Application Data\Mozilla\Firefox\Profiles\wlrr7xnj.default\searchplugins\ask.xml
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askR...5&gct=&gc=1&q=
O3 - HKU\S-1-5-21-835585458-1146130675-857608242-1006\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O15 - HKU\S-1-5-21-835585458-1146130675-857608242-1006\..Trusted Domains: bobibanking.com ([www] https in Trusted sites)
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2010/08/04 12:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/06/19 06:14:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\John B. Morgan IV\Application Data\Uniblue
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2


:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.
 
Latest Combofix log

I followed all of your instructions. The latest Combofix log is below. My machine is still running slow. It seems somewhat better than before but videos are still unwatchable.

All processes killed
========== OTL ==========
Service PavPrSrv stopped successfully!
Service PavPrSrv deleted successfully!
Service LanmanSrv stopped successfully!
Service LanmanSrv deleted successfully!
Service RkPavproc1 stopped successfully!
Service RkPavproc1 deleted successfully!
C:\WINDOWS\system32\drivers\rkpavproc1.sys moved successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Prefs.js: "Ask" removed from browser.search.order.1
Prefs.js: toolbar@ask.com:3.11.3.15590 removed from extensions.enabledItems
C:\Documents and Settings\John B. Morgan IV\Application Data\Mozilla\Firefox\Profiles\wlrr7xnj.default\searchplugins\ask.xml moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-835585458-1146130675-857608242-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Registry key HKEY_USERS\S-1-5-21-835585458-1146130675-857608242-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\bobibanking.com\www\ deleted successfully.
C:\WINDOWS\002976_.tmp deleted successfully.
C:\WINDOWS\VDMF1.tmp deleted successfully.
C:\WINDOWS\VDMF2.tmp deleted successfully.
C:\WINDOWS\VDMF5.tmp deleted successfully.
C:\WINDOWS\VDMF6.tmp deleted successfully.
C:\Documents and Settings\All Users\Application Data\Alwil Software folder moved successfully.
C:\Documents and Settings\John B. Morgan IV\Application Data\Uniblue\DriverScanner\_temp folder moved successfully.
C:\Documents and Settings\John B. Morgan IV\Application Data\Uniblue\DriverScanner\drivers folder moved successfully.
C:\Documents and Settings\John B. Morgan IV\Application Data\Uniblue\DriverScanner folder moved successfully.
C:\Documents and Settings\John B. Morgan IV\Application Data\Uniblue folder moved successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41620 bytes

User: John B. Morgan IV
->Temp folder emptied: 16270071 bytes
->Temporary Internet Files folder emptied: 62897617 bytes
->Java cache emptied: 439991 bytes
->FireFox cache emptied: 110724484 bytes
->Google Chrome cache emptied: 32142395 bytes
->Apple Safari cache emptied: 36155392 bytes
->Flash cache emptied: 58695 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 13684 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9038 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 8276685 bytes

Total Files Cleaned = 255.00 mb


[EMPTYFLASH]

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: John B. Morgan IV
->Flash cache emptied: 0 bytes

User: LocalService
->Flash cache emptied: 0 bytes

User: NetworkService
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.26.1 log created on 07292011_221038

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
 
It seems somewhat better than before but videos are still unwatchable
Click to expand...
Are we talking about online videos?
Using which browser?

1. Download Security Check from HERE, and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.


2. Download Temp File Cleaner (TFC)
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


3. Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • NOTE. If Eset won't find any threats, it won't produce any log.
 
I ran the first two steps that you outlined. The third is running now but looks like it may take a long time. The problems persist - in fact I've also noticed that I can no longer run audio files that have been on my computer for a long time. They might run for a few seconds and then they start to skip and drag severely, same as with the video files. Honestly, I'm beginning to wish I'd never started this whole process, as I was having none of these problems before.

Here is the Security Check log:

Results of screen317's Security Check version 0.99.7
Windows XP Service Pack 3
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
ESET Online Scanner v3
Microsoft Security Essentials
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java(TM) 6 Update 26
Out of date Java installed!
Adobe Flash Player 10.3.181.26
Adobe Reader 8.1.4
Out of date Adobe Reader installed!
Mozilla Firefox (x86 en-US..) Firefox Out of Date!
````````````````````````````````
Process Check:
objlist.exe by Laurent
Windows Defender MSMpEng.exe
Microsoft Security Essentials msseces.exe
Microsoft Security Client Antimalware MsMpEng.exe
``````````End of Log````````````
 
We'll come back to your issue, when you're done with all steps.
I can see one more possible culprit.

Update Adobe Reader

You can download it from https://www.techspot.com/downloads/2083-adobe-reader-dc.html
After installing the latest Adobe Reader, uninstall all previous versions.
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

Alternatively, you can uninstall Adobe Reader (33.5 MB), download and install Foxit PDF Reader(3.5MB) from HERE.
It's a much smaller file to download and uses a lot less resources than Adobe Reader.
Note: When installing FoxitReader, make sure to UN-check any pre-checked toolbar, or any other garbage.
 
Broni, it's been well over an hour and the ESET virus scan is only 4% done, so I don't expect it to be done tonight. However, I was looking back into Device Manager as you had requested earlier and noticed that under Primary IDE Channel, under Device 0, it says Transfer Mode: DMA Mode if available, and Current Transfer: PIO Mode. The other devices in both Primary and Secondary IDE Channel also say DMA Mode if available, and Current Transfer Mode "not applicable." So I may have spoken too hastily earlier when I said it was in DMA.
 
and Current Transfer: PIO Mode
Click to expand...
Yeah, this is not good, or possibly not good.
See, if you can set it back to DMA mode.

The above may be a sign of falling hard drive.
I strongly suggest you run hard drive diagnostic, which I prescribed earlier.
 
It looks like you have a hard drive issue.
That's why your computer is so slow.

I strongly suggest you back up all of your data NOW!
Then proceed with hard drive diagnostic.
 
I can't follow the hard drive diagnostic you sent me earlier as it requires an external drive. As I said, I have an eee PC and they have no external CD drive.

Should I cancel the virus scan you had me start? It's been nearly two hours now and it's still stuck at 4%.
 
Status
Not open for further replies.

Similar threads

midian182
Former Google engineer indicted for allegedly stealing AI secrets while stealthily running...
Replies
0
Views
103
midian182
midian182
midian182
Jensen Huang on generative AI: Being successful won't depend on programming skills
Replies
8
Views
184
RandomWAN
R
Cal Jeffrey
Wendy's says surge pricing reports were "misconstrued" after internet turns Frosty
2
Replies
29
Views
378
hahahanoobs
hahahanoobs

Latest posts

Back