|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Resolved HJT Threads Resolved spyware and popup issues. |
|
|
LinkBack | Thread Tools |
05-02-2007, 05:31 PM
|
#1 (permalink) |
|
Registered User
Join Date: Apr 2007
Posts: 61
OS: HP XP Home/Compaq Vista home basic
|
speed
I don't know if I'm doing this right. I posted my problem in the XP section & was instructed to followthe five steps which I did & I think I was to post the following here. If this is not right, please let me know. Panda did not connect to scan the computer so as per inst. I skipped it.
Ed 0.Deckard's System Scanner v20070426.43 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Home Edition (build 2600) SP 2.0 Architecture: X86; Language: English CPU 0: AMD Athlon(tm) XP 2100+ Percentage of Memory in Use: 56% Physical Memory (total/avail): 351.48 MiB / 154.01 MiB Pagefile Memory (total/avail): 1379.95 MiB / 908.64 MiB Virtual Memory (total/avail): 2047.88 MiB / 1967.75 MiB A: is Removable (No Media) C: is Fixed (NTFS) - 50.64 GiB total, 31.38 GiB free. D: is Fixed (FAT32) - 5.27 GiB total, 0.54 GiB free. E: is CDROM (CDFS) F: is CDROM (No Media) -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is enabled. AV: AVG 7.5.467 v7.5.467 (GRISOFT) -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\Owner\Application Data CLIENTNAME=Console CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=EDSHOME ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\Owner LOGONSERVER=\\EDSHOME NUMBER_OF_PROCESSORS=1 OS=Windows_NT Path=C:\Program Files\Outlook Express;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Python22;C:\Program Files\PC-Doctor\services;C:\Program Files\Sonic\MyDVD;;C:\PROGRA~1\Google\GOOGLE~4 PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 6 Model 6 Stepping 2, AuthenticAMD PROCESSOR_LEVEL=6 PROCESSOR_REVISION=0602 ProgramFiles=C:\Program Files PROMPT=$P$G SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\Owner\LOCALS~1\Temp TMP=C:\DOCUME~1\Owner\LOCALS~1\Temp USERDOMAIN=EDSHOME USERNAME=Owner USERPROFILE=C:\Documents and Settings\Owner windir=C:\WINDOWS -- User Profiles --------------------------------------------------------------- Owner (admin) -- Add/Remove Programs --------------------------------------------------------- --> "C:\Program Files\Creative\SBAudigy\Program\Setup.exe" /S /U /W --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 --> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL --> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu --> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL --> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL --> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL --> C:\WINDOWS\UNNeroVision.exe /UNINSTALL --> C:\WINDOWS\UNRecode.exe /UNINSTALL --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{39DA87A1-0B26-4562-A70C-2A6147366E47}\Setup.exe" --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8D5D99B8-DFA2-4018-ADE9-A6B83E655C65}\setup.exe" -l0x9 -L0x9anything --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F765BD0-B900-4EDE-A90B-61C8A9E95C42}\Setup.exe" --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BAD59025-5B73-4E12-B789-0028C5A573C2}\Setup.exe" --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34EBD418-B8E6-4E86-89C4-33B72CF5663F}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{569A9538-86EC-44C3-8EE4-C68B165F2A75}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{569A9538-86EC-44C3-8EE4-C68B165F2A75}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5B17E626-7885-4FC3-A66A-73548A4F01FD}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5B17E626-7885-4FC3-A66A-73548A4F01FD}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AFFF09F-386B-4F7A-B3E0-EC24C13893AA}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AFFF09F-386B-4F7A-B3E0-EC24C13893AA}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{836612F0-1571-4C65-A4B7-58A39AA578EE}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{836612F0-1571-4C65-A4B7-58A39AA578EE}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8A3F2ADE-DEF2-4A50-866A-6B9357B5590F}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8A3F2ADE-DEF2-4A50-866A-6B9357B5590F}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DAAC5938-8026-4D0C-A476-D1954917B7F5}\SETUP.EXE" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DAAC5938-8026-4D0C-A476-D1954917B7F5}\SETUP.EXE" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x9 /remove --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf ABBYY FineReader 6.0 Sprint --> MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07} Ad-Aware SE Personal --> MsiExec.exe /X{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747} Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll" Adobe Flash Player 9 --> C:\WINDOWS\System32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete Adobe Reader 8 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A80000000002} AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe Belarc Advisor 7.2 --> C:\PROGRA~1\Belarc\Advisor\Uninstall.exe C:\PROGRA~1\Belarc\Advisor\INSTALL.LOG BestPractice (remove only) --> "C:\Program Files\BestPractice\uninstall.exe" Brit View CD --> C:\WINDOWS\uninst.exe -f"C:\Brit View CD\DeIsL1.isu" -c"C:\Brit View CD\_ISREG32.DLL" Cool Edit Pro --> C:\WINDOWS\cep1unin.exe Creative MediaSource --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}\SETUP.EXE" -l0x9 /remove Creative System Information --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 /remove Freedom Security & Privacy --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{A0C4079C-097C-45BA-8D85-08C9FAF290FA} Gadwin PrintScreen --> C:\Program Files\Gadwin Systems\PrintScreen\Uninstall.exe Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall Google Earth --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x9 -removeonly Google Photos Screensaver --> MsiExec.exe /X{A52415E5-CA1E-44DE-9EDC-D412F31D271C} Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29} Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll" Google Updater --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" hp center --> C:\WINDOWS\BWUnin-6.1.0.153.exe -AppId 137903 HP Digital Imaging Album Printing 1.0 --> MsiExec.exe /X{47D4AF7B-EDE6-4ADB-8D2F-0BDA25C7321F} HP Instant Support --> C:\PROGRA~1\HPINST~1\UNWISE.EXE C:\PROGRA~1\HPINST~1\INSTALL.LOG HP Memories Disc --> MsiExec.exe /X{6CAEFA23-0C08-4899-A661-29D69228AF6D} HP Photo and Imaging 1.1 - Photosmart Cameras --> MsiExec.exe /X{1EEE2A9F-6471-42fa-8923-E8879168CE26} hp toolkit --> c:\Windows\HPTK\unhptkit.exe HP Wireless Keyboard Driver V1.7 (2.0.W-127AU MUL) --> C:\WINDOWS\system32\KmRemove.exe ImageMixer VCD/DVD2 for OLYMPUS --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F51A0CA-2BDD-474E-BB90-C7FA8EA78F52}\Setup.exe" -l0x9 UNINSTALL Inactive HP Printer Drivers (Remove only) --> RunDll32 hpuninst.dll,InstallHinfSection UninstDefault 132 prntunin.inf Indeo® Software --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Ligos\Indeo\Uninst.isu" Intel(R) 82845G Graphics Driver Software --> RUNDLL32.EXE C:\WINDOWS\System32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2562 iVocalize Web Conference 4 --> rundll32 C:\WINDOWS\system32\iv4.dll,uninstall Lavasoft VX2 Cleaner --> C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\INSTALL.LOG Lernout & Hauspie TruVoice American English TTS Engine --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\tv_enua.inf, Uninstall Lexmark 2400 Series --> C:\Program Files\Lexmark 2400 Series\Install\x86\Uninst.exe LiveReg (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE LiveUpdate 1.80 (Symantec Corporation) --> C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Office PowerPoint Viewer 2003 --> MsiExec.exe /X{90AF0409-6000-11D3-8CFE-0150048383C9} Microsoft PowerPoint Viewer 97 --> C:\Program Files\PowerPoint Viewer\setup\setup.exe Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" NBFree Mp3 to Wav Converter v2 --> "C:\Program Files\NBFree Mp3 to Wav Converter\unins000.exe" Nero7 Ultra Edition --> MsiExec.exe /I{4781569D-5404-1F26-4B2B-6DF444441031} NVIDIA Windows 2000/XP Display Drivers --> rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvhp.inf OLYMPUS Master --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{BA820A24-704B-428D-9904-71A10DAC1372} /l1033 /zUNINSTALL Panda ActiveScan --> C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan PC-Doctor for Windows --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F7CCFA3-D926-4882-B2A5-A0217ED25597}\Setup.exe" Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe" PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall PowerVideoMaker Professional 2.6 --> "C:\Program Files\Presentersoft PowerVideoMaker\unins000.exe" PS2 --> C:\WINDOWS\system32\ps2.exe uninstall Python 2.2 combined Win32 extensions --> C:\Python22\Lib\SITE-P~1\UNWISE~1.EXE C:\Python22\Lib\SITE-P~1\w32inst.log Quicken 2003 New User Edition --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{F61F2821-694C-475F-99AB-6AF2EFDF40FD} anything RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE River Past Wave@MP3 --> C:\WINDOWS\Wave@MP3 Uninstaller.exe S3Display --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Display' S3Gamma2 --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Gamma2' S3Info2 --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Info2' S3Overlay --> s3uninst.exe -reg 5 'HKLM\Software\S3\S3Uninst\S3Overlay' Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe" Simple Installer - Multilanguage Version --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EEF397AC-DAEF-4C04-90A9-5B2BD31875DC}\setup.exe" Sound Blaster Audigy --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}\SETUP.EXE" -l0x9 /remove Spell Checker For OE 2.1 --> C:\Program Files\Common Files\Microsoft Shared\proof\Uninstal.exe Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe" Spyware Doctor 5.0 --> C:\Program Files\Spyware Doctor\unins000.exe SpywareBlaster v3.5.1 --> "C:\Program Files\SpywareBlaster\unins000.exe" TablEdit 2.64 --> "C:\Program Files\TablEdit\unins001.exe" TABVIEW2 --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\TABVIEW2\ST6UNST.LOG" Tabwin43 --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\Tabwin43\ST6UNST.LOG" Tabwin43 (C:\Program Files\Tabwin43\) --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\Tabwin43\ST6UNST.000" Tabwin43 (C:\Program Files\Tabwin43\) #3 --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\Tabwin43\ST6UNST.001" Tabwin43 (C:\Program Files\Tabwin43\) #4 --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\Tabwin43\ST6UNST.002" TEFView 2.65 --> "C:\Program Files\TablEdit\unins000.exe" Tweak-XP Pro 4 --> C:\WINDOWS\iun6002.exe "C:\Program Files\Tweak-XP Pro 4\irunin.ini" Uniblue SpeedUpMyPC --> "C:\Program Files\Uniblue\SpeedUpMyPC\unins000.exe" Uniblue System Tweaker --> "C:\Program Files\Uniblue\System Tweaker\unins000.exe" WaxMail for Outlook Express --> MsiExec.exe /I{07FD73FE-434B-45E0-ACDB-BBF0FD27CF8C} Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" WinZip --> C:\Program Files\WinZip\WINZIP32.EXE /uninstall Wise Registry Cleaner 2.0 --> "C:\Program Files\Wise Registry Cleaner\unins000.exe" WordPerfect Productivity Pack --> C:\WINDOWS\Corel\uninst32.exe WordPerfect Productivity Pack --> c:\WINDOWS\Corel\Uninst32.exe Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG -- End of Deckard's System Scanner: finished at 2007-05-02 at 15:34:06 --------- |
|
     |
| Sponsored Links |
|
05-05-2007, 07:24 AM
|
#3 (permalink) |
|
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
Join Date: Jan 2005
Location: Ohio
Posts: 23,970
OS: WinXP and Vista
|
Re: speed
Hello Ed and welcome to TSF,
What we need to see is the main.txt produced by Deckard's System Scanner--that has the 'meat', so to speak. You can find that report at C:\Deckard\System Scanner\main.txt Please copy/paste the contents in your next reply. |
|
|
|
|
05-05-2007, 07:39 AM
|
#4 (permalink) |
|
Registered User
Join Date: Apr 2007
Posts: 61
OS: HP XP Home/Compaq Vista home basic
|
Re: speed
Ried,
I hope this is what you need. thanks a lot. Ed Deckard's System Scanner v20070426.43 Run by Owner on 2007-05-02 at 15:26:44 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- Successfully created a Deckard's System Scanner Restore Point. -- Last 4 Restore Point(s) -- 4: 2007-05-02 21:27:20 UTC - RP301 - Deckard's System Scanner Restore Point 3: 2007-05-02 20:43:48 UTC - RP300 - Software Distribution Service 2.0 2: 2007-05-01 23:24:55 UTC - RP299 - System Checkpoint 1: 2007-04-30 18:16:12 UTC - RP298 - System Checkpoint Backed up registry hives. Performed disk cleanup. -- HijackThis (run as Owner.exe) ----------------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 3:32:33 PM, on 5/2/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\System32\CTsvcCDA.EXE C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Spyware Doctor\svcntaux.exe C:\WINDOWS\system32\S3tray2.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Spyware Doctor\SDTrayApp.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\WINDOWS\system32\Rundll32.exe C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe C:\Program Files\HP Wireless Keyboard\KMaestro.exe C:\Program Files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe C:\program files\waxoe\waxoe.exe C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\lxcrcoms.exe C:\Program Files\Spyware Doctor\swdsvc.exe C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\CRMDQDMX\dss[1].exe C:\PROGRA~1\HIJACK~1\Owner.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us7.hpwis.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us7.hpwis.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: PopKill Class - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Zero Knowledge\Freedom\pkR.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: ZKBho Class - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\Zero Knowledge\Freedom\FreeBHOR.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.3558\swg.dll O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [S3TRAY2] S3tray2.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [LXCRCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCRtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [BtcMaestro] "C:\Program Files\HP Wireless Keyboard\KMaestro.exe" O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKCU\..\Run: [Uniblue SpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC\SpeedUpMyPC.exe -s O4 - HKCU\..\Run: [AppWaxOE] c:\program files\waxoe\waxoe.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe" /SCB O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] "C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\WINDOWS\System32\shdocvw.dll (HKCU) O11 - Options group: [INTERNATIONAL] International* O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1172281759656 O16 - DPF: {6B78B13A-6E99-4588-8EAB-C2399B202022} (iVocalize Web Conference 4 Setup) - http://banjolounge.ivocalize.net/iv4.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: lxcr_device - - C:\WINDOWS\system32\lxcrcoms.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R1 BANTExt (Belarc SMBios Access) - c:\windows\system32\drivers\bantext.sys R1 cdrbsdrv - c:\windows\system32\drivers\cdrbsdrv.sys <Not Verified; B.H.A Corporation; B's Recorder GOLD7> R2 FreeTdi (Freedom Filter) - c:\windows\system32\drivers\freetdi.sys <Not Verified; Zero-Knowledge Systems Inc.; Freedom> R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell> S1 InCDPass - c:\windows\system32\drivers\incdpass.sys (file missing) S1 InCDRm (InCD Reader) - c:\windows\system32\drivers\incdrm.sys (file missing) S3 TVICHW32 - c:\windows\system32\drivers\tvichw32.sys <Not Verified; EnTech Taiwan; TVicHW32 Generic Device Driver for Windows 95/98/ME/NT/2000/2003/XP/XP64> S4 InCDFs (InCD File System) - c:\windows\system32\drivers\incdfs.sys (file missing) -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- All services whitelisted. -- Scheduled Tasks ------------------------------------------------------------- 2007-05-01 10:53:17 266 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC Nag.job 2007-04-18 11:36:02 384 --a------ C:\WINDOWS\Tasks\Uniblue SpeedUpMyPC.job 2007-02-02 17:12:37 412 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job -- Files created between 2007-04-02 and 2007-05-02 ----------------------------- 2007-05-02 14:58:40 0 d-------- C:\WINDOWS\network diagnostic 2007-05-02 12:38:30 0 d-------- C:\Program Files\SpywareBlaster 2007-05-02 12:23:56 0 d-------- C:\WINDOWS\system32\ActiveScan 2007-05-02 11:46:48 2560 --a------ C:\WINDOWS\_MSRSTRT.EXE 2007-04-28 03:01:31 0 dr-h----- C:\Documents and Settings\Owner\Recent 2007-04-27 06:53:10 40960 --a------ C:\WINDOWS\PANICNT.dll 2007-04-27 06:53:10 45056 --a------ C:\WINDOWS\PANIC32.dll 2007-04-27 06:53:09 0 d-------- C:\Program Files\Panicware 2007-04-21 09:49:13 0 d-------- C:\Documents and Settings\Owner\Application Data\System Tweaker 2007-04-21 07:45:02 57344 --a------ C:\WINDOWS\system32\Wnaspint.dll <Not Verified; NexiTech, Inc.; NexiTech ASPI for Win32> 2007-04-21 07:43:43 0 d-------- C:\Program Files\Common Files\Download Manager 2007-04-21 06:27:45 0 d---s---- C:\Documents and Settings\LocalService\UserData 2007-04-21 06:27:22 0 d-------- C:\Documents and Settings\LocalService\Application Data\Google 2007-04-21 06:27:19 0 dr------- C:\Documents and Settings\LocalService\Favorites 2007-04-20 06:04:46 737280 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module> 2007-04-20 06:04:19 0 d-------- C:\Program Files\Tweak-XP Pro 4 2007-04-20 05:08:06 0 d-------- C:\WINDOWS\system32\EWS 2007-04-20 05:08:05 0 d-------- C:\Program Files\WaxOE 2007-04-18 21:54:06 0 d-------- C:\Program Files\BestPractice 2007-04-18 11:36:10 0 d-------- C:\Documents and Settings\Owner\Application Data\Uniblue 2007-04-18 11:35:29 0 d-------- C:\Program Files\Uniblue 2007-04-17 18:13:31 0 d-------- C:\spool_cd 2007-04-17 18:13:05 0 d-------- C:\temp 2007-04-17 18:12:54 254976 --a------ C:\WINDOWS\system32\MSEXCL35.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet> 2007-04-17 18:12:53 415504 --a------ C:\WINDOWS\system32\MSREPL35.DLL <Not Verified; Microsoft Corporation; Microsoft® Access> 2007-04-17 18:12:53 252176 --a------ C:\WINDOWS\system32\MSRD2X35.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet> 2007-04-17 18:12:52 368912 --a------ C:\WINDOWS\system32\VBAR332.DLL <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Applications> 2007-04-17 18:12:52 24848 --a------ C:\WINDOWS\system32\MSJTER35.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet> 2007-04-17 18:12:52 123664 --a------ C:\WINDOWS\system32\MSJINT35.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet> 2007-04-17 18:12:52 1046288 --a------ C:\WINDOWS\system32\MSJET35.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet> 2007-04-17 18:12:51 0 d-------- C:\spool 2007-04-17 18:12:51 0 d-------- C:\Brit View CD 2007-04-17 09:20:29 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2007-04-17 09:19:07 0 d-------- C:\Program Files\Spyware Doctor 2007-04-17 09:19:07 0 d-------- C:\Documents and Settings\Owner\Application Data\PC Tools 2007-04-17 09:17:10 0 d-------- C:\WINDOWS\system32\runtime 2007-04-17 09:15:07 0 d-------- C:\Documents and Settings\All Users\Application Data\Google Updater 2007-04-17 08  12 0 d-------- C:\Program Files\Wise Registry Cleaner2007-04-15 07:31:10 23600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS <Not Verified; EnTech Taiwan; TVicHW32 Generic Device Driver for Windows 95/98/ME/NT/2000/2003/XP/XP64> 2007-04-06 16:26:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2007-04-06 16:20:20 233472 --a------ C:\WINDOWS\system32\LXCRinst.dll 2007-04-06 16:20:20 0 d-------- C:\Program Files\Lexmark 2400 Series -- Find3M Report --------------------------------------------------------------- 2007-05-02 15:20:11 0 d-------- C:\Program Files\lx_cats 2007-04-21 11:19:19 0 d-------- C:\Program Files\HP Wireless Keyboard 2007-04-20 13:53:26 0 d-------- C:\Program Files\Google 2007-04-17 09:18:05 0 d-------- C:\Program Files\Picasa2 2007-04-10 20:41:17 0 d-------- C:\Program Files\Transkriber 2.x 2007-04-10 08:20:36 0 d-------- C:\Documents and Settings\Owner\Application Data\AVG7 2007-04-06 16:05:04 0 d-------- C:\Program Files\Lexmark Toolbar 2007-03-30 14:51:58 0 d-------- C:\Documents and Settings\Owner\Application Data\Google 2007-03-30 14:50:53 0 d--h----- C:\Program Files\InstallShield Installation Information 2007-03-28 17:30:37 0 d-------- C:\Program Files\Presentersoft PowerVideoMaker 2007-03-11 12:32:05 0 d-------- C:\Program Files\AltoMP3 Gold 2007-03-11 12:21:24 0 d-------- C:\Program Files\Setup 2007-03-11 12:08:41 161300 --a------ C:\WINDOWS\Wave@MP3 Uninstaller.exe 2007-03-11 12:08:40 0 d-------- C:\Program Files\Common Files\River Past 2007-03-11 12:08:40 0 d-------- C:\Documents and Settings\Owner\Application Data\River Past G5 2007-03-11 12:08:39 0 d-------- C:\Program Files\River Past 2007-03-10 15:38:37 0 d-------- C:\Documents and Settings\Owner\Application Data\Leadertech 2007-03-10 14:55:46 0 d-------- C:\Documents and Settings\Owner\Application Data\AdobeUM 2007-03-10 14:54:58 0 d-------- C:\Program Files\Common Files\Adobe 2007-03-07 17 01 0 d-------- C:\Program Files\Simple Backup for My Pictures2007-03-07 16:50:26 0 d-------- C:\Documents and Settings\Owner\Application Data\Freedom 2007-03-07 16:47:04 0 d-------- C:\Program Files\Security Task Manager 2007-03-06 20:34:16 0 d-------- C:\Program Files\Common Files\Ankiro 2007-03-06 20:33:51 0 d-------- C:\Program Files\Common Files\Application 2007-03-06 20:33:36 0 d-------- C:\Documents and Settings\Owner\Application Data\SPAMfighter 2007-02-19 17:22:44 45056 --a------ C:\WINDOWS\NCUNINST.EXE <Not Verified; Northern Codeworks; Uninstall> 2007-02-19 10:46:07 73216 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows> 2007-02-11 16:51:00 1093632 --a------ C:\WINDOWS\system32\FreeImage.dll <Not Verified; FreeImage; FreeImage> 2007-02-09 21:21:03 444 --a------ C:\WINDOWS\setuplog 2007-02-08 14:12:38 155 --a------ C:\CONFIG.SYS 2007-02-08 14:12:38 118 --a------ C:\AUTOEXEC.BAT 2007-02-07 16:43:51 61678 --a------ C:\Documents and Settings\Owner\Application Data\PFP100JPR.{PB 2007-02-07 16:43:51 12358 --a------ C:\Documents and Settings\Owner\Application Data\PFP100JCM.{PB -- Registry Dump --------------------------------------------------------------- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {3C060EA2-E6A9-4E49-A530-D4657B8C449A} C:\Program Files\Zero Knowledge\Freedom\pkR.dll {53707962-6F74-2D53-2644-206D7942484F} C:\Program Files\Spybot - Search & Destroy\SDHelper.dll {56071E0D-C61B-11D3-B41C-00E02927A304} C:\Program Files\Zero Knowledge\Freedom\FreeBHOR.dll {AA58ED58-01DD-4d91-8333-CF10577473F7} c:\program files\google\googletoolbar2.dll {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.3558\swg.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "S3TRAY2"="S3tray2.exe" "AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP" "Google Desktop Search"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup" "SDTray"="\"C:\\Program Files\\Spyware Doctor\\SDTrayApp.exe\"" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot" "LXCRCATS"="rundll32 C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\LXCRtime.dll,_RunDLLEntry@16" "UpdReg"="C:\\WINDOWS\\UpdReg.EXE" "RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\"" "Picasa Media Detector"="C:\\Program Files\\Picasa2\\PicasaMediaDetector.exe" "P17Helper"="Rundll32 P17.dll,P17Helper" "OM_Monitor"="C:\\Program Files\\OLYMPUS\\OLYMPUS Master\\FirstStart.exe" "NWEReboot"="" "NeroFilterCheck"="C:\\WINDOWS\\System32\\NeroCheck.exe" "CTSysVol"="C:\\Program Files\\Creative\\SBAudigy\\Surround Mixer\\CTSysVol.exe /r" "BtcMaestro"="\"C:\\Program Files\\HP Wireless Keyboard\\KMaestro.exe\"" "AlcxMonitor"="ALCXMNTR.EXE" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "Uniblue SpeedUpMyPC"="C:\\Program Files\\Uniblue\\SpeedUpMyPC\\SpeedUpMyPC.exe -s" "AppWaxOE"="c:\\program files\\waxoe\\waxoe.exe" "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" "Creative MediaSource Go"="\"C:\\Program Files\\Creative\\MediaSource\\Go\\CTCMSGo.exe\" /SCB" "Yahoo! Pager"="\"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YAHOOM~1.EXE\" -quiet" "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe" "NVIEW"="rundll32.exe nview.dll,nViewLoadHook" "OM_Monitor"="C:\\Program Files\\OLYMPUS\\OLYMPUS Master\\Monitor.exe -NoStart" "Gadwin PrintScreen 3.5"="\"C:\\Program Files\\Gadwin Systems\\PrintScreen\\PrintScreen.exe\" /nosplash" "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\BtcMaestro] "ModelName"="MI-5219URF(February)" "Version"="1.7 (2.0.W-127AU MUL)" "Language"=dword:00000000 "KeyboardID"=dword:00000000 "MouseID"=dword:00000000 "KeyboardSID"=dword:00000000 "MouseSID"=dword:00000000 "RxSecret"=dword:00000000 "RMenuSel"=dword:00000000 "AddMouse"=dword:00000001 "JumpPickLevel"=dword:00000000 "KeyboardBat"=dword:00000000 "MouseBat"=dword:00000000 "KeyboardCh"=dword:00000000 "MouseCh"=dword:00000000 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\BtcMaestro\Config] "DisplayLabel"=dword:00000001 "TaskbarIcon"=dword:00000001 "Autoplay"=dword:00000000 "F091"="0Q;my music" "L091"="My Music" "F090"="0P;my pictures" "L090"="My Pictures" "F089"="0J;joystick on" "L089"="Joy Stick ON" "F088"="0J;joystick off" "L088"="Joy Stick OFF" "F087"="F;next track" "L087"="Next Track" "F086"="G;previous track" "L086"="Previous Track" "F085"="E;stop" "L085"="Stop" "F084"="0H;mouse fifth button" "L084"="Mouse 5th Button" "F083"="C;volume down" "L083"="Volume Down" "F082"="B;volume up" "L082"="Volume Up" "F081"="D;play" "L081"="Play/Pause" "F080"="0G;mouse fourth button" "L080"="Mouse 4th Button" "F079"="0F;scroll right" "L079"="Middle + Wheel Down" "F078"="0E;scroll left" "L078"="Middle + Wheel Up" "F077"="J;www(AC)" "L077"="www" "F076"="0I;quick jump" "L076"="Mouse Middle Button" "F075"="0F;scroll right" "L075"="Middle + Right" "F074"="0E;scroll left" "L074"="Middle + Left" "F073"="m;scroll down" "L073"="Scroll Down" "F072"="l;scroll up" "L072"="Scroll Up" "F071"="0I;quick jump" "L071"="Quick Jump" "F070"="0F;scroll right" "L070"="Scroll Right" "F069"="0E;scroll left" "L069"="Scroll Left" "F068"="0D:set SID final" "L068"="Set SID Final" "F067"="0C:paint" "L067"="Paint" "F066"="0B;mouse middle button" "L066"="Mouse Middle Button" "F065"="0A;europe dollar(OF)" "L065"="Europe Dollar" "F064"="0-;reply all(OF)" "L064"="Reply All" "F063"="09;eject 2" "L063"="Eject/Close 2" "F062"="08:help(OF)" "L062"="Help" "F061"="07;redo(OF)" "L061"="Redo" "F060"="06;undo(OF)" "L060"="Undo" "F059"="05;task pane(OF)" "L059"="Task pane" "F058"="04;send(OF)" "L058"="Send" "F057"="03;f'ward(OF)" "L057"="Forward" "F056"="02;reply(OF)" "L056"="Reply" "F055"="01;bullets(OF)" "L055"="Bullets" "F054"="00;spell(OF)" "L054"="Spell" "F053"="z;bold(OF)" "L053"="Bold" "F052"="y;replace(OF)" "L052"="Replace" "F051"="x;save(OF)" "L051"="Save" "F050"="w;open(OF)" "L050"="Open" "F049"="v;new(OF)" "L049"="New" "F048"="u;copy(OF)" "L048"="Copy" "F047"="t;cut(OF)" "L047"="Cut" "F046"="s;mark(OF)" "L046"="Mark" "F045"="r;paste(OF)" "L045"="Paste" "F044"="q;calendar(OF)" "L044"="Calendar" "F043"="p;power point(OF)" "L043"="Power Point" "F042"="o;excel(OF)" "L042"="Excel" "F041"="n;word(OF)" "L041"="Word" "F040"="m;scroll down" "L040"="Scroll Down" "F039"="l;scroll up" "L039"="Scroll Up" "F038"="k;Configure" "L038"="Configure" "F037"="j;keyboard and mouse battery low" "L037"="Keyboard and Mouse Battery Low" "F036"="i;mouse battery low" "L036"="Mouse Battery Low" "F035"="h;keyboard battery low" "L035"="Keyboard Battery Low" "F034"="g;keyboard and mouse battery OK" "L034"="" "F033"="f:wake up" "L033"="Wake Up" "F032"="e:sleep" "L032"="Sleep" "F031"="d;power off" "L031"="Power Off" "F030"="c;mf" "L030"="F-Lock" "F029"="b;app. close" "L029"="App. Close" "F028"="a;app. switch" "L028"="App. Switch" "F027"="Z;log off" "L027"="Log Off" "F026"="Y;my computer" "L026"="My Computer" "F025"="X;refresh(AC)" "L025"="www Refresh" "F024"="W;print(OF)" "L024"="Print" "F023"="V;notepad" "L023"="Notepad" "F022"="U;explorer" "L022"="Explorer" "F021"="T;mediaplayer" "L021"="Mediaplayer" "F020"="S;my documents" "L020"="My Documents" "F019"="R;calculator" "L019"="Calculator" "F018"="Q;help(manual)" "L018"="HP Wireless Keyboard Help" "F017"="P;help(OS)" "L017"="OS Help" "F016"="O;favorite(AC)" "L016"="www Favorite" "F015"="N;search(AC)" "L015"="www Search" "F014"="M;forward(AC)" "L014"="www Forward" "F013"="L;back(AC)" "L013"="www Back" "F012"="K;stop(AC)" "L012"="www Stop" "F011"="J;www(AC)" "L011"="www" "F010"="I;email(AL)" "L010"="Email" "F009"="H;eject" "L009"="Eject/Close" "F008"="G;previous track" "L008"="Previous Track" "F007"="F;next track" "L007"="Next Track" "F006"="E;stop" "L006"="Stop" "F005"="D;play" "L005"="Play/Pause" "F004"="C;volume down" "L004"="Volume Down" "F003"="B;volume up" "L003"="Volume Up" "F002"="A;mute" "L002"="Mute" "F001"="-;none" "L001"="None" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"=dword:00000000 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoStartMenuMFUprogramsList"=dword:00000000 "NoNetHood"=dword:00000001 "NoRecentDocsMenu"=dword:00000000 "NoRun"=dword:00000000 "NoClose"=dword:00000000 "NoFind"=dword:00000000 "NoSMHelp"=dword:00000000 "StartMenuLogoff"=dword:00000000 "NoFavoritesMenu"=dword:00000000 "NoSetTaskbar"=dword:00000000 "NoStartMenuMorePrograms"=dword:00000000 "NoSetFolders"=dword:00000000 "NoSimpleStartMenu"=dword:00000000 "NoTrayContextMenu"=dword:00000000 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] Source REG_SZ http://mfrost.typepad.com/.shared/th.../banner-bg.gif [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "appinit_dlls"="C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL" HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa Authentication Packages REG_MULTI_SZ msv1_0\0\0 Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0 Notification Packages REG_MULTI_SZ scecli\0\0 HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdauxservice HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdcoreservice [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxcrmon.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="lxcrmon" "hkey"="HKLM" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService REG_MULTI_SZ DnsCache\0\0 rpcss REG_MULTI_SZ RpcSs\0\0 imgsvc REG_MULTI_SZ StiSvc\0\0 termsvcs REG_MULTI_SZ TermService\0\0 HTTPFilter REG_MULTI_SZ HTTPFilter\0\0 DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0 WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0 [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D] Shell\AutoRun\command D:\Info.exe folder.htt 480 480 -- End of Deckard's System Scanner: finished at 2007-05-02 at 15:34:06 --------- |
|
|
|
|
05-05-2007, 07:56 AM
|
#5 (permalink) |
|
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
Join Date: Jan 2005
Location: Ohio
Posts: 23,970
OS: WinXP and Vista
|
Re: speed
Yes, thank you.
Did you happen to notice if your internet issues began after installing Freedom Security & Privacy? You do have 2 AV's installed and running on your system which is never a good idea. Choose 1 and uninstall the other via the Add/Remove programs. Personally, I'd choose AVG 7.5 over Freedom Security. After you've uninstalled 1 and rebooted, let me know how the system is behaving. If you can, I'd like to get an online scan done: Perform an online scan with Internet Explorer with Panda ActiveScan
* Turn off the real time scanner of any existing antivirus program while performing the online scan Post those results here please. |
|
|
|
|
05-05-2007, 08:47 AM
|
#6 (permalink) |
|
Registered User
Join Date: Apr 2007
Posts: 61
OS: HP XP Home/Compaq Vista home basic
|
Re: speed
Ok Ried,
I gotta give you a little background on this. I got this computer from an aquantance(sp) & it had an illegal XP on it. I told him that was not acceptible & so he got the 7 cd's from HP & reformmated the hard drive & installed the legit one. One of the things the CD's had was the Freedom program. I tried to uninstall it but no luck so I left it alone. I installed the AVG program which I was told is the free program to have. This was in March f last year, I think & the computer was running fine untill about two weeks ago.I just tried to un-install the Freedom program again with no luck. I had tried to run the Panda program as the five steps instructed but it would not do it. It stops at the free scan button. I just tried it again with the same results. I did turn off the pop up blocker. At least the one I know about. Ed |
|
|
|
|
05-05-2007, 08:01 PM
|
#7 (permalink) |
|
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
Join Date: Jan 2005
Location: Ohio
Posts: 23,970
OS: WinXP and Vista
|
Re: speed
Hi Ed,
We'll deal with Freedom in a bit. First, I'd like you to try this online scanner and see if it works for you: Please perform an online scan with Internet Explorer at Kaspersky Online Scanner Answer Yes, when prompted to install an ActiveX component.
**Note for Internet Explorer 7 users** If at any time you have trouble with the accept button of the licence, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%. What System Restore points do you have available? Click Start>All Programs>Accessories>System Tools
|
|
|
|
|
05-06-2007, 05:18 AM
|
#8 (permalink) |
|
Registered User
Join Date: Apr 2007
Posts: 61
OS: HP XP Home/Compaq Vista home basic
|
Re: speed
Ried,
Here it is, The restore dates are May 2-3-4-5. Thank you very much for your help. Ed ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Sunday, May 06, 2007 6:07:27 AM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 6/05/2007 Kaspersky Anti-Virus database records: 313705 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ Scan Statistics: Total number of scanned objects: 101886 Number of viruses found: 1 Number of infected objects: 2 / 0 Number of suspicious objects: 0 Duration of the scan process: 02:19:39 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\avg7\Log\emc.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Owner\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Owner\Desktop\icons1\Eds\WINDOWS\SYSTEM32\Desire-uninstall.exe Infected: not-a-virus:Porn-Dialer.Win32.Generic skipped C:\Documents and Settings\Owner\Desktop\icons1\ICONZ1\Eds\WINDOWS\SYSTEM32\Desire-uninstall.exe Infected: not-a-virus:Porn-Dialer.Win32.Generic skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\22ab25f696f1\dbc2e.ht1 Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\22ab25f696f1\dbdam Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\22ab25f696f1\dbdao Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\22ab25f696f1\dbeam Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\22ab25f696f1\dbeao Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\22ab25f696f1\dbm Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\22ab25f696f1\dbu2d.ht1 Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\22ab25f696f1\dbvm.cf1 Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\22ab25f696f1\dbvmh.ht1 Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\22ab25f696f1\fii.cf1 Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\22ab25f696f1\fiih.ht1 Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\22ab25f696f1\hp Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\22ab25f696f1\hpt2i.ht1 Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\22ab25f696f1\rpm.cf1 Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\22ab25f696f1\rpm1m.cf1 Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\22ab25f696f1\rpm1mh.ht1 Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\22ab25f696f1\rpmh.ht1 Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\22ab25f696f1\safeweb\goog-black-enchashm.cf1 Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\22ab25f696f1\safeweb\goog-black-enchashmh.ht1 Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\22ab25f696f1\safeweb\goog-black-urlm.cf1 Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\22ab25f696f1\safeweb\goog-black-urlmh.ht1 Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\22ab25f696f1\safeweb\goog-malware-domainm.cf1 Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\22ab25f696f1\safeweb\goog-malware-domainmh.ht1 Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\22ab25f696f1\safeweb\goog-white-domainm.cf1 Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Google Desktop\22ab25f696f1\safeweb\goog-white-domainmh.ht1 Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{89A92AF9-34FA-433F-A559-E3EF8093F4D7}\Microsoft\Outlook Express\Folders.dbx Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{89A92AF9-34FA-433F-A559-E3EF8093F4D7}\Microsoft\Outlook Express\Inbox.dbx Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{89A92AF9-34FA-433F-A559-E3EF8093F4D7}\Microsoft\Outlook Express\Offline.dbx Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{89A92AF9-34FA-433F-A559-E3EF8093F4D7}\Microsoft\Outlook Express\Outbox.dbx Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Identities\{89A92AF9-34FA-433F-A559-E3EF8093F4D7}\Microsoft\Outlook Express\Pop3uidl.dbx Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\History\History.IE5\MSHist012007050320070504\index.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\History\History.IE5\MSHist012007050420070505\index.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\History\History.IE5\MSHist012007050520070506\index.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Temp\Perflib_Perfdata_628.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Temp\~DF493.tmp Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Owner\ntuser.dat Object is locked skipped C:\Documents and Settings\Owner\ntuser.dat.LOG Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{6CD01810-EFB9-4AF0-A405-DE07EB8CD51D}\RP305\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped Scan process completed. |
|
|
|
|
05-06-2007, 06:24 AM
|
#9 (permalink) |
|
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
Join Date: Jan 2005
Location: Ohio
Posts: 23,970
OS: WinXP and Vista
|
Re: speed
Hi Ed,
Please ensure Hidden files and folders are viewable: Go to My Computer->Tools->Folder Options->View tab: * Under the Hidden files and folders heading: * select Show hidden files and folders. * Uncheck Hide protected operating system files (recommended) option. *Also, make sure there is no checkmark beside Hide file extensions for known file types. * Click OK. -------------------------------------------------------------------- Using 'My Computer', navigate to and delete the following Files C:\Documents and Settings\Owner\Desktop\icons1\Eds\WINDOWS\SYSTEM32\ Desire-uninstall.exe The aformentioned is a very odd path, also do a search via Start>Search>All files and folders for Desire-uninstall.exe and delete any instance. Let me know if that made any difference in system performance. |
|
|
|
|
05-06-2007, 09:33 AM
|
#10 (permalink) |
|
Registered User
Join Date: Apr 2007
Posts: 61
OS: HP XP Home/Compaq Vista home basic
|
Re: speed
Nope Ried,
Didn't help at all. Durn it. By the way, if you want me to delete anything at all on this thing, just tell me & I'll do it if I can. This is driving me nuts.<G> Ed |
|
|
|
|
05-06-2007, 06:58 PM
|
#11 (permalink) |
|
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
Join Date: Jan 2005
Location: Ohio
Posts: 23,970
OS: WinXP and Vista
|
Re: speed
Hi Ed,
There's nothing else to delete. My thoughts are to do a System Restore to just before these problems began. Here are the instructions again: Click Start>All Programs>Accessories>System Tools
Please let me know if that has helped. |
|
|
|
|
05-07-2007, 08:10 PM
|
#13 (permalink) |
|
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
Join Date: Jan 2005
Location: Ohio
Posts: 23,970
OS: WinXP and Vista
|
Re: speed
Hi Ed,
That indicates to me that either you did not have your System Restore enabled during that time, or you flushed your previous restore points. I don't believe malware to be the cause of your issues. I do see a few new programs added around the 20th of April...do you recall if your issues seem to coincide with any of your new programs? Waxmail for Outlook Express Wise Registry Cleaner Tweak-XP Pro 4 |
|
|
|
|
05-08-2007, 12:33 AM
|
#14 (permalink) |
|
Registered User
Join Date: Apr 2007
Posts: 61
OS: HP XP Home/Compaq Vista home basic
|
Re: speed
Ried,
Now that you mention it, yes. I did download some stuff around that time &then or up to a week earlier, is when it went south. I don't know anything about the system restore. Ed |
|
|
|
|
05-08-2007, 07:50 AM
|
#16 (permalink) |
|
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
Join Date: Jan 2005
Location: Ohio
Posts: 23,970
OS: WinXP and Vista
|
Re: speed
Not necessarily--I was trying to give you an idea of where to start looking or thinking.
Can you recall if the system 'went south' after Tweaking XP or cleaning the registry? If so, did the registry cleaner make backups that you can restore? Does the Tweak XP program have a way to reset the changes it made? If your problems seemed to arise after installing Waxmail for Outlook Express, try uninstalling it and see if that helps. |
|
|
|
|
05-08-2007, 09:46 AM
|
#17 (permalink) |
|
Registered User
Join Date: Apr 2007
Posts: 61
OS: HP XP Home/Compaq Vista home basic
|
Re: speed
Ried,
As far as I can remember, the computer acted up after I installed those programs. I removed Waxmail just now, no help. Now, New development. Ever sinse we installed the legal XP, when I log onto e-mail it always asks for my password, it never did this before. So I have to type it in before I can log on. I thought this was a server(Mediacom) problem so I called support & they sent a guy out. He checked it out & tried to correct it theb said it was a microsoft problem, not theirs. As he was doing his check, I told him about my pspeed problem & he checked & said it was running slow & he checked all the cables & connections. He replaced the cable from the pole to the house as squirrals had chewed thru the insulation. Then after checking again, he sais it was still running slow & it was the fault of a transformer on the pole & he would havwe to get maint. to change it. So maybe thatsd the problem. Thet are going to be here within a week so i guess we just as well wait till they are done & see what happens. What say you? Maybe you can help me with the log onto e-mail problem. Also, when I restart a window opens & says "failure to open nview.dl" Is that important? Ed |
|
|
|
|
05-08-2007, 08:25 PM
|
#18 (permalink) |
|
Assistant Manager, TSF Academy; Moderator/Analyst Security Team
Join Date: Jan 2005
Location: Ohio
Posts: 23,970
OS: WinXP and Vista
|
Re: speed
Hi Ed,
I'd say wait and see if the connection issue is resolved once they replace the transformer on the pole. My focus is that of malware detection and removal. You really would be better served discussing your e-mail and error with the folks in the Windows XP section. 
|
|
|
|
| Thread Tools | |
|
|
located at the bottom of the page.
then click 
