PC very slow & sluggish
Here is the list you wanted. Quite long.
StartupList report, 6/14/2010, 12:09:32 PM StartupList version: 1.52.2 Started from : C:\Program Files\Trend Micro\HijackThis\HijackThis.EXE Detected: Windows XP SP3 (WinNT 5.01.2600) Detected: Internet Explorer v8.00 (8.00.6001.18702) * Using default options * Including empty and uninteresting sections * Showing rarely important sections ==================================================
Running processes:
C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AskBarDis\bar\bin\AskService.exe C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Creative\Shared Files\CTDevSrv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\Documents and Settings\Justin\Application Data\mjusbsp\magicJack.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
————————————————–
Listing of startup folders:
Shell folders Startup: [C:\Documents and Settings\Justin\Start Menu\Programs\Startup] *No files*
Shell folders AltStartup: *Folder not found*
User shell folders Startup: *Folder not found*
User shell folders AltStartup: *Folder not found*
Shell folders Common Startup: [C:\Documents and Settings\All Users\Start Menu\Programs\Startup] *No files*
Shell folders Common AltStartup: *Folder not found*
User shell folders Common Startup: *Folder not found*
User shell folders Alternate Common Startup: *Folder not found*
————————————————–
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe,
[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found*
[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] *Registry value not found*
[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found*
————————————————–
Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
PRONoMgr.exe = C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe avgnt = “C:\Program Files\Avira\AntiVir Desktop\avgnt.exe” /min iTunesHelper = “C:\Program Files\iTunes\iTunesHelper.exe” Adobe Reader Speed Launcher = “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe” Adobe ARM = “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe” Google Quick Search Box = “C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe” /autorun
————————————————–
Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No values found*
————————————————–
Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No values found*
————————————————–
Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*
————————————————–
Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*
————————————————–
Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run
SUPERAntiSpyware = C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe cdloader = “C:\Documents and Settings\Justin\Application Data\mjusbsp\cdloader2.exe” MAGICJACK ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe swg = “C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe”
————————————————–
Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
Shockwave Updater = C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150596.exe -Update -1150596 -”Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; GTB6; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)” -”http://pbskids.org/dragontales/berry_surprise/dberry_game.html”
————————————————–
Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*
————————————————–
Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*
————————————————–
Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*
————————————————–
Autorun entries from Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*
————————————————–
Autorun entries from Registry: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*
————————————————–
Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
[OptionalComponents] =
————————————————–
Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found*
————————————————–
Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No subkeys found*
————————————————–
Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found*
————————————————–
Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found*
————————————————–
Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run *No subkeys found*
————————————————–
Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found*
————————————————–
Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found*
————————————————–
Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found*
————————————————–
Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found*
————————————————–
Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found*
————————————————–
Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found*
————————————————–
File association entry for .EXE: HKEY_CLASSES_ROOT\exefile\shell\open\command
(Default) = “%1″ %*
————————————————–
File association entry for .COM: HKEY_CLASSES_ROOT\comfile\shell\open\command
(Default) = “%1″ %*
————————————————–
File association entry for .BAT: HKEY_CLASSES_ROOT\batfile\shell\open\command
(Default) = “%1″ %*
————————————————–
File association entry for .PIF: HKEY_CLASSES_ROOT\piffile\shell\open\command
(Default) = “%1″ %*
————————————————–
File association entry for .SCR: HKEY_CLASSES_ROOT\scrfile\shell\open\command
(Default) = “%1″ /S
————————————————–
File association entry for .HTA: HKEY_CLASSES_ROOT\htafile\shell\open\command
(Default) = C:\WINDOWS\system32\mshta.exe “%1″ %*
————————————————–
File association entry for .TXT: HKEY_CLASSES_ROOT\txtfile\shell\open\command
(Default) = %SystemRoot%\system32\NOTEPAD.EXE %1
————————————————–
Enumerating Active Setup stub paths: HKLM\Software\Microsoft\Active Setup\Installed Components (* = disabled by HKCU twin)
[<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] * StubPath = C:\WINDOWS\system32\ieudinit.exe
[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP
[>{26923b43-4d38-484f-9b9e-de460746276c}] * StubPath = C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] * StubPath = “C:\WINDOWS\system32\rundll32.exe” “C:\WINDOWS\system32\iedkcs32.dll”,BrandIEActiveSetup SIGNUP
[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] * StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
[{10880D85-AAD9-4558-ABDC-2AB1552D831F}] * StubPath = “C:\Program Files\Common Files\LightScribe\LSRunOnce.exe”
[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] * StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] * StubPath = “%ProgramFiles%\Outlook Express\setup50.exe” /APP:OE /CALLER:WINNT /user /install
[{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
[{5945c046-1e7d-11d1-bc44-00c04fd912be}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub
[{7790769C-0471-11d2-AF11-00C04FA35D02}] * StubPath = “%ProgramFiles%\Outlook Express\setup50.exe” /APP:WAB /CALLER:WINNT /user /install
[{89820200-ECBD-11cf-8B85-00AA005B4340}] * StubPath = regsvr32.exe /s /n /i:U shell32.dll
[{89820200-ECBD-11cf-8B85-00AA005B4383}] * StubPath = C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] * StubPath = c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
————————————————–
Enumerating ICQ Agent Autostart apps: HKCU\Software\Mirabilis\ICQ\Agent\Apps
*Registry key not found*
————————————————–
Load/Run keys from C:\WINDOWS\WIN.INI:
load=*INI section not found* run=*INI section not found*
Load/Run keys from Registry:
HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\Windows: load= HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=
————————————————–
Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:
Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found*
Shell & screensaver key from Registry:
Shell=Explorer.exe SCRNSAVE.EXE=C:\WINDOWS\system32\sstext3d.scr drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry key not found* HKLM\..\Policies: Shell=*Registry value not found*
————————————————–
Checking for EXPLORER.EXE instances:
C:\WINDOWS\Explorer.exe: PRESENT!
C:\Explorer.exe: not present C:\WINDOWS\Explorer\Explorer.exe: not present C:\WINDOWS\System\Explorer.exe: not present C:\WINDOWS\System32\Explorer.exe: not present C:\WINDOWS\Command\Explorer.exe: not present C:\WINDOWS\Fonts\Explorer.exe: not present
————————————————–
Checking for superhidden extensions:
.lnk: HIDDEN! (arrow overlay: yes) .pif: HIDDEN! (arrow overlay: yes) .exe: not hidden .com: not hidden .bat: not hidden .hta: not hidden .scr: not hidden .shs: HIDDEN! .shb: HIDDEN! .vbs: not hidden .vbe: not hidden .wsh: not hidden .scf: HIDDEN! (arrow overlay: NO!) .url: HIDDEN! (arrow overlay: yes) .js: not hidden .jse: not hidden
————————————————–
Verifying REGEDIT.EXE integrity:
– Regedit.exe found in C:\WINDOWS – .reg open command is normal (regedit.exe %1) – Company name OK: ‘Microsoft Corporation’ – Original filename OK: ‘REGEDIT.EXE’ – File description: ‘Registry Editor’
Registry check passed
————————————————–
Enumerating Browser Helper Objects:
(no name) – C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll – {02478D38-C3F9-4efb-9B51-7695ECA05670} AcroIEHelperStub – C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll – {18DF081C-E8AD-4283-A596-FA578C2EBDC3} AskBar BHO – C:\Program Files\AskBarDis\bar\bin\askBar.dll – {201f27d4-3704-41d6-89c1-aa35e39143ed} Skype add-on (mastermind) – C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll – {22BF413B-C6D2-4d91-82A9-A0F997BA588C} (no name) – (no file) – {5C255C8A-E604-49b4-9D64-90988571CECB} (no name) – C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll – {9030D464-4C02-4ABF-8ECC-5164760863C6} (no name) – C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll – {AA58ED58-01DD-4d91-8333-CF10577473F7} (no name) – C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll – {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (no name) – C:\Program Files\Java\jre6\bin\jp2ssv.dll – {DBC80044-A445-435b-BC74-9C25C1C588A9} JQSIEStartDetectorImpl – C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll – {E7E6F031-17CE-4C07-BC86-EABFE594F69C} (no name) – C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll – {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
————————————————–
Enumerating Task Scheduler jobs:
AppleSoftwareUpdate.job Google Software Updater.job GoogleUpdateTaskMachineCore.job GoogleUpdateTaskMachineUA.job
————————————————–
Enumerating Download Program Files:
[Facebook Photo Uploader 5 Control] InProcServer32 = C:\WINDOWS\Downloaded Program Files\PhotoUploader5.ocx CODEBASE = http://upload.facebook.com/controls/…oUploader5.cab
[Windows Genuine Advantage Validation Tool] InProcServer32 = C:\WINDOWS\system32\LegitCheckControl.DLL CODEBASE = http://download.microsoft.com/downlo…eckControl.cab
[Shockwave ActiveX Control] InProcServer32 = C:\WINDOWS\system32\Adobe\Director\SwDir.dll CODEBASE = http://download.macromedia.com/pub/s…irector/sw.cab
[Installation Support] InProcServer32 = C:\Program Files\Yahoo!\Common\Yinsthelper.dll CODEBASE = C:\Program Files\Yahoo!\Common\Yinsthelper.dll
[Snapfish Activia] InProcServer32 = C:\WINDOWS\Downloaded Program Files\SnapfishActivia1001.ocx CODEBASE = http://www1.snapfish.com/SnapfishActivia.cab
[CopyGuardCtrl Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\CopyGuardIE.dll CODEBASE = http://www.psapoll.com/CopyGuardIE.cab
[DLM Control] InProcServer32 = C:\WINDOWS\DOWNLO~1\DOWNLO~1.OCX CODEBASE = http://dlm.tools.akamai.com/dlmanage…ex-2.2.4.5.cab
[Image Uploader Control] InProcServer32 = C:\WINDOWS\Downloaded Program Files\ImageUploader5.ocx CODEBASE = http://www.geni.com/ImageUploader5.cab
[Facebook Photo Uploader 5 Control] InProcServer32 = C:\WINDOWS\Downloaded Program Files\PhotoUploader55.ocx CODEBASE = http://upload.facebook.com/controls/…Uploader55.cab
[Java Plug-in 1.6.0_20] InProcServer32 = C:\Program Files\Java\jre6\bin\jp2iexp.dll CODEBASE = http://java.sun.com/update/1.6.0/jin…ndows-i586.cab
[Shutterfly Picture Upload Plugin] InProcServer32 = C:\WINDOWS\Downloaded Program Files\sfuploadplugin.ocx CODEBASE = http://web1.shutterfly.com/downloads/Uploader.cab
[Photo Upload Plugin Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\Photochannel.dll CODEBASE = http://images3.pnimedia.com/ProductA…eX_Control.cab
[Java Plug-in 1.5.0_11] InProcServer32 = C:\Program Files\Java\jre6\bin\jp2iexp.dll CODEBASE = http://java.sun.com/update/1.5.0/jin…ndows-i586.cab
[Java Plug-in 1.6.0_20] InProcServer32 = C:\Program Files\Java\jre6\bin\jp2iexp.dll CODEBASE = http://java.sun.com/update/1.6.0/jin…ndows-i586.cab
[Java Plug-in 1.6.0_20] InProcServer32 = C:\Program Files\Java\jre6\bin\npjpi160_20.dll CODEBASE = http://java.sun.com/update/1.6.0/jin…ndows-i586.cab
[Shockwave Flash Object] InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx CODEBASE = http://download.macromedia.com/pub/s…sh/swflash.cab
————————————————–
Enumerating Winsock LSP files:
NameSpace #1: C:\WINDOWS\System32\mswsock.dll NameSpace #2: C:\WINDOWS\System32\winrnr.dll NameSpace #3: C:\WINDOWS\System32\mswsock.dll NameSpace #4: C:\Program Files\Bonjour\mdnsNSP.dll Protocol #1: C:\WINDOWS\system32\mswsock.dll Protocol #2: C:\WINDOWS\system32\mswsock.dll Protocol #3: C:\WINDOWS\system32\mswsock.dll Protocol #4: C:\WINDOWS\system32\rsvpsp.dll Protocol #5: C:\WINDOWS\system32\rsvpsp.dll Protocol #6: C:\WINDOWS\system32\mswsock.dll Protocol #7: C:\WINDOWS\system32\mswsock.dll Protocol #8: C:\WINDOWS\system32\mswsock.dll Protocol #9: C:\WINDOWS\system32\mswsock.dll Protocol #10: C:\WINDOWS\system32\mswsock.dll Protocol #11: C:\WINDOWS\system32\mswsock.dll Protocol #12: C:\WINDOWS\system32\mswsock.dll Protocol #13: C:\WINDOWS\system32\mswsock.dll Protocol #14: C:\WINDOWS\system32\mswsock.dll Protocol #15: C:\WINDOWS\system32\mswsock.dll
————————————————–
Enumerating Windows NT/2000/XP services
Microsoft ACPI Driver: system32\DRIVERS\ACPI.sys (system) aeaudio: system32\drivers\aeaudio.sys (manual start) Microsoft Kernel Acoustic Echo Canceller: system32\drivers\aec.sys (manual start) AEGIS Protocol (IEEE 802.1x) v3.4.5.0: system32\DRIVERS\AegisP.sys (autostart) AFD: \SystemRoot\System32\drivers\afd.sys (system) Alerter: %SystemRoot%\system32\svchost.exe -k LocalService (disabled) Application Layer Gateway Service: %SystemRoot%\System32\alg.exe (manual start) Avira AntiVir Scheduler: “C:\Program Files\Avira\AntiVir Desktop\sched.exe” (autostart) Avira AntiVir Guard: “C:\Program Files\Avira\AntiVir Desktop\avguard.exe” (autostart) Apple Mobile Device: “C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe” (autostart) Application Management: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) ASKService: C:\Program Files\AskBarDis\bar\bin\AskService.exe (autostart) ASKUpgrade: C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe (autostart) ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (manual start) RAS Asynchronous Media Driver: system32\DRIVERS\asyncmac.sys (manual start) Standard IDE/ESDI Hard Disk Controller: system32\DRIVERS\atapi.sys (system) ATM ARP Client Protocol: system32\DRIVERS\atmarpc.sys (manual start) Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Audio Stub Driver: system32\DRIVERS\audstub.sys (manual start) avgio: \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys (system) avgntflt: system32\DRIVERS\avgntflt.sys (autostart) avipbb: system32\DRIVERS\avipbb.sys (system) Background Intelligent Transfer Service: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Bonjour Service: “C:\Program Files\Bonjour\mDNSResponder.exe” (autostart) Computer Browser: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Closed Caption Decoder: system32\DRIVERS\CCDECODE.sys (manual start) CD-ROM Driver: system32\DRIVERS\cdrom.sys (system) Indexing Service: %SystemRoot%\system32\cisvc.exe (disabled) ClipBook: %SystemRoot%\system32\clipsrv.exe (disabled) .NET Runtime Optimization Service v2.0.50727_X86: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (manual start) COM+ System Application: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start) Cryptographic Services: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) CT Device Query service: C:\Program Files\Creative\Shared Files\CTDevSrv.exe (autostart) Creative Centrale Media Server: C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe (manual start) DCOM Server Process Launcher: %SystemRoot%\system32\svchost -k DcomLaunch (autostart) DHCP Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Disk Driver: system32\DRIVERS\disk.sys (system) Logical Disk Manager Administrative Service: %SystemRoot%\System32\dmadmin.exe /com (manual start) dmboot: System32\drivers\dmboot.sys (disabled) dmio: System32\drivers\dmio.sys (disabled) dmload: System32\drivers\dmload.sys (disabled) Logical Disk Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Microsoft Kernel DLS Syntheiszer: system32\drivers\DMusic.sys (manual start) DNS Client: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart) Wired AutoConfig: %SystemRoot%\System32\svchost.exe -k dot3svc (manual start) Microsoft Kernel DRM Audio Descrambler: system32\drivers\drmkaud.sys (manual start) Intel(R) PRO Adapter Driver: system32\DRIVERS\e100b325.sys (manual start) Extensible Authentication Protocol Service: %SystemRoot%\System32\svchost.exe -k eapsvcs (manual start) Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Event Log: %SystemRoot%\system32\services.exe (autostart) COM+ Event System: C:\WINDOWS\system32\svchost.exe -k netsvcs (manual start) Fast User Switching Compatibility: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Floppy Disk Controller Driver: system32\DRIVERS\fdc.sys (manual start) Floppy Disk Driver: system32\DRIVERS\flpydisk.sys (manual start) FltMgr: system32\DRIVERS\fltMgr.sys (system) Windows Presentation Foundation Font Cache 3.0.0.0: c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (manual start) Volume Manager Driver: system32\DRIVERS\ftdisk.sys (system) GEAR ASPI Filter Driver: system32\DRIVERS\GEARAspiWDM.sys (manual start) Generic Packet Classifier: system32\DRIVERS\msgpc.sys (manual start) Google Update Service (gupdate1c9ed0927640648): “C:\Program Files\Google\Update\GoogleUpdate.exe” /svc (autostart) Google Software Updater: “C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe” (autostart) Help and Support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) HID Input Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Microsoft HID Class Driver: system32\DRIVERS\hidusb.sys (manual start) Health Key and Certificate Management Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) IEEE-1284.4 Driver HPZid412: system32\DRIVERS\HPZid412.sys (manual start) Print Class Driver for IEEE-1284.4 HPZipr12: system32\DRIVERS\HPZipr12.sys (manual start) USB to IEEE-1284.4 Translation Driver HPZius12: system32\DRIVERS\HPZius12.sys (manual start) HTTP: System32\Drivers\HTTP.sys (manual start) HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start) i8042 Keyboard and PS/2 Mouse Port Driver: system32\DRIVERS\i8042prt.sys (system) ialm: system32\DRIVERS\ialmnt5.sys (manual start) Windows CardSpace: “C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe” (manual start) CD-Burning Filter Driver: system32\DRIVERS\imapi.sys (system) IMAPI CD-Burning COM Service: C:\WINDOWS\system32\imapi.exe (manual start) IntelIde: system32\DRIVERS\intelide.sys (system) Intel Processor Driver: system32\DRIVERS\intelppm.sys (system) IPv6 Windows Firewall Driver: system32\DRIVERS\Ip6Fw.sys (manual start) IP Traffic Filter Driver: system32\DRIVERS\ipfltdrv.sys (manual start) IP in IP Tunnel Driver: system32\DRIVERS\ipinip.sys (manual start) IP Network Address Translator: system32\DRIVERS\ipnat.sys (manual start) iPod Service: “C:\Program Files\iPod\bin\iPodService.exe” (manual start) IPSEC driver: system32\DRIVERS\ipsec.sys (system) IR Enumerator Service: system32\DRIVERS\irenum.sys (manual start) PnP ISA/EISA Bus Driver: system32\DRIVERS\isapnp.sys (system) Java Quick Starter: “C:\Program Files\Java\jre6\bin\jqs.exe” -service -config “C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf” (autostart) Keyboard Class Driver: system32\DRIVERS\kbdclass.sys (system) Keyboard HID Driver: system32\DRIVERS\kbdhid.sys (system) Microsoft Kernel Wave Audio Mixer: system32\drivers\kmixer.sys (manual start) Server: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Workstation: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) LightScribeService Direct Disc Labeling Service: “C:\Program Files\Common Files\LightScribe\LSSrvc.exe” (autostart) TCP/IP NetBIOS Helper: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Logitech USB Microphone: system32\drivers\lvsound2.sys (system) Messenger: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) NetMeeting Remote Desktop Sharing: C:\WINDOWS\system32\mnmsrvc.exe (manual start) Mouse Class Driver: system32\DRIVERS\mouclass.sys (system) Mouse HID Driver: system32\DRIVERS\mouhid.sys (manual start) WebDav Client Redirector: system32\DRIVERS\mrxdav.sys (manual start) MRXSMB: system32\DRIVERS\mrxsmb.sys (system) Distributed Transaction Coordinator: C:\WINDOWS\system32\msdtc.exe (manual start) Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start) Microsoft Streaming Service Proxy: system32\drivers\MSKSSRV.sys (manual start) Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start) Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start) Microsoft System Management BIOS Driver: system32\DRIVERS\mssmbios.sys (manual start) Microsoft Streaming Tee/Sink-to-Sink Converter: system32\drivers\MSTEE.sys (manual start) NABTS/FEC VBI Codec: system32\DRIVERS\NABTSFEC.sys (manual start) Network Access Protection Agent: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Microsoft TV/Video Connection: system32\DRIVERS\NdisIP.sys (manual start) Remote Access NDIS TAPI Driver: system32\DRIVERS\ndistapi.sys (manual start) NDIS Usermode I/O Protocol: system32\DRIVERS\ndisuio.sys (manual start) Remote Access NDIS WAN Driver: system32\DRIVERS\ndiswan.sys (manual start) Nero BackItUp Scheduler 4.0: C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (autostart) NetBIOS Interface: system32\DRIVERS\netbios.sys (system) NetBios over Tcpip: system32\DRIVERS\netbt.sys (system) Network DDE: %SystemRoot%\system32\netdde.exe (disabled) Network DDE DSDM: %SystemRoot%\system32\netdde.exe (disabled) Net Logon: %SystemRoot%\system32\lsass.exe (manual start) Network Connections: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Intel NCS NetService: C:\Program Files\Intel\NCS\Sync\NetSvc.exe (manual start) Net.Tcp Port Sharing Service: “C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe” (disabled) Network Location Awareness (NLA): %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) NMIndexingService: “C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe” (manual start) NT LM Security Support Provider: %SystemRoot%\system32\lsass.exe (manual start) Removable Storage: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) IPX Traffic Filter Driver: system32\DRIVERS\nwlnkflt.sys (manual start) IPX Traffic Forwarder Driver: system32\DRIVERS\nwlnkfwd.sys (manual start) Parallel port driver: system32\DRIVERS\parport.sys (manual start) PCI Bus Driver: system32\DRIVERS\pci.sys (system) PCIIde: system32\DRIVERS\pciide.sys (system) Plug and Play: %SystemRoot%\system32\services.exe (autostart) Pml Driver HPZ12: C:\WINDOWS\system32\HPZipm12.exe (autostart) IPSEC Services: %SystemRoot%\system32\lsass.exe (autostart) WAN Miniport (PPTP): system32\DRIVERS\raspptp.sys (manual start) Protected Storage: %SystemRoot%\system32\lsass.exe (autostart) QoS Packet Scheduler: system32\DRIVERS\psched.sys (manual start) Direct Parallel Link Driver: system32\DRIVERS\ptilink.sys (manual start) PxHelp20: System32\Drivers\PxHelp20.sys (system) Logitech QuickCam Web(PID_0850): system32\DRIVERS\LVCE.sys (manual start) Remote Access Auto Connection Driver: system32\DRIVERS\rasacd.sys (system) Remote Access Auto Connection Manager: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) WAN Miniport (L2TP): system32\DRIVERS\rasl2tp.sys (manual start) Remote Access Connection Manager: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Remote Access PPPOE Driver: system32\DRIVERS\raspppoe.sys (manual start) Direct Parallel: system32\DRIVERS\raspti.sys (manual start) Rdbss: system32\DRIVERS\rdbss.sys (system) RDPCDD: System32\DRIVERS\RDPCDD.sys (system) Remote Desktop Help Session Manager: C:\WINDOWS\system32\sessmgr.exe (manual start) Digital CD Audio Playback Filter Driver: system32\DRIVERS\redbook.sys (system) Routing and Remote Access: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled) Remote Procedure Call (RPC) Locator: %SystemRoot%\system32\locator.exe (manual start) Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart) QoS RSVP: %SystemRoot%\system32\rsvp.exe (manual start) NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver: system32\DRIVERS\wg111v2.sys (manual start) Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart) SASDIFSV: \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (system) SASENUM: \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS (manual start) SASKUTIL: \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (system) Smart Card: %SystemRoot%\System32\SCardSvr.exe (manual start) Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Secdrv: system32\DRIVERS\secdrv.sys (manual start) Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Serenum Filter Driver: system32\DRIVERS\serenum.sys (manual start) Serial port driver: system32\DRIVERS\serial.sys (system) winnetseve: C:\Program Files\Common Files\Microsoft Shared\MSINFO\Servernet.exe (autostart) Windows Firewall/Internet Connection Sharing (ICS): %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) BDA Slip De-Framer: system32\DRIVERS\SLIP.sys (manual start) smwdm: system32\drivers\smwdm.sys (manual start) Microsoft Kernel Audio Splitter: system32\drivers\splitter.sys (manual start) Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart) System Restore Filter Driver: system32\DRIVERS\sr.sys (system) System Restore Service: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Srv: system32\DRIVERS\srv.sys (manual start) SSDP Discovery Service: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) ssmdrv: system32\DRIVERS\ssmdrv.sys (system) Windows Image Acquisition (WIA): %SystemRoot%\system32\svchost.exe -k imgsvc (autostart) BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start) Software Bus Driver: system32\DRIVERS\swenum.sys (manual start) Microsoft Kernel GS Wavetable Synthesizer: system32\drivers\swmidi.sys (manual start) MS Software Shadow Copy Provider: C:\WINDOWS\system32\dllhost.exe /Processid:{26172167-2F81-4D0D-9FDA-350459F08352} (manual start) Microsoft Kernel System Audio Device: system32\drivers\sysaudio.sys (manual start) Performance Logs and Alerts: %SystemRoot%\system32\smlogsvc.exe (manual start) Telephony: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) TCP/IP Protocol Driver: system32\DRIVERS\tcpip.sys (system) Terminal Device Driver: system32\DRIVERS\termdd.sys (system) Terminal Services: %SystemRoot%\System32\svchost -k DComLaunch (manual start) Themes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Microcode Update Driver: system32\DRIVERS\update.sys (manual start) Universal Plug and Play Device Host: %SystemRoot%\system32\svchost.exe -k LocalService (manual start) Uninterruptible Power Supply: %SystemRoot%\System32\ups.exe (manual start) Apple Mobile USB Driver: System32\Drivers\usbaapl.sys (manual start) USB Audio Driver (WDM): system32\drivers\usbaudio.sys (manual start) Microsoft USB Generic Parent Driver: system32\DRIVERS\usbccgp.sys (manual start) Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: system32\DRIVERS\usbehci.sys (manual start) USB2 Enabled Hub: system32\DRIVERS\usbhub.sys (manual start) Microsoft USB PRINTER Class: system32\DRIVERS\usbprint.sys (manual start) USB Scanner Driver: system32\DRIVERS\usbscan.sys (manual start) USB Mass Storage Driver: system32\DRIVERS\USBSTOR.SYS (manual start) Microsoft USB Universal Host Controller Miniport Driver: system32\DRIVERS\usbuhci.sys (manual start) USB Video Device (WDM): System32\Drivers\usbvideo.sys (manual start) VgaSave: \SystemRoot\System32\drivers\vga.sys (system) Volume Shadow Copy: %SystemRoot%\System32\vssvc.exe (manual start) Windows Time: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Remote Access IP ARP Driver: system32\DRIVERS\wanarp.sys (manual start) Microsoft WDM Virtual Wave Driver (WDM): system32\drivers\wdmaud.sys (system) WebClient: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Portable Media Serial Number Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) WMI Performance Adapter: C:\WINDOWS\system32\wbem\wmiapsrv.exe (manual start) Windows Media Player Network Sharing Service: “C:\Program Files\Windows Media Player\WMPNetwk.exe” (manual start) WpdUsb: system32\DRIVERS\wpdusb.sys (manual start) Security Center: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) World Standard Teletext Codec: system32\DRIVERS\WSTCODEC.SYS (manual start) Automatic Updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Windows Driver Foundation – User-mode Driver Framework Platform Driver: system32\DRIVERS\WudfPf.sys (system) Windows Driver Foundation – User-mode Driver Framework Reflector: system32\DRIVERS\wudfrd.sys (manual start) Windows Driver Foundation – User-mode Driver Framework: %SystemRoot%\system32\svchost.exe -k WudfServiceGroup (autostart) Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Network Provisioning Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Yahoo! Updater: “C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe” (autostart) Intel(R) Graphics Platform (SoftBIOS) Driver: system32\drivers\ialmsbw.sys (manual start) Intel(R) Graphics Chipset (KCH) Driver: system32\drivers\ialmkchw.sys (manual start)
————————————————–
Enumerating Windows NT logon/logoff scripts: *No scripts set to run*
Windows NT checkdisk command: BootExecute = autocheck autochk *
Windows NT ‘Wininit.ini’: PendingFileRenameOperations: *Registry value not found*
————————————————–
Enumerating ShellServiceObjectDelayLoad items:
PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\system32\webcheck.dll SysTray: C:\WINDOWS\system32\stobject.dll WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll
————————————————– Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
*Registry key not found*
————————————————–
Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
*Registry key not found*
————————————————–
End of report, 39,987 bytes Report generated in 0.187 seconds
Command line options: /verbose – to add additional info on each section /complete – to include empty sections and unsuspicious data /full – to include several rarely-important sections /force9x – to include Win9x-only startups even if running on WinNT /forcent – to include WinNT-only startups even if running on Win9x /forceall – to include all Win9x and WinNT startups, regardless of platform /history – to list version history only
Incoming search terms for the article:
Similar articles
- Computer EXTREMELY Slow [RESOLVED]
Back Again Tried the On-Line scan again after doing the Disk Clean Up. The scan got to 20% then the computer screen locked up, then the computer restarted. When the computer restarted I received the following msg: Miscrosoft Windows: The System has recovered from a Serious Error
... - COmputer going Slow
OTL logfile created on: 6/5/2010 2:00:03 AM – Run 2 OTL by OldTimer – Version 3.1.37.3 Folder = E:\download\ANTIvirus Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) – Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1,015.00 Mb
... - PC Optimization Program
Thanks John Wilkinson! by greval – 12/2/06 2:21 AM In reply to: Two… by John.Wilkinson Hi John, thank you so much for providing info on CCleaner and RegSeeker in an earlier discussion on removing Norton. I have used both and they are excellent!I have been a member of cnet for sometime now and
... - Computer running real slow
ComboFix 09-08-07.09 – Ash 08/08/2009 19:45.1.1 – NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1527.1068 [GMT -4:00] Running from: c:\documents and settings\Ash\Desktop\Combo-Fix.exe AV: avast! antivirus 4.8.1335 [VPS 090808-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Ash\Local Settings\Temporary Internet Files\CPV.stt c:\program files\AntiSpywareMaster c:\program files\CPV c:\program files\Temporary c:\recycler\S-1-5-21-756675163-450111082-2657256198-1003
... - Slow sluggish computer possibly Win32 trojan?
Hello My computer has been acting extra extra slow and sluggish, takes ages to open windows and applications, such ad-aware and spybot – which both state win32 trojan….I deleted on those two programs in both safe mode and normal but still slow and I am sure I haven’t got rid of it yet, please help!!!
...