Tom's Guide | Tom's Hardware | Tom's Games

Computing.Net > Forums > Security and Virus > My Slow Laptop

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

My Slow Laptop

Reply to Message Icon

Name: Aisling
Date: October 24, 2006 at 17:08:25 Pacific
OS: Microsoft XP
CPU/Ram: 480mb Ram
Product: Fujitsu Siemens Amilo l13
Comment:

My laptop keeps on getting slower and slower, especially when I'm on the net. Can someone please suggest a way that I can check if something is causing it to slow so much or help me get it back up yo speed again? Thanks

Aisling



Sponsored Link
Ads by Google

Response Number 1
Name: XpUser4Real
Date: October 24, 2006 at 19:35:55 Pacific
Reply:

1-What size is your processor?
2-What AV and Firewall are you using?
3-Have you unchecked everything from your startup except for your AV and Firewall?
If we get more info it will be easier to diagnose and make suggestions

Hopefully my advice will help you...Please post back with your results....thanks


0

Response Number 2
Name: jabuck
Date: October 24, 2006 at 19:38:06 Pacific
Reply:

Please post a Hijack This log and we will see if we can find what is causing the problem.

Download HJTsetup.exe from this link http://www.thespykiller.co.uk/files/HJTsetup.exe to your desktop.
Doubleclick on the HJTsetup.exe icon on your desktop.
By default it will install to C:\Program Files\Hijack This.
Continue to click "next" in the setup dialogue boxes until you get to the "Select Addition Tasks" dialogue.
Put a check by "Create a desktop icon" then click "Next" again.
Continue to follow the rest of the prompts from there.
At the final dialogue box click "Finish" and it will launch Hijack This.
Click on the "Do a system scan and save a logfile" button. It will scan and the log should open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log and post it in this thread.

Do not fix anything yet unless you know what you are doing. This is a powerful tool that can crash the computer if used improperly.


0

Response Number 3
Name: Aisling
Date: October 26, 2006 at 11:13:10 Pacific
Reply:

I ran hijack this and here is the log file from it. Thanks,
Aisling

Logfile of HijackThis v1.99.1
Scan saved at 19:11:23, on 26/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVW32.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.eircom.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?Lin...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?Lin...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?Lin...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?Lin...
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\NVC\BIN\ZLH.exe /LOAD /SPLASH
O4 - HKLM\..\Run: [NI.UWA6P_0001_N73M0604] "C:\Documents and Settings\Laura\Local Settings\Temporary Internet Files\Content.IE5\WBL5NTL6\WinAntiVirusPro2006FreeInstall[1].exe" -nag
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.exe /AUTORUN
O4 - HKLM\..\Run: [RelevantKnowledge] c:\windows\system32\rlvknlg.exe -boot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.eircom.net
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B59A2B1B-5041-4E0E-9605-B3468E4F7E33}: NameServer = 159.134.237.6,159.134.248.17
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: RelevantKnowledge - C:\WINDOWS\system32\rlls.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.exe
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\NVC\BIN\Zanda.exe (file missing)
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe



0

Response Number 4
Name: jabuck
Date: October 26, 2006 at 16:07:28 Pacific
Reply:

Go to start> control panel> add/remove programs> scroll down to and uninstall this program if found:

WinAntiVirusPro2006

Please download ATF-Cleaner to your desktop from this link
http://www.atribune.org/content/view/19/2/ We will need it later in safe mode

Download and install AVG Anti-Spyware We will need this later in safe mode

Be sure to update AVG Anti- Spyware

Download Killbox to your desktop from this link Killbox by Option^Explicit. If you already have "Killbox" update to this newer version. We will need it later in safe mode

Please download VundoFix.exe to your C:\.
Double-click VundoFix.exe to run it.
Click the Scan for Vundo button.
Once it's done scanning, click the Remove Vundo button.
You will receive a prompt asking if you want to remove the files, click YES
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will shutdown your computer, click OK.
Turn your computer back on.
Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.

Post the log Vundofix log located at C:\Vondofix.txt please.

Please download ComboFix to the Desktop from this link:

http://download.bleepingcomputer.com/sUBs/combofix.exe

Double-click combofix.exe
Follow the prompts.
(Don't click on the window while the program is running, it may cause your system to hang.)

Please post the combofix.txt log.


0

Response Number 5
Name: Aisling
Date: October 31, 2006 at 15:24:56 Pacific
Reply:

Here is the Vundofix log.

Vundofix v6.2.6
Checking Java Version...
Java version is 1.4.2.3
Java version is 1.5.0.8
Scan sarted at 23:05:12 31/10/2006
Listing files found while scanning....
No infected files were found.

Beginning removal...


And here is the combofix.txt log.


Laura - 06-10-31 23:14:53.79 Service Pack 2
ComboFix 06.10.19 - Running from: "C:\Documents and Settings\Laura\Desktop"

((((((((((((((((((((((((((((((( Files Created from 2006-09-31 to 2006-10-31 ))))))))))))))))))))))))))))))))))


2006-10-31 23:00 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2006-10-26 18:23 20,640 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys
2006-10-26 18:23 109,568 --------- C:\WINDOWS\system32\pxinsi64.exe
2006-10-26 18:23 108,544 --------- C:\WINDOWS\system32\pxcpyi64.exe
2006-10-24 20:09 121,856 --------- C:\WINDOWS\system32\xmllite.dll
2006-10-24 18:12 48,816 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2006-10-24 18:12 109,744 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2006-10-24 17:19 18,816 --------- C:\WINDOWS\system32\drivers\NTPAMp50.sys
2006-10-24 17:19 17,536 --------- C:\WINDOWS\system32\drivers\NtpaSp50.sys
2006-10-17 12:33 6,049,280 --------- C:\WINDOWS\system32\ieframe.dll
2006-10-17 12:33 50,688 --------- C:\WINDOWS\system32\msfeedsbs.dll
2006-10-17 12:33 458,752 --------- C:\WINDOWS\system32\msfeeds.dll
2006-10-17 12:33 180,736 --------- C:\WINDOWS\system32\ieui.dll
2006-10-17 12:05 206,336 --------- C:\WINDOWS\system32\WinFXDocObj.exe
2006-10-17 12:01 13,312 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-10-17 11:58 61,952 --------- C:\WINDOWS\system32\icardie.dll
2006-10-17 11:58 12,288 --------- C:\WINDOWS\system32\msfeedssync.exe
2006-10-17 11:57 266,752 --------- C:\WINDOWS\system32\iertutil.dll
2006-10-17 11:27 380,928 --------- C:\WINDOWS\system32\ieapfltr.dll
2006-10-02 19:04 806,912 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2006-10-02 19:04 806,912 --a------ C:\WINDOWS\system32\divx_xx07.dll
2006-10-02 19:04 790,528 --a------ C:\WINDOWS\system32\divx_xx11.dll
2006-10-02 19:04 635,486 --a------ C:\WINDOWS\system32\DivX.dll


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-10-31 23:00 -------- d-------- C:\Program Files\Grisoft
2006-10-31 23:00 -------- d-------- C:\Documents and Settings\Laura\Application Data\U3
2006-10-31 22:58 -------- d-------- C:\Program Files\Common Files\Symantec Shared
2006-10-29 15:06 -------- d-------- C:\Program Files\LimeWire
2006-10-28 13:36 -------- d-------- C:\Documents and Settings\Laura\Application Data\DivX
2006-10-26 19:39 -------- d-------- C:\Program Files\Hijackthis
2006-10-26 18:23 -------- d-------- C:\Program Files\DivX
2006-10-25 10:22 -------- d-------- C:\Program Files\Java
2006-10-25 01:48 -------- d-------- C:\Program Files\Common Files\Microsoft Shared
2006-10-25 01:47 -------- d-------- C:\Program Files\Internet Explorer
2006-10-25 01:43 -------- d-------- C:\Program Files\Windows Media Player
2006-10-25 01:20 -------- d-------- C:\Documents and Settings\Laura\Application Data\Real
2006-10-25 01:14 -------- d-------- C:\Program Files\Common Files\xing shared
2006-10-25 01:14 -------- d-------- C:\Program Files\Common Files\Real
2006-10-25 01:14 -------- d-------- C:\Program Files\Common Files
2006-10-25 01:00 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-10-25 01:00 -------- d-------- C:\Program Files\FinePixViewer
2006-10-25 00:51 -------- d-------- C:\Program Files\Apple Software Update
2006-10-25 00:40 -------- d-------- C:\Documents and Settings\Laura\Application Data\Apple Computer
2006-10-24 23:26 -------- d--h----- C:\Program Files\Uninstall Information
2006-10-24 20:00 -------- d-------- C:\Program Files\iTunes
2006-10-24 20:00 -------- d-------- C:\Program Files\iPod
2006-10-24 19:58 -------- d-------- C:\Program Files\QuickTime
2006-10-24 18:52 1868 --a------ C:\Documents and Settings\Laura\Application Data\wklnhst.dat
2006-10-24 18:22 -------- d-------- C:\Program Files\Symantec
2006-10-24 18:16 -------- d-------- C:\Program Files\Norton Internet Security
2006-10-24 17:22 -------- d-------- C:\Program Files\Netopia
2006-10-18 20:51 299008 --a------ C:\WINDOWS\system32\rlls.dll
2006-10-17 12:33 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2006-10-17 12:33 231424 --a------ C:\WINDOWS\system32\webcheck.dll
2006-10-17 12:33 156160 --a------ C:\WINDOWS\system32\msls31.dll
2006-10-17 12:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll
2006-10-17 12:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
2006-10-17 12:05 105984 --a------ C:\WINDOWS\system32\url.dll
2006-10-17 12:04 101376 --a------ C:\WINDOWS\system32\occache.dll
2006-10-17 12:03 17408 --a------ C:\WINDOWS\system32\corpol.dll
2006-10-17 12:01 71680 --a------ C:\WINDOWS\system32\admparse.dll
2006-10-17 12:01 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2006-10-17 12:01 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll
2006-10-17 12:01 229376 --a------ C:\WINDOWS\system32\ieaksie.dll
2006-10-17 12:01 152064 --a------ C:\WINDOWS\system32\ieakeng.dll
2006-10-17 12:00 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe
2006-10-17 12:00 43008 --a------ C:\WINDOWS\system32\iernonce.dll
2006-10-17 12:00 123904 --a------ C:\WINDOWS\system32\advpack.dll
2006-10-17 11:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll
2006-10-17 11:56 45568 --a------ C:\WINDOWS\system32\mshta.exe
2006-10-17 11:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
2006-10-17 11:23 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2006-10-11 16:24 58880 --a------ C:\WINDOWS\system32\pnrpnsp.dll
2006-10-11 16:24 553984 --a------ C:\WINDOWS\system32\p2psvc.dll
2006-10-11 16:24 313344 --a------ C:\WINDOWS\system32\p2pgraph.dll
2006-10-11 16:24 153088 --a------ C:\WINDOWS\system32\p2p.dll
2006-10-11 16:24 116224 --a------ C:\WINDOWS\system32\p2pnetsh.dll
2006-10-11 16:24 104960 --a------ C:\WINDOWS\system32\p2pgasvc.dll
2006-09-20 17:55 245760 --a------ C:\WINDOWS\system32\rlxf.dll
2006-09-13 05:01 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2006-09-11 15:30 275112 --a------ C:\WINDOWS\system32\drivers\srtspl.sys
2006-09-11 15:30 243368 --a------ C:\WINDOWS\system32\drivers\srtsp.sys
2006-09-11 15:30 24232 --a------ C:\WINDOWS\system32\drivers\srtspx.sys
2006-09-02 19:35 613056 --a------ C:\WINDOWS\system32\SymNeti.dll
2006-09-02 19:35 36032 --a------ C:\WINDOWS\system32\drivers\symndisv.sys
2006-09-02 19:35 239808 --a------ C:\WINDOWS\system32\SymRedir.dll
2006-09-02 19:35 186048 --a------ C:\WINDOWS\system32\drivers\symtdi.sys
2006-09-02 19:34 39104 --a------ C:\WINDOWS\system32\drivers\symids.sys
2006-09-02 19:34 33216 --a------ C:\WINDOWS\system32\drivers\symndis.sys
2006-09-02 19:34 26432 --a------ C:\WINDOWS\system32\drivers\symredrv.sys
2006-09-02 19:34 144832 --a------ C:\WINDOWS\system32\drivers\symfw.sys
2006-09-02 19:34 11968 --a------ C:\WINDOWS\system32\drivers\symdns.sys
2006-08-25 15:45 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2006-08-21 12:21 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-08-21 09:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-08-16 11:58 100352 --a------ C:\WINDOWS\system32\6to4svc.dll
2006-08-10 23:03 73728 --a------ C:\WINDOWS\system32\dpl100.dll
2006-08-10 23:03 196608 --a------ C:\WINDOWS\system32\dtu100.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_08\\bin\\jusched.exe\""
"IgfxTray"="C:\\WINDOWS\\system32\\igfxtray.exe"
"HotKeysCmds"="C:\\WINDOWS\\system32\\hkcmd.exe"
"SoundMan"="SOUNDMAN.EXE"
"AGRSMMSG"="AGRSMMSG.exe"
"SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"Norman ZANDA"="C:\\Norman\\NVC\\BIN\\ZLH.exe /LOAD /SPLASH"
"NI.UWA6P_0001_N73M0604"="\"C:\\Documents and Settings\\Laura\\Local Settings\\Temporary Internet Files\\Content.IE5\\WBL5NTL6\\WinAntiVirusPro2006FreeInstall[1].exe\" -nag "
"REGSHAVE"="C:\\Program Files\\REGSHAVE\\REGSHAVE.exe /AUTORUN"
"RelevantKnowledge"="c:\\windows\\system32\\rlvknlg.exe -boot"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"osCheck"="\"C:\\Program Files\\Norton Internet Security\\osCheck.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,02,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,02,03,\
00,00,04,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,02,03,\
00,00,01,00,00,00

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\1]
"Source"="http://www.mugglenet.com/countdown/gof-countdown.php?o=nov18"
"SubscribedURL"="http://www.mugglenet.com/countdown/gof-countdown.php?o=nov18"
"FriendlyName"="Harry Potter and the Goblet of Fire Movie Countdown"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,08,00,00,00,20,00,00,00,44,00,00,00,11,00,00,00,ea,\
03,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:01,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,08,00,00,00,20,00,00,00,44,00,00,00,11,00,\
00,00,01,00,00,40
"RestoredStateInfo"=hex:80,31,13,00,41,c0,b4,74,00,91,22,05,e0,a2,13,00,8c,31,\
13,00,f0,7b,00,00

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.exe"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\RelevantKnowledge

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Laura.job

Completion time: 06-10-31 23:15:43.79
C:\ComboFix.txt ... 06-10-31 23:15



0

Related Posts

See More



Sponsored Link
Ads by Google
Reply to Message Icon



Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.


Go to Security and Virus Forum Home


Sponsored links
Ads by Google


Results for: My Slow Laptop
Help please: slow laptop, problem w www.computing.net/answers/security/help-please-slow-laptop-problem-w/19569.html

slow laptop www.computing.net/answers/security/slow-laptop/20809.html

My new laptop is suddenly so slow www.computing.net/answers/security/my-new-laptop-is-suddenly-so-slow/22788.html