Author Topic: [Resolved] PC slowed significantly in past month. Log attached  (Read 5682 times)

Offline ...bill

  • Bronze Member
  • Posts: 11
[Resolved] PC slowed significantly in past month. Log attached
« on: January 29, 2009, 08:20:00 AM »
I have an "older" PC, and performance has been acceptable until recently (past month). Even without a browser running, apps now just crawl to the point of pain. Seems like file access is slow (my guess).
Virus scanner is always up to date. Performed a full virus scan at boot time, nothing indcat ed. I use SPYBOT and Adaware. SPYBOT sees nothing wrong. Adaware found a few spy cookies, and I deleted those (no change). No popups. I have a bunch of startup processes disabled in SPYBOT's startup tool. Ran disk cleanup an defrag'd before generating this log.  I'm no expert, but it "feels" like I'm hijacked. Any advice is welcome.
...bill



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:50:12 AM, on 1/29/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Microsoft Office\Office10\msoffice.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk.disabled
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Run Google Web Accelerator.lnk.disabled
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {10E0E75E-6701-4134-9D95-C0942ED1F1C8} (Snapfish Outlook Import ActiveX Control) - http://www1.snapfish.com/SnapfishOutlookImport.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.snapfish.com/SnapfishActivia.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1213332518650
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1213332463567
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/FujifilmUploadClient.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CarboniteService - Carbonite, Inc. (www.carbonite.com) - C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 8681 bytes
« Last Edit: January 29, 2009, 09:19:21 AM by Hoov »

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27147
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: PC slowed significantly in past month. Log attached
« Reply #1 on: January 29, 2009, 09:19:00 AM »
Hello, welcome to SpywareHammer.

I go by Hoov, and I will be helping you with your problem. I must ask you to do a few things for me.

First, tell me everything that you have done, if anything, to try and fix this problem.

Second, please only use 1 forum to help clear up your problem. Posting on more than 1 and following instructions from more than 1 forum will cause those helping you to pull out thier hair.

Third, follow my instructions - If you can't for some reason, or if you don't understand something, please tell me. If you deviate from my instructions, tell me, it may make a difference on where we go.

Fourth, Have faith. I will do all I can to get your computer working, and if I can't - someone else here will know something else to try.

Now onto trying to fix your computer.

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
    • Then click Finish.
    MBAM will automatically start and you will be asked to update the program before performing a scan.
    • If an update is found, the program will automatically update itself.
    • Press the OK button to close that box and continue.
    • If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.
    On the Scanner tab:
    • Make sure the "Perform Quick Scan" option is selected.
    • Then click on the Scan button.
    • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
    • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
    • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
    • Click OK to close the message box and continue with the removal process.
    Back at the main Scanner screen:
    • Click on the Show Results button to see a list of any malware that was found.
    • Make sure that everything is checked, and click Remove Selected.
    • When removal is completed, a log report will open in Notepad.
    • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
    • Copy and paste the contents of that report in your next reply and exit MBAM.
    Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you after scanning with MBAM. Please temporarily disable such programs or permit them to allow the changes.

    Former Consumer Security MVP
    2011-2014

    If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

    Offline ...bill

    • Bronze Member
    • Posts: 11
    Re: [In Progress] PC slowed significantly in past month. Log attached
    « Reply #2 on: January 29, 2009, 11:18:28 PM »
    Hoov. Thanks for helping me. Here's what I've done to attempt to fix slow execution previous to and including posting here:

    - Cleaned temp files with the windows cleanup tool.
    - Found "Advanced SystemCare" utilities and ran their tool suite. Found a bunch of hanging register entries and some temp files Windows didn't identify. Didn't seem to change performance.
    - Avast! virus scan at boot time with latest defs. Nothing found. This is my regular virus protection tool.
    - Ad-aware smart scan.  Found a few spy cookies and deleted them
    - Spybot. Ran a scan and found nothing. I do have a bunch of startup programs disabled in Spybot's startup tool as recommended by the Spybot database.
    - Set swap file to size 0. Rebooted, and set it back to 1500 attempting to defrag the swap file. No noticable change in performance.
    -Removed a bunch of programs I never use
    -Ran Windows disk cleanup again
    -Defragged with the windows tool.
    -Performed DISKCHK windows tool on C: at boot time. Nothing found.
    -Ran HijackThis and posted here
    - Below are the log of the Malwarebytes scan performed as instructed.  Cleaned 1 registry entry and performed a reboot as instructed. Only C: was scanned.
    ===================================================

    Malwarebytes' Anti-Malware 1.33
    Database version: 1707
    Windows 5.1.2600 Service Pack 3

    1/29/2009 8:45:13 PM
    mbam-log-2009-01-29 (20-45-13).txt

    Scan type: Quick Scan
    Objects scanned: 62349
    Time elapsed: 4 minute(s), 39 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 1
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer\Control Panel\Homepage (Hijack.Homepage) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)

    Offline Hoov

    • Malware Removal Mentors
    • Administrator
    • Diamond Member
    • Posts: 27147
    • Unwilling part owner of Gov't. Motors and Chrysler
      • Hoov's Personal Site
    Re: [In Progress] PC slowed significantly in past month. Log attached
    « Reply #3 on: January 29, 2009, 11:46:15 PM »
    Have you noticed any improvement? Or is it getting worse?

    Former Consumer Security MVP
    2011-2014

    If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

    Offline ...bill

    • Bronze Member
    • Posts: 11
    Re: [In Progress] PC slowed significantly in past month. Log attached
    « Reply #4 on: January 30, 2009, 07:03:05 PM »
    Performance is not much different.  Takes many seconds (5-8) for IE or Firefox or Outlook to startup with nothing else (appearing) to be running.  Even the windows task manager starts slowly.  My guess is file access is bogged down. Any other ideas?

    ...bill

    Offline Hoov

    • Malware Removal Mentors
    • Administrator
    • Diamond Member
    • Posts: 27147
    • Unwilling part owner of Gov't. Motors and Chrysler
      • Hoov's Personal Site
    Re: [In Progress] PC slowed significantly in past month. Log attached
    « Reply #5 on: January 30, 2009, 07:43:39 PM »
    When was the last time you defragged the harddrive?  And this is going to sound strange, but when was the last time you opened the computer and blew all the dust out of the inside?

    Former Consumer Security MVP
    2011-2014

    If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

    Offline ...bill

    • Bronze Member
    • Posts: 11
    Re: [In Progress] PC slowed significantly in past month. Log attached
    « Reply #6 on: January 30, 2009, 11:06:27 PM »
    C: gets defragged at least weekly. Did it just before sending logs.  I understand how thermal throttling works. I replaced my C: drive about 6 moths ago and cleaned the dust bunnies.
    ...bill

    Offline Hoov

    • Malware Removal Mentors
    • Administrator
    • Diamond Member
    • Posts: 27147
    • Unwilling part owner of Gov't. Motors and Chrysler
      • Hoov's Personal Site
    Re: [In Progress] PC slowed significantly in past month. Log attached
    « Reply #7 on: January 30, 2009, 11:14:06 PM »
    Look in the taskmanager in windows and see what is using the most cycles other than System Idle Process . Let me know what it is. With your computer just idling, write down anything using more than 5% and let me know.

    Former Consumer Security MVP
    2011-2014

    If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

    Offline ...bill

    • Bronze Member
    • Posts: 11
    Re: [In Progress] PC slowed significantly in past month. Log attached
    « Reply #8 on: January 31, 2009, 01:37:15 PM »
    Nothing uses more than a few % other than the idle process (unless I start a major app).

    Offline Hoov

    • Malware Removal Mentors
    • Administrator
    • Diamond Member
    • Posts: 27147
    • Unwilling part owner of Gov't. Motors and Chrysler
      • Hoov's Personal Site
    Re: [In Progress] PC slowed significantly in past month. Log attached
    « Reply #9 on: January 31, 2009, 01:44:42 PM »
    How big is your harddrive and how much space is left on it?

    Former Consumer Security MVP
    2011-2014

    If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

    Offline ...bill

    • Bronze Member
    • Posts: 11
    Re: [In Progress] PC slowed significantly in past month. Log attached
    « Reply #10 on: January 31, 2009, 02:43:06 PM »
    I have a 3 physical hard drives. 
    A 200GB physical drive that contains C: is setup with 4 partitions.
    C: is a 35GB partition and has 15GB (44%) free.

    ...bill

    Offline Hoov

    • Malware Removal Mentors
    • Administrator
    • Diamond Member
    • Posts: 27147
    • Unwilling part owner of Gov't. Motors and Chrysler
      • Hoov's Personal Site
    Re: [In Progress] PC slowed significantly in past month. Log attached
    « Reply #11 on: January 31, 2009, 03:13:56 PM »
    Is there any network activity that seems like it is excessive? We are rapidly running out of explanations.

    Did you have something happen to the computer just before this started? Also once the program is running, does it run normally, or is there a lag in it running as well?

    One possibility is a memory issue. Download and burn to a CD and run Memtest86+ You have to set your computer up to boot from the CD drive, put the CD in and then reboot the computer. The test will run from there. When it has gone thru a full cycle you can stop it, pull out the CD and reboot. Let me know the results.

    If no errors are found, I need you to go to the administration tools in XP. They are in the Control Panel. Open the Admin tools, then open the event viewer. Over on the left hand side and click on System. Then up at the top click on Action and then click on Save Events As, type in system as the file name,  make sure file type EVT is selected, and then navigate so it will save the file to your desktop, then click save. Over on the left hand side and click on Application. Then up at the top click on Action and then click on Save Events As, type in application as the file name,  make sure file type EVT is selected, and then navigate so it will save the file to your desktop, then click save. Zip them both up into a single zip file, post them back here in your next reply as attachments.

    Former Consumer Security MVP
    2011-2014

    If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

    Offline ...bill

    • Bronze Member
    • Posts: 11
    Re: [In Progress] PC slowed significantly in past month. Log attached
    « Reply #12 on: February 01, 2009, 12:07:38 AM »
    Memtest executed without errors.
    Attached are the zipped files you requested.

    Offline Hoov

    • Malware Removal Mentors
    • Administrator
    • Diamond Member
    • Posts: 27147
    • Unwilling part owner of Gov't. Motors and Chrysler
      • Hoov's Personal Site
    Re: [In Progress] PC slowed significantly in past month. Log attached
    « Reply #13 on: February 01, 2009, 10:19:53 AM »
    Two things I see, but I don't think they will do anything, first do you have quicken installed? If not then

    1.. Click Start, right-click My Computer, and then click Properties.
    2.. Click the Hardware tab, and then click Device Manager.
    3.. On the View menu, click Show hidden devices.
    4.. Expand Non-Plug and Play Drivers, and then locate the Mrtrate driver.
    5.. Right-click Mrtrate, and then click Properties.
    6.. Click the Driver tab, and then click Stop under Current Status.
    7.. Under Startup, in the Type box, click to select Disabled, and then
    click OK.
    8.. Quit Device Manager.

    Second is the Fax Service. Since the end of October it has been trying to run. so unless you are using the fax,   
    1. Click Start, and then click Run.
    2. Copy and paste or type the following command in the Open box, and then click OK:
          appwiz.cpl
          It may take several seconds for your computer to compile a list of programs. The Add or Remove Programs dialog box opens.
    3. Click Add/Remove Windows Components to the left of the list of programs to start the Windows Components Wizard. This takes several seconds.
    4. In the Components list, click to select the Fax Services check box (the checkmark should didsappear), and then click Next. Setup uninstalls the fax services.
    5. If you are prompted, insert the Windows XP CD, and then click OK.
          If the Welcome to Microsoft Windows XP window opens, click the X in the upper-right corner to close it.
    6. Click Finish, and then click the X in the upper-right corner of the Add or Remove Programs dialog box to close it.

    And then just to make sure its not malware, run ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

    http://www.bleepingcomputer.com/combofix/how-to-use-combofix

    * Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Also make sure you close all your browsers just before the instructions tell you to start the scanner.

    Please include the C:\ComboFix.txt in your next reply for further review.

    Note:
    Do not mouseclick combofix's window while it's running. That may cause it to stall

    Former Consumer Security MVP
    2011-2014

    If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

    Offline ...bill

    • Bronze Member
    • Posts: 11
    Re: [In Progress] PC slowed significantly in past month. Log attached
    « Reply #14 on: February 01, 2009, 05:38:05 PM »
    Hoov.  Again, thanks for the help.  Disabled the quicken and FAX services. There was no need to insert the OS disk.

    Attempted to download Combofix, but Avast! complained of a contained Trojan at all 3 download sites (WIN32:Oliga).   I opted on the side of caution and aborted. Is this a real Trojan?

    ...bill