Author Topic: [Resolved] PC slowed significantly in past month. Log attached  (Read 5683 times)

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27147
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] PC slowed significantly in past month. Log attached
« Reply #15 on: February 01, 2009, 06:16:21 PM »
It is a false positive. That is one reason when you get ready to do a scan with it you need to turn off your security software. It is safe, just as long as you follow the instructions. I have used it on my own machine.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline ...bill

  • Bronze Member
  • Posts: 11
Re: [In Progress] PC slowed significantly in past month. Log attached
« Reply #16 on: February 01, 2009, 11:04:00 PM »
ComboFix 09-02-01.01 - Bill 2009-02-01 20:52:51.1 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.511.196 [GMT -8:00]
Running from: c:\documents and settings\Bill\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1296 [VPS 090201-0] *On-access scanning disabled* (Updated)
 * Created a new restore point
.

(((((((((((((((((((((((((   Files Created from 2009-01-02 to 2009-02-02  )))))))))))))))))))))))))))))))
.

2009-01-29 20:38 . 2009-01-29 20:38   <DIR>   d--------   c:\documents and settings\Bill\Application Data\Malwarebytes
2009-01-29 20:38 . 2009-01-14 16:11   38,496   --a------   c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-29 20:38 . 2009-01-14 16:11   15,504   --a------   c:\windows\system32\drivers\mbam.sys
2009-01-29 20:37 . 2009-01-29 20:38   <DIR>   d--------   c:\program files\Malwarebytes' Anti-Malware
2009-01-29 20:37 . 2009-01-29 20:37   <DIR>   d--------   c:\documents and settings\All Users\Application Data\Malwarebytes
2009-01-28 20:34 . 2009-01-28 20:34   2,560   --a------   c:\windows\_MSRSTRT.EXE
2009-01-28 20:11 . 2003-11-03 16:15   475,136   --a------   c:\windows\Uninstaller.exe
2009-01-27 21:53 . 2009-01-27 21:53   <DIR>   d--------   c:\windows\system32\XPSViewer
2009-01-27 21:53 . 2009-01-27 21:53   <DIR>   d--------   c:\program files\MSBuild
2009-01-27 21:52 . 2009-01-27 21:52   <DIR>   d--------   c:\program files\Reference Assemblies
2009-01-27 21:51 . 2008-07-06 04:06   1,676,288   ---------   c:\windows\system32\xpssvcs.dll
2009-01-27 21:51 . 2008-07-06 04:06   1,676,288   -----c---   c:\windows\system32\dllcache\xpssvcs.dll
2009-01-27 21:51 . 2008-07-06 02:50   597,504   -----c---   c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-01-27 21:51 . 2008-07-06 04:06   575,488   ---------   c:\windows\system32\xpsshhdr.dll
2009-01-27 21:51 . 2008-07-06 04:06   575,488   -----c---   c:\windows\system32\dllcache\xpsshhdr.dll
2009-01-27 21:51 . 2008-07-06 04:06   117,760   ---------   c:\windows\system32\prntvpt.dll
2009-01-27 21:51 . 2008-07-06 04:06   89,088   -----c---   c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-01-27 17:53 . 2009-01-27 18:11   <DIR>   d--------   c:\program files\IObit
2009-01-27 17:53 . 2009-01-27 18:11   <DIR>   d--------   c:\documents and settings\Bill\Application Data\IObit
2009-01-27 06:34 . 2009-01-27 06:34   <DIR>   d--------   C:\spoolerlogs
2009-01-09 21:01 . 2006-05-16 11:55   89,360   --a------   c:\windows\system32\VB5DB.DLL
2009-01-09 21:00 . 2009-01-09 21:00   <DIR>   d--------   c:\program files\Vantage
2009-01-09 20:57 . 2009-01-09 20:57   <DIR>   d--------   c:\documents and settings\Bill\Application Data\InstallShield

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-30 04:52   ---------   d---a-w   c:\documents and settings\All Users\Application Data\TEMP
2009-01-29 04:40   ---------   d-----w   c:\program files\Canon
2009-01-29 04:33   ---------   d-----w   c:\program files\Bonjour
2009-01-29 04:30   ---------   d--h--w   c:\program files\InstallShield Installation Information
2009-01-29 04:19   ---------   d-----w   c:\documents and settings\Bill\Application Data\Azureus
2009-01-29 04:15   ---------   d-----w   c:\program files\Google
2009-01-29 04:02   ---------   d-----w   c:\program files\SpywareBlaster
2009-01-29 04:00   ---------   d-----w   c:\program files\AVS4YOU
2009-01-28 07:31   ---------   d-----w   c:\documents and settings\All Users\Application Data\FLEXnet
2008-12-29 12:44   ---------   d-----w   c:\program files\Carbonite
2008-12-29 12:44   ---------   d-----w   c:\documents and settings\All Users\Application Data\Carbonite
2008-12-13 14:05   ---------   d-----w   c:\documents and settings\Bill\Application Data\AVS4YOU
2008-12-13 14:05   ---------   d-----w   c:\documents and settings\All Users\Application Data\AVS4YOU
2008-12-13 14:03   ---------   d-----w   c:\program files\Common Files\AVSMedia
2008-12-11 10:57   333,952   ----a-w   c:\windows\system32\drivers\srv.sys
2008-12-09 07:09   ---------   d-----w   c:\program files\QuickTime
2008-12-09 06:23   410,984   ----a-w   c:\windows\system32\deploytk.dll
2008-12-09 06:23   ---------   d-----w   c:\program files\Java
2008-12-07 02:59   ---------   d-----w   c:\program files\Common Files\KnifeEdge
2008-12-07 02:56   ---------   d-----w   c:\program files\RealFlight
2008-12-05 04:59   ---------   d-----w   c:\program files\iTunes
2008-12-05 04:59   ---------   d-----w   c:\program files\iPod
2008-12-05 04:59   ---------   d-----w   c:\program files\Common Files\Apple
2008-12-05 04:59   ---------   d-----w   c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2006-11-10 21:33   27,720   ----a-w   c:\documents and settings\Karen\Application Data\GDIPFONTCACHEV1.DAT
2006-01-22 00:21   27,720   ----a-w   c:\documents and settings\Bill\Application Data\GDIPFONTCACHEV1.DAT
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green]
@="{95A27763-F62A-4114-9072-E81D87DE3B68}"
[HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}]
2008-08-18 09:51   527304   -ra------   c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial]
@="{E300CD91-100F-4E67-9AF3-1384A6124015}"
[HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}]
2008-08-18 09:51   527304   -ra------   c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow]
@="{5E529433-B50E-4bef-A63B-16A6B71B071A}"
[HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}]
2008-08-18 09:51   527304   -ra------   c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2009-01-09 2262352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2004-03-10 406016]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"Carbonite Backup"="c:\program files\Carbonite\Carbonite Backup\CarboniteUI.exe" [2008-08-18 600008]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
"nwiz"="nwiz.exe" [2003-07-28 c:\windows\system32\nwiz.exe]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]
Adobe Reader Speed Launch.lnk.disabled [2005-10-01 1767]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
Run Google Web Accelerator.lnk.disabled [2008-06-12 1094]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"= ctwdm32.dll
"VIDC.MJPG"= Pvmjpg21.dll
"VIDC.PIM1"= pclepim1.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="c:\program files\Messenger\MSMSGS.EXE" /background
"Norton SystemWorks"="c:\program files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"swg"=c:\program files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
"updateMgr"=c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
"BitTorrent DNA"="c:\program files\DNA\btdna.exe"
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"<NO NAME>"=
"Norton Ghost 9.0"=c:\program files\Symantec\Norton Ghost\Agent\GhostTray.exe
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe"
"HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe
"HPDJ Taskbar Utility"=c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe
"Symantec NetDriver Monitor"=k:\program files\SymNetDrv\SNDMon.exe /Consumer
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"Adobe Photo Downloader"="c:\program files\Adobe\Adobe Photoshop Lightroom 1.4\apdproxy.exe"
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
"NvCplDaemon"=RUNDLL32.EXE c:\windows\System32\NvCpl.dll,NvStartup
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Symantec\\Norton PartitionMagic 8.0\\DrvMap.exe"=
"c:\\Program Files\\Fungusware\\LojiklSweep\\LojiklSweep.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\AV-CLS\\WGET.EXE"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=

R0 hotcore;hotcore;c:\windows\system32\drivers\hotcore.sys [2007-03-15 18208]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-06-13 111184]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-06-13 20560]
S4 mrtRate;mrtRate;
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12   REG_MULTI_SZ      Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt   REG_MULTI_SZ      hpqcxs08
.
Contents of the 'Scheduled Tasks' folder

2008-12-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2008-06-20 c:\windows\Tasks\NewSweep_06202008121042-Default-242.job
- c:\program files\Fungusware\LojiklSweep\LojiklSweepRunner.EXE [2008-09-16 17:36]

2008-10-26 c:\windows\Tasks\NewSweep_10-26-2008-backup-810.job
- c:\program files\Fungusware\LojiklSweep\LojiklSweepRunner.EXE [2008-09-16 17:36]

2008-10-26 c:\windows\Tasks\NewSweep_10-26-2008-Default-165.job
- c:\program files\Fungusware\LojiklSweep\LojiklSweepRunner.EXE [2008-09-16 17:36]

2008-10-26 c:\windows\Tasks\NewSweep_10-26-2008-Default-302.job
- c:\program files\Fungusware\LojiklSweep\LojiklSweepRunner.EXE [2008-09-16 17:36]

2008-10-26 c:\windows\Tasks\NewSweep_10-26-2008-Default-959.job
- c:\program files\Fungusware\LojiklSweep\LojiklSweepRunner.EXE [2008-09-16 17:36]

2008-06-24 c:\windows\Tasks\Photos D drive-Default-905.job
- c:\program files\Fungusware\LojiklSweep\LojiklSweepRunner.EXE [2008-09-16 17:36]

2009-01-28 c:\windows\Tasks\SmartDefrag.job
- c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2009-01-14 13:15]

2009-01-28 c:\windows\Tasks\SmartDefrag.job
- c:\program files\IObit\IObit SmartDefrag\ [2009-01-27 18:11]

2009-01-18 c:\windows\Tasks\Standard backup-Default-830.job
- c:\program files\Fungusware\LojiklSweep\LojiklSweepRunner.EXE [2008-09-16 17:36]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mWindow Title =
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
FF - ProfilePath - c:\documents and settings\Bill\Application Data\Mozilla\Firefox\Profiles\x92h3ocg.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/news?q=&sourceid=navclient-ff&ie=UTF-8&rlz=1B3GGGL_enUS279US280
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-01 20:54:36
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,da,b7,86,25,bc,
   72,80,ed,e2,63,26,f1,3f,c8,ff,68,6e,34,1d,cd,73,cb,73,e2,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:46,47,15,b0,92,4b,c7,ef,b1,9a,42,4e,a6,
   b9,39,b9,6a,9c,d6,61,af,45,84,18,c1,c5,bf,89,0c,97,c6,1b,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,19,32,28,13,00,
   03,c6,8d,ff,7c,85,e0,43,d4,0e,fe,db,ff,77,fa,2a,cf,62,da,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0,57,5a,93,61,be,36,03,88,03,
   b9,a9,9d,86,8c,21,01,be,91,eb,e7,6f,b3,d5,e0,f0,9a,ba,f0,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:f5,1d,4d,73,a8,13,5c,05,f1,61,5c,b9,66,
   c2,cc,17,f5,1d,4d,73,a8,13,5c,05,43,e1,0c,98,c8,a4,21,92,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:b0,18,ed,a7,3f,8d,37,a4,df,8d,bc,58,c9,
   07,a0,1f,df,20,58,62,78,6b,cf,c8,61,ea,25,9f,2c,c6,b3,5b,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,fe,97,a6,de,2d,
   c4,ff,2b,fb,a7,78,e6,12,2f,9a,ea,d3,d9,04,f0,db,bf,89,ee,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:83,6c,56,8b,a0,85,96,ab,c8,8e,40,11,04,
   cb,a2,bf,01,3a,48,fc,e8,04,4a,f1,cf,20,bd,bf,64,20,0a,21,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,39,cb,78,28,3e,
   9e,dd,de,f6,0f,4e,58,98,5b,89,c9,37,83,e3,0e,b9,55,90,ea,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:37,a4,aa,c3,a6,15,56,0a,bb,90,09,d9,e6,
   0a,5f,4d,3d,ce,ea,26,2d,45,aa,78,cd,3d,e1,00,35,6d,d3,08,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,2d,e5,65,e6,6c,
   28,7e,45,2a,b7,cc,b5,b9,7f,41,e7,57,14,23,c2,26,6f,7e,02,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f,d4,3b,6b,70,41,9f,48,68,01,
   99,41,cf,6c,43,2d,1e,aa,22,2f,9c,2a,86,f7,df,d5,ee,27,14,6c,43,2d,1e,aa,22,\
.
Completion time: 2009-02-01 20:56:27
ComboFix-quarantined-files.txt  2009-02-02 04:56:24

Pre-Run: 16,420,855,808 bytes free
Post-Run: 16,433,041,408 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

256   --- E O F ---   2009-01-14 06:02:56

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27147
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] PC slowed significantly in past month. Log attached
« Reply #17 on: February 02, 2009, 12:21:11 AM »
Did anything happen just right before the computer started running slow?

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline ...bill

  • Bronze Member
  • Posts: 11
Re: [In Progress] PC slowed significantly in past month. Log attached
« Reply #18 on: February 02, 2009, 12:34:22 AM »
It wasn't any one thing. It was a combination of installing MS updates, installing an on-line backup service, my ever growing photo database...   Your directions lead me to believe I don't have any malware, so the obvious conclusion is I need a faster system.  Why fries me is I did a painful OS reload about 6 months ago and performance was quite adequate. It progressively got worse to the current state. I can accept this is what I've got. Nice to know I'm not contaminated.

Thanks,
...bill

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27147
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] PC slowed significantly in past month. Log attached
« Reply #19 on: February 02, 2009, 10:20:17 AM »
Sorry it couldn't be the bad news of the kind that is fixable. You can try buying more memory for your system, max out what it can handle with the fastest memory it can handle. Also buying a new faster harddrive will also give you some improvement. With my first computer I had much the same problems you do, and the memory upgrade, at least for me, improved my performance by a big amount. But then there is also a time to cut your loses and just upgrade to a new system. There are some decent preconfigured box systems available, as long Asa you are not using very intensive apps.

Are you satisfied that this is just an old hardware issue? If you are then I am going to close this out.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

Offline ...bill

  • Bronze Member
  • Posts: 11
Re: [In Progress] PC slowed significantly in past month. Log attached
« Reply #20 on: February 02, 2009, 11:47:21 AM »
Hoov. I'm OK with closing this thread. Here's what I learned from all of this:
1. I've been diligent using Spybot, AdAware, Avast!, and a hardware (router) firewall.  These things have kept bad things off my machine (even though I was doubting it).
2. Using the methods in this thread, we did find some apps stealing resources (although not really malware)
3. Even if you're malware free, there's a lot that can be done to get the most performance from your system.
4. Looking at page faults and virtual memory requirements for my heavy apps, it's now obvious I don't have enough memory. It's not cost effective to upgrade the current machine so it's time to rejuvenate the economy (and pay the 2 weeks of evenings reinstalling everything).

Hoov. Thanks so much for your devotion and help.  This is a great service and is appreciated.

Any advice about setting up a new PC to stay malware free, or to optimize performance is welcome.

Keep up the good work,
...bill

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27147
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: [In Progress] PC slowed significantly in past month. Log attached
« Reply #21 on: February 02, 2009, 02:34:08 PM »
You are welcome, and about the 2 weeks of evenings reinstalling, don't be surprised if it goes much better than that. The last time I did mine it only took about 4 hours to get it setup and running.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!