[Resolved] IE load time extremely slow

  • 9 Replies
  • 2554 Views
*

Offline dcm9787

  • Bronze Member
  • 4
[Resolved] IE load time extremely slow
« on: March 27, 2011, 08:26:48 AM »
Hello, and thanks for taking the time to look at my problem!

Basically, a couple weeks ago it started taking like 30 seconds to open a Internet Explorer window.  Well, it would open up, and then say "connecting..." with nothing but a white screen for 30 seconds or so.  And after it loaded up (google.com homepage) everything seemed to run normally.  I checked IE add-ons trying to find a cause for this slow load, and disabled a couple add-ons from "torangcommunications" called "TorangB Class" and "Keyword Search".  After disabling these addons, everything seems fine, but I went ahead and did a Hijack This scan to see if there was any residual Malware/Adware present.  I put in bold a few hits that worry me, and as you can see from my log file, I've made the switch to Google Chrome  :t

Here are the scan results:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:16:58 AM, on 3/27/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\Creative\Volume Panel\VolPanlu.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\Program Files\PerfectDisk10\PDAgent.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe
C:\Program Files\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe
D:\Acronis Disk Director\OSS\reinstall_svc.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\David\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\David\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\David\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\David\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\David\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\David\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\David\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
D:\Hijack This\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe" //mailurl:mailto:info@ps3hd.net
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.5.0.125\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.5.0.125\IPS\IPSBHO.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.5.0.125\coIEPlg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\David\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01025D1C-BB03-4369-8344-732CD0DCCCF0} (NVIDIA GPU Reader Class) - http://www.geforce.com/services_toolkit/ShimGen/1.1.28.1/GPU_Reader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1261434856046
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1261524537937
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Acronis OS Selector activator (OS Selector) - Unknown owner - D:\Acronis Disk Director\OSS\reinstall_svc.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\PerfectDisk10\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\PerfectDisk10\PDEngine.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TVersityMediaServer - Unknown owner - D:\TVersity\Media Server\MediaServer.exe

--
End of file - 8140 bytes
« Last Edit: March 27, 2011, 08:44:01 AM by Hoov »

*

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • 27194
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
Re: IE load time extremely slow
« Reply #1 on: March 27, 2011, 08:43:47 AM »
Faith_Michele will be your helper. Please have patience until she makes her first post.

Former Consumer Security MVP
2011-2014

If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

*

Offline faith_michele

  • Anti - Phishing Staff
  • Gold Member
  • 1947
    • A Beacon of Light
Re: [In Progress] IE load time extremely slow
« Reply #2 on: March 27, 2011, 11:34:48 AM »
Greetings dcm9787, Welcome to SpywareHammer!

I am faith_michele, but you can call me Faith.  I will be helping you today.

  • Please do not run any anti-malware, anti-virus or so-called "registry cleaners" unless I specifically tell you to do so.  Running the wrong thing at the wrong time can seriously damage your system.
  • Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However, it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. We might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.
  • Backup any personal files and folders before you start.
  • Copy and print out any instructions using Notepad so they will be readily available to you.
  • Once we start a fix, make sure to work through all the Steps in the exact order in which they are listed. It is important to complete the fix all the way through (even if your computer is running better).
  • Please let me know of any steps that you are unable to complete before moving on to the next one.  If there is anything that you don't understand, please ask your question(s) before doing anything further.
  • Any topics in any other forum (this also applies to friends, family, or anyone in the computer field that you may know) must cease once we start a fix.  It is impossible to keep up with other changes made or suggested relating to this issue.
  • If you have any P2P applications installed such as BitTorrent, uTorrent, Limewire etc etc, please uninstall them before we begin.
  • If you are using Cracked or Illegal software your thread will be locked and all help will cease.

I am currently in training for Malware Removal at SpywareHammer Academy.  This means that I am under the supervision of a Mentor and all of my replies must be reviewed prior to posting.
---
Please proceed as follows:

First

Please download TFC.exe - Temp File Cleaner by OldTimer:

Alternate link: www.itxassociates.com/OT-Tools/TFC.exe
  • Save it to your Desktop.
  • Close any open windows, save your work.
  • Double click the TFC icon to run the program. (Note: If you are running on Vista or Windows 7, right-click on the file and choose Run As Administrator).
  • TFC will close all open programs itself in order to run,
  • Click the Start button to begin the process,
  • Allow TFC to run uninterrupted,
  • The program should not take long to finish its job.
  • Once it's finished, click OK to reboot.
---

Second

Please download Malwarebytes Anti-Malware and save it to your desktop.

alternate download link 1
alternate download link 2

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
    • Then click Finish.
    MBAM will automatically start and you will be asked to update the program before performing a scan.
    • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
    • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
    On the Scanner tab:
    • Make sure the "Perform Quick Scan" option is selected.
    • Then click on the Scan button.
    • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
    • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
    • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
    • Click OK to close the message box and continue with the removal process.
    Back at the main Scanner screen:
    • Click on the Show Results button to see a list of any malware that was found.
    • Make sure that everything is checked, and click Remove Selected.
    • When removal is completed, a log report will open in Notepad.
    • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
    • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
    • Exit MBAM when done.
    Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

    Errors updating MBAM
    ---

    Third

    Please perform the following scan:
    • Download DDS by sUBs from DDS.com.  Save it to your desktop.
    • Double click on the DDS icon, allow it to run.
    • A small box will open, with an explanation about the tool.   
    • When done, DDS will open two (2) logs

             1. DDS.txt
             2. Attach.txt
    • Save both reports to your desktop.
    • The instructions here ask you to attach the Attach.txt.

     
    • Instead of attaching, please copy/paste both logs into your next reply.

      These will be long logs, so please use multiple post if need be.

    • Close the program window, and delete the program from your desktop.
    Please note:  You may have to disable any script protection running if the scan fails to run.
    After downloading the tool, disconnect from the internet and disable all antivirus protection.
    Run the scan, enable your A/V and reconnect to the internet. 
    Information on A/V control HERE
    ----

    Fourth

    Download my Security Check:
    http://screen317.spywareinfoforum.org/SecurityCheck.exe
    • Save it to your Desktop.
    • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
    ---

    Review What to include in your response.

    1. Let me know if you experienced any errors with the instructions and tell me exactly what problems you are still experiencing. 
    2. The MBAM log.     
    3. The DDS.txt & Attach.txt logs (may take several posts). 
    4. The checkup.txt results.
     

    Thank you,

    Faith
    Microsoft Consumer Security MVP, July 2007-June 2010

    "Fight your fights, find the grace in all the things that you can't change and help somebody, if you can." Van Zant

    A Beacon of Light

    *

    Offline dcm9787

    • Bronze Member
    • 4
    Re: [In Progress] IE load time extremely slow
    « Reply #3 on: March 27, 2011, 02:29:54 PM »
    Hi Faith,

    Everything went smoothly, and I am not having any issues currently.  Looks like the Malwarebytes detected and deleted the "Torang" BHO's!  :t   Do you see anything else that looks suspicious?  Adobe Reader says its out of date - but when I try to update, no update is found...

    Here are the logs for the requested actions:

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Database version: 6186

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    3/27/2011 3:39:59 PM
    mbam-log-2011-03-27 (15-39-59).txt

    Scan type: Quick scan
    Objects scanned: 140613
    Time elapsed: 1 minute(s), 6 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 6
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{31A0D938-3055-46BA-8919-59E44E0D7E51} (Adware.Torang) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{31A0D938-3055-46BA-8919-59E44E0D7E51} (Adware.Torang) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{DAF94377-BC9F-450B-8AA0-D7B121F9F513} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DAF94377-BC9F-450B-8AA0-D7B121F9F513} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{E5C7860B-FC70-4634-ACAB-C70DF2F5292A} (Adware.Torang) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E5C7860B-FC70-4634-ACAB-C70DF2F5292A} (Adware.Torang) -> Quarantined and deleted successfully.

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)




    .
    DDS (Ver_11-03-05.01) - NTFSx86 
    Run by David at 15:41:44.73 on Sun 03/27/2011
    Internet Explorer: 8.0.6001.18702
    Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.2047.1595 [GMT -4:00]
    .
    AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
    FW: Norton Internet Security *Enabled*
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Creative\Shared Files\CTAudSvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\CTXFIHLP.EXE
    C:\Program Files\Creative\Volume Panel\VolPanlu.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
    svchost.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe
    C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    C:\Program Files\PerfectDisk10\PDAgent.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\PnkBstrB.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe
    D:\Acronis Disk Director\OSS\reinstall_svc.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\Documents and Settings\David\Desktop\dds.com
    .
    ============== Pseudo HJT Report ===============
    .
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\18.5.0.125\coIEPlg.dll
    BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\18.5.0.125\ips\IPSBHO.DLL
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\18.5.0.125\coIEPlg.dll
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [Google Update] "c:\documents and settings\david\local settings\application data\google\update\GoogleUpdate.exe" /c
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [CTxfiHlp] CTXFIHLP.EXE
    mRun: [VolPanel] "c:\program files\creative\volume panel\VolPanlu.exe" /r
    mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    mRun: [amd_dc_opt] c:\program files\amd\dual-core optimizer\amd_dc_opt.exe
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
    DPF: {01025D1C-BB03-4369-8344-732CD0DCCCF0} - hxxp://www.geforce.com/services_toolkit/ShimGen/1.1.28.1/GPU_Reader.cab
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1261434856046
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1261524537937
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\docume~1\david\applic~1\mozilla\firefox\profiles\dypi5k9x.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
    FF - prefs.js: network.proxy.type - 0
    FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\coffplgn\components\coFFPlgn.dll
    FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\ipsffplgn\components\IPSFFPl.dll
    FF - plugin: d:\itunes\mozilla plugins\npitunes.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Norton IPS: {BBDA0591-3099-440a-AA10-41764D9DB4DB} - c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\IPSFFPlgn
    FF - Ext: Norton Toolbar: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\coFFPlgn
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1205000.07d\symds.sys [2010-12-9 340016]
    R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1205000.07d\symefa.sys [2010-12-9 652336]
    R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\bashdefs\20110309.001\BHDrvx86.sys [2011-3-10 800376]
    R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1205000.07d\ironx86.sys [2010-12-9 136312]
    R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2009-12-21 10384]
    R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\18.5.0.125\ccsvchst.exe [2010-12-9 130000]
    R2 OS Selector;Acronis OS Selector activator;d:\acronis disk director\oss\reinstall_svc.exe [2010-5-25 2139400]
    R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [2009-6-4 171032]
    R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [2009-6-4 1324056]
    R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [2009-6-4 72728]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-5-28 102448]
    R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\ipsdefs\20110325.001\IDSXpx86.sys [2011-3-25 341944]
    R3 nvoclock;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\drivers\nvoclock.sys [2009-9-15 38248]
    S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2009-12-21 79360]
    S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [2009-6-4 171032]
    S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [2009-6-4 1324056]
    S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [2009-6-4 72728]
    S3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\virusdefs\20110327.001\NAVENG.SYS [2011-3-27 86008]
    S3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\definitions\virusdefs\20110327.001\NAVEX15.SYS [2011-3-27 1360760]
    S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2011-2-17 11520]
    .
    =============== Created Last 30 ================
    .
    2011-03-27 19:36:01   --------   d-----w-   c:\docume~1\david\applic~1\Malwarebytes
    2011-03-27 19:35:55   38224   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
    2011-03-27 19:35:55   --------   d-----w-   c:\docume~1\alluse~1\applic~1\Malwarebytes
    2011-03-27 19:35:52   20952   ----a-w-   c:\windows\system32\drivers\mbam.sys
    2011-03-27 19:35:52   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
    2011-03-27 01:42:35   --------   d-----w-   c:\docume~1\david\locals~1\applic~1\Temp
    2011-03-27 01:42:31   --------   d-----w-   c:\docume~1\david\locals~1\applic~1\Google
    2011-03-27 01:39:38   --------   d-----w-   c:\program files\Chrome
    2011-03-12 16:28:40   103864   ----a-w-   c:\program files\internet explorer\plugins\nppdf32.dll
    2011-03-08 23:28:40   83249512   ----a-w-   c:\program files\common files\windows live\.cache\wlc24FB.tmp
    .
    ==================== Find3M  ====================
    .
    2011-02-09 13:53:52   270848   ----a-w-   c:\windows\system32\sbe.dll
    2011-02-09 13:53:52   186880   ----a-w-   c:\windows\system32\encdec.dll
    2011-02-02 07:58:35   2067456   ----a-w-   c:\windows\system32\mstscax.dll
    2011-01-27 11:57:06   677888   ----a-w-   c:\windows\system32\mstsc.exe
    2011-01-21 14:44:37   439296   ----a-w-   c:\windows\system32\shimgvw.dll
    2011-01-07 14:09:02   290048   ----a-w-   c:\windows\system32\atmfd.dll
    2010-12-31 13:10:33   1854976   ----a-w-   c:\windows\system32\win32k.sys
    .
    ============= FINISH: 15:41:58.28 ===============





    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_11-03-05.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 12/20/2009 9:21:20 PM
    System Uptime: 3/27/2011 3:31:17 PM (0 hours ago)
    .
    Motherboard: ASUSTeK Computer INC. |  | A8N32-SLI-Deluxe
    Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4800+ | SOCKET 939 | 2410/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 14 GiB total, 5.891 GiB free.
    D: is FIXED (NTFS) - 265 GiB total, 223.516 GiB free.
    E: is FIXED (NTFS) - 347 GiB total, 204.475 GiB free.
    F: is FIXED (NTFS) - 347 GiB total, 92.633 GiB free.
    P: is FIXED (FAT32) - 4 GiB total, 2.299 GiB free.
    X: is CDROM ()
    Z: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID:
    Description: Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller
    Device ID:
    Manufacturer: Marvell
    Name: Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller
    PNP Device ID:
    Service: yukonwxp
    .
    Class GUID:
    Description:
    Device ID: ACPI\ATK0110\1010110
    Manufacturer:
    Name:
    PNP Device ID: ACPI\ATK0110\1010110
    Service:
    .
    ==== System Restore Points ===================
    .
    RP420: 2/25/2011 3:37:21 AM - System Checkpoint
    RP421: 2/26/2011 3:58:19 AM - System Checkpoint
    RP422: 2/27/2011 4:58:19 AM - System Checkpoint
    RP423: 2/28/2011 4:58:36 AM - System Checkpoint
    RP424: 3/1/2011 5:58:59 AM - System Checkpoint
    RP425: 3/2/2011 6:35:19 AM - System Checkpoint
    RP426: 3/3/2011 7:23:00 AM - System Checkpoint
    RP427: 3/4/2011 8:08:54 AM - System Checkpoint
    RP428: 3/5/2011 8:25:28 AM - System Checkpoint
    RP429: 3/6/2011 8:49:39 AM - System Checkpoint
    RP430: 3/7/2011 9:07:06 AM - System Checkpoint
    RP431: 3/8/2011 10:07:29 AM - System Checkpoint
    RP432: 3/9/2011 11:07:30 AM - System Checkpoint
    RP433: 3/9/2011 10:16:01 PM - Software Distribution Service 3.0
    RP434: 3/10/2011 10:26:51 PM - System Checkpoint
    RP435: 3/12/2011 8:39:47 AM - System Checkpoint
    RP436: 3/13/2011 9:41:11 AM - System Checkpoint
    RP437: 3/14/2011 6:49:01 PM - System Checkpoint
    RP438: 3/15/2011 7:32:18 PM - System Checkpoint
    RP439: 3/16/2011 8:31:56 PM - System Checkpoint
    RP440: 3/17/2011 9:34:56 PM - System Checkpoint
    RP441: 3/17/2011 11:03:10 PM - Software Distribution Service 3.0
    RP442: 3/18/2011 11:54:24 PM - System Checkpoint
    RP443: 3/20/2011 12:53:19 AM - System Checkpoint
    RP444: 3/21/2011 5:08:22 PM - System Checkpoint
    RP445: 3/22/2011 7:04:19 PM - System Checkpoint
    RP446: 3/23/2011 7:12:00 PM - System Checkpoint
    RP447: 3/24/2011 7:52:04 PM - System Checkpoint
    RP448: 3/25/2011 8:24:04 PM - System Checkpoint
    RP449: 3/25/2011 10:04:02 PM - Software Distribution Service 3.0
    RP450: 3/27/2011 12:52:27 PM - System Checkpoint
    .
    ==== Installed Programs ======================
    .
    2570
    2570_Help
    2570Trb
    Acronis Disk Director Home
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.4.3
    Adobe® Flash® Player 10 ActiveX
    AiO_Scan_CDA
    AiOSoftwareNPI
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Audacity 1.3.10 (Unicode)
    Bonjour
    BufferChm
    Call of Duty: Black Ops
    Call of Duty: Black Ops - Multiplayer
    Call of Duty: Modern Warfare 2
    Call of Duty: Modern Warfare 2 - Multiplayer
    CCleaner
    CDDRV_Installer
    Creative Audio Control Panel
    Creative Console Launcher
    Creative Software AutoUpdate
    dBpoweramp [Calculate Audio CRC] Codec
    dBpoweramp Dalet Codec
    dBpoweramp DSP Effects
    dBpoweramp FLAC Codec
    dBpoweramp Monkeys Audio Codec
    dBpoweramp Mp2 and BwfMp2 codec
    dBpoweramp mp3 (Fraunhofer IIS) Codec
    dBpoweramp Music Converter
    dBpoweramp Ogg Vorbis Codec
    dBpoweramp Real Audio (Helix) Encoder
    dBPoweramp tooLame MP2 codec
    dBpoweramp Wave64 Codec
    dBpoweramp WavPack Codec
    Destinations
    DeviceManagementQFolder
    Dual-Core Optimizer
    erLT
    eSupportQFolder
    EVGA Precision 1.8.1
    Fax_CDA
    ffdshow [rev 3154] [2009-12-09]
    Fraps (remove only)
    Google Chrome
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    HP Imaging Device Functions 7.0
    HP Photosmart, Officejet and Deskjet 7.0.A
    HP Solution Center 7.0
    HPPhotoSmartExpress
    HPProductAssistant
    InFlac 1.1.1
    InstantShareDevicesMFC
    iTunes
    KhalInstallWrapper
    Logitech SetPoint
    Malwarebytes' Anti-Malware
    Marvell Miniport Driver
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
    Microsoft Office Standard Edition 2003
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    mIRC
    mkv2vob
    MKVtoolnix 4.4.0
    Mozilla Firefox (3.6.13)
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    NewCopy_CDA
    Norton Internet Security
    NVIDIA Display Control Panel
    NVIDIA Drivers
    NVIDIA nView Desktop Manager
    NVIDIA Performance
    NVIDIA PhysX
    NVIDIA System Monitor
    OGA Notifier 2.0.0048.0
    OpenAL
    PanoStandAlone
    PerfectDisk 10 Professional
    PowerISO
    Prince of Persia
    ProductContextNPI
    PunkBuster Services
    QuickTime
    Readme
    Scan
    ScannerCopy
    Security Update for Windows Internet Explorer 8 (KB2183461)
    Security Update for Windows Internet Explorer 8 (KB2360131)
    Security Update for Windows Internet Explorer 8 (KB2416400)
    Security Update for Windows Internet Explorer 8 (KB2482017)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB976325)
    Security Update for Windows Internet Explorer 8 (KB978207)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479628)
    Security Update for Windows XP (KB2479943)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485376)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923789)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371-v2)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    Segoe UI
    SES Driver
    SolutionCenter
    Status
    Steam
    TeamSpeak 3 Client
    The KMPlayer (remove only)
    Tom Clancy's Rainbow Six Vegas 2
    Toolbox
    TrayApp
    TVersity Codec Pack 1.4
    TVersity Media Server 1.9.3
    Unload
    Unreal Anthology
    Unreal Tournament
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Internet Explorer 8 (KB980182)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB961503)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Ventrilo Client
    VirtualCloneDrive
    Volume Panel
    WebFldrs XP
    WebReg
    Winamp
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Internet Explorer 8
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Messenger
    Windows Live Sign-in Assistant
    Windows Live Upload Tool
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows XP Service Pack 3
    WinRAR archiver
    .
    ==== Event Viewer Messages From Past Week ========
    .
    3/27/2011 3:30:15 PM, error: Service Control Manager [7034]  - The PnkBstrB service terminated unexpectedly.  It has done this 1 time(s).
    3/27/2011 3:30:15 PM, error: Service Control Manager [7034]  - The PnkBstrA service terminated unexpectedly.  It has done this 1 time(s).
    3/27/2011 3:30:15 PM, error: Service Control Manager [7034]  - The Pml Driver HPZ12 service terminated unexpectedly.  It has done this 1 time(s).
    3/27/2011 3:30:15 PM, error: Service Control Manager [7034]  - The Performance Service service terminated unexpectedly.  It has done this 1 time(s).
    3/27/2011 3:30:15 PM, error: Service Control Manager [7034]  - The PDAgent service terminated unexpectedly.  It has done this 1 time(s).
    3/27/2011 3:30:15 PM, error: Service Control Manager [7034]  - The NVIDIA Display Driver Service service terminated unexpectedly.  It has done this 1 time(s).
    3/27/2011 3:30:15 PM, error: Service Control Manager [7034]  - The Creative Audio Service service terminated unexpectedly.  It has done this 1 time(s).
    3/27/2011 3:30:15 PM, error: Service Control Manager [7034]  - The Bonjour Service service terminated unexpectedly.  It has done this 1 time(s).
    3/27/2011 3:30:15 PM, error: Service Control Manager [7034]  - The Acronis OS Selector activator service terminated unexpectedly.  It has done this 1 time(s).
    3/27/2011 3:30:15 PM, error: Service Control Manager [7031]  - The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
    3/24/2011 6:20:13 AM, error: Dhcp [1002]  - The IP address lease [removed] for the Network Card with network address [removed] has been denied by the DHCP server [removed] (The DHCP Server sent a DHCPNACK message).
    .
    ==== End Of File ===========================



     Results of screen317's Security Check version 0.99.10 
     Windows XP Service Pack 3 
     Internet Explorer 8 
    ``````````````````````````````
    Antivirus/Firewall Check:

     Windows Firewall Disabled! 
     Norton Internet Security   
     Antivirus up to date! 
    ```````````````````````````````
    Anti-malware/Other Utilities Check:

     Malwarebytes' Anti-Malware   
     CCleaner     
     Adobe Flash Player    10.1.102.64 
    Adobe Reader 9.4.3
    Out of date Adobe Reader installed!
     Mozilla Firefox (3.6.13) Firefox Out of Date! 
    ````````````````````````````````
    Process Check: 
    objlist.exe by Laurent

     Norton ccSvcHst.exe
    ``````````End of Log````````````

    *

    Offline faith_michele

    • Anti - Phishing Staff
    • Gold Member
    • 1947
      • A Beacon of Light
    Re: [In Progress] IE load time extremely slow
    « Reply #4 on: March 29, 2011, 09:23:38 AM »
    Hi dcm9787,

    That is good news that you are not still experiencing symptoms.  We will perform a couple more scans just to be sure.  We will look at updating Adobe after I review your new logs.

    Please proceed as follows:

    First

    I'd like us to scan your machine with ESET OnlineScan
    • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
    • Click the button.
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.
    • Check
    • Click the button.
    • Accept any security warnings from your browser.
    • Check
    • Push the Start button.
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, push
    • Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • Push the button.
    • Push

      ---
      Note for Vista Users: Eset is compatible but Internet Explorer must be run as Administrator. To do this, right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select "Run as Administrator" from the context menu.)

      **Note**
      To optimize scanning time and produce a more sensible report for review:
         
    • Close any open programs
    • Turn off the real time scanner of any existing antivirus program while performing the online scan.
    -----
    Second

    Run a OTL scan again.
    • Double click on the icon to run it.(Note: If you are running on Vista or Windows 7, right-click on the file and choose Run As Administrator). Make sure all other windows are closed and to let it run uninterrupted.
    • Under the Custom Scan box paste this in:

    netsvcs
    %SYSTEMDRIVE%\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\drivers\*.sys /180
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

    • Please put a check mark in the boxes next to LOP Check and Purity Check
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan is complete, two text files will be created on your Desktop.
    • OTL.Txt <- this one will be opened
    • Extras.txt <- this one will be minimized
    .

    Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of OTL.Txt and the Extras.txt in your next reply.

    These will be long logs, so please use multiple posts if needed.

    Review What to include in your response.

    1. Let me know if you experienced any errors with the instructions and tell me exactly what problems you are still experiencing. 
    2. The ESET log. 
    3. The OTL.txt & Extras.txt logs.   

    Thank you,

    Faith
    Microsoft Consumer Security MVP, July 2007-June 2010

    "Fight your fights, find the grace in all the things that you can't change and help somebody, if you can." Van Zant

    A Beacon of Light

    *

    Offline faith_michele

    • Anti - Phishing Staff
    • Gold Member
    • 1947
      • A Beacon of Light
    Re: [In Progress] IE load time extremely slow
    « Reply #5 on: April 02, 2011, 09:46:36 AM »
    Hi dcm9787,

    Do you still require any assistance or have questions about the instructions?

    Thank You,

    Faith
    Microsoft Consumer Security MVP, July 2007-June 2010

    "Fight your fights, find the grace in all the things that you can't change and help somebody, if you can." Van Zant

    A Beacon of Light

    *

    Offline dcm9787

    • Bronze Member
    • 4
    Re: [In Progress] IE load time extremely slow
    « Reply #6 on: April 06, 2011, 06:27:22 PM »
    Hi Faith,

    I do have a couple of questions.  When running the ESET scan, should I uncheck "remove found threats" and any of the additional boxes that are checked in the Advanced Options?  Also, what is the OTL scan?

    Thanks for all you help! Sorry I didn't get back to you sooner.


    Regards,
    David

    *

    Offline Hoov

    • Malware Removal Mentors
    • Administrator
    • Diamond Member
    • 27194
    • Unwilling part owner of Gov't. Motors and Chrysler
      • Hoov's Personal Site
    Re: [In Progress] IE load time extremely slow
    « Reply #7 on: April 06, 2011, 06:44:03 PM »
    Howdy David, I am Hoov and I will be taking over for Faith.

    On the ESET scan, leave all the boxes checked except for the ones called out in Faith's instructions above. As for OTL, skip that for now. Lets see how the ESET scan goes.

    How has your computer been running?

    Former Consumer Security MVP
    2011-2014

    If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

    *

    Offline dcm9787

    • Bronze Member
    • 4
    Re: [In Progress] IE load time extremely slow
    « Reply #8 on: April 07, 2011, 04:23:54 AM »
    Hi Hoov,

    The ESET scan found no threats.  And my computer seems to be running fine, thanks to Spywarehammers previous advice!

    Am I cured?

    *

    Offline Hoov

    • Malware Removal Mentors
    • Administrator
    • Diamond Member
    • 27194
    • Unwilling part owner of Gov't. Motors and Chrysler
      • Hoov's Personal Site
    Re: [In Progress] IE load time extremely slow
    « Reply #9 on: April 07, 2011, 07:06:38 AM »
    You have been running for 11 days with no problems. I would say you are clean. But we are not done yet. There is some cleanup to do.

    Run OTC
    Download OTC to your desktop and run it
    Click Yes to beginning the Cleanup process and remove these components, including this application.
    You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

    Cleaning out Temporary Files etc. There are several different products that you can use for this. You can go thru the Internet Options in the windows Control Panel. There are several programs that also do the job better than windows does it, in my opinion. There is System Security Suite, EasyCleaner, Ccleaner. Also sometimes other program sometimes do it as well as what you originally got it for like ZoneAlarm Security Suite. Just make sure to keep them updated and use them regularly.

    Disable and Enable System Restore.
    I recommend you turn off System restore, and then turn it back on so that you will not be able to restore your problems to a clean computer.
    For Vista use these instructions, Windows Vista Restore Guide
    For XP use these instructions, Windows XP System Restore Guide
    Reboot
    Re-enable system restore with instructions from tutorial above
    Create a System Restore Point
    Go to all programs, then to accessories, then to system tools, then to system restore. Check the box for create restore point (not select a restore point), then click next and follow the instructions.

    Make your Internet Explorer more secure - This can be done by following these simple instructions: (unless you are using ZoneAlarm Security Suite or something similar, then you would secure the browser thru the firewall). There are some good basic instructions for that here.

    Use a different browser other than  IE (most exploits are pointed towards IE). One of them is
    Firefox.
    It is also worth trying Thunderbird for controlling spam in your e-mail.

    Always use an UPDATED anti-virus program Make sure you update this at least weekly, if not more often. This is one thing that may save you more than anything else.

    Run malware scanners. Three free ones are Spybot Search and Destroy, and AdAware and Malwarebytes' Anti-Malware

    Always use a firewall.
    Any firewall is better than none, and you should pick a firewall that you will use, as even the best firewall is worthless if you turn it off.
     
    Learn how to use your firewall Only programs that need it should have access to the net. But these are specific to the firewall you use, so you will need to learn how. Several firewalls have support forums here. My page will help you with ZoneAlarm if that is what you choose. 


    Never run two Antivirus programs or two Firewalls  at the same time. They can interfere with each other and cause problems. Some people swear that more protection is provided, but the reverse is true. They tend to argue amongst themselves and end up leaving holes. Now I have more than 1 AV installed on my computer, and I keep them up to date. I only run one at a time, but each program has weakness's, so I keep a backup in case my computer starts acting up.


     MOST IMPORTANT : Windows and IE, and whatever other software that you have that connects to the net, needs to be kept updated. The reason is, these programs connect to the net, and if there is an internal security problem, you have already told your firewall to allow the communication, and thus you will have allowed a hole. UPDATES are important. I suggest that you make sure that Windows Updates and the updates for your antivirus and antimalware programs are set for automatic updates. I also suggest running Secunia PSI. It will monitor the software you have installed and let you know when something needs to be updated.

    Don't ever use P2P or filesharing software Even the safest P2P file sharing programs that do not contain bundled spyware, still expose you to risks because of the very nature of the P2P file sharing process. By default, most P2P file sharing programs are configured to automatically launch at startup. They are also configured to allow other P2P users on the same network open access to a shared directory on your computer. The reason for this is simple. File sharing relies on its members giving and gaining unfettered access to computers across the P2P network. However, this practice can make you vulnerable to data and identity theft. Even if you change those risky default settings to a safer configuration, the act of downloading files from an anonymous source greatly increases your exposure to infection. That is because the files you are downloading may actually contain a disguised threat. Many very malicious worms and trojans, such as the Storm Worm, target and spread across P2P files sharing networks because of their known vulnerabilities.

    Before using any malware detection / removal software Check with Rogue/Suspect Spyware List and Rogue Applications List That way you will know if the program you are looking at is on the up and up. If you want to know how it stacks up against other programs check out SpywareWarrior

    We have a good guide here at Spyware Hammer on how to prevent Malware in the Future. You might want to peruse this and follow the recommendations in there.
    PLEASE READ IT AND FOLLOW THE RECOMMENDATIONS TO PROTECT YOURSELF.

    Let us know if you have any more problems, either new or old.
    Have a good time surfing the net, but stay safe.
    If you have no more problems, let me know and I will mark this as resolved. Or if you have more questions, ask away, that is why I am here.

    Former Consumer Security MVP
    2011-2014

    If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!