Problem!!!!!!!

[yuki953]

Ok, something new that ive never seen befor...

My computer runs fine.. Its good, fast (for its specs) and is perfect for me..

Problem: Whenever i try to open something, like a game or internet, even minesweeper on the days that im bored... it takes like 4 minutes to pop up... when its finaly up it runs fine though... so its not a hard ware problem...

its never done this befor... and it just started... whats rong?

Windows vista basic sp1

 

[zer0_c00l]

how much ram you have?

 

[yuki953]

2gb... its not hardware

 

[bomberboysk]

Ok, something new that ive never seen befor...

My computer runs fine.. Its good, fast (for its specs) and is perfect for me..

Problem: Whenever i try to open something, like a game or internet, even minesweeper on the days that im bored... it takes like 4 minutes to pop up... when its finaly up it runs fine though... so its not a hard ware problem...

its never done this befor... and it just started... whats rong?

Windows vista basic sp1

Sounds to be a hard drive problem of some sort. Download and run seatools for windows, run a long generic and smart self test, see if it fails either of them.

 

[konsole]

could be running low on memory from too many open programs and the page file is off or set really small. Virus maybe? check the open applications for anything suspicious.

 

[yuki953]

allready have... first thought was it could be a virus...

if it was memory then the programs would run non smooth... but they do once there open

 

[AlienMenace]

How about spyware then.

 

[yuki953]

i dont think spyware would do this...

 

[Shane]

It would ...Spyware can cause all sorts of problems,Worth giving it a scan.

 

[yuki953]

got anything free i can use?

 

[bomberboysk]

got anything free i can use?

MBAM(malwarebytes anti malware), AVG Antivirus, Combofix. Id suggest getting all three and running a scan with each.

 

[fedstuart]

Delete All Temporary Files in she system.

Send the RAM Configuration.

Use Registry Cleaner Software

 

[yuki953]

wow cant beleive how simple that was... ran the combofix, and only the combo fix...
heres log:

ComboFix 09-06-22.08 - Shaka 06/23/2009  3:02.1 - NTFSx86
Microsoft® Windows Vista™ Home Basic   6.0.6001.1.1252.1.1033.18.1790.1266 [GMT -7:00]
Running from: c:\users\Shaka\Downloads\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-2281177520-812670149-4258392394-500
c:\$recycle.bin\S-1-5-21-2330998901-1206937444-1990037922-500
c:\$recycle.bin\S-1-5-21-957388825-4026625574-79556735-1000
c:\windows\system32\11BA.tmp
c:\windows\system32\1908.tmp
c:\windows\system32\1ABD.tmp
c:\windows\system32\5ED2.tmp
c:\windows\system32\6213.tmp
c:\windows\system32\702D.tmp
c:\windows\system32\A4B7.tmp
c:\windows\system32\EADA.tmp
c:\windows\system32\SystemService32
c:\windows\system32\WBkbSv6.vbs
c:\$recycle.bin\S-1-5-21-2281177520-812670149-4258392394-500\desktop.ini
c:\$recycle.bin\S-1-5-21-2330998901-1206937444-1990037922-500\desktop.ini
c:\$recycle.bin\S-1-5-21-957388825-4026625574-79556735-1000\desktop.ini
c:\users\Shaka\AppData\Roaming\02000000a063657d608C.manifest
c:\users\Shaka\AppData\Roaming\02000000a063657d608O.manifest
c:\users\Shaka\AppData\Roaming\02000000a063657d608P.manifest
c:\users\Shaka\AppData\Roaming\02000000a063657d608S.manifest
c:\windows\system32\dsprop32.dll
c:\windows\system32\GroupPolicy000.dat
c:\windows\system32\SystemService32\BF6B.tmp

.
(((((((((((((((((((((((((   Files Created from 2009-05-23 to 2009-06-23  )))))))))))))))))))))))))))))))
.

2009-06-23 08:45 . 2009-06-23 08:45	--------	d-sh--w-	c:\windows\system32\SystemX86
2009-06-19 10:04 . 2009-06-19 10:04	--------	d-----w-	c:\programdata\3DVIA
2009-06-19 10:03 . 2006-09-28 23:05	2414360	----a-w-	c:\windows\system32\d3dx9_31.dll
2009-06-19 10:03 . 2009-06-19 10:03	--------	d-----w-	c:\program files\Virtools
2009-06-19 07:58 . 2009-06-19 07:58	--------	d-----w-	c:\windows\system32\Adobe
2009-06-17 06:41 . 2009-06-17 06:41	--------	d-----w-	c:\program files\Webzen
2009-06-15 22:36 . 2009-06-15 22:36	--------	d-----w-	C:\zee_store
2009-06-15 22:19 . 2009-06-15 22:19	--------	d-----w-	c:\program files\HyCam2
2009-06-13 06:21 . 2009-06-13 06:22	--------	d-----w-	c:\users\Shaka\AppData\Local\Microsoft Games
2009-06-10 06:40 . 2009-06-10 06:40	--------	d-----w-	c:\program files\NickOnline
2009-06-10 06:39 . 2009-06-10 06:39	--------	d-----w-	c:\users\Shaka\AppData\Local\Downloaded Installations
2009-06-09 22:59 . 2009-06-09 23:16	--------	d-----w-	c:\users\Shaka\AppData\Roaming\TeamViewer
2009-06-03 02:37 . 2009-06-03 02:38	--------	d-----w-	c:\program files\FileZilla FTP Client
2009-06-02 04:33 . 2009-06-02 04:33	--------	d-----w-	c:\program files\Sun
2009-05-31 03:52 . 2009-06-17 06:45	34	----a-w-	c:\users\Shaka\jagex_runescape_preferences.dat
2009-05-31 03:51 . 2009-06-03 14:26	--------	d-----w-	c:\windows\.jagex_cache_32
2009-05-30 21:22 . 2009-06-02 04:33	410984	----a-w-	c:\windows\system32\deploytk.dll
2009-05-30 01:06 . 2009-05-30 01:06	--------	d-----w-	c:\users\Shaka\AppData\Roaming\Template
2009-05-29 01:51 . 2009-05-29 01:52	--------	d-----w-	C:\ijji
2009-05-28 06:17 . 2009-05-28 06:17	--------	d-----w-	c:\users\Shaka\AppData\Roaming\NCH Swift Sound
2009-05-28 06:16 . 2009-06-05 04:29	--------	d-----w-	c:\programdata\NCH Swift Sound
2009-05-28 06:16 . 2009-05-28 06:17	--------	d-----w-	c:\program files\NCH Swift Sound
2009-05-27 00:02 . 2009-05-27 00:02	--------	d-----w-	c:\users\Shaka\New Folder
2009-05-26 23:31 . 2009-05-26 23:32	--------	d-----w-	c:\programdata\RapidSolution
2009-05-26 23:30 . 2009-05-26 23:30	--------	d-----w-	c:\users\Shaka\AppData\Local\Scramby Recordings
2009-05-26 23:30 . 2009-05-26 23:30	--------	d-----w-	c:\program files\RapidSolution
2009-05-25 19:53 . 2009-05-25 20:07	--------	d-----w-	c:\users\Shaka\AppData\Roaming\Ventrilo
2009-05-25 19:52 . 2009-05-25 19:54	--------	d-----w-	c:\users\Shaka\riotscape.comv4
2009-05-25 19:48 . 2009-05-25 19:48	--------	d-----w-	C:\.Cozmoscape_cache
2009-05-25 19:37 . 2009-05-25 19:37	--------	d-----w-	c:\program files\Ventrilo
2009-05-25 19:36 . 2009-05-25 19:36	--------	d-----w-	c:\program files\Common Files\Wise Installation Wizard

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-23 08:45 . 2009-06-23 08:45	0	----a-w-	c:\windows\system32\1C53.tmp
2009-06-23 08:45 . 2009-06-23 08:45	0	----a-w-	c:\windows\system32\1A11.tmp
2009-06-21 23:14 . 2009-06-21 23:14	0	----a-w-	c:\windows\system32\A8E5.tmp
2009-06-21 23:14 . 2009-06-21 23:14	0	----a-w-	c:\windows\system32\A6B2.tmp
2009-06-20 07:14 . 2009-06-20 07:14	0	----a-w-	c:\windows\system32\5F44.tmp
2009-06-18 15:14 . 2009-06-18 15:14	0	----a-w-	c:\windows\system32\187B.tmp
2009-06-17 06:43 . 2008-10-28 21:00	--------	d--h--w-	c:\program files\InstallShield Installation Information
2009-06-17 01:24 . 2009-06-03 05:14	--------	d-----w-	c:\users\Shaka\AppData\Roaming\FrostWire
2009-06-15 20:58 . 2009-06-15 20:58	0	----a-w-	c:\windows\system32\E8B7.tmp
2009-06-14 04:58 . 2009-06-14 04:58	0	----a-w-	c:\windows\system32\A265.tmp
2009-06-12 12:58 . 2009-06-12 12:58	0	----a-w-	c:\windows\system32\5C42.tmp
2009-06-10 20:58 . 2009-06-10 20:58	0	----a-w-	c:\windows\system32\16B6.tmp
2009-06-09 22:59 . 2009-06-03 02:48	--------	d-----w-	c:\users\Shaka\AppData\Roaming\FileZilla
2009-06-09 07:59 . 2009-06-09 07:59	0	----a-w-	c:\windows\system32\580A.tmp
2009-06-09 07:59 . 2009-06-09 07:59	0	----a-w-	c:\windows\system32\55D7.tmp
2009-06-07 15:59 . 2009-06-07 15:59	0	----a-w-	c:\windows\system32\FA7.tmp
2009-06-06 21:53 . 2009-06-06 21:48	--------	d-----w-	c:\users\Shaka\AppData\Roaming\gtk-2.0
2009-06-06 02:23 . 2009-06-06 02:23	--------	d-----w-	c:\program files\GIMP-2.0
2009-06-03 05:27 . 2009-06-03 05:27	0	----a-w-	c:\users\Shaka\AppData\Roaming\FrostWire\.NetworkShare\Incomplete\T-4506256-LimeWireWin4.16.6.exe
2009-06-03 05:14 . 2009-06-03 05:12	--------	d-----w-	c:\program files\FrostWire
2009-06-03 05:12 . 2009-06-03 05:12	--------	d-----w-	c:\program files\AskBarDis
2009-06-02 04:34 . 2009-05-11 00:24	--------	d-----w-	c:\program files\Flock
2009-06-02 04:33 . 2008-10-28 21:49	--------	d-----w-	c:\program files\Java
2009-05-30 01:06 . 2009-05-30 01:06	0	----a-w-	c:\users\Shaka\AppData\Roaming\wklnhst.dat
2009-05-22 01:38 . 2009-05-22 01:38	--------	d-----w-	c:\programdata\CCP
2009-05-20 22:33 . 2009-05-20 22:33	93	----a-w-	c:\users\Shaka\AppData\Local\fusioncache.dat
2009-05-20 04:55 . 2009-05-20 04:55	--------	d-----w-	c:\programdata\Turbine
2009-05-19 04:10 . 2009-05-17 07:41	--------	d-----w-	c:\program files\Axife Mouse Recorder DEMO
2009-05-19 01:24 . 2009-05-11 00:06	--------	d-----w-	c:\programdata\PMB Files
2009-05-19 01:24 . 2008-10-28 21:50	--------	d-----w-	c:\program files\BigFix
2009-05-19 01:21 . 2009-05-19 01:21	--------	d-----w-	c:\program files\Microsoft
2009-05-19 01:21 . 2009-05-14 23:23	--------	d-----w-	c:\program files\Windows Live
2009-05-19 01:21 . 2009-05-19 01:21	--------	d-----w-	c:\program files\Windows Live SkyDrive
2009-05-19 01:20 . 2008-10-28 21:39	--------	d-----w-	c:\programdata\Symantec
2009-05-19 00:11 . 2009-05-11 01:00	--------	d-----w-	c:\users\Shaka\AppData\Roaming\DNA
2009-05-19 00:06 . 2009-05-11 01:14	31871	----a-w-	c:\programdata\nvModes.dat
2009-05-18 02:19 . 2009-05-18 01:56	--------	d-----w-	c:\program files\TG Games
2009-05-17 10:12 . 2009-05-17 01:29	--------	d-----w-	c:\program files\Common Files\Blizzard Entertainment
2009-05-17 07:32 . 2009-05-17 07:32	--------	d-----w-	c:\program files\JitBit
2009-05-17 01:29 . 2009-05-17 01:29	--------	d-----w-	c:\programdata\Blizzard
2009-05-16 20:08 . 2009-05-16 20:04	--------	d-----w-	c:\programdata\NexonUS
2009-05-14 23:15 . 2009-05-14 23:15	--------	d-----w-	c:\program files\Common Files\Windows Live
2009-05-13 04:13 . 2009-05-13 04:13	--------	d-----w-	c:\users\Shaka\AppData\Roaming\InstallShield
2009-05-13 00:36 . 2009-05-13 00:36	--------	d-----w-	c:\program files\Common Files\INCA Shared
2009-05-12 22:13 . 2009-05-12 07:15	--------	d-----w-	c:\program files\Cheat Engine
2009-05-11 01:15 . 2008-10-28 20:57	--------	d-----w-	c:\programdata\NVIDIA
2009-05-11 01:14 . 2008-10-28 21:39	--------	d-----w-	c:\program files\Common Files\Symantec Shared
2009-05-11 01:14 . 2007-10-10 07:20	--------	d-----w-	c:\program files\Google
2009-05-11 00:24 . 2009-05-11 00:24	0	----a-w-	c:\windows\nsreg.dat
2009-05-11 00:24 . 2009-05-11 00:24	--------	d-----w-	c:\users\Shaka\AppData\Roaming\Flock
2009-05-11 00:15 . 2009-05-11 00:15	--------	d-----w-	c:\program files\SystemRequirementsLab
2009-05-11 00:05 . 2009-05-11 00:05	--------	d-----w-	c:\program files\Pando Networks
2009-05-10 22:45 . 2009-05-10 22:45	75264	----a-w-	c:\users\Shaka\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-10 22:45 . 2009-05-10 22:45	--------	d-----w-	c:\users\Shaka\AppData\Roaming\Symantec
2009-05-10 22:43 . 2009-05-10 22:43	--------	d-----w-	c:\program files\WalMart
2009-05-10 22:43 . 2009-05-10 22:43	--------	d-----w-	c:\program files\eBay
2009-04-27 07:42 . 2008-10-28 20:52	457248	----a-w-	c:\windows\system32\NVUNINST.EXE
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-09-09 05:08	279944	----a-w-	c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-07 3885408]
"WindowsWelcomeCenter"="oobefldr.dll" - c:\windows\System32\oobefldr.dll [2008-01-21 2153472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-02 13535776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-02 92704]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-15 71216]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-09 52256]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-09-25 210216]
"Turbine Download Manager Tray Icon"="d:\games\MMORPGS\Turbine Download Manager\TurbineDownloadManagerIcon.exe" [2009-06-17 472568]
"Axon"="c:\program files\NCH Swift Sound\Axon\axon.exe" [2009-05-28 835588]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-02 148888]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-05-20 6144000]

c:\users\Shaka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-8-24 101784]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{DEE35472-02DF-4BF3-82A3-8FCCE03A76A0}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{6235183E-A529-4480-A6BF-5BAFAD8A4229}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{4FF9A41D-44E4-472B-8F10-E8CEC3915A2B}"= c:\program files\CyberLink\PowerDVD\PowerDVD.EXE:CyberLink PowerDVD
"{8F33D57B-DF6E-4745-AAB4-84B1CE92135B}"= UDP:c:\program files\Pando Networks\Media Booster\PMB.exe:Pando Media Booster
"{D5541458-A158-4523-B372-359C6E61E37C}"= TCP:c:\program files\Pando Networks\Media Booster\PMB.exe:Pando Media Booster
"TCP Query User{BDD5ECA9-ED17-4760-A8D4-8DA37A4464AE}e:\\website\\darkeden eternity\\darkeden.exe"= UDP:e:\website\darkeden eternity\darkeden.exe:DarkEdenEternity
"UDP Query User{423DFA92-EFDC-4E82-87B5-9AC3A91BF408}e:\\website\\darkeden eternity\\darkeden.exe"= TCP:e:\website\darkeden eternity\darkeden.exe:DarkEdenEternity
"{3FCD7F39-2E3F-4B6F-9D2F-DE10BDC9D22E}"= UDP:d:\games\MMORPGS\Turbine Download Manager\TurbineMessageService.exe:TurbineMessageService
"{61E2F275-B51D-424D-8854-D36029036A38}"= TCP:d:\games\MMORPGS\Turbine Download Manager\TurbineMessageService.exe:TurbineMessageService
"{6A811860-8771-4525-87EB-05812B0B78A0}"= UDP:d:\games\MMORPGS\Turbine Download Manager\TurbineNetworkService.exe:TurbineNetworkService
"{33461229-2F78-4C6F-AD5F-D3E5D77520B1}"= TCP:d:\games\MMORPGS\Turbine Download Manager\TurbineNetworkService.exe:TurbineNetworkService
"TCP Query User{68ED711B-63E0-4362-A1F7-2A1A7ACB3626}d:\\games\\mmorpgs\\lotro\\lotroclient.exe"= UDP:d:\games\mmorpgs\lotro\lotroclient.exe:lotroclient
"UDP Query User{F1E44B0E-F39B-4331-8F9C-E9404FC35329}d:\\games\\mmorpgs\\lotro\\lotroclient.exe"= TCP:d:\games\mmorpgs\lotro\lotroclient.exe:lotroclient
"{DD2AE297-DCAD-4844-8241-069C7D333A50}"= UDP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.1.1.9835-to-3.1.2.9901-enGB-downloader.exe:Blizzard Downloader
"{D133C274-5009-4302-BA9A-D143A0848816}"= TCP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-3.1.1.9835-to-3.1.2.9901-enGB-downloader.exe:Blizzard Downloader
"{FA45DC7A-2E71-44A5-AD8D-753B5AB1D701}"= UDP:3724:Blizzard Downloader: 3724
"TCP Query User{59D6D3E6-631E-4E4F-9AA0-9F7F40880324}d:\\games\\mmorpgs\\world of warcraft trial\\world of warcraft\\launcher.exe"= UDP:d:\games\mmorpgs\world of warcraft trial\world of warcraft\launcher.exe:Blizzard Launcher
"UDP Query User{24A3CF1B-6804-4A3C-A583-C6922D4F6F2F}d:\\games\\mmorpgs\\world of warcraft trial\\world of warcraft\\launcher.exe"= TCP:d:\games\mmorpgs\world of warcraft trial\world of warcraft\launcher.exe:Blizzard Launcher
"TCP Query User{0A84F347-5FEC-43C0-A0A3-E9BCE0222DAD}d:\\games\\mmorpgs\\eve onlnie\\bin\\exefile.exe"= UDP:d:\games\mmorpgs\eve onlnie\bin\exefile.exe:CCP ExeFile
"UDP Query User{A7FCB157-2B4B-4064-8F99-80D53D07F0DF}d:\\games\\mmorpgs\\eve onlnie\\bin\\exefile.exe"= TCP:d:\games\mmorpgs\eve onlnie\bin\exefile.exe:CCP ExeFile
"{6AA81266-8084-46B3-ADA8-4720078E79DF}"= UDP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe
"{700046DB-4682-4F74-8B59-324110DB7B31}"= TCP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe
"{0BADB332-5F1E-44C0-9D20-DB9A44135DAF}"= TCP:4100:uPNP Router Control Port
"{F8F9AB4B-271D-4416-8716-477B03C14AD4}"= UDP:81:Axon Virtual PBX Web Server
"{B2162C91-3190-4B2E-B292-CACC9CDFF213}"= UDP:c:\program files\FrostWire\FrostWire.exe:FrostWire
"{6FB3A106-C49D-4814-B246-08CA09CB04B2}"= TCP:c:\program files\FrostWire\FrostWire.exe:FrostWire
"{59BC1DC4-CE57-4477-A36A-3FB549AA95DC}"= UDP:d:\games\MMORPGS\Turbine Download Manager\TurbineMessageService.exe:TurbineMessageService
"{7967D570-DE89-4646-9105-C74B5E1717F1}"= TCP:d:\games\MMORPGS\Turbine Download Manager\TurbineMessageService.exe:TurbineMessageService
"{E7182381-6A1B-4551-808E-E76A5C20F74A}"= UDP:d:\games\MMORPGS\Turbine Download Manager\TurbineNetworkService.exe:TurbineNetworkService
"{16339C6B-F5F5-487D-A4A3-0A06B71CDC61}"= TCP:d:\games\MMORPGS\Turbine Download Manager\TurbineNetworkService.exe:TurbineNetworkService

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

R2 ETService;Empowering Technology Service;c:\program files\EMACHINES\eMachines Recovery Management\Service\ETService.exe [10/10/2007 12:21 AM 24576]
R2 LiveTurbineMessageService;Turbine Message Service - Live;d:\games\MMORPGS\Turbine Download Manager\TurbineMessageService.exe [5/19/2009 9:55 PM 267760]
R3 LiveTurbineNetworkService;Turbine Network Service - Live;d:\games\MMORPGS\Turbine Download Manager\TurbineNetworkService.exe [5/19/2009 9:55 PM 218608]
S2 AxonService;Axon Virtual PBX;c:\program files\NCH Swift Sound\Axon\axon.exe [5/27/2009 11:17 PM 835588]
S3 scramby_out;Scramby Output;c:\windows\System32\drivers\scramby_out.sys [8/8/2007 8:31 AM 23840]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork	REG_MULTI_SZ   	PLA DPS BFE mpssvc
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-eRecoveryService - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://today.ask.com/frostwire?o=101676&l=dis
mStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=1&o=vb32&d=1007&m=el1200-07w
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-23 03:09
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ... 

scanning hidden files ...  


c:\users\Shaka\AppData\Roaming\Microsoft\Windows\Cookies\shaka@msn[1].txt

scan completed successfully
hidden files: 1

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\nvvsvc.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\agrsmsvc.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\windows\System32\WUDFHost.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\consent.exe
.
**************************************************************************
.
Completion time: 2009-06-23  3:12 - machine was rebooted
ComboFix-quarantined-files.txt  2009-06-23 10:12

Pre-Run: 33,226,846,208 bytes free
Post-Run: 34,376,314,880 bytes free

241