Everything is slow

[thermophilis]

I know I have a problem. Internet speed has plummeted, firefox won't work, fan's are constantly running on high, everything is SLOW. Oh and ceew1 (spelling?) virus scans still won't complete...grrr. Here's a HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:09:05 PM, on 8/4/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\A-SQUA~1\a2service.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Verizon Wireless\V CAST Music Manager\MEMonitor.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Safari\Safari.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://renewalcenter.symantec.com/s...5&GUID=19FE11AD94C43EFE4D2BCA8EA1D1E5D2&ENG&U
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.6.26.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: PPCScamBHO Class - {7E3659A6-4BC5-4d93-B3FD-8B5ACC2FEDED} - C:\Program Files\PeoplePC\Toolbar\ScamGrd.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\Toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Startup: MEMonitor.lnk = C:\Program Files\Verizon Wireless\V CAST Music Manager\MEMonitor.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?649588b87676446cabcf0a7afae14502
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?649588b87676446cabcf0a7afae14502
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.6.26.dll/206 (file missing)
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.google.com
O16 - DPF: {D3538D36-EEDA-4BC7-9C8D-8C1D066EBC56} - http://hp.sonic.com/SonicActivation.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\PROGRA~1\A-SQUA~1\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: Office Source Engine (ose) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 10319 bytes

 

[ceewi1]

There's nothing malicious showing in that log, let's look a little further.

Please visit this webpage for instructions for downloading and running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Post the log from ComboFix when you've accomplished that, along with a new HijackThis log.

Also, please press Ctrl + Alt + Del, click on the processes tab and note any processes showing a high CPU usage.

 

[thermophilis]

ComboFix 08-08-06.02 - Eric 2008-08-06 23:36:41.5 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.2.1252.1.1033.18.468 [GMT -7:00]
Running from: C:\Documents and Settings\Eric\Desktop\ComboFix.exe
 * Created a new restore point
.
	/wow section - STAGE 48
The process cannot access the file because it is being used by another process.
The process cannot access the file because it is being used by another process.
grep: temp01: No such file or directory

	/wow section - STAGE 48
The process cannot access the file because it is being used by another process.
grep: zhsvc.dat: No such file or directory
grep: temp01: No such file or directory
SED: can't read zhsvc.dat: No such file or directory


(((((((((((((((((((((((((   Files Created from 2008-07-07 to 2008-08-07  )))))))))))))))))))))))))))))))
.

2008-08-05 23:34 . 2008-08-05 23:34	<DIR>	d--------	C:\Program Files\Axon Data
2008-08-04 23:11 . 2008-08-04 23:11	62,940	--ah-----	C:\WINDOWS\system32\mlfcache.dat
2008-08-04 19:00 . 2008-08-04 19:00	<DIR>	d--------	C:\Program Files\DAEMON Tools Toolbar
2008-08-04 18:59 . 2008-08-04 19:00	<DIR>	d--------	C:\Program Files\DAEMON Tools Lite
2008-08-04 18:34 . 2008-08-04 18:34	<DIR>	d--------	C:\Documents and Settings\Eric\Application Data\DAEMON Tools
2008-07-24 08:15 . 1997-06-20 11:13	37,196	--a------	C:\WINDOWS\system32\mavenir.ttf
2008-07-24 08:15 . 1997-06-20 11:13	28,448	--a------	C:\WINDOWS\system32\SCOREBOA.FON
2008-07-24 08:15 . 1997-06-20 11:13	24,032	--a------	C:\WINDOWS\system32\HAVENIR.FON
2008-07-24 08:15 . 2008-07-24 08:15	1,409	--a------	C:\WINDOWS\system32\Mavenir.fot
2008-07-24 08:14 . 2008-07-24 08:14	<DIR>	d--------	C:\CWONDERS
2008-07-24 08:08 . 2008-07-24 08:08	<DIR>	d--------	C:\~QTWTMP.TMP
2008-07-22 23:23 . 2008-08-04 18:21	<DIR>	d--------	C:\Program Files\BitComet
2008-07-22 14:02 . 2008-07-22 14:02	0	--a------	C:\Documents and Settings\Eric\jagex_runescape_preferences.dat
2008-07-14 20:16 . 2008-07-14 20:16	<DIR>	d--------	C:\Documents and Settings\Compaq_Owner\Application Data\Comodo
2008-07-11 21:01 . 2008-07-11 21:01	<DIR>	d--------	C:\Program Files\COMODO
2008-07-11 21:01 . 2008-07-11 21:01	<DIR>	d--------	C:\Documents and Settings\Eric\Application Data\Comodo
2008-07-11 21:01 . 2008-07-11 21:53	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\comodo
2008-07-11 21:01 . 2008-07-11 21:01	143,104	--a------	C:\WINDOWS\system32\guard32.dll
2008-07-11 21:01 . 2008-07-11 21:01	87,056	--a------	C:\WINDOWS\system32\drivers\cmdguard.sys
2008-07-11 21:01 . 2008-07-11 21:01	24,208	--a------	C:\WINDOWS\system32\drivers\cmdhlp.sys
2008-07-09 13:38 . 2008-07-09 13:38	870,128	--a------	C:\WINDOWS\system32\mcs.rma
2008-07-09 13:38 . 2008-07-09 13:38	4	--a------	C:\WINDOWS\system32\8A060F
2008-07-09 13:34 . 2008-07-09 13:37	<DIR>	d--------	C:\Program Files\V CAST Music with Rhapsody
2008-07-09 13:28 . 2007-07-03 16:58	106,792	-ra------	C:\WINDOWS\system32\drivers\sscdmdm.sys
2008-07-09 13:28 . 2007-07-03 16:59	86,824	-ra------	C:\WINDOWS\system32\drivers\sscdserd.sys
2008-07-09 13:28 . 2007-07-03 16:54	80,552	-ra------	C:\WINDOWS\system32\drivers\sscdbus.sys
2008-07-09 13:28 . 2007-07-03 16:57	11,944	-ra------	C:\WINDOWS\system32\drivers\sscdmdfl.sys
2008-07-09 13:28 . 2007-07-03 17:00	9,256	-ra------	C:\WINDOWS\system32\drivers\sscdwhnt.sys
2008-07-09 13:28 . 2007-07-03 17:00	9,256	-ra------	C:\WINDOWS\system32\drivers\sscdwh.sys
2008-07-09 13:28 . 2007-07-03 16:56	9,256	-ra------	C:\WINDOWS\system32\drivers\sscdcmnt.sys
2008-07-09 13:28 . 2007-07-03 16:56	9,256	-ra------	C:\WINDOWS\system32\drivers\sscdcm.sys
2008-07-09 13:23 . 2008-07-09 13:23	<DIR>	d--h-----	C:\Temp\pt8q3khslw
2008-07-09 13:22 . 2008-07-09 13:22	<DIR>	d--------	C:\Program Files\Samsung
2008-07-09 13:21 . 2008-07-25 22:22	10,358,784	--a------	C:\WINDOWS\MEDB.mdb
2008-07-09 13:21 . 2007-05-01 15:23	528,384	---------	C:\WINDOWS\system32\VZWDownManager.exe
2008-07-09 13:21 . 2007-05-01 15:23	49,152	---------	C:\WINDOWS\system32\VZWDLManager.dll
2008-07-09 13:21 . 2007-05-02 01:34	375	---------	C:\WINDOWS\system32\VZWDLManager.inf
2008-07-09 13:20 . 2008-07-09 13:20	<DIR>	d--------	C:\Program Files\Verizon Wireless
2008-07-09 05:06 . 2008-07-09 05:06	<DIR>	d--------	C:\WINDOWS\9580813D94B14C289426A441E2BB29A5.TMP

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-07 06:32	---------	d-----w	C:\Documents and Settings\Eric\Application Data\.purple
2008-08-06 20:28	22,896	----a-w	C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
2008-08-06 06:34	---------	d-----w	C:\Documents and Settings\All Users\Application Data\Google Updater
2008-08-06 06:12	---------	d-----w	C:\Documents and Settings\Eric\Application Data\Apple Computer
2008-08-05 06:38	---------	d-----w	C:\Documents and Settings\Eric\Application Data\OpenOffice.org2
2008-08-05 02:11	---------	d--h--w	C:\Program Files\InstallShield Installation Information
2008-08-05 01:35	717,296	----a-w	C:\WINDOWS\system32\drivers\sptd.sys
2008-07-26 22:34	43,520	----a-w	C:\WINDOWS\system32\CmdLineExt03.dll
2008-07-26 22:34	---------	d-----w	C:\Program Files\Diablo II
2008-07-15 02:42	---------	d-----w	C:\Program Files\iTunes
2008-07-15 02:41	---------	d-----w	C:\Program Files\iPod
2008-07-15 02:38	---------	d-----w	C:\Program Files\QuickTime
2008-07-10 15:51	---------	d-----w	C:\Program Files\LimeWire
2008-07-09 21:11	210,560	--sha-w	C:\WINDOWS\system32\drivers\fidbox.idx
2008-07-09 21:11	18,937,888	--sha-w	C:\WINDOWS\system32\drivers\fidbox.dat
2008-07-09 20:36	---------	d-----w	C:\Program Files\Real
2008-07-06 06:17	---------	d-----w	C:\Documents and Settings\All Users\Application Data\Symantec
2008-07-04 16:25	---------	d-----w	C:\Documents and Settings\Compaq_Owner\Application Data\OpenOffice.org2
2008-06-28 21:14	---------	d-----w	C:\Documents and Settings\Compaq_Owner\Application Data\Locktime
2008-06-28 19:57	---------	d-----w	C:\Program Files\NetLimiter 2 Pro
2008-06-28 19:57	---------	d-----w	C:\Documents and Settings\Eric\Application Data\Locktime
2008-06-28 19:57	---------	d-----w	C:\Documents and Settings\All Users\Application Data\Locktime
2008-06-27 20:02	---------	d-----w	C:\Program Files\Bandwidth Monitor Pro
2008-06-24 06:16	---------	d-----w	C:\Program Files\HP
2008-06-23 14:59	---------	d-----w	C:\Program Files\Web Publish
2008-06-23 08:58	---------	d-----w	C:\Program Files\Malwarebytes' Anti-Malware
2008-06-23 08:58	---------	d-----w	C:\Documents and Settings\Eric\Application Data\Malwarebytes
2008-06-23 08:58	---------	d-----w	C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-23 07:08	---------	d-----w	C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-21 15:42	---------	d-----w	C:\Program Files\Disney Interactive
2008-06-20 17:41	245,248	----a-w	C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:41	245,248	----a-w	C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 17:41	148,992	----a-w	C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-06-20 10:45	360,320	----a-w	C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:45	360,320	----a-w	C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 10:44	138,368	----a-w	C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 10:44	138,368	----a-w	C:\WINDOWS\system32\dllcache\afd.sys
2008-06-20 09:52	225,920	----a-w	C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-20 09:52	225,920	----a-w	C:\WINDOWS\system32\dllcache\tcpip6.sys
2008-06-20 00:48	34,296	----a-w	C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-20 00:47	17,144	----a-w	C:\WINDOWS\system32\drivers\mbam.sys
2008-06-16 07:13	---------	d-----w	C:\Program Files\a-squared Free
2008-06-14 23:23	---------	d-----w	C:\Program Files\Mozilla Thunderbird
2008-06-13 13:10	272,128	------w	C:\WINDOWS\system32\drivers\bthport.sys
2008-06-13 13:10	272,128	------w	C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-11 21:39	---------	d-----w	C:\Program Files\DOSBox-0.72
2008-06-09 23:28	---------	d-----w	C:\Program Files\Project64 1.6
2008-06-09 21:22	---------	d-----w	C:\Documents and Settings\Compaq_Owner\Application Data\Apple Computer
2008-06-09 08:48	---------	d-----w	C:\Program Files\FOSTER
2008-06-09 08:19	---------	d---a-w	C:\Documents and Settings\All Users\Application Data\MakeMusic
2008-06-09 08:19	---------	d-----w	C:\Program Files\Kohan
2008-06-09 08:18	---------	d-----w	C:\Program Files\EA GAMES
2008-06-09 08:16	---------	d-----w	C:\Program Files\LucasArts
2008-06-09 01:22	---------	d-----w	C:\Program Files\Microsoft Games
2008-06-08 00:14	---------	d-----w	C:\Documents and Settings\Compaq_Owner\Application Data\vlc
2008-06-07 08:21	---------	d-----w	C:\Program Files\Safari
2008-06-07 08:19	---------	d-----w	C:\Program Files\Bonjour
2008-06-07 06:47	---------	d-----w	C:\Program Files\DirectX Happy Uninstall
2008-06-07 06:33	---------	d-----w	C:\Documents and Settings\Eric\Application Data\DivX
2008-06-07 03:54	21,840	----atw	C:\WINDOWS\system32\SIntfNT.dll
2008-06-07 03:54	17,212	----atw	C:\WINDOWS\system32\SIntf32.dll
2008-06-07 03:54	12,067	----atw	C:\WINDOWS\system32\SIntf16.dll
2008-06-07 03:32	---------	d-----w	C:\Program Files\Google
2008-06-07 03:26	94,208	----a-w	C:\WINDOWS\DIIUnin.exe
2008-06-07 03:26	2,829	----a-w	C:\WINDOWS\DIIUnin.pif
2008-05-30 21:19	507,400	----a-w	C:\WINDOWS\system32\XAudio2_1.dll
2008-05-30 21:18	238,088	----a-w	C:\WINDOWS\system32\xactengine3_1.dll
2008-05-30 21:17	65,032	----a-w	C:\WINDOWS\system32\XAPOFX1_0.dll
2008-05-30 21:17	25,608	----a-w	C:\WINDOWS\system32\X3DAudio1_4.dll
2008-05-30 21:11	467,984	----a-w	C:\WINDOWS\system32\d3dx10_38.dll
2008-05-30 21:11	3,850,760	----a-w	C:\WINDOWS\system32\D3DX9_38.dll
2008-05-30 21:11	1,491,992	----a-w	C:\WINDOWS\system32\D3DCompiler_38.dll
2008-05-16 18:58	12,632	----a-w	C:\WINDOWS\system32\lsdelete.exe
2008-05-13 01:53	524,288	----a-w	C:\WINDOWS\system32\DivXsm.exe
2008-05-13 01:53	3,596,288	----a-w	C:\WINDOWS\system32\qt-dx331.dll
2008-05-13 01:51	200,704	----a-w	C:\WINDOWS\system32\ssldivx.dll
2008-05-13 01:51	1,044,480	----a-w	C:\WINDOWS\system32\libdivx.dll
2008-05-13 01:49	161,096	----a-w	C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-05-13 01:49	12,288	----a-w	C:\WINDOWS\system32\DivXWMPExtType.dll
2008-05-12 17:49	593,920	------w	C:\WINDOWS\system32\ati2sgag.exe
2008-05-12 16:30	3,007,488	----a-w	C:\WINDOWS\system32\dllcache\ati2mtag.sys
2008-05-12 15:56	397,312	----a-w	C:\WINDOWS\system32\ATIDEMGX.dll
2008-05-12 15:54	305,152	----a-w	C:\WINDOWS\system32\ati2dvag.dll
2008-05-12 15:53	307,200	----a-w	C:\WINDOWS\system32\atiiiexx.dll
2008-05-12 15:45	43,520	----a-w	C:\WINDOWS\system32\ati2edxx.dll
2008-05-12 15:45	26,112	----a-w	C:\WINDOWS\system32\Ati2mdxx.exe
2008-05-12 15:45	180,224	----a-w	C:\WINDOWS\system32\atipdlxx.dll
2008-05-12 15:45	139,264	----a-w	C:\WINDOWS\system32\Oemdspif.dll
2008-05-12 15:44	139,264	----a-w	C:\WINDOWS\system32\ati2evxx.dll
2008-05-12 15:43	540,672	----a-w	C:\WINDOWS\system32\ati2evxx.exe
2008-05-12 15:43	10,153,984	----a-w	C:\WINDOWS\system32\atioglx2.dll
2008-05-12 15:41	53,248	----a-w	C:\WINDOWS\system32\ATIDDC.DLL
2008-05-12 15:32	3,203,168	----a-w	C:\WINDOWS\system32\ati3duag.dll
2008-05-12 15:22	1,999,616	----a-w	C:\WINDOWS\system32\ativvaxx.dll
2008-05-12 15:09	47,104	----a-w	C:\WINDOWS\system32\amdpcom32.dll
2008-05-12 15:05	5,439,488	----a-w	C:\WINDOWS\system32\atioglxx.dll
2008-05-12 15:05	327,680	----a-w	C:\WINDOWS\system32\atikvmag.dll
2008-05-12 15:03	19,968	----a-w	C:\WINDOWS\system32\atiadlxx.dll
2008-05-12 15:03	17,408	----a-w	C:\WINDOWS\system32\atitvo32.dll
2008-05-12 15:02	241,664	----a-w	C:\WINDOWS\system32\atiok3x2.dll
2006-05-03 09:06	163,328	--sh--r	C:\WINDOWS\system32\flvDX.dll
2007-02-21 10:47	31,232	--sh--r	C:\WINDOWS\system32\msfDX.dll
2007-12-17 12:43	27,648	--sh--w	C:\WINDOWS\system32\Smab0.dll
.

(((((((((((((((((((((((((((((   snapshot_2008-08-05_15.46.20.85   )))))))))))))))))))))))))))))))))))))))))
.
- 2008-08-05 06:05:58	268,600	----a-w	C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-08-05 23:16:53	266,208	----a-w	C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-08-07 06:16:32	16,384	--sha-w	C:\WINDOWS\Temp\Cookies\index.dat
+ 2008-08-07 06:16:32	32,768	--sha-w	C:\WINDOWS\Temp\History\History.IE5\index.dat
+ 2008-08-07 03:05:01	16,384	----atw	C:\WINDOWS\Temp\Perflib_Perfdata_6fc.dat
+ 2008-08-07 06:16:32	32,768	--sha-w	C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\index.dat
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 21:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-05 13:40 68856]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-07-24 08:02 490952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-15 16:19 79224]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe" [2003-03-09 21:30 188416]
"COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [2008-07-11 21:00 1655552]
"AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 09:47 116040]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-10 10:51 289064]
"RTHDCPL"="RTHDCPL.EXE" [2008-02-19 15:34 16858112 C:\WINDOWS\RTHDCPL.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"RegisterDropHandler"="C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE" [1998-12-10 12:33 23040]

C:\Documents and Settings\Eric\Start Menu\Programs\Startup\
MEMonitor.lnk - C:\Program Files\Verizon Wireless\V CAST Music Manager\MEMonitor.exe [2008-07-09 13:20:43 947544]
SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe [2003-08-29 20:05:35 360448]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"EditLevel"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"= C:\WINDOWS\system32\guard32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i420vfw.dll
"vidc.yv12"= yv12vfw.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Corel Family & Friends Reminders.LNK]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Corel Family & Friends Reminders.LNK
backup=C:\WINDOWS\pss\Corel Family & Friends Reminders.LNKCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hp psc 1000 series.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hp psc 1000 series.lnk
backup=C:\WINDOWS\pss\hp psc 1000 series.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hpoddt01.exe.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\hpoddt01.exe.lnk
backup=C:\WINDOWS\pss\hpoddt01.exe.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Compaq_Owner^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Compaq_Owner^Start Menu^Programs^Startup^OpenOffice.org 2.0.lnk]
path=C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\OpenOffice.org 2.0.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.0.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Compaq_Owner^Start Menu^Programs^Startup^reminder-ScanSoft Product Registration.lnk]
path=C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\reminder-ScanSoft Product Registration.lnk
backup=C:\WINDOWS\pss\reminder-ScanSoft Product Registration.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Compaq_Owner^Start Menu^Programs^Startup^VirtualExpander.lnk]
path=C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\VirtualExpander.lnk
backup=C:\WINDOWS\pss\VirtualExpander.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Eric^Start Menu^Programs^Startup^CPU_RAM_Meter.lnk]
path=C:\Documents and Settings\Eric\Start Menu\Programs\Startup\CPU_RAM_Meter.lnk
backup=C:\WINDOWS\pss\CPU_RAM_Meter.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Eric^Start Menu^Programs^Startup^OpenOffice.org 2.0.lnk]
path=C:\Documents and Settings\Eric\Start Menu\Programs\Startup\OpenOffice.org 2.0.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.0.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 22:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
--a------ 2007-12-22 00:23 221568 C:\Program Files\Alcohol Soft\Alcohol 120\AxCmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
--a------ 2006-09-28 12:21 57344 C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-03 21:00 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2006-02-19 03:41 49152 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPBootOp]
--a------ 2006-02-15 15:34 249856 C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD06]
--a------ 2004-06-06 21:53 49152 C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstantAccess]
--a------ 1998-12-10 13:57 37376 C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
--a------ 2007-08-31 12:01 1037736 c:\Program Files\Microsoft IntelliPoint\ipoint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2004-10-13 09:24 1694208 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-27 10:50 413696 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\spc_w]
--a------ 2006-07-10 23:00 311362 C:\Program Files\NZSearch\nzspc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
--a------ 2008-01-21 12:17 61440 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
--a------ 2006-07-20 10:24 1257472 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-08-05 13:40 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mouse Suite 98 Daemon]
--a------ 2004-07-14 15:36 57344 C:\WINDOWS\system32\ico.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\Program Files\\EA GAMES\\Battlefield 2 Demo\\BF2.exe"=
"C:\\Program Files\\Starcraft\\StarCraft.exe"=
"C:\\Program Files\\Pidgin\\pidgin.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Microsoft Games\\Halo\\halo.exe"=
"C:\\Program Files\\Valve\\Steam\\SteamApps\\thermophilis\\condition zero\\hl.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\Valve\\Steam\\SteamApps\\thermophilis\\counter-strike source\\hl2.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"17073:TCP"= 17073:TCP:BitComet 17073 TCP
"17073:UDP"= 17073:UDP:BitComet 17073 UDP

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-15 16:20]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\WINDOWS\system32\DRIVERS\cmdguard.sys [2008-07-11 21:01]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [2008-07-11 21:01]
R1 nltdi;nltdi;C:\WINDOWS\system32\drivers\nltdi.sys [2007-04-23 04:03]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-15 16:16]
S3 MBAMCatchMe;MBAMCatchMe;C:\WINDOWS\system32\drivers\mbamcatchme.sys [2008-06-19 17:48]
S3 pmxscan;USB ScanMaker 3630 Driver;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
.
Contents of the 'Scheduled Tasks' folder

2008-08-05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:57]

2008-08-07 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 12:20]

2008-06-26 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1214288419.job
- C:\Program Files\HP\Digital Imaging\Bin\hpqfrucl.exe [2003-04-09 17:56]

2008-03-25 C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
- c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2007-08-31 12:01]

2008-08-07 C:\WINDOWS\Tasks\PeoplePC.job
- C:\PROGRA~1\ONLINE~1\PeoplePC\HPPEOP~1.EXE [2005-09-01 04:25]
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Eric\Application Data\Mozilla\Firefox\Profiles\qzpozjn1.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.com/ig
FF -: plugin - C:\Program Files\Google\Google Updater\2.2.1229.1533\npCIDetect11.dll
FF -: plugin - C:\Program Files\IGN\Download Manager\npfpdlm.dll
FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
FF -: plugin - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-06 23:42:49
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-08-06 23:45:08
ComboFix-quarantined-files.txt  2008-08-07 06:44:59
ComboFix2.txt  2008-08-05 22:47:25
ComboFix3.txt  2008-06-18 05:02:08

Pre-Run: 7,926,177,792 bytes free
Post-Run: 7,919,779,840 bytes free

328	--- E O F ---	2008-07-22 10:07:21

And nothing has high CPU usage except system idle process, but my fans are constantly revving. And, my internet speed has dropped dramaticly.

 

[ceewi1]

OK, try downloading speedfan from http://www.almico.com/sfdownload.php and installing it. Post a screenshot of the "Readings" tab. The fans generally aren't directly controlled by software at the OS level, they are adjusted according to the system temperatures. If your system is overheating, that could explain a few problems.

 

[thermophilis]

Ok, I didn't think it would be hot, but the temps, at idle, are hotter than I would expect. It is a crappy prebuilt compaq though. And I did stick some as5 on the hsf because of that remote temp. which was like that quite a while ago, I think it's an error of some kind. My biggest problem is FF not opening, it opens for every other user on this PC I tried ccleaner and that didn't help at all. Anyways, here's the screenshot:



edit: I just noticed, in IE all the icons on tabs are wrong. Like CF's is a heart, and google's is the wikipedia icon.

 

[ceewi1]

Your temperatures seem OK, with regards to Firefox, try uninstalling it and then deleting your profile folder (I'd back up the profile folder to another location first, though) and then reinstalling Firefox. Very often these problems are caused by corruptions in the profile folder. You can find the profile folder at C:\Documents and Settings\<User Name>\Application Data\Mozilla\Firefox\Profiles. You will need to set Windows to show hidden files in order to see the Application Data folder.

See if that fixes that problem.

edit: I just noticed, in IE all the icons on tabs are wrong. Like CF's is a heart, and google's is the wikipedia icon.

Try clearing the cache in Internet Explorer - they should be cleared by doing so and re-downloaded when you visit the site.

 

[thermophilis]

Okay, worked for IE, firefox not so much. It still won't open, I even did a complete uninstall, I went through and literally deleted everything FF and it still won't open.

 

[ceewi1]

Will it open in Firefox's Safe Mode (Start -> All Programs -> Mozilla Firefox -> Mozilla Firefox (Safe Mode))? When you try to start it, does anything happen at all? Press Ctrl + Alt + Del after trying to run Firefox and see if firefox.exe appears in the processes list.

 

[thermophilis]

Won't start in safe mode. It will work for all the other users on this PC. When I start firefox it appears on the process list for a few seconds and then disappears.

 

[ceewi1]

Sorry about the delay, I've been trying to find out information on this without much success. I would recommend posting on Mozilla's support forum, perhaps they'd know more about it.

From a malware point of view, I don't see anything that could be responsible for it. I would recommend you delete the following folder, you will need to show hidden files to see it:
C:\Temp\pt8q3khslw

I would also recommend uninstalling the Daemon Tools toolbar, as it is considered adware and Daemon Tools will continue to work without it.

Just to be sure there's nothing remaining, I'd like to see the results of a couple more scans.

Please do a scan with Kaspersky Online Scanner

Click on the Accept button and install any components it needs.

• The program will install and then begin downloading the latest definition files.
• After the files have been downloaded on the left side of the page in the Scan section select My Computer.
• This will start the program and scan your system.
• The scan will take a while, so be patient and let it run.
• Once the scan is complete, click on View scan report
• Now, click on the Save Report as button.
• In the drop down box labeled Files of type change the type to Text file.
• Save the file to your desktop.
• Copy and paste that information in your next post.

Download GMER from here:
http://www.gmer.net/files.php

Unzip it to the desktop.

Open the program and click on the Rootkit tab.
Make sure all the boxes on the right of the screen are checked, EXCEPT for ‘Show All’.
Click on Scan.
When the scan has run click Copy and paste the results (if any) into this thread.

 

[thermophilis]

http://www.mediafire.com/?xgdcn1caddr

http://www.mediafire.com/?yllemjz3i2k

And don't worry about the delay. I really appreciate the help.

 

[thermophilis]

So the firefox support forums were able to get it to work! They had me do another clean uninstall and then rename the installation path.

 

[ceewi1]

Glad they were able to sort that out. There's no active malware showing in those logs either, although the C:\_OTMoveIt can be deleted (you will need to show hidden files to see it), it contains backups of infections previously removed.

It would seem that malware is not responsible for your problems.