here is the requested log.txt;
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST340016A rev.3.19 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
1 nt!IofCallDriver[0x804E37C5] -> \Device\Harddisk0\DR0[0x8A610AB8]
3 CLASSPNP[0xF7637FD7] -> nt!IofCallDriver[0x804E37C5] -> \Device\0000005a[0x8A508CA0]
5 ACPI[0xF75AE620] -> nt!IofCallDriver[0x804E37C5] -> \Device\Ide\IdeDeviceP0T0L0-3[0x8A612940]
kernel: MBR read successfully
user & kernel MBR OK
As to your questions, here's a partial copy of my original post,
The system has been very slugish. Often E-mail is slow to open mail, delete, etc or just freezes. It freezes in Internet Explorer (IE). I have run older AVG Free, found some stuff. Spybot has found nothing, although under TOOL and START UP, Spybot contininualy findy "RAIDY'S TROJAN", which I promply delete from same screen. Spybot said something about not to be confused with the lagit "Windows\System32\ctfmon.exe" name. Sometimes I am not able to open Tsk Mngr, my intensions being to close a frozen program to get to RUN Shutdown. Running AVG and Spybot and removing Raidy's Trojan all help, but it comes back.
I researched and decided I didn't need ctfmon.exe, whether it was lagit or not and tried to remove it all. Think I disabled WINDOWS version but... I installed WINPATROL and heard the bark every few minutes, CTF Loader wanted to load which I continually denied. I keep TSK MNGR open and handy and often find ctfmon.exe has started again. Seems when I stop it, thing get better, but not sure if lagit version is sucking what little resources are left or iligitimat version is sucking the life out.
I found while researching for a cure some of the sights I went to would lock-up, sights like AVG, and other lagitimat malware removal help sights. hmmm, And...I installed the latest AVG Free and soon the UPDATE came back with "General Error". After several days, I updated SpyBot and removed all of any AVG, past and present and attempted to down load fresh AVG Free, this time it failed on several attempts and (running eeeexxxttremely slowly) came back with "C\Doc Settings\Admin\Local Setting\Temp Internet File\couten.IE5\AZIU90EJ\avg_free-stb_all_2011_1153_cnet[1].exe. is not valid Windows 32 application."
I searched register and harddrive for this invalid file but found nothing, but did com across temp files, temporary internet files, and history files that didn't look right, 1st, they weren't empty as I expected, and second, some held folders named with abritary letter/number combos, all capitol. I tried to delete I couldn't remove, they were listed as read only, which I was not allowed to change..."File is in use by a program or other person".
With smoke coming from my ears, I changed the "hide system files", and sure enough more unexplanable ghost or read only files that I don't recognise as system files, looks like I need help.
I thought I had things sorted out but for 1 pesky file in temporary internet file and 1 in history file. The computer was running extremely fast almost like normal!!!...then all hell broke loose and here I am..."
As I had said in replys after my original post, I was not able to open any sights that had words such as "virus", "malware", etc. I was not able to open this sight at all, until I opened history file and clicked on previous malwareremoval.com. Pretty suspicious to me, although I am not an expert or even close to it. I am dangerious at best. The file in temp internet were named similar to "~DWMY4287" something like that. When they appeared, things got worse.
As to the system, I do not know what "release candidte of Service Pack 3" means. I remember about a year or sooner ago having similar problems, although it was with ATI catylist. I researched on the web and found suggestions to reinstall ATI after I removed sevice Pack 3, then reinstalled service pack 3. I was told not to install anything newer. I think it was from Micro Soft web sight that I got the steps to take. It did solve the issues, sorta. As to no other updates installed, please speak plainly. Should I have? I have automatic updates set to 5AM weekly under scheduler. I have to admit, it has been quite some time since I was asked to accept any updates, I have even tried to update manually, but get the reply "no updates availible".
I bought this computer used from a MA&PA computer shop locally November of 2008. I do not have operating system discs to reformat or reinstall. I assume reformating is the same as reinstalling. I'm sure the store would welcome more money from me, but I would rather spend money once and secure the software myself. Can I go to MS web sight and have it re-installed? A son suggested I go to newegg.com and buy Windows 7 instead of XP. Is that a good idea?
I want you to know without a doubt, how much I appreciate your time spent on this issue.
Patrick