Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

computer and internet slow

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: computer and internet slow

Unread postby johnnycoolwhip » June 26th, 2011, 6:05 pm

Spybot Search & Destroy isn't in the revo uninstall program but its in the C:programs\Spybot Search & Destroy\teatimer folder. Should I just delete it in the folder? ILL have the log for OTL in a min.
johnnycoolwhip
Regular Member
 
Posts: 21
Joined: June 12th, 2011, 11:32 am
Advertisement
Register to Remove

Re: computer and internet slow

Unread postby askey127 » June 26th, 2011, 6:14 pm

Yes. Go ahead and delete the folder.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: computer and internet slow

Unread postby johnnycoolwhip » June 26th, 2011, 6:34 pm

Here's the OTL log Thanks john z

OTL logfile created on: 6/26/2011 5:14:54 PM - Run 4
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\Home User\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

735.48 Mb Total Physical Memory | 326.02 Mb Available Physical Memory | 44.33% Memory free
1.38 Gb Paging File | 1.05 Gb Available in Paging File | 75.89% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 21.84 Gb Free Space | 58.62% Space Free | Partition Type: NTFS

Computer Name: HOME-B2BC004AA3 | User Name: Home User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/25 15:39:43 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Home User\Desktop\OTL.exe
PRC - [2011/06/25 09:21:55 | 000,362,496 | ---- | M] () -- C:\WINDOWS\system32\bcsa.exe
PRC - [2011/06/07 05:13:20 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.57\GoogleCrashHandler.exe
PRC - [2011/05/10 07:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/05/10 07:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/06/25 15:39:43 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Home User\Desktop\OTL.exe
MOD - [2011/05/10 07:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Running] -- -- (WMP54GSSVC)
SRV - [2011/05/10 07:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - [2011/06/14 12:22:58 | 000,041,424 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ImmunetProtect.sys -- (ImmunetProtectDriver)
DRV - [2011/06/14 12:22:58 | 000,031,184 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ImmunetSelfProtect.sys -- (ImmunetSelfProtectDriver)
DRV - [2011/06/10 08:14:19 | 000,098,392 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SBREDrv.sys -- (SBRE)
DRV - [2011/05/10 07:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/05/10 07:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/05/10 07:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/05/10 07:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/05/10 06:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/05/10 06:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/05/10 06:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008/02/25 13:54:56 | 000,105,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005/11/25 15:39:06 | 000,203,776 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM)
DRV - [2004/12/22 02:32:12 | 000,369,024 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004/08/03 17:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/01/06 22:25:50 | 000,432,384 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2003/10/02 16:25:48 | 000,011,264 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2003/09/25 23:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2003/01/13 10:43:56 | 000,030,720 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (sisagp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=17164"
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://us.mg204.mail.yahoo.com/dc/launch?.partner=sbc&.gx=1&.rand=22cnf1hj8vtoi"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/25 08:55:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/25 08:55:39 | 000,000,000 | ---D | M]

[2011/03/13 10:43:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Home User\Application Data\Mozilla\Extensions
[2011/06/25 09:13:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Home User\Application Data\Mozilla\Firefox\Profiles\esu596dt.default\extensions
[2011/06/11 08:59:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Home User\Application Data\Mozilla\Firefox\Profiles\esu596dt.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/09 14:08:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Home User\Application Data\Mozilla\Firefox\Profiles\esu596dt.default\extensions\ffxtlbr@babylon.com
[2011/06/14 08:30:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/12 12:19:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/08/20 15:59:26 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2011/03/31 22:54:59 | 000,002,226 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml

O1 HOSTS File: ([2011/06/23 15:51:04 | 000,000,916 | RH-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 184.95.59.211 www.google.com
O1 - Hosts: 184.95.59.212 search.yahoo.com
O1 - Hosts: 184.95.59.212 www.bing.com
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [cftmon] C:\WINDOWS\system32\bcsa.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - File not found
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} http://www.myheritage.com/Genoogle/Comp ... eQuery.dll (CSEQueryObject Object)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 6929235375 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/08/20 15:47:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/26 16:57:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Start Menu\Programs\Revo Uninstaller
[2011/06/26 16:57:41 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2011/06/26 16:56:21 | 002,616,384 | ---- | C] (VS Revo Group Ltd.) -- C:\Documents and Settings\Home User\Desktop\revosetup.exe
[2011/06/25 22:14:13 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/25 15:39:37 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Home User\Desktop\OTL.exe
[2011/06/25 14:48:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Local Settings\Application Data\Screentime
[2011/06/25 10:17:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Application Data\vmntemplate
[2011/06/25 10:02:58 | 001,441,584 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Home User\Desktop\ziz.com.exe
[2011/06/25 10:01:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Desktop\tdsskiller
[2011/06/25 09:31:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2011/06/25 09:14:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2011/06/22 15:59:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Real
[2011/06/21 11:50:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011/06/14 13:21:34 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security
[2011/06/14 13:21:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/06/14 13:06:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/06/14 13:06:49 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011/06/14 12:49:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2011/06/14 12:38:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Picasa 3
[2011/06/14 12:26:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Application Data\Immunet
[2011/06/14 12:24:46 | 000,031,184 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\ImmunetSelfProtect.sys
[2011/06/14 12:23:44 | 000,041,424 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\ImmunetProtect.sys
[2011/06/14 12:21:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\My Documents\My Google Gadgets
[2011/06/14 12:11:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\WebM Project
[2011/06/14 12:10:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Updater
[2011/06/14 12:09:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google Updater
[2011/06/14 08:16:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/06/12 10:24:50 | 001,437,488 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Home User\Desktop\tds.com.exe
[2011/06/11 21:25:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2011/06/11 21:25:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2011/06/11 12:33:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Application Data\Auslogics
[2011/06/11 12:26:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SystemSpeedBooster
[2011/06/11 12:26:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Application Data\SystemSpeedBooster
[2011/06/11 12:20:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Application Data\SystemOptimizeExpert
[2011/06/11 12:20:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SystemOptimizeExpert
[2011/06/11 12:06:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Desktop\PICTURES
[2011/06/11 08:03:35 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/06/10 22:38:06 | 000,000,000 | ---D | C] -- C:\Program Files\Singlesnet
[2011/06/10 22:38:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Singlesnet
[2011/06/10 15:53:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/06/10 15:52:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/06/10 14:37:05 | 000,068,976 | ---- | C] (G Data Software) -- C:\WINDOWS\System32\drivers\GRD.sys
[2011/06/10 14:33:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Desktop\DOCUMENTS
[2011/06/10 14:30:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Desktop\PROGRAMS installed
[2011/06/10 13:29:38 | 000,051,400 | ---- | C] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDTdiIcpt.sys
[2011/06/10 13:29:38 | 000,029,640 | ---- | C] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDNdisIc.sys
[2011/06/10 13:29:24 | 000,062,024 | ---- | C] (G Data Software AG) -- C:\WINDOWS\System32\drivers\MiniIcpt.sys
[2011/06/10 13:29:24 | 000,033,480 | ---- | C] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDBehave.sys
[2011/06/10 13:26:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\G DATA
[2011/06/10 13:26:45 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2011/06/10 13:26:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\G Data
[2011/06/10 13:25:55 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2011/06/10 13:19:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Local Settings\Application Data\Downloaded Installations
[2011/06/10 08:14:23 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/06/10 08:08:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2011/06/10 08:08:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2011/06/09 13:58:02 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo Layers Runtime
[2011/06/09 13:57:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer

========== Files - Modified Within 30 Days ==========

[2011/06/26 17:20:17 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/26 17:18:05 | 000,000,226 | ---- | M] () -- C:\WINDOWS\System32\winset.ini
[2011/06/26 17:12:01 | 000,000,888 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/26 17:11:57 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/26 17:11:50 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1708537768-413027322-725345543-1003.job
[2011/06/26 17:11:41 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/06/26 17:11:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/26 16:57:42 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\Home User\Desktop\Revo Uninstaller.lnk
[2011/06/26 16:56:27 | 002,616,384 | ---- | M] (VS Revo Group Ltd.) -- C:\Documents and Settings\Home User\Desktop\revosetup.exe
[2011/06/26 16:53:07 | 000,000,356 | ---- | M] () -- C:\WINDOWS\tasks\Windows Codec Update Service.job
[2011/06/26 09:25:18 | 000,000,994 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-413027322-725345543-1003UA.job
[2011/06/25 22:00:08 | 000,000,000 | ---- | M] () -- C:\install.rdf
[2011/06/25 21:58:21 | 000,013,422 | -HS- | M] () -- C:\Documents and Settings\Home User\Local Settings\Application Data\2702064725
[2011/06/25 21:51:46 | 000,013,430 | -HS- | M] () -- C:\Documents and Settings\Home User\Local Settings\Application Data\2271568364
[2011/06/25 21:51:46 | 000,013,430 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\2271568364
[2011/06/25 21:51:46 | 000,013,422 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\2702064725
[2011/06/25 15:39:43 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Home User\Desktop\OTL.exe
[2011/06/25 10:09:09 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/25 09:59:40 | 001,309,037 | ---- | M] () -- C:\Documents and Settings\Home User\Desktop\tdsskiller.zip
[2011/06/25 09:21:55 | 000,362,496 | ---- | M] () -- C:\WINDOWS\System32\bcsa.exe
[2011/06/24 05:26:31 | 000,000,942 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-413027322-725345543-1003Core.job
[2011/06/23 15:51:04 | 000,000,916 | RH-- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/06/21 21:56:51 | 056,039,816 | ---- | M] () -- C:\Documents and Settings\Home User\Desktop\avira_antivir_personal_en.exe
[2011/06/21 21:38:01 | 000,139,264 | ---- | M] () -- C:\Documents and Settings\Home User\Desktop\RKUnhookerLE.EXE
[2011/06/21 21:24:40 | 000,513,016 | ---- | M] () -- C:\Documents and Settings\Home User\Desktop\issetup.exe
[2011/06/21 21:17:12 | 000,505,574 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/21 21:17:12 | 000,087,598 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/21 11:54:53 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/06/20 17:36:50 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/06/20 13:50:36 | 000,002,294 | ---- | M] () -- C:\Documents and Settings\Home User\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/20 13:50:33 | 000,002,316 | ---- | M] () -- C:\Documents and Settings\Home User\Desktop\Google Chrome.lnk
[2011/06/16 15:28:00 | 001,441,584 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Home User\Desktop\ziz.com.exe
[2011/06/14 13:36:42 | 000,649,458 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/06/14 13:15:03 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/06/14 12:49:39 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2011/06/14 12:22:58 | 000,041,424 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\ImmunetProtect.sys
[2011/06/14 12:22:58 | 000,031,184 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\ImmunetSelfProtect.sys
[2011/06/14 12:08:26 | 001,402,880 | ---- | M] () -- C:\Documents and Settings\Home User\Desktop\HiJackThis.msi
[2011/06/12 10:24:59 | 001,437,488 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Home User\Desktop\tds.com.exe
[2011/06/11 08:03:35 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/06/10 22:38:18 | 000,000,831 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Start Singlesnet.lnk
[2011/06/10 14:37:05 | 000,068,976 | ---- | M] (G Data Software) -- C:\WINDOWS\System32\drivers\GRD.sys
[2011/06/10 13:29:39 | 000,029,640 | ---- | M] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDNdisIc.sys
[2011/06/10 13:29:38 | 000,051,400 | ---- | M] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDTdiIcpt.sys
[2011/06/10 13:29:24 | 000,062,024 | ---- | M] (G Data Software AG) -- C:\WINDOWS\System32\drivers\MiniIcpt.sys
[2011/06/10 13:29:24 | 000,033,480 | ---- | M] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDBehave.sys
[2011/06/10 12:44:54 | 000,000,439 | ---- | M] () -- C:\Documents and Settings\Home User\Desktop\Shortcut to Downloads.lnk
[2011/06/10 08:14:19 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/06/09 16:35:50 | 000,000,735 | ---- | M] () -- C:\WINDOWS\wininit.ini

========== Files Created - No Company Name ==========

[2011/06/26 16:57:42 | 000,000,917 | ---- | C] () -- C:\Documents and Settings\Home User\Desktop\Revo Uninstaller.lnk
[2011/06/25 22:00:08 | 000,000,000 | ---- | C] () -- C:\install.rdf
[2011/06/25 14:48:11 | 009,322,498 | ---- | C] () -- C:\Documents and Settings\Home User\Desktop\lanoire_screensaver_pc.exe
[2011/06/25 09:52:57 | 001,309,037 | ---- | C] () -- C:\Documents and Settings\Home User\Desktop\tdsskiller.zip
[2011/06/25 09:42:29 | 000,013,430 | -HS- | C] () -- C:\Documents and Settings\Home User\Local Settings\Application Data\2271568364
[2011/06/25 09:41:26 | 000,013,416 | -HS- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\pslfh888qr6kqq7l08484432
[2011/06/25 09:21:17 | 000,013,430 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2271568364
[2011/06/25 09:21:17 | 000,013,422 | -HS- | C] () -- C:\Documents and Settings\Home User\Local Settings\Application Data\2702064725
[2011/06/25 09:15:36 | 000,013,422 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2702064725
[2011/06/25 09:15:34 | 000,362,496 | ---- | C] () -- C:\WINDOWS\System32\bcsa.exe
[2011/06/25 09:15:32 | 000,000,226 | ---- | C] () -- C:\WINDOWS\System32\winset.ini
[2011/06/25 09:15:21 | 000,015,158 | -HS- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\pslfh888qr6kqq7l08484432
[2011/06/21 21:53:33 | 056,039,816 | ---- | C] () -- C:\Documents and Settings\Home User\Desktop\avira_antivir_personal_en.exe
[2011/06/21 21:38:01 | 000,139,264 | ---- | C] () -- C:\Documents and Settings\Home User\Desktop\RKUnhookerLE.EXE
[2011/06/21 21:24:37 | 000,513,016 | ---- | C] () -- C:\Documents and Settings\Home User\Desktop\issetup.exe
[2011/06/21 21:05:40 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\install
[2011/06/21 21:00:21 | 000,001,876 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\1.gif
[2011/06/21 20:57:55 | 000,000,011 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\ct_start
[2011/06/14 13:36:13 | 000,649,458 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/06/14 13:15:03 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/06/14 13:15:02 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/06/14 12:49:39 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2011/06/14 12:09:50 | 000,000,868 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/06/14 12:08:24 | 001,402,880 | ---- | C] () -- C:\Documents and Settings\Home User\Desktop\HiJackThis.msi
[2011/06/10 22:38:17 | 000,000,831 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Start Singlesnet.lnk
[2011/06/10 12:44:54 | 000,000,439 | ---- | C] () -- C:\Documents and Settings\Home User\Desktop\Shortcut to Downloads.lnk
[2011/06/09 16:35:49 | 000,000,735 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/05/07 10:37:59 | 000,000,480 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2011/03/13 10:43:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/01/24 11:57:35 | 000,022,024 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/01/24 11:32:26 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2011/01/24 11:32:22 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2011/01/24 11:32:22 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2011/01/24 11:32:04 | 000,004,254 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2011/01/22 19:12:06 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/01/22 19:12:05 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/01/22 11:31:23 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/01/22 09:56:07 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Home User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/20 16:01:16 | 000,155,648 | R--- | C] () -- C:\WINDOWS\System32\TVModeLib.dll
[2010/08/20 16:01:16 | 000,034,915 | ---- | C] () -- C:\WINDOWS\System32\1_ssetup.ini
[2010/08/20 16:01:16 | 000,016,819 | ---- | C] () -- C:\WINDOWS\System32\sunistlog.ini
[2010/08/20 16:00:51 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis740.bin
[2010/08/20 16:00:51 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis650.bin
[2010/08/20 16:00:42 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\setuplib.dll
[2010/08/20 16:00:42 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\waitwnd.exe
[2010/08/20 15:59:42 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/08/20 15:50:58 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/08/20 10:07:16 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/08/20 09:55:43 | 000,267,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/05/26 22:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 22:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2004/08/04 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 07:00:00 | 000,505,574 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 07:00:00 | 000,087,598 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2010/08/23 09:29:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/06/10 22:16:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\G DATA
[2011/01/22 10:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2011/01/24 12:41:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2011/06/11 12:21:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SystemOptimizeExpert
[2011/06/11 12:27:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SystemSpeedBooster
[2011/06/09 16:35:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2011/06/21 22:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/03/31 22:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\Acapela Group
[2011/06/11 12:33:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\Auslogics
[2011/02/03 19:36:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\ElevatedDiagnostics
[2011/02/05 13:39:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\GetRightToGo
[2011/06/14 12:26:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\Immunet
[2011/02/05 14:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\OpenCandy
[2011/06/11 12:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\SystemOptimizeExpert
[2011/06/11 12:26:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\SystemSpeedBooster
[2011/05/07 12:02:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\Uniblue
[2011/06/25 10:17:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\vmntemplate
[2011/01/12 15:11:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\Windows Desktop Search
[2011/01/23 19:15:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\Windows Search
[2011/06/26 16:53:07 | 000,000,356 | ---- | M] () -- C:\WINDOWS\Tasks\Windows Codec Update Service.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >
johnnycoolwhip
Regular Member
 
Posts: 21
Joined: June 12th, 2011, 11:32 am

Re: computer and internet slow

Unread postby askey127 » June 26th, 2011, 6:46 pm

Duplicate post deleted.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: computer and internet slow

Unread postby johnnycoolwhip » June 26th, 2011, 7:37 pm

Sorry bout the double post must of hit submit 2 times because the internet lagged a little
johnnycoolwhip
Regular Member
 
Posts: 21
Joined: June 12th, 2011, 11:32 am

Re: computer and internet slow

Unread postby askey127 » June 26th, 2011, 8:00 pm

Not to worry. No problem.

Will probably be tomorrow AM before I can answer.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: computer and internet slow

Unread postby askey127 » June 29th, 2011, 7:25 am

johnnycoolwhip,
Sorry for the delay.
You have a lot of junk programs that have been installed in the past.
You have also had multiple antivirus apps.
They can disrupt the proper registry and services settings, and render your computer "funny" or "broken".
Unnecessary and undesirable programs include Speed boosters, Registry cleaners, and almost all "Optimizers".
If you ever want to change antivirus programs, be sure to Uninstall the present one at that time.

----------------------------------------------------------------------------------
This program is an anti-spyware program. I can be used as a manual scanner for spyware. Update it and Run its scan once a week or so.
It will be the only spyware program you will need in addition to your AntiVirus.
Remember, only ONE each antivirus and antispyware.
Download and Run MalwareBytes' Anti-Malware It is free for non-business use.
Please go here to the Download Location, click on Download.
  • After clicking on the download and choosing Save, the "Save to location" dialog will come up.
  • Click the browse folders button, then click on Desktop on the left as the location for the installer and click Save again. Close the dialog when the download is complete.
  • You should now have a desktop icon named mbam-setup.exe. (If the download was saved somewhere else, locate it and copy or move it to your desktop).
  • Right click it, choose Run as administrator and Continue
  • Let it install where it wants to, with the default settings, and click Finish.
  • If an update is found, it will download and install the latest version. A shield symbol will show on the desktop icon while it is updating, and will disappear when it's done.
  • If necessary, start Malwarebytes Anti-Malware again.
  • Once the program has started up, select Perform Quick Scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • If it found any malware items, check all items except items in the C:\System Volume Information folder... and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location, and post the contents in your reply.
  • The log can also be found using the "Logs" tab in the program. You can click any "Scan" log listed to open its contents. The logs are listed and named by time/date stamp.
----------------------------------------------
Perform a Custom Scan or Fix with OTL
Run OTL (Right click and choose "Run as administrator" in Vista/Win7)
  • Under the Custom Scans/Fixes box at the bottom, paste in the following lines from the Code box:
    Code: Select all
    :processes
    killallprocesses
    
    :OTL
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
    O4 - HKCU..\Run: [SpybotSD TeaTimer] File not found
    [2011/06/14 13:21:34 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Security
    [2011/06/14 12:26:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Application Data\Immunet
    [2011/06/14 12:24:46 | 000,031,184 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\ImmunetSelfProtect.sys
    [2011/06/14 12:23:44 | 000,041,424 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\ImmunetProtect.sys
    [2011/06/11 12:33:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Application Data\Auslogics
    [2011/06/10 13:26:45 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
    [2011/01/24 12:41:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
    [2011/06/11 12:33:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\Auslogics
    [2011/06/14 12:26:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\Immunet
    [2011/05/07 12:02:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\Uniblue
    @Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
    
    :Commands
    [EMPTYTEMP]
    [CREATERESTOREPOINT]
    [Reboot]
    
  • Then click the Run Fix button at the top.
  • Let the program run unhindered and reboot the PC when it is done.
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

So let's look at the logs from OTL and Malwarebytes Anti-Malware.
Tell me how it's running.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: computer and internet slow

Unread postby johnnycoolwhip » June 29th, 2011, 2:06 pm

when i right click and "run as admind" it needs a password i tried my login pass and that doesnt work. something about 'access denied'. I could run it normal as home user. I should be the admin. wouldnt my password work?
johnnycoolwhip
Regular Member
 
Posts: 21
Joined: June 12th, 2011, 11:32 am

Re: computer and internet slow

Unread postby johnnycoolwhip » June 29th, 2011, 2:19 pm

Hey don't sweat the delay you've helped me out alot. Matter of fact i'll be donating money "once I get back on my feet from the surgery"as soon as I could. About the Malwarebytes program, it says it a trial version, will I be able to use it for how long I like?
johnnycoolwhip
Regular Member
 
Posts: 21
Joined: June 12th, 2011, 11:32 am

Re: computer and internet slow

Unread postby askey127 » June 29th, 2011, 4:00 pm

You should run as Normal, or just double click.
XP does not require "run as admin". I should have removed that part of the instruction.

You can use Malwarebytes for as long as you want, if you downloaded the Free version.
It's here : http://www.malwarebytes.org/products/malwarebytes_free
The paid (cheap) version is called PRO, and has some extra features.
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: computer and internet slow

Unread postby johnnycoolwhip » June 29th, 2011, 5:14 pm

Here is the log for the Malwarebyte spyware program after I sacnned and removed the entries:
the OTL log will on my next reply:


Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6977

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

6/29/2011 1:56:15 PM
mbam-log-2011-06-29 (13-56-13).txt

Scan type: Quick scan
Objects scanned: 147990
Time elapsed: 32 minute(s), 10 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 6
Folders Infected: 0
Files Infected: 4

Memory Processes Infected:
c:\WINDOWS\system32\bcsa.exe (Trojan.Agent) -> 2760 -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cftmon (Trojan.Agent) -> Value: cftmon -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Documents and Settings\NetworkService\Local Settings\Application Data\gts.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe") Good: (firefox.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Documents and Settings\NetworkService\Local Settings\Application Data\gts.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode) Good: (firefox.exe -safe-mode) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Documents and Settings\NetworkService\Local Settings\Application Data\gts.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\WINDOWS\system32\bcsa.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\home user\my documents\downloads\videotomp3setup.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\home user\favorites\free porn videos & sex movies - porno, xxx, porn tube and pussy porn.url (Rogue.Link) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\winset.ini (Malware.Trace) -> Quarantined and deleted successfully.
johnnycoolwhip
Regular Member
 
Posts: 21
Joined: June 12th, 2011, 11:32 am

Re: computer and internet slow

Unread postby askey127 » June 29th, 2011, 7:30 pm

johnnycoolwhip,
You can get a stand-alone version of OTL's Temp File cleaner, which is the best there is out there, right now.
Leave it on your desktop, and use it every week or two, to clean out unnecessary junk files.
----------------------------------------------
Download and Run Temp File Cleaner (TFC.exe)
Download Temp File Cleaner and save it to your desktop.
You might want to Copy/Paste/Print these instructions and Save any unsaved work. TFC will close ALL open programs... including your browser!
Double click to run it.
If you have a lot of junk files to remove, it could take a while, so please be patient and let it finish.
When it's done, it will report the total size of files removed. If it asks to Reboot, choose to do so. This will remove files that could not be removed while Windows was running.
After Restart, log back in to your usual account.

(It's only disadvantage is that it usually requires a reboot.)
----------------------------------------------
Now you can start OTL and click the Clean Up button.

Let me know how it's running.
askey127
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA

Re: computer and internet slow

Unread postby johnnycoolwhip » June 29th, 2011, 7:39 pm

Here's The OTL log thanks, john.

OTL logfile created on: 6/29/2011 5:24:37 PM - Run 5
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Documents and Settings\Home User\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

735.48 Mb Total Physical Memory | 315.35 Mb Available Physical Memory | 42.88% Memory free
1.38 Gb Paging File | 1.02 Gb Available in Paging File | 73.39% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 21.51 Gb Free Space | 57.73% Space Free | Partition Type: NTFS

Computer Name: HOME-B2BC004AA3 | User Name: Home User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/25 15:39:43 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Home User\Desktop\OTL.exe
PRC - [2011/06/24 01:25:50 | 001,012,792 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Home User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/06/07 05:13:20 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.57\GoogleCrashHandler.exe
PRC - [2011/05/10 07:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/05/10 07:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/06/25 15:39:43 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Home User\Desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Running] -- -- (WMP54GSSVC)
SRV - [2011/05/10 07:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV - [2011/06/10 08:14:19 | 000,098,392 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SBREDrv.sys -- (SBRE)
DRV - [2011/05/10 07:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/05/10 07:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/05/10 07:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/05/10 07:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/05/10 06:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/05/10 06:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/05/10 06:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008/02/25 13:54:56 | 000,105,088 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2005/11/25 15:39:06 | 000,203,776 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vinyl97.sys -- (VIAudio) Vinyl AC'97 Audio Controller (WDM)
DRV - [2004/12/22 02:32:12 | 000,369,024 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2004/08/03 17:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/01/06 22:25:50 | 000,432,384 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2003/10/02 16:25:48 | 000,011,264 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2003/09/25 23:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2003/01/13 10:43:56 | 000,030,720 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (sisagp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=17164"
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://us.mg204.mail.yahoo.com/dc/launch?.partner=sbc&.gx=1&.rand=22cnf1hj8vtoi"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/25 08:55:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/26 17:54:43 | 000,000,000 | ---D | M]

[2011/03/13 10:43:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Home User\Application Data\Mozilla\Extensions
[2011/06/25 09:13:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Home User\Application Data\Mozilla\Firefox\Profiles\esu596dt.default\extensions
[2011/06/11 08:59:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Home User\Application Data\Mozilla\Firefox\Profiles\esu596dt.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/09 14:08:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Home User\Application Data\Mozilla\Firefox\Profiles\esu596dt.default\extensions\ffxtlbr@babylon.com
[2011/06/14 08:30:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/12 12:19:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/08/20 15:59:26 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2011/03/31 22:54:59 | 000,002,226 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml

O1 HOSTS File: ([2011/06/23 15:51:04 | 000,000,916 | RH-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 184.95.59.211 http://www.google.com
O1 - Hosts: 184.95.59.212 search.yahoo.com
O1 - Hosts: 184.95.59.212 http://www.bing.com
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - File not found
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} http://www.myheritage.com/Genoogle/Comp ... eQuery.dll (CSEQueryObject Object)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 6929235375 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/08/20 15:47:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/29 16:06:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Desktop\Programs
[2011/06/29 13:14:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Application Data\Malwarebytes
[2011/06/29 13:14:02 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/06/29 13:14:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/29 13:14:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/06/29 13:13:51 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/06/29 13:13:51 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/06/26 17:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/06/26 17:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011/06/26 16:57:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Start Menu\Programs\Revo Uninstaller
[2011/06/26 16:57:41 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2011/06/25 22:14:13 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/25 15:39:37 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Home User\Desktop\OTL.exe
[2011/06/25 14:48:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Local Settings\Application Data\Screentime
[2011/06/25 10:17:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Application Data\vmntemplate
[2011/06/25 09:31:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2011/06/25 09:14:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2011/06/22 15:59:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Real
[2011/06/21 11:50:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011/06/14 13:21:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/06/14 12:49:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2011/06/14 12:38:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Picasa 3
[2011/06/14 12:21:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\My Documents\My Google Gadgets
[2011/06/14 12:11:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\WebM Project
[2011/06/14 12:10:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Updater
[2011/06/14 12:09:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google Updater
[2011/06/14 08:16:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011/06/11 21:25:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\Sun
[2011/06/11 21:25:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Sun
[2011/06/11 12:26:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SystemSpeedBooster
[2011/06/11 12:26:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Application Data\SystemSpeedBooster
[2011/06/11 12:20:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Application Data\SystemOptimizeExpert
[2011/06/11 12:20:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SystemOptimizeExpert
[2011/06/11 12:06:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Desktop\PICTURES
[2011/06/11 08:03:35 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/06/10 22:38:06 | 000,000,000 | ---D | C] -- C:\Program Files\Singlesnet
[2011/06/10 22:38:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Singlesnet
[2011/06/10 15:53:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2011/06/10 15:52:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Adobe
[2011/06/10 14:37:05 | 000,068,976 | ---- | C] (G Data Software) -- C:\WINDOWS\System32\drivers\GRD.sys
[2011/06/10 14:33:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Desktop\DOCUMENTS
[2011/06/10 14:30:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Desktop\program installations
[2011/06/10 13:29:38 | 000,051,400 | ---- | C] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDTdiIcpt.sys
[2011/06/10 13:29:38 | 000,029,640 | ---- | C] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDNdisIc.sys
[2011/06/10 13:29:24 | 000,062,024 | ---- | C] (G Data Software AG) -- C:\WINDOWS\System32\drivers\MiniIcpt.sys
[2011/06/10 13:29:24 | 000,033,480 | ---- | C] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDBehave.sys
[2011/06/10 13:26:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\G DATA
[2011/06/10 13:26:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\G Data
[2011/06/10 13:25:55 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2011/06/10 13:19:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Home User\Local Settings\Application Data\Downloaded Installations
[2011/06/10 08:14:23 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/06/10 08:08:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2011/06/10 08:08:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2011/06/09 13:58:02 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo Layers Runtime
[2011/06/09 13:57:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer

========== Files - Modified Within 30 Days ==========

[2011/06/29 18:21:02 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/29 17:25:02 | 000,000,994 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-413027322-725345543-1003UA.job
[2011/06/29 17:21:24 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/29 17:20:47 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/06/29 17:20:40 | 000,000,888 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/29 17:20:34 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1708537768-413027322-725345543-1003.job
[2011/06/29 17:20:28 | 000,000,356 | ---- | M] () -- C:\WINDOWS\tasks\Windows Codec Update Service.job
[2011/06/29 17:20:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/06/29 16:04:46 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/29 13:35:35 | 000,002,294 | ---- | M] () -- C:\Documents and Settings\Home User\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/29 13:35:34 | 000,002,316 | ---- | M] () -- C:\Documents and Settings\Home User\Desktop\Google Chrome.lnk
[2011/06/25 22:00:08 | 000,000,000 | ---- | M] () -- C:\install.rdf
[2011/06/25 21:58:21 | 000,013,422 | -HS- | M] () -- C:\Documents and Settings\Home User\Local Settings\Application Data\2702064725
[2011/06/25 21:51:46 | 000,013,430 | -HS- | M] () -- C:\Documents and Settings\Home User\Local Settings\Application Data\2271568364
[2011/06/25 21:51:46 | 000,013,430 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\2271568364
[2011/06/25 21:51:46 | 000,013,422 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\2702064725
[2011/06/25 15:39:43 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Home User\Desktop\OTL.exe
[2011/06/25 10:09:09 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/06/24 05:26:31 | 000,000,942 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-413027322-725345543-1003Core.job
[2011/06/23 15:51:04 | 000,000,916 | RH-- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/06/21 21:17:12 | 000,505,574 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/21 21:17:12 | 000,087,598 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/21 11:55:10 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/06/20 17:36:50 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/06/14 13:36:42 | 000,649,458 | ---- | M] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/06/11 08:03:35 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/06/10 14:37:05 | 000,068,976 | ---- | M] (G Data Software) -- C:\WINDOWS\System32\drivers\GRD.sys
[2011/06/10 13:29:39 | 000,029,640 | ---- | M] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDNdisIc.sys
[2011/06/10 13:29:38 | 000,051,400 | ---- | M] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDTdiIcpt.sys
[2011/06/10 13:29:24 | 000,062,024 | ---- | M] (G Data Software AG) -- C:\WINDOWS\System32\drivers\MiniIcpt.sys
[2011/06/10 13:29:24 | 000,033,480 | ---- | M] (G Data Software AG) -- C:\WINDOWS\System32\drivers\GDBehave.sys
[2011/06/10 12:44:54 | 000,000,439 | ---- | M] () -- C:\Documents and Settings\Home User\Desktop\Shortcut to Downloads.lnk
[2011/06/10 08:14:19 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/06/09 16:35:50 | 000,000,735 | ---- | M] () -- C:\WINDOWS\wininit.ini

========== Files Created - No Company Name ==========

[2011/06/29 13:14:02 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/26 17:54:44 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/06/25 22:00:08 | 000,000,000 | ---- | C] () -- C:\install.rdf
[2011/06/25 09:42:29 | 000,013,430 | -HS- | C] () -- C:\Documents and Settings\Home User\Local Settings\Application Data\2271568364
[2011/06/25 09:41:26 | 000,013,416 | -HS- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\pslfh888qr6kqq7l08484432
[2011/06/25 09:21:17 | 000,013,430 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2271568364
[2011/06/25 09:21:17 | 000,013,422 | -HS- | C] () -- C:\Documents and Settings\Home User\Local Settings\Application Data\2702064725
[2011/06/25 09:15:36 | 000,013,422 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2702064725
[2011/06/25 09:15:21 | 000,015,158 | -HS- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\pslfh888qr6kqq7l08484432
[2011/06/21 21:05:40 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\install
[2011/06/21 21:00:21 | 000,001,876 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\1.gif
[2011/06/21 20:57:55 | 000,000,011 | ---- | C] () -- C:\Documents and Settings\NetworkService\Application Data\ct_start
[2011/06/14 13:36:13 | 000,649,458 | ---- | C] () -- C:\WINDOWS\System32\drivers\Cat.DB
[2011/06/14 12:09:50 | 000,000,868 | ---- | C] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/06/10 12:44:54 | 000,000,439 | ---- | C] () -- C:\Documents and Settings\Home User\Desktop\Shortcut to Downloads.lnk
[2011/06/09 16:35:49 | 000,000,735 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/05/07 10:37:59 | 000,000,480 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2011/03/13 10:43:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/01/24 11:57:35 | 000,022,024 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/01/24 11:32:26 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2011/01/24 11:32:22 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2011/01/24 11:32:22 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2011/01/24 11:32:04 | 000,004,254 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2011/01/22 19:12:06 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/01/22 19:12:05 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/01/22 11:31:23 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/01/22 09:56:07 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\Home User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/20 16:01:16 | 000,155,648 | R--- | C] () -- C:\WINDOWS\System32\TVModeLib.dll
[2010/08/20 16:01:16 | 000,034,915 | ---- | C] () -- C:\WINDOWS\System32\1_ssetup.ini
[2010/08/20 16:01:16 | 000,016,819 | ---- | C] () -- C:\WINDOWS\System32\sunistlog.ini
[2010/08/20 16:00:51 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis740.bin
[2010/08/20 16:00:51 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis650.bin
[2010/08/20 16:00:42 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\setuplib.dll
[2010/08/20 16:00:42 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\waitwnd.exe
[2010/08/20 15:59:42 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/08/20 15:50:58 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/08/20 10:07:16 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/08/20 09:55:43 | 000,267,008 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/05/26 22:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 22:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/09/27 11:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 11:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 11:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2004/08/04 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 07:00:00 | 000,505,574 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 07:00:00 | 000,087,598 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2010/08/23 09:29:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/06/10 22:16:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\G DATA
[2011/01/22 10:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2011/06/11 12:21:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SystemOptimizeExpert
[2011/06/11 12:27:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SystemSpeedBooster
[2011/06/09 16:35:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tarma Installer
[2011/06/21 22:43:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/03/31 22:55:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\Acapela Group
[2011/02/03 19:36:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\ElevatedDiagnostics
[2011/02/05 13:39:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\GetRightToGo
[2011/02/05 14:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\OpenCandy
[2011/06/11 12:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\SystemOptimizeExpert
[2011/06/11 12:26:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\SystemSpeedBooster
[2011/06/25 10:17:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\vmntemplate
[2011/01/12 15:11:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\Windows Desktop Search
[2011/01/23 19:15:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Home User\Application Data\Windows Search
[2011/06/29 17:20:28 | 000,000,356 | ---- | M] () -- C:\WINDOWS\Tasks\Windows Codec Update Service.job

========== Purity Check ==========



< End of report >
johnnycoolwhip
Regular Member
 
Posts: 21
Joined: June 12th, 2011, 11:32 am

Re: computer and internet slow

Unread postby johnnycoolwhip » June 29th, 2011, 7:59 pm

Right the computer is running good. The internet lags sometimes but I think its due to the games I play on Facebook. Low virtue memory pops up alot. Is their a way to not use so muck VM on my system? My computer is not that fast to begin with. I was thinking of a program that could regulate my system's VM, cpu, and memory usage? Let me know. Oh thanks for your time I'm in debt to you lol! If you need more people to join your forum let me know. I know your busy as it is so I won't ask people to join unless you say it s alright. Thanks again the OTL log is on my last post
johnnycoolwhip
Regular Member
 
Posts: 21
Joined: June 12th, 2011, 11:32 am

Re: computer and internet slow

Unread postby johnnycoolwhip » June 30th, 2011, 1:15 am

Should I click on start trial for the Malwarebytes program. If I do that it will start protecton on my computer, but theirs a trial period which i'm guessing will end. I don't have money right now to purchase any kind of program. Please let me know what I should do thanks.
johnnycoolwhip
Regular Member
 
Posts: 21
Joined: June 12th, 2011, 11:32 am
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 129 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware