GeekPolice Tech TutorialsLog in

 


slow boot up and fluctuating internet download speed

Share

descriptionslow boot up and fluctuating internet download speed

more_horiz
OTL Extras logfile created on: 8/7/2011 7:17:17 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\gomer\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00003409 | Country: Republic of the Philippines | Language: ENP | Date Format: M/d/yyyy

2.96 Gb Total Physical Memory | 1.70 Gb Available Physical Memory | 57.43% Memory free
6.13 Gb Paging File | 4.64 Gb Available in Paging File | 75.76% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 100.01 Gb Total Space | 22.56 Gb Free Space | 22.56% Space Free | Partition Type: NTFS
Drive D: | 30.68 Gb Total Space | 17.85 Gb Free Space | 58.19% Space Free | Partition Type: NTFS
Drive F: | 320.31 Gb Total Space | 194.47 Gb Free Space | 60.71% Space Free | Partition Type: NTFS
Drive H: | 465.76 Gb Total Space | 399.96 Gb Free Space | 85.87% Space Free | Partition Type: NTFS

Computer Name: GOMER-PC | User Name: gomer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0049B45F-738F-4306-A2AB-8A4E2DA9BB63}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0C2D2CE8-C8C7-4D2D-85B1-C06B2F4177A6}" = rport=138 | protocol=17 | dir=out | app=system |
"{1F117160-315F-41A3-BEDE-6BDC4354B646}" = lport=445 | protocol=6 | dir=in | app=system |
"{23CCA196-2EB3-4DF7-857A-87990D3B5996}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{314BE7CB-2363-474D-B179-A3E6562AACFB}" = lport=139 | protocol=6 | dir=in | app=system |
"{347B1C54-D390-454B-86D8-54E43522784C}" = rport=445 | protocol=6 | dir=out | app=system |
"{3B31CD09-56E0-44A7-A192-F0AE20F20AF6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3F733E1C-EC26-456D-B5B4-AF11CA204BDE}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{4CFD409C-CA74-4C8C-B80C-8E531AFECC86}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{604EFF0C-2463-4FBD-9804-25824138372C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{61372F5C-578A-4D6C-B3D0-452F984EC8C1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{61E1108B-693A-4EC6-AE13-90E3FF95C8AF}" = rport=137 | protocol=17 | dir=out | app=system |
"{63C90423-2C81-474A-93DE-82E54DA836D0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6F30702A-73F3-4835-BA4C-81AD4D7C158F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{81843108-2067-4AEE-A7EA-D9DE7653E5B6}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{93353E50-4E4A-4306-937A-1D951ABCE23F}" = lport=137 | protocol=17 | dir=in | app=system |
"{B9C3A1D0-59D4-474A-8712-82A9B4F0CA1B}" = lport=138 | protocol=17 | dir=in | app=system |
"{BA091AEE-3FC0-4CED-900A-29EE1C27B2BC}" = rport=139 | protocol=6 | dir=out | app=system |
"{E5C40A6E-4B63-4BA1-BC5D-BF3EFFB89437}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{FF0316CE-6428-4462-9B46-1BB5FB4227E0}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0505512A-BC65-4789-92D6-70D60113E419}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{0BC7932B-D414-44C4-A03E-AD7712777E72}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{14A7D493-C5E8-4B79-B53C-649CF6276F4C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7C32F703-2734-401B-9EFE-AD4B99DC0CD7}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{881A120A-2658-452B-AB3A-A0A9BFBBCF62}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9035A935-21A9-4FDA-983C-8D0553FF1D32}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9221B442-2418-46D9-91AF-017FFA6E9CF8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{93B5F4E1-3C1C-4194-9023-4BD38B265B0F}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{94B8C082-2294-486A-B472-6525EBAB6F43}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{A075711C-AC72-444F-B8C6-E41688F3E2BD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A9744B38-47A5-4B52-B094-3B124C961B55}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{AFCD5C47-8F4E-4DED-B520-E1DF992433AA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B2943877-2B8F-4636-A56C-286A7B3D6C9B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B8D5140C-B2C5-41BE-9B02-98EC78B31669}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{D7239712-1600-4025-B91D-5E82769F97FB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{EFA0630B-E91E-481D-98F1-3A1A8D480702}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F1085D42-5BA4-4144-9749-846AD066BE2D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{048C27C8-AFD8-41B5-AD16-345A6E8E650D}C:\users\gomer\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\gomer\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{05BAEF78-9117-4F73-B19F-A4C5BB140B4B}D:\warcraft iii 1.24a\war3.exe" = protocol=6 | dir=in | app=d:\warcraft iii 1.24a\war3.exe |
"TCP Query User{2AA8F791-39DD-487A-8D63-30413A60A81B}D:\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\warcraft iii\war3.exe |
"TCP Query User{35751994-2D43-450B-9DF8-094AE43A6AF9}F:\warcraft iii 1.24d\war3.exe" = protocol=6 | dir=in | app=f:\warcraft iii 1.24d\war3.exe |
"TCP Query User{41891EC0-68DD-4B65-802A-6810FEF84E60}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{5A935A7D-8276-49A7-8BC7-7409520DA839}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{65994B2C-3F1B-428F-8825-7F375ADE394B}D:\warcraft iii 1.24c\war3.exe" = protocol=6 | dir=in | app=d:\warcraft iii 1.24c\war3.exe |
"TCP Query User{67A780A4-45D2-4D6F-B581-0A02F180F9E0}C:\program files\iomega storage manager\iomegastoragemanager.exe" = protocol=6 | dir=in | app=c:\program files\iomega storage manager\iomegastoragemanager.exe |
"TCP Query User{758B5B71-5BED-4122-9566-A7C7B54F9021}F:\warcraft iii 1.24e\war3.exe" = protocol=6 | dir=in | app=f:\warcraft iii 1.24e\war3.exe |
"TCP Query User{8365342A-6588-47BE-86F8-6D553CDB0F1B}D:\warcraft iii 1.20e\war3.exe" = protocol=6 | dir=in | app=d:\warcraft iii 1.20e\war3.exe |
"TCP Query User{A97E5625-C96D-49E3-8172-A46082758103}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{A9A14EF6-E866-48A6-A80C-DAC9999D6482}D:\warcraft iii\war3.exe" = protocol=6 | dir=in | app=d:\warcraft iii\war3.exe |
"TCP Query User{E5EA4450-5373-41BA-89FC-04AD4BAEEBF3}C:\program files\iomega storage manager\iomegastoragemanager.exe" = protocol=6 | dir=in | app=c:\program files\iomega storage manager\iomegastoragemanager.exe |
"TCP Query User{E85F7721-C73F-48B6-849D-A8E2D6F76438}C:\program files\garena\garena.exe" = protocol=6 | dir=in | app=c:\program files\garena\garena.exe |
"TCP Query User{EF22972B-CADC-450A-88C2-ED08998F3EAB}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{EF8BF8AF-F23F-4D8F-AE4E-AA26A34D3331}D:\warcraft iii 1.24b\war3.exe" = protocol=6 | dir=in | app=d:\warcraft iii 1.24b\war3.exe |
"TCP Query User{F927234A-BDD6-4696-B612-C7C6647C9AEF}C:\program files\garena\garena.exe" = protocol=6 | dir=in | app=c:\program files\garena\garena.exe |
"TCP Query User{F948C443-6D79-4A0B-B45B-B99CB53B828C}D:\warcraft iii 1.23a\war3.exe" = protocol=6 | dir=in | app=d:\warcraft iii 1.23a\war3.exe |
"UDP Query User{09CFCEBC-C377-4342-B72F-E1CC06A410C8}F:\warcraft iii 1.24e\war3.exe" = protocol=17 | dir=in | app=f:\warcraft iii 1.24e\war3.exe |
"UDP Query User{1EAB994D-A488-4FCE-8CA7-F38AEAE93F9D}D:\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\warcraft iii\war3.exe |
"UDP Query User{2276840A-61EE-4587-B9CB-ABD5B81A08C4}D:\warcraft iii 1.23a\war3.exe" = protocol=17 | dir=in | app=d:\warcraft iii 1.23a\war3.exe |
"UDP Query User{2A619A52-C11E-41F8-8CA0-2FE8C656EB6E}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{51C0EB86-4B93-455B-AE02-936E919437BD}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{56B0E9BA-9BBB-4EA1-A796-86155BCED236}C:\program files\iomega storage manager\iomegastoragemanager.exe" = protocol=17 | dir=in | app=c:\program files\iomega storage manager\iomegastoragemanager.exe |
"UDP Query User{64FBAF37-1C53-429E-A975-CE95C56874DD}F:\warcraft iii 1.24d\war3.exe" = protocol=17 | dir=in | app=f:\warcraft iii 1.24d\war3.exe |
"UDP Query User{9B617C1F-6D96-43B7-BD0B-46A547028ACD}D:\warcraft iii 1.20e\war3.exe" = protocol=17 | dir=in | app=d:\warcraft iii 1.20e\war3.exe |
"UDP Query User{A75489FE-1648-437F-9A23-185FECACACC4}C:\program files\garena\garena.exe" = protocol=17 | dir=in | app=c:\program files\garena\garena.exe |
"UDP Query User{AA00B431-B569-45B8-8C43-7E597C108DCA}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{B16A093E-7F34-427E-9F6E-39E786C639B6}C:\users\gomer\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\gomer\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{BA3FE89C-94ED-4B00-B874-EADEAB8D33E2}D:\warcraft iii 1.24c\war3.exe" = protocol=17 | dir=in | app=d:\warcraft iii 1.24c\war3.exe |
"UDP Query User{CA8FFED0-9F91-4692-96B9-814D27FA7FC1}D:\warcraft iii 1.24b\war3.exe" = protocol=17 | dir=in | app=d:\warcraft iii 1.24b\war3.exe |
"UDP Query User{CB760B73-8E10-4EB6-B974-D7EF20642649}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{D1BAF4DE-EF1A-4825-8E94-797654C62F50}D:\warcraft iii\war3.exe" = protocol=17 | dir=in | app=d:\warcraft iii\war3.exe |
"UDP Query User{E7B84AE5-69B9-4AB4-A301-7F9623F79085}D:\warcraft iii 1.24a\war3.exe" = protocol=17 | dir=in | app=d:\warcraft iii 1.24a\war3.exe |
"UDP Query User{EBF82AA4-14D7-40FF-9B23-D0D533B1ECEC}C:\program files\garena\garena.exe" = protocol=17 | dir=in | app=c:\program files\garena\garena.exe |
"UDP Query User{FA4FFBDB-29C1-4337-978C-0015377D3076}C:\program files\iomega storage manager\iomegastoragemanager.exe" = protocol=17 | dir=in | app=c:\program files\iomega storage manager\iomegastoragemanager.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{08D1EEC8-D5D2-41FD-9A15-6499231ADF5F}" = Lenovo Desktop Navigator
"{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}" = Uniblue RegistryBooster
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller Driver
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Lenovo EasyCamera
"{3A08B59E-A9F0-4F4D-B7E5-6875D7F13327}" = Brother MFL-Pro Suite DCP-585CW
"{3F5CFC1C-653B-4B22-9153-2BDDF2E03C0E}" = Seagate Manager Installer
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{450063AA-643B-417C-8CF5-405BA3F4EF40}" = Autodesk Design Review 2009
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5783F2D7-7001-0409-0002-0060B0CE6BBA}" = AutoCAD 2009 - English
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{6DEF11C0-35FF-4160-A543-FDD336C4DAE5}" = Microsoft SQL Server 2005 Express Edition (INSTANCENAME)
"{717E0AD5-91EB-459F-AB8B-1B5219BAF7CE}" = Lenovo System Repair - Windows Update Monitor
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78E9A751-5616-233F-1249-16AC5758C646}" = muvee Reveal Seagate Edition
"{7E6066E6-8B5B-4100-B0FA-1D9E9B663CBA}" = iTunes
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = MediaShow
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87725CEF-1BC6-47C5-B2CD-96DD6D392EE3}" = Dolby Control Center
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{90FF23FE-0E1B-40DF-A22E-B4C0372E5936}" = Iomega Product Registration
"{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}" = SMART BRO
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AF0B106-56F1-461B-A270-95BC1682E282}" = Broadcom Gigabit NetLink Controller
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}" = Energy Management
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{BE686891-3C56-4714-AFEF-341A7867BA80}" = REALTEK RTL8187 Wireless LAN Driver and Utility
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C6876FE6-A314-4628-B0D7-F3EE5E35C4B4}" = Windows Live Toolbar
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}" = Windows Resource Kit Tools - SubInAcl.exe
"{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1" = NOD32 FiX
"{E464702F-5433-46EC-8F65-159276C0A54F}" = Lenovo Bluetooth with Enhanced Data Rate Software 6.2.0.6300
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{EE0FE4A7-317D-4B65-B443-B022ACFCA0CA}" = Lenovo OneKey Theater
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FA20BCA6-229E-4BED-ABE7-D0D664415255}" = Lenovo Desktop Navigator Library Tool
"{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver
"7-Zip" = 7-Zip 4.65
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AutoCAD 2009 - English" = AutoCAD 2009 - English
"Autodesk Design Review 2009" = Autodesk Design Review 2009
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"Carbonite Setup Lite" = Carbonite Online Backup Setup
"CDAnywhere_Free" = CD Anywhere Free Edition
"Chikka Messenger V4" = Chikka Messenger V4
"Cisco Connect" = Cisco Connect
"DivX Setup.divx.com" = DivX Setup
"DPP" = Canon Utilities Digital Photo Professional 3.8
"EasyCapture3.5" = EasyCapture
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EOS Utility" = Canon Utilities EOS Utility
"Garena" = Garena 2010
"InstallShield_{08D1EEC8-D5D2-41FD-9A15-6499231ADF5F}" = Lenovo Desktop Navigator
"InstallShield_{3F5CFC1C-653B-4B22-9153-2BDDF2E03C0E}" = Seagate Manager Installer
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = MediaShow
"InstallShield_{EE0FE4A7-317D-4B65-B443-B022ACFCA0CA}" = Lenovo OneKey Theater
"InstallShield_{FA20BCA6-229E-4BED-ABE7-D0D664415255}" = Lenovo Desktop Navigator Library Tool
"Iomega Storage Manager" = Iomega Storage Manager
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
"NVIDIA Drivers" = NVIDIA Drivers
"Original Data Security Tools" = Canon Utilities Original Data Security Tools
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uniblue RegistryBooster" = Uniblue RegistryBooster
"Veetle TV" = Veetle TV 0.9.18
"VeriFace" = VeriFace
"VLC media player" = VideoLAN VLC media player 0.8.6f
"vShare" = vShare Plugin
"Warcraft III" = Warcraft III
"WFTK" = Canon Utilities WFT Utility
"WildTangent wildgames Master Uninstall" = WildGames
"Windows Live Toolbar" = Windows Live Toolbar
"WinRAR archiver" = WinRAR archiver
"Yahoo!7 Messenger" = Yahoo!7 Messenger
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/5/2011 9:28:18 AM | Computer Name = gomer-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/6/2011 12:30:18 AM | Computer Name = gomer-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/6/2011 9:27:17 AM | Computer Name = gomer-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/6/2011 10:18:14 AM | Computer Name = gomer-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 8/6/2011 10:18:14 AM | Computer Name = gomer-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 8/6/2011 10:24:39 AM | Computer Name = gomer-PC | Source = MsiInstaller | ID = 11935
Description =

Error - 8/6/2011 10:31:43 AM | Computer Name = gomer-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/6/2011 11:04:04 PM | Computer Name = gomer-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/7/2011 6:49:36 AM | Computer Name = gomer-PC | Source = WinMgmt | ID = 10
Description =

Error - 8/7/2011 6:58:22 AM | Computer Name = gomer-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 8/6/2011 11:02:56 PM | Computer Name = gomer-PC | Source = HTTP | ID = 15016
Description =

Error - 8/6/2011 11:04:04 PM | Computer Name = gomer-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/6/2011 11:28:18 PM | Computer Name = gomer-PC | Source = iaStor | ID = 262153
Description = The device, \Device\Ide\iaStor0, did not respond within the timeout
period.

Error - 8/7/2011 6:49:05 AM | Computer Name = gomer-PC | Source = HTTP | ID = 15016
Description =

Error - 8/7/2011 6:49:38 AM | Computer Name = gomer-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8/7/2011 6:50:28 AM | Computer Name = gomer-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume H:.

Error - 8/7/2011 6:54:47 AM | Computer Name = gomer-PC | Source = DCOM | ID = 10010
Description =

Error - 8/7/2011 6:57:48 AM | Computer Name = gomer-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 6:55:55 PM on 8/7/2011 was unexpected.

Error - 8/7/2011 6:57:50 AM | Computer Name = gomer-PC | Source = HTTP | ID = 15016
Description =

Error - 8/7/2011 6:58:24 AM | Computer Name = gomer-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >


Last edited by gomskii on 7th August 2011, 12:21 pm; edited 1 time in total (Reason for editing : wrong start)

descriptionRe: slow boot up and fluctuating internet download speed

more_horiz
aswMBR version 0.9.8.978 Copyright(c) 2011 AVAST Software
Run date: 2011-08-07 19:38:57
-----------------------------
19:38:57.342 OS Version: Windows 6.0.6001 Service Pack 1
19:38:57.342 Number of processors: 2 586 0x170A
19:38:57.342 ComputerName: GOMER-PC UserName: gomer
19:38:58.465 Initialize success
19:39:24.538 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:39:24.554 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
19:39:24.569 Disk 0 MBR read successfully
19:39:24.585 Disk 0 MBR scan
19:39:24.585 Disk 0 Windows VISTA default MBR code
19:39:24.601 Disk 0 scanning sectors +976769024
19:39:24.694 Disk 0 scanning C:\Windows\system32\drivers
19:39:30.061 Service scanning
19:39:31.636 Modules scanning
19:39:37.954 Disk 0 trace - called modules:
19:39:37.985 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll iaStor.sys
19:39:38.001 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8646c528]
19:39:38.001 3 CLASSPNP.SYS[8aba8745] -> nt!IofCallDriver -> [0x859199c0]
19:39:38.017 5 acpi.sys[8069c6a0] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x858cd028]
19:39:38.032 Scan finished successfully
19:47:58.324 Disk 0 MBR has been saved successfully to "C:\Users\gomer\Desktop\MBR.dat"
19:47:58.324 The log file has been saved successfully to "C:\Users\gomer\Desktop\aswMBR.txt"


descriptionRe: slow boot up and fluctuating internet download speed

more_horiz
I can not post OTL.txt and security text result...

descriptionRe: slow boot up and fluctuating internet download speed

more_horiz
Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*****************************************************************
I can not post OTL.txt and security text result....

Could you please explain why not?

Please read here for more information about WildTangent . Your choice if you want to remove it or not.

If you choose to follow my advice, please follow these instructions.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

WildTangent Web Driveror anything related to WildTangent.
************************************************************
I strongly recommend that you remove Ask from your computer because it;

•Promotes its toolbars on sites targeted to kids.

•Promotes its toolbars through ads that appear to be part of other companies' sites.

•Promotes its toolbars through other companies' spyware.

•Installs without any disclosure whatsoever and without any consent whatsoever.

•Solicits installations via "deceptive door openers" that do not accurately describe the offer; failing to affirmatively show a license agreement; linking to a EULA via an off-screen link.

•Makes confusing changes to users' browsers -- increasing Ask's revenues while taking users to pages they didn't intend to visit.

See Here for more info.

If you choose to follow my recommendation then please go to Start > Control Panel > Add/Remove Programs and remove the following programs if present.

AskBarDis or anything related to Ask

Then please find and delete this folder in bold (if present):
C:\Program Files\AskBarDis. or anything related to Ask.
*********************************************************
Registry cleaners are extremely powerful applications and their potential for harming your OS far outweighs any small potential for improving your computer's performance.
Uniblue RegistryBooster
There are a number of them available and some are more safe than others. Keep in mind that no two registry cleaners work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad" entry. One cleaner may find entries on your system that will not cause a problem when removed, another may not find the same entries, and still another may want to remove entries required for a program to work. Without research into what the registry entry selected for deletion is, a registry cleaner can end up being an automated method to cause problems with the registry.

For routine use by those not familiar with the registry, the benefits to your computer are negligible while the potential risks are great.

Further reading: XP Fixes Myth #1: Registry Cleaners
**************************************************
SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!


Download SuperAntispyware Free Edition (SAS)
* Double-click the icon on your desktop to run the installer.
* When asked to Update the program definitions, click Yes
* If you encounter any problems while downloading the updates, manually download and unzip them from here
* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
* Click the Scanning Control tab.
* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning
•Scan for tracking cookies
•Terminate memory threats before quarantining
Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer
* On the left check the box for the drive you are scanning.
* On the right choose Perform Complete Scan
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK
* Make sure everything in the white box has a check next to it, then click Next
* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:
•After reboot, double-click the SUPERAntiSpyware icon on your desktop.
•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).
•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
*Copy and Paste the log in your post.
********************************************
Please download Malwarebytes Anti-Malware from here.
Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
*********************************************
Download DDS from HERE or HERE and save it to your desktop.

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.
* Save both reports to your desktop.
* The instructions here ask you to attach the Attach.txt.



1) DDS.txt
2) Attach.txt
Instead of attaching, please copy/past both logs into your Thread

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copying and pasting it into the reply.

•Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control HERE .Then post your DDS logs. (DDS.txt and Attach.txt )

descriptionRe: slow boot up and fluctuating internet download speed

more_horiz
Hi dave,

This message appear if i copy the OTL.txt report

"New members are not allowed to post external links or emails for 7 days. Please contact the forum administrator for more information."

I have also tried to uninstall anything with related to ask.com but my avira webguard becomes inactive after.

descriptionRe: slow boot up and fluctuating internet download speed

more_horiz
Malwarebytes' Anti-Malware 1.51.1.1800
ww.malwarebytes.org

Database version: 7406

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.19088

8/8/2011 3:43:47 PM
mbam-log-2011-08-08 (15-43-46).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|)
Objects scanned: 342633
Time elapsed: 1 hour(s), 27 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
d:\torpe\Yuri\Ra2.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
f:\installer and application\autocad_2009\Crack\xf-acad9-32-bits.exe (RiskWare.Tool.HCK) -> Quarantined and deleted successfully.

descriptionRe: slow boot up and fluctuating internet download speed

more_horiz
This message appear if i copy the OTL.txt report

"New members are not allowed to post external links or emails for 7 days. Please contact the forum administrator for more information."

You should contact the administrator about this.

Can you post the SAS and DDS logs?

descriptionRe: slow boot up and fluctuating internet download speed

more_horiz
i also can not post SAS result. but here's the attached file

descriptionRe: slow boot up and fluctuating internet download speed

more_horiz
SAS log 2

descriptionRe: slow boot up and fluctuating internet download speed

more_horiz
otl.txt

descriptionRe: slow boot up and fluctuating internet download speed

more_horiz
I would like to see the DDS logs. There should be two of them.

descriptionRe: slow boot up and fluctuating internet download speed

more_horiz
does the file need to be extracted? when i try to run dds.cmd it will run but close after without any log appears. I had also try to run it with no internet connection and a/v disabled

descriptionRe: slow boot up and fluctuating internet download speed

more_horiz
gomskii wrote:
does the file need to be extracted? when i try to run dds.cmd it will run but close after without any log appears. I had also try to run it with no internet connection and a/v disabled

No,it's not a zipped file. Did you try right-click and run as administrator?

descriptionRe: slow boot up and fluctuating internet download speed

more_horiz
If i right click on the file, no "run as administrator" appear, if i try to open it it will run a as notepad with random characters.

descriptionRe: slow boot up and fluctuating internet download speed

more_horiz
Does all your other programs work by just double-clicking? Did you have this problem running SAS and MBAM?
Let's try this.


Download ComboFix by sUBs from one of the below links. Be sure to save it to the Desktop.

link # 1
Link # 2
If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

Close any open web browsers (Firefox, Internet Explorer, etc) before starting ComboFix.

Temporarily disable your anti-virus, and any anti-spyware real-time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

Right-click combofix.exe and select Run as Administrator and follow the prompts.
When finished, ComboFix will produce a log for you.
Post the ComboFix login your next reply.

NOTE: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.

Remember to re-enable your anti-virus and anti-spyware protection when ComboFix is complete.

descriptionRe: slow boot up and fluctuating internet download speed

more_horiz
Permissions in this forum:
You cannot reply to topics in this forum