my internet lags

Solved
  1. drkyello

    drkyello Member Bronze Member

    Joined:
    Nov 20, 2005
    Posts:
    74
    Likes Received:
    0
    Local time:
    14:56
    My System
    Loading...

    when i start up my internet, it take a few seconds, sometimes several for me to be able to even click onto a link even though the links show up on the screen. at the same time, i cannot scroll or type either until a few seconds. it just seems to take a while to load up.

    Attached Files:

  2. Hengis

    Hengis Proud PCHF'er since 2004 Tech Member Elite Member

    Joined:
    Jan 1, 2004
    Posts:
    41,336
    Likes Received:
    5,628
    Location:
    Southern UK
    Local time:
    22:56
    My System
    Loading...

    Welcome back.

    Moved to the Malware Removal forum - can you also post the OTL Extra's file, if you got one.
    Crush likes this.
  3. drkyello

    drkyello Member Bronze Member

    Joined:
    Nov 20, 2005
    Posts:
    74
    Likes Received:
    0
    Local time:
    14:56
    My System
    Loading...

    how do i create the extra file? might just have to re run, is there something that i need to check off in otl for that file?
  4. Crush

    Crush Tech Member Tech Member Elite Member mvp

    Joined:
    Sep 28, 2008
    Posts:
    42,177
    Likes Received:
    4,381
    Location:
    New Jersey
    Local time:
    17:56
    My System
    Loading...

    Just follow the instructions from the Prework thread to generate it
  5. drkyello

    drkyello Member Bronze Member

    Joined:
    Nov 20, 2005
    Posts:
    74
    Likes Received:
    0
    Local time:
    14:56
    My System
    Loading...

    here you go

    Attached Files:

  6. Crush

    Crush Tech Member Tech Member Elite Member mvp

    Joined:
    Sep 28, 2008
    Posts:
    42,177
    Likes Received:
    4,381
    Location:
    New Jersey
    Local time:
    17:56
    My System
    Loading...

    There are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

    Please note that as long as you are using any form of P2P networking to download files you can anticipate infestations of malware to occur.

    P2P file sharing used to be fairly safe. This is no longer true; continue to use P2P sharing at your own risk!

    Keep in mind that this practice may be the source of your current malware infestation.

    References... citing the risk factors, of using P2P programs:

    Malware: Help prevent the Infection
    Perils of P2P File Sharing
    How to Prevent the Online Invasion of Spyware and Adware

    I strongly recommend that you uninstall:

    µTorrent

    You can do so using the Control Panel >> Add or Remove Programs function. However, that choice is up to you.

    As long as you have the P2P program(s) installed, per PCHF Policy, We can offer you no further assistance.

    If you choose to remove these programs, when finished: Please generate a new set of OTL logs and we'll go from there.
  7. drkyello

    drkyello Member Bronze Member

    Joined:
    Nov 20, 2005
    Posts:
    74
    Likes Received:
    0
    Local time:
    14:56
    My System
    Loading...

    i erased the program, was not aware of thoes issues regrading thoese type of programs. re did the otl here are the files

    Attached Files:

  8. Crush

    Crush Tech Member Tech Member Elite Member mvp

    Joined:
    Sep 28, 2008
    Posts:
    42,177
    Likes Received:
    4,381
    Location:
    New Jersey
    Local time:
    17:56
    My System
    Loading...

    [​IMG] Please download Malwarebytes Anti-Malware from Malwarebytes.org.
    Alternate link: Download Mirror

    (Note: if you already have the program installed, just follow the directions. No need to re-download or re-install!)

    Double Click mbam-setup.exe to install the application.

    (Note: if you already have the program installed, open Malwarebytes from the Start Menu or Desktop shortcut, click the Update tab, and click Check for Updates, before doing the scan as instructed below!)


    • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Full Scan", then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If you are prompted to restart, please allow it to restart your computer. Failure to do this, will cause the infection to still be active on the computer.
    • Please save the log to a location you will remember.
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • The log can also be found at C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
    • Copy and paste the entire report in your next reply.

    If Malwarebytes fails to download please use the following link:

    http://malwarebytes.org/mbam-download-exe-random.php
  9. drkyello

    drkyello Member Bronze Member

    Joined:
    Nov 20, 2005
    Posts:
    74
    Likes Received:
    0
    Local time:
    14:56
    My System
    Loading...

    here is the log

    Attached Files:

  10. Crush

    Crush Tech Member Tech Member Elite Member mvp

    Joined:
    Sep 28, 2008
    Posts:
    42,177
    Likes Received:
    4,381
    Location:
    New Jersey
    Local time:
    17:56
    My System
    Loading...

    Thank you. I will be able to look this over when I return from work tonight
  11. drkyello

    drkyello Member Bronze Member

    Joined:
    Nov 20, 2005
    Posts:
    74
    Likes Received:
    0
    Local time:
    14:56
    My System
    Loading...

    anything more that i need to do?
  12. Crush

    Crush Tech Member Tech Member Elite Member mvp

    Joined:
    Sep 28, 2008
    Posts:
    42,177
    Likes Received:
    4,381
    Location:
    New Jersey
    Local time:
    17:56
    My System
    Loading...

    Hi,


    Download Combofix from any of the links below, and save it to your desktop.

    Link 1
    Link 2
    Link 3

    When saving ComboFix rename it to PCHelpForum.exe to prevent it from being blocked by malware.


    Refer to this image:

    To prevent your anti-virus application interfering with ComboFix we need to disable it. See here for a tutorial regarding how to do so if you are unsure.
    • Close any open windows and double click PCHelpForum.exe to run it.

      You will see the following image:
    [​IMG]

    Click I Agree to start the program.

    ComboFix will then extract the necessary files and you will see this:

    [​IMG]

    As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

    It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

    If you did not have it installed, you will see the prompt below. Choose YES.

    [​IMG]

    Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    [​IMG]

    Click on Yes, to continue scanning for malware.

    When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

    Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

    Note: Please Do NOT mouseclick combofix's window while its running because it may call it to stall.
  13. drkyello

    drkyello Member Bronze Member

    Joined:
    Nov 20, 2005
    Posts:
    74
    Likes Received:
    0
    Local time:
    14:56
    My System
    Loading...

    here is the log file

    ComboFix 11-08-05.03 - user 08/05/2011 19:50:36.1.2 - x86
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2039.1146 [GMT -7:00]
    Running from: c:\users\user\Desktop\pchelpforum.exe
    AV: AVG Internet Security *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Internet Security *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Created a new restore point
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\install.exe
    c:\windows\system32\drivers\etc\hosts1
    c:\windows\system32\regw2.exe
    F:\Autorun.inf
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    -------\Service_FLEXnet Licensing Manager
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-07-06 to 2011-08-06 )))))))))))))))))))))))))))))))
    .
    .
    2011-08-05 22:30 . 2011-08-05 22:30 -------- d-----w- c:\users\user\AppData\Local\ind5
    2011-08-05 19:43 . 2011-08-05 19:43 -------- d-----w- c:\users\user\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
    2011-08-05 19:42 . 2011-08-05 19:43 -------- d-----w- c:\program files\Adobe Download Assistant
    2011-07-30 01:25 . 2011-07-30 01:25 53248 ----a-r- c:\users\user\AppData\Roaming\Microsoft\Installer\{12BAA98C-F8DD-4BC9-BBE6-1C8463114197}\ARPPRODUCTICON.exe
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-08-06 02:36 . 2011-04-16 20:10 20 ----a-w- c:\windows\system32\setup.bat
    2011-08-06 02:36 . 2011-04-16 20:10 1652 ----a-w- c:\windows\system32\setup.reg
    2011-07-07 02:52 . 2011-04-13 17:38 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-07-07 02:52 . 2011-04-13 17:38 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-06-26 03:33 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
    2011-06-06 19:55 . 2011-06-06 19:55 47512 ----a-w- c:\windows\system32\AdobePDF.dll
    2011-06-06 19:55 . 2011-06-06 19:55 22936 ----a-w- c:\windows\system32\AdobePDFUI.dll
    2011-05-24 10:44 . 2011-06-29 14:57 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
    "ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2010-11-15 222496]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-02-22 1183744]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
    "RemoteControl10"="c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336]
    "BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2010-03-13 75048]
    "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
    "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2011-03-14 2071904]
    "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
    "Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2011-06-06 36760]
    "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2011-06-06 2903448]
    "DNS7reminder"="c:\program files\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" [2007-04-16 259624]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-24 141848]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-24 173592]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-24 150552]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
    "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-07-07 1047656]
    "RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-30 421888]
    "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-07 449584]
    "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-09-16 497648]
    "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
    "AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-09 136176]
    R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-09 136176]
    R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-07-07 41272]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
    R3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
    R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
    R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
    R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-16 1343400]
    R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
    S0 AvgRkx86;avgrkx86.sys;c:\windows\System32\Drivers\avgrkx86.sys [2010-10-20 52872]
    S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-10-20 216400]
    S1 AvgTdiX;AVG Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2011-05-05 243152]
    S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/10/16 09:59];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 19:58 87536]
    S2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-10-20 308136]
    S2 DragonSvc:Dragon Service;c:\program files\Common Files\Nuance\dgnsvc.exe [2010-07-23 296808]
    S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-07 366640]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-07-07 22712]
    S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
    .
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2011-08-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-09 23:54]
    .
    2011-08-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-09 23:54]
    .
    2011-08-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2643329240-1979650596-1532161776-1000Core.job
    - c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-20 16:59]
    .
    2011-08-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2643329240-1979650596-1532161776-1000UA.job
    - c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-20 16:59]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://my.yahoo.com/
    IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html
    TCP: DhcpNameServer = 192.168.1.254
    .
    - - - - ORPHANS REMOVED - - - -
    .
    URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
    WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
    WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
    HKCU-Run-AdobeBridge - (no file)
    .
    .
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
    "ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
    @Denied: (2) (LocalSystem)
    "{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,
    27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
    "{47833539-D0C5-4125-9FA8-0819E2EAAC93}"=hex:51,66,7a,6c,4c,1d,38,12,57,36,90,
    43,f7,9e,4b,04,e0,be,4b,59,e7,b4,e8,87
    "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
    1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
    "{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,
    38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4
    "{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
    76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
    "{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,
    ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
    "{AE7CD045-E861-484F-8273-0445EE161910}"=hex:51,66,7a,6c,4c,1d,38,12,2b,d3,6f,
    aa,53,a6,21,0d,fd,65,47,05,eb,48,5d,04
    "{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}"=hex:51,66,7a,6c,4c,1d,38,12,2d,dd,7a,
    ab,6a,33,56,03,c9,ec,8d,26,b0,f3,64,49
    "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
    df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
    "{F4971EE7-DAA0-4053-9964-665D8EE6A077}"=hex:51,66,7a,6c,4c,1d,38,12,89,1d,84,
    f0,92,94,3d,05,e6,72,25,1d,8b,b8,e4,63
    "{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
    2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
    "{32004B8A-44A9-43E7-84E9-808838809519}"=hex:51,66,7a,6c,4c,1d,38,12,e4,48,13,
    36,9b,0a,89,06,fb,ff,c3,c8,3d,de,d1,0d
    "{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
    fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
    "{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
    b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
    @Denied: (2) (LocalSystem)
    "Timestamp"=hex:b6,5d,fb,08,02,10,cc,01
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    "MSCurrentCountry"=dword:000000b5
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    .
    - - - - - - - > 'Explorer.exe'(2744)
    c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\windows\system32\AEADISRV.EXE
    c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
    c:\windows\system32\taskhost.exe
    c:\program files\AVG\AVG9\avgam.exe
    c:\program files\AVG\AVG9\avgnsx.exe
    c:\program files\AVG\AVG9\avgchsvx.exe
    c:\program files\AVG\AVG9\avgrsx.exe
    c:\program files\AVG\AVG9\avgcsrvx.exe
    c:\windows\system32\conhost.exe
    c:\program files\Windows Media Player\wmpnetwk.exe
    c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
    c:\windows\system32\taskhost.exe
    .
    **************************************************************************
    .
    Completion time: 2011-08-05 20:07:36 - machine was rebooted
    ComboFix-quarantined-files.txt 2011-08-06 03:07
    .
    Pre-Run: 98,534,379,520 bytes free
    Post-Run: 100,724,408,320 bytes free
    .
    - - End Of File - - 266055177021EAF7BB72072744568757
  14. Crush

    Crush Tech Member Tech Member Elite Member mvp

    Joined:
    Sep 28, 2008
    Posts:
    42,177
    Likes Received:
    4,381
    Location:
    New Jersey
    Local time:
    17:56
    My System
    Loading...

    How are things running?
  15. drkyello

    drkyello Member Bronze Member

    Joined:
    Nov 20, 2005
    Posts:
    74
    Likes Received:
    0
    Local time:
    14:56
    My System
    Loading...

    better, is it just the malware doing this? what should i do to prevent?

    should i keep malwareytes running?
    i know now it the p2p, ill stop running that too.

    thanks
Similar Threads
Forum Title Date
System Security Decreased Speed in my laptops connection to the internet. Saturday at 16:58
System Security Scan RootKit option in Avast Internet Security + Malwarebytes Anti-Malware Premium Apr 10, 2014
System Security Help something is draining my internet data Mar 6, 2014
System Security Good Anti-virus/internet security Feb 24, 2014