Internet access is very slow. It takes up to 3 minutes to get a page to load, and I have to hit 'Reload' 2-3 times before a site finally loads. When it does, Firefox still shows the site as loading. This problem appeared after one of three events. On the same day, I downloaded Babylon and FoxLingo. I have uninstalled both, and removed and remaining registry entries. I also received an email from my fan site on Ning (I am an author) requesting approval for a blog post. The link took me to my fan site, but there was no blog posted. I discovered it was the usual spam for male enhancement drugs, but perhaps it was hiding a more malicious virus. I cleaned up my Ning site and notified them. I have had the problem since. I ran AdAware and AVG, and only came up with minor cookies. I also ran SDFix, including catchme, and got 0 hits. I ran Malwarebytes, which only showed the SDFix files and 2 low-level threats. I also ran HiJackThis, but the log showed nothing that should not be present. All that leads me here. I have followed the procedure in the Prep Guide. FYI-I had to run GMER 3 times. It caused my system to freeze the first two times it finished scanning, which took over 10 hours. Outside of the Internet, my computer runs other software smoothly. I have a brand new ASUS MB, 500GBHD, AMD chip and 4GB DD2 memory-less than 3 months old. I'm also running ZoneAlarm.DDS (Ver_09-12-01.01) - NTFSx86 Run by Owner at 20:04:23.79 on Tue 03/16/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3327.1858 [GMT -7:00]AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}============== Running Processes ===============C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupC:\WINDOWS\system32\Ati2evxx.exesvchost.exeC:\Program Files\AVG\AVG9\avgchsvx.exeC:\Program Files\AVG\AVG9\avgrsx.exeC:\Program Files\AVG\AVG9\avgcsrvx.exesvchost.exeC:\WINDOWS\system32\ZoneLabs\vsmon.exeC:\WINDOWS\Explorer.EXEC:\Program Files\CheckPoint\ZAForceField\IswSvc.exeC:\Program Files\Lavasoft\Ad-Aware\AAWService.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\CheckPoint\ZAForceField\ForceField.exeC:\Program Files\Creative\Shared Files\CTAudSvc.exesvchost.exeC:\Program Files\AVG\AVG9\avgwdsvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\WINDOWS\system32\CTSvcCDA.EXEC:\Program Files\FileZilla Server\FileZilla server.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\Program Files\AVG\AVG9\avgnsx.exeC:\WINDOWS\system32\svchost.exe -k imgsvcC:\WINDOWS\system32\MsPMSPSv.exec:\WINDOWS\system32\ZuneBusEnum.exeC:\Program Files\AVG\AVG9\avgemc.exeC:\Program Files\Canon\CAL\CALMAIN.exeC:\Program Files\AVG\AVG9\avgcsrvx.exeC:\Program Files\ASUS\EPU-4 Engine\FourEngine.exeC:\Program Files\Logitech\iTouch\iTouch.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeC:\Program Files\Logitech\MouseWare\system\em_exec.exeC:\Program Files\Zune\ZuneLauncher.exeC:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exeC:\Program Files\HP\hpcoretech\hpcmpmgr.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\WordWeb\wweb32.exeC:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exeC:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXEC:\Program Files\Creative\SBAudigy2ZS\AudioHQ\AHQTBU.EXEC:\WINDOWS\system32\CTHELPER.EXEC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exeC:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exeC:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exeC:\Program Files\CursorXP\CursorXP.exeC:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exeC:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exeC:\Documents and Settings\Owner\Application Data\CBS Interactive\CNET TechTracker\TechTracker.exeC:\Program Files\Common Files\Nero\Lib\NMIndexingService.exeC:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exeC:\WINDOWS\system32\hpoipm07.exeC:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exeC:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exeC:\Program Files\Lavasoft\Ad-Aware\AAWTray.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\LaCie\Genie Backup Assistant\GBM8.exeC:\WINDOWS\system32\dllhost.exeC:\Documents and Settings\Owner\Desktop\dds.scr============== Pseudo HJT Report ===============uDefault_Search_URL = hxxp:// Settings,ProxyOverride = localhost;*.localuSearchAssistant = hxxp://,(Default) = hxxp:// AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dllBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: KeyScramblerBHO Class: {2b9f5787-88a5-4945-90e7-c4b18563bc5e} - c:\program files\keyscrambler\KeyScramblerIE.dllBHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dllBHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dllBHO: ZoneAlarm Toolbar Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dllBHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dllBHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dllBHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dllBHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllBHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dllTB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\IEToolbar.dllTB: ZoneAlarm Toolbar: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dllTB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dlluRun: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hiddenuRun: [LDM] c:\program files\logitech\desktop messenger\8876480\program\BackWeb-8876480.exeuRun: [CursorXP] c:\program files\cursorxp\CursorXP.exeuRun: [RemoteCenter] c:\program files\creative\mediasource\remotecontrol\RcMan.exemRun: [Six Engine] "c:\program files\asus\epu-4 engine\FourEngine.exe" -bmRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRunmRun: [zBrowser Launcher] c:\program files\logitech\itouch\iTouch.exemRun: [Logitech Utility] Logi_MwX.ExemRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"mRun: [ISW] "c:\program files\checkpoint\zaforcefield\ForceField.exe" /icon="hidden"mRun: [Zune Launcher] "c:\program files\zune\ZuneLauncher.exe"mRun: [SBDrvDet] c:\program files\creative\sb drive det\SBDrvDet.exe /rmRun: [UpdReg] c:\windows\UpdReg.EXEmRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [WordWeb] "c:\program files\wordweb\wweb32.exe" -startupmRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"mRun: [CTxfiHlp] CTXFIHLP.EXEmRun: [CTSysVol] c:\program files\creative\sbaudigy2zs\surround mixer\CTSysVol.exe /rmRun: [CTDVDDET] c:\program files\creative\sbaudigy2zs\dvdaudio\CTDVDDet.EXEmRun: [AudioHQU] c:\program files\creative\sbaudigy2zs\audiohq\AHQTBU.EXEmRun: [CTHelper] CTHELPER.EXEmRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottimemRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exemRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osbootStartupFolder: c:\docume~1\owner\startm~1\programs\startup\cnette~1.lnk - c:\documents and settings\owner\application data\cbs interactive\cnet techtracker\TechTracker.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpaiod~1.lnk - c:\program files\hewlett-packard\aio\hp officejet g series\bin\hpoavn07.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\desktop messenger\8876480\program\LDMConf.exeIE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.htmlIE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeIE: {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - {B745F984-EF2E-40D6-A9AC-D8CED7230E61} - c:\program files\keyscrambler\KeyScramblerIE.dllTrusted Zone:\freeDPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp:// {31435657-9980-0010-8000-00AA00389B71} - hxxp:// {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp:// {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp:// {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp:// {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp:// {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp:// cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dllNotify: AtiExtEvent - Ati2evxx.dllNotify: avgrsstarter - avgrsstx.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dllmASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"================= FIREFOX ===================FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\o77b6bqe.default\FF - prefs.js: - hxxp:// - prefs.js: - BingFF - prefs.js: browser.startup.homepage - hxxp://||| - prefs.js: keyword.URL - hxxp:// - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dllFF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\o77b6bqe.default\extensions\[email protected]\components\KeyScramblerIE.dllFF - component: c:\program files\avg\avg9\firefox\components\avgssff.dllFF - component: c:\program files\avg\avg9\toolbar\firefox\[email protected]\components\IGeared_tavgp_xputils2.dllFF - component: c:\program files\avg\avg9\toolbar\firefox\[email protected]\components\IGeared_tavgp_xputils3.dllFF - component: c:\program files\avg\avg9\toolbar\firefox\[email protected]\components\IGeared_tavgp_xputils35.dllFF - component: c:\program files\avg\avg9\toolbar\firefox\[email protected]\components\xpavgtbapi.dllFF - component: c:\program files\checkpoint\zaforcefield\trustchecker\components\TrustCheckerMozillaPlugin.dllFF - plugin: c:\documents and settings\owner\application data\move networks\plugins\npqmp071705000014.dllFF - plugin: c:\documents and settings\owner\application data\mozilla\firefox\profiles\o77b6bqe.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dllFF - plugin: c:\documents and settings\owner\local settings\application data\yahoo!\browserplus\2.5.1\plugins\npybrowserplus_2.5.1.dllFF - plugin: c:\program files\divx\divx plus web player\npdivx32.dllFF - plugin: c:\program files\google\picasa3\npPicasa3.dllFF - plugin: c:\program files\virtual earth 3d\npVE3D.dllFF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\\framework\v3.5\windows presentation foundation\dotnetassistantextension\FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}---- FIREFOX POLICIES ----c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("", 600);c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "");c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("", "mozff");c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/");c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/");c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "");c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "");c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);============= SERVICES / DRIVERS ===============R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-12-13 64288]R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-12-13 216200]R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-12-13 29512]R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-12-13 242696]R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2009-12-13 486280]R2 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-3-13 916760]R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-3-13 308064]R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2009-10-14 25208]R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2009-10-14 476528]R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-2-4 1229232]R2 PfDetNT;PfDetNT;c:\windows\system32\drivers\pfmodnt.sys [2009-6-23 15896]R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [2009-6-23 99352]R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [2009-6-23 555032]R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [2009-6-23 566296]R3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys [2009-12-14 115312]S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [2009-6-23 99352]S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2009-12-24 79360]S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [2009-6-23 555032]S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [2009-6-23 100888]S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [2009-6-23 100888]S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [2009-6-23 566296]=============== Created Last 30 ================2010-03-17 02:51:07 0 ----a-w- c:\documents and settings\owner\defogger_reenable2010-03-16 18:29:41 0 d-sha-r- C:\cmdcons2010-03-16 18:29:01 98816 ----a-w- c:\windows\sed.exe2010-03-16 18:29:01 77312 ----a-w- c:\windows\MBR.exe2010-03-16 18:29:01 261632 ----a-w- c:\windows\PEV.exe2010-03-16 18:29:01 161792 ----a-w- c:\windows\SWREG.exe2010-03-14 23:51:43 0 d-----w- c:\docume~1\owner\applic~1\Malwarebytes2010-03-14 23:51:36 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys2010-03-14 23:51:32 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes2010-03-14 23:51:31 19160 ----a-w- c:\windows\system32\drivers\mbam.sys2010-03-14 23:51:31 0 d-----w- c:\program files\Malwarebytes' Anti-Malware2010-03-14 21:20:25 0 d-----w- c:\windows\ERUNT2010-03-14 21:18:52 0 d-----w- C:\SDFix2010-03-13 17:41:54 12464 ----a-w- c:\windows\system32\avgrsstx.dll2010-03-11 23:04:34 0 d-----w- c:\program files\common files\xing shared2010-03-08 18:08:54 0 d--h--w- c:\program files\InstallJammer Registry2010-03-08 18:08:35 0 d-----w- c:\program files\UniversityofPhoenix2010-02-28 06:42:15 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys2010-02-28 06:40:28 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}2010-02-28 06:29:29 0 d-----w- c:\docume~1\owner\applic~1\CBS Interactive2010-02-27 17:51:39 0 d-----w- c:\program files\JRE2010-02-23 18:43:48 0 d-----w- c:\program files\Spoke Client==================== Find3M ====================2010-03-13 17:41:55 242696 ----a-w- c:\windows\system32\drivers\avgtdix.sys2010-03-13 17:41:32 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys2010-02-28 06:42:09 15880 ----a-w- c:\windows\system32\lsdelete.exe2010-02-14 01:39:41 549888 -c--a-w- c:\windows\TheMatrix.scr2010-02-04 15:53:02 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys2010-02-02 18:52:23 499712 ----a-w- c:\windows\system32\msvcp71.dll2010-02-02 18:52:23 348160 ----a-w- c:\windows\system32\msvcr71.dll2010-01-07 21:38:18 447216 ----a-w- c:\windows\system32\ZuneWlanCfgSvc.exe2010-01-07 21:38:10 58592 ----a-w- c:\windows\system32\ZuneBusEnum.exe2010-01-07 21:22:04 74240 ----a-w- c:\windows\system32\ZuneUsbTransport.dll2010-01-07 21:22:04 57344 ----a-w- c:\windows\system32\ZuneRegUtil.dll2010-01-07 21:22:04 310784 ----a-w- c:\windows\system32\ZuneNetProxy.dll2010-01-07 21:22:04 18944 ----a-w- c:\windows\system32\ZuneTcp2Udp.dll2010-01-07 21:22:04 147456 ----a-w- c:\windows\system32\ZuneMTPZ.dll2010-01-07 21:22:04 12800 ----a-w- c:\windows\system32\ZunePTDNS.dll2009-12-26 23:23:51 47104 ------w- c:\windows\AKDeInstall.exe2009-12-24 23:58:58 444952 ----a-w- c:\windows\system32\wrap_oal.dll2009-12-24 23:58:58 109080 ----a-w- c:\windows\system32\OpenAL32.dll2009-12-23 21:31:32 22700 ------w- c:\windows\fonts\SF Grandezza Medium Oblique.ttf2009-12-21 19:14:05 916480 ------w- c:\windows\system32\wininet.dll2009-12-18 00:14:00 411368 ----a-w- c:\windows\system32\deploytk.dll============= FINISH: 20:06:08.06 ===============

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen. Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.If you have already posted a log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.We need to see some information about what is happening in your machine. Please perform the following scan:Please download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will open, copy and paste them in a reply here:OTListIt.txt Will be openedExtra.txt Will be minimizedPlease download GMER from one of the following locations and save it to your desktop:Main MirrorThis version will download a randomly named file (Recommended)Zipped MirrorThis version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.Disconnect from the Internet and close all running programs.Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)If you receive a WARNING!!! about rootkit activity and are asked to fully scan your NO.Now click the Scan button. If you see a rootkit warning window, click OK.When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.Click the Copy button and paste the results into your next reply.Exit GMER and re-enable all active protection when done.-- If you encounter any problems, try running GMER in Safe Mode.-------------------------------------------------------------In the meantime please, do NOT install any new programs or update anything unless told to do so while we are fixing your problemIf you still need help, please include the following in your next replyA detailed description of your problemsA new OTL log (don't forget extra.txt)GMER logThanks and again sorry for the delay.

I've had a cable tech out here: modems fine, fast speed to computer etc. Tech hooked up his laptop to my modem and the pages were smokin!
I ran system mechanic(optimize connection and internet speeds) and winsock fix and the problem remains. The pages will download fast to begin with but within 5 minutes I'm back to 10-12 seconds to download a page. Looking for suggestions. My cache is cleaned daily, regular defrags, registry fix etc. I run zone alarm but the problem remains running or not, IE or Mozilla; doesn't matter. Thanks

Answer:pages load slowly

I finally went to Intel's driver website and downloaded an updated ethernet driver and it seems to be working well.

1 more replies
Relevance 73.8%

my download times are also ridiculous...i have windows xp SP 2

Answer:pages load much too slowly

more info plz......when did this start.what protections do you have ?has it always been like this? how do you connect to the internet?? dail up dsl cable?

11 more replies
Relevance 73.8%

Hi. About a week or so ago, web pages started loading very when I am on the internet. For example, takes about 20 to 30 seconds to load fully after the browser has indicated it has found the page. I have not installed any new software recently.I checked my DSL speed on CNET and one other location, and it is fine (close to 3Mbps). I have enabled all hidden files and then run all of the following (in safe and normal mode) without finding any viruses or other malware: Microsoft Malicious Software Removal Tool, Stinger.exe, Damage Cleanup engine from Trend Micro, from Trend Micro, Norton Antivirus, A2 Personal, Ad Aware SE Personal Edition, SpyBot Search and Destroy, CWShredder, and Microsoft Anti Spyware. I also downloaded the Firefox browser and Netscape browser, but they both performed the same way as IE 6. I sure hope one of you can help me. Here is a copy of the Hijack This log I generated today. Any advice would be GREATLY APPRECIATED!Logfile of HijackThis v1.99.1Scan saved at 12:09:18 PM, on 7/31/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program ... Read more

Answer:Help Please. All Web Pages Load very Slowly

Hello jparker59 and welcome to the BC malware forum. I don't see any issues in the log related to viruses or malware. There is an item with a missing entry so let's remove that first.Start HijackThis and click the Scan button to perform a scan. Look for the following items and click in the checkbox in front of each item to select it:R3 - Default URLSearchHook is missingNow close ALL open windows except HijackThis and click the Fix Checked button to finish the repair.Ok. Here's a couple of things for you to try.Download CleanUp! and install it. Start CleanUp! and do the following:Click the Options button.Make sure only the following are checked:Empty Recycle BinsDelete CookiesDelete Prefetch files (XP only)Scan local drives for temporary filesCleanup! All UsersClick the Ok button to close the Opetions dialog.Click the CleanUp! button to run the cleanup. It may take a while depending on the size of the hard drive so be patient.When it has finished, close CleanUp!.If that doesn't help then try completely uninstall all of the Symantec/Norton products. Sometimes it gets a process or service stuck and it plays havoc with the processing. After it is completely uninstalled, reboot and then install it fresh. Don't forget to update the definistions again.Cheers.OT

10 more replies
Relevance 73.8%

Since yesterday internet Explorer 6 takes two to two and a half minutes to load URLs which I have typed in.  What I find puzzling is that sites listed in 'Favourites' come up quickly.  For example if I type I would get this c.2 min delay but as it's in my Favourites list it comes up in a few seconds which doesn't seem logical to me.  I have XP with 512 Kb RAM, AMD Athlon 2.2 GHz chip and ISP is provided by cable.   Any suggestions what I can do please ?   

Answer:Web pages load slowly

First thing I'd do is update your version of Windows by visiting Windows Update and downloading the high-priority updates for your computer.  If you're running IE 6, then you're definitely behind the times.  Keeping your system up-to-date is a regular part of routine maintenance.The next thing I'd do is to run Disk Clean Up and a Defrag.Lastly...I'd make sure my malware protection is up-to-date and run fullsystem scans in Safe Mode.  When them again normally.You can also select which programs you want to run at Startup by running msconfig in the RUN command line.

5 more replies
Relevance 73.8%

Hello everyone!
I'm a Vienamese student.My family bought a new PC two months ago.It has a giga G31m main and an E4600 core 2 duo 2.4 ghz chip.It worked well until recently I install windows vista x86 again.At first,It took me about 15 seconds to start working.But after I installed Mz vista force and Netspeeder,It begined taking me over 1 min to load window although I have restored window to the time before(the long green button runs for 25 times!)I'm very tired of waiting for vista loads as well as ireinstall it.Can any one give me some advice? thanks.

Answer:window load too slowly.

Hi daretofail, and welcome to the vista forums,

when you say you restored vista to the time before was this by un-installing the software?

it may be that the software has left a some component set to run at stertup which is causing the delay.

you may want to check your start-up entries

Startup Programs - Enable or Disable

24 more replies