Computer is acting very slowly

wind_chariot · 04-29-2009, 12:30 PM

My computer is acting very slowly from past 2-3 days. Everything is slow. It is taking longer time in opening folders, longer time in browser menus. It also looks like it is sticking sometimes.

My computer is just been recovered from a virus infection (yesterday). As advised, I did full system scans with SUPERAntiSpyware. I found 16 infected and threat objects. I quarantined all of them. After that, I did full system scan with Malwarebytes' anti-malware. It found 29 infected and threat objects. I quarantined all of them too. Still my computer is not acting like it should be.

I have log file of Malwarebytes' anti-malware. If needed, I can post it here.

Please check my previous thread for the problem I had encountered before and what I did to cure that problem. This problem is totally different from that the past one. If possible, connect me with the person who helped me last time as I guess he knows my system a little better than others.

I am posting DDS log and attaching attach.zip

DDS (Ver_09-03-16.01) - NTFSx86
Run by bhushan at 18:27:04.73 on Wed 04/29/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1033.18.2045.1110 [GMT 5.5:30]

AV: McAfee VirusScan Enterprise *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Novell\Client\XTier\Services\XTSvcMgr.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Dell Network Assistant\hnm_svc.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\STacSV.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\TUProgSt.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\nwtray.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe
C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe
C:\Program Files\Raxco\PerfectDisk10\PDAgentS1.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\taskeng.exe
C:\Users\bhushan\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uSearch Page =
uStart Page = hxxp://www.google.com/
uWindow Title = Internet Explorer provided by Dell
uSearch Bar =
mStart Page = hxxp://www.yahoo.com/?.home=ytie
mDefault_Page_URL = hxxp://www.yahoo.com/?.home=ytie
BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - c:\program files\orbitdownloader\orbitcth.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {0a87e45f-537a-40b4-b812-e2544c21a09f} - SpywareBlock Class
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan enterprise\Scriptcl.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - c:\program files\orbitdownloader\GrabPro.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: {8C550565-107B-4FEE-B2CC-9B6B12CE53F6} - No File
TB: {47D66F71-DAC2-439C-836D-18C055AF389C} - No File
TB: {F6387320-2466-42C3-9E7C-6A7BD7BD1F61} - No File
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
uRun: [AlcoholAutomount] "c:\program files\alcohol soft\alcohol 120\axcmd.exe" /automount
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [ShStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE
mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\UdaterUI.exe" /StartedFromRunKey
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [NWTRAY] NWTRAY.EXE
mRun: [SigmatelSysTrayApp] c:\program files\sigmatel\c-major audio\wdm\sttray.exe
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [VirtualCloneDrive] "c:\program files\elaborate bytes\virtualclonedrive\VCDDaemon.exe" /s
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{14fcfe7c-ab86-428a-9d2e-bfb6f5a7aa6e}\Icon3E5562ED7.ico
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &Download by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Do&wnload selected by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/202
IE: Download &Flash Movies - c:\program files\flash2x\flash hunter\save.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\ssv.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {5699BDDB-A771-4E54-ACBB-BE86921D7892} - {5699BDDB-A771-4E54-ACBB-BE86921D7892}
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
Trusted Zone: usagreetings.com\www
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
TCP: {2F43782C-203E-43C3-8D2A-C0295990D6FD} = 192.168.1.1,218.248.240.208
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
LSA: Authentication Packages = msv1_0 ncv1_0

================= FIREFOX ===================

FF - ProfilePath - c:\users\bhushan\appdata\roaming\mozilla\firefox\profiles\a47o6zyz.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?q=
FF - plugin: c:\program files\google\google earth plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.2.133.37\npGoogleOneClick7.dll
FF - plugin: c:\program files\google\update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\bhushan\appdata\local\google\update\1.2.141.5\npGoogleOneClick7.dll

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-4-23 64160]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-3-23 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-3-23 72944]
R2 NCFSD;Novell Client File System Redirector;c:\program files\novell\client\xtier\drivers\ncfsd.sys [2008-7-10 80400]
R2 NCIOCTL;Novell Xplat IoCtl Driver;c:\program files\novell\client\xtier\drivers\ncioctl.sys [2008-7-10 41488]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2007-8-16 179712]
R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-3-23 7408]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-3-24 55280]

=============== Created Last 30 ================

2009-04-29 17:56 <DIR> --dsh--- c:\windows\system32\%APPDATA%
2009-04-29 10:23 <DIR> --d----- c:\programdata\SUPERAntiSpyware.com
2009-04-29 10:23 <DIR> --d----- c:\progra~2\SUPERAntiSpyware.com
2009-04-29 10:22 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-04-29 10:12 <DIR> --d----- c:\program files\SpywareBlaster
2009-04-29 10:04 33,960 a------- c:\windows\system32\drivers\mfebopk.sys
2009-04-23 18:58 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-04-22 13:45 551,424 a------- c:\windows\system32\rpcss.dll
2009-04-22 13:45 3,599,328 a------- c:\windows\system32\ntkrnlpa.exe
2009-04-22 13:45 3,547,632 a------- c:\windows\system32\ntoskrnl.exe
2009-04-22 13:45 666,624 a------- c:\windows\system32\printfilterpipelinesvc.exe
2009-04-22 13:45 26,112 a------- c:\windows\system32\printfilterpipelineprxy.dll
2009-04-22 13:45 183,296 a------- c:\windows\system32\sdohlp.dll
2009-04-22 13:45 98,304 a------- c:\windows\system32\iasrecst.dll
2009-04-22 13:45 54,784 a------- c:\windows\system32\iasads.dll
2009-04-22 13:45 44,032 a------- c:\windows\system32\iasdatastore.dll
2009-04-22 13:45 17,408 a------- c:\windows\system32\iashost.exe
2009-04-22 13:44 1,255,936 a------- c:\windows\system32\lsasrv.dll
2009-04-22 13:44 72,704 a------- c:\windows\system32\secur32.dll
2009-04-22 13:44 24,064 a------- c:\windows\system32\amxread.dll
2009-04-22 13:44 13,824 a------- c:\windows\system32\apilogen.dll
2009-04-22 13:44 562,176 a------- c:\windows\system32\msdtcprx.dll
2009-04-22 13:44 38,912 a------- c:\windows\system32\xolehlp.dll
2009-04-22 13:44 376,832 a------- c:\windows\system32\winhttp.dll
2009-04-13 15:41 <DIR> --d----- c:\users\bhushan\appdata\roaming\Malwarebytes
2009-04-13 15:38 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-04-13 15:38 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-13 15:38 <DIR> --d----- c:\programdata\Malwarebytes(10)
2009-04-13 15:38 <DIR> --d----- c:\program files\Mbblah(6)
2009-04-13 15:38 <DIR> --d----- c:\progra~2\Malwarebytes(10)
2009-04-13 15:16 <DIR> --d----- c:\programdata\Malwarebytes
2009-04-13 15:16 <DIR> --d----- c:\program files\MBblah
2009-04-13 15:16 <DIR> --d----- c:\progra~2\Malwarebytes
2009-04-11 15:16 <DIR> --d----- c:\program files\Trend Micro
2009-04-10 21:43 4,224 a------- c:\windows\system32\dllcache\beep.sys
2009-04-10 21:43 <DIR> --d----- c:\windows\system32\dllcache
2009-04-10 21:43 16,384 a------- c:\windows\system32\tskill.exe
2009-04-10 21:43 <DIR> --d----- c:\program files\Remove-it
2009-04-10 20:54 150,080,685 a------- c:\windows\MEMORY.DMP
2009-04-10 20:53 <DIR> --d----- c:\users\bhushan\appdata\roaming\SUPERAntiSpyware.com
2009-04-10 20:53 <DIR> --d----- c:\program files\sas
2009-04-10 15:24 32,768 a------- c:\windows\VMZoom.exe
2009-04-10 15:24 24,576 a------- c:\windows\VMPipe.dll
2009-04-10 15:24 389,788 a------- c:\windows\system32\drivers\usbVM303.sys
2009-04-10 15:24 192,576 a------- c:\windows\system32\VM303Prp.Ax
2009-04-10 15:24 102,400 a------- c:\windows\VM303Cap.exe
2009-04-10 15:24 81,920 a------- c:\windows\system32\VM303Sti.dll
2009-04-10 15:24 61,440 a------- c:\windows\VM303_STI.exe
2009-04-10 15:24 53,248 a------- c:\windows\Sti303.exe
2009-04-10 15:24 <DIR> --d----- c:\windows\EffectResources
2009-04-10 15:24 <DIR> --d----- c:\windows\CatRoot
2009-04-10 15:24 <DIR> --d----- c:\program files\Vimicro
2009-04-09 20:12 15,688 a------- c:\windows\system32\lsdelete.exe
2009-04-09 18:37 <DIR> -cd-h--- c:\programdata\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-04-09 18:37 <DIR> -cd-h--- c:\progra~2\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-04-09 18:37 <DIR> --d----- c:\programdata\Lavasoft
2009-04-06 09:46 <DIR> --d----- c:\program files\VideoLAN
2009-04-01 22:59 <DIR> --d----- c:\programdata\Raxco
2009-04-01 22:57 <DIR> --d----- c:\program files\Raxco
2009-04-01 20:04 603,904 a------- c:\windows\system32\TUProgSt.exe
2009-04-01 20:04 27,904 a------- c:\windows\system32\uxtuneup.dll
2009-04-01 20:04 17,152 a------- c:\windows\system32\authuitu.dll
2009-04-01 20:04 360,192 a------- c:\windows\system32\TuneUpDefragService.exe
2009-04-01 20:03 <DIR> --d----- c:\users\bhushan\appdata\roaming\TuneUp Software
2009-04-01 20:03 <DIR> --d----- c:\program files\TuneUp Utilities 2009
2009-04-01 20:03 <DIR> --d----- c:\programdata\TuneUp Software
2009-04-01 20:03 <DIR> --d----- c:\progra~2\TuneUp Software
2009-04-01 20:02 <DIR> --dsh--- c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}
2009-04-01 20:02 <DIR> --dsh--- c:\progra~2\{55A29068-F2CE-456C-9148-C869879E2357}
2009-03-31 15:18 0 a------- c:\windows\PowerReg.dat
2009-03-31 15:17 <DIR> --d----- c:\program files\Infogrames Interactive
2009-03-31 15:13 <DIR> --d----- c:\program files\Elaborate Bytes

==================== Find3M ====================

2009-04-29 16:56 54,503 a------- c:\users\bhushan\appdata\roaming\nvModes.dat
2009-04-10 15:42 143,360 a------- c:\windows\inf\infstrng.dat
2009-04-10 15:42 86,016 a------- c:\windows\inf\infstor.dat
2009-04-10 15:42 51,200 a------- c:\windows\inf\infpub.dat
2009-04-06 21:10 22,328 a------- c:\users\bhushan\appdata\roaming\PnkBstrK.sys
2009-03-17 09:08 40,960 a------- c:\windows\apppatch\apihex86.dll
2009-03-15 17:24 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-03-12 21:00 142,504 a------- c:\windows\system32\ElbyVCD.dll
2009-03-09 05:19 410,984 a------- c:\windows\system32\deploytk.dll
2009-03-08 17:04 914,944 a------- c:\windows\system32\wininet.dll
2009-03-08 17:04 43,008 a------- c:\windows\system32\licmgr10.dll
2009-03-08 17:03 18,944 a------- c:\windows\system32\corpol.dll
2009-03-08 17:03 109,056 a------- c:\windows\system32\iesysprep.dll
2009-03-08 17:03 109,568 a------- c:\windows\system32\PDMSetup.exe
2009-03-08 17:03 132,608 a------- c:\windows\system32\ieUnatt.exe
2009-03-08 17:03 107,520 a------- c:\windows\system32\RegisterIEPKEYs.exe
2009-03-08 17:03 107,008 a------- c:\windows\system32\SetIEInstalledDate.exe
2009-03-08 17:03 103,936 a------- c:\windows\system32\SetDepNx.exe
2009-03-08 17:03 420,352 a------- c:\windows\system32\vbscript.dll
2009-03-08 17:02 72,704 a------- c:\windows\system32\admparse.dll
2009-03-08 17:02 71,680 a------- c:\windows\system32\iesetup.dll
2009-03-08 17:02 66,560 a------- c:\windows\system32\wextract.exe
2009-03-08 17:02 169,472 a------- c:\windows\system32\iexpress.exe
2009-03-08 17:01 34,816 a------- c:\windows\system32\imgutil.dll
2009-03-08 17:01 48,128 a------- c:\windows\system32\mshtmler.dll
2009-03-08 17:01 45,568 a------- c:\windows\system32\mshta.exe
2009-03-08 16:52 156,160 a------- c:\windows\system32\msls31.dll
2009-03-02 17:11 29,184 a------- c:\windows\system32\drivers\VClone.sys
2009-02-23 15:59 231,176 a------- c:\windows\system32\PDBoot.exe
2009-02-17 19:03 89,256 a------- c:\windows\system32\ElbyCDIO.dll
2009-02-09 08:40 2,033,152 a------- c:\windows\system32\win32k.sys
2009-02-06 19:03 307,576 a------- c:\windows\WLXPGSS.SCR
2009-02-06 18:52 49,504 a------- c:\windows\system32\sirenacm.dll
2008-12-04 04:14 174 a--sh--- c:\program files\desktop.ini
2008-12-04 03:57 665,600 a------- c:\windows\inf\drvindex.dat
2007-08-22 08:04 0 a------- c:\users\bhushan\appdata\roaming\wklnhst.dat
2006-11-02 18:09 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 18:09 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 18:09 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 18:09 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 14:50 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 14:50 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 14:50 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 14:50 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2007-08-31 04:06 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2007-08-31 04:06 32,768 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2007-08-31 04:06 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat

============= FINISH: 18:29:05.04 ===============

**chemist** · 04-30-2009, 07:48 PM

You posted this yesterday:

Quote:

My computer is acting very slowly from past 2-3 days.

3 days ago:

Quote:

My system is behaving normally.

2 days ago:

Quote:

Computer runs perfectly

Please explain the above.

Post the MBAM log in your next reply.

Also post the SAS log.

Launch SUPERAntispyware again.
Click Preferences, then click the Statistics/Logs tab.
Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
Please copy and paste the Scan Log results in your next reply.
Click Close to exit the program.

------------------------------------------------------

wind_chariot · 04-30-2009, 11:18 PM

I am sorry for the confusion. After removing that infection from java files lastly, i think i started to notice slow behaviour. I was not much concerned about it but after getting those results from those two antispywares, i thought the problem can be serious one. I had about 15 infections found from SAS. After that, i scanned with MBAM and I had another 29 infections.

Malwarebytes' Anti-Malware 1.36
Database version: 2057
Windows 6.0.6001 Service Pack 1

4/29/2009 5:03:41 PM
mbam-log-2009-04-29 (17-03-41).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 269338
Time elapsed: 4 hour(s), 28 minute(s), 22 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 22
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{f0d4b230-da4b-4daf-81e4-dfee4931a4aa} (Adware.AskSBAR) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f0d4b23a-da4b-4daf-81e4-dfee4931a4aa} (Adware.AskSBAR) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f0d4b23c-da4b-4daf-81e4-dfee4931a4aa} (Adware.AskSBAR) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b15fd82e-85bc-430d-90cb-65db1b030510} (Adware.AskSBAR) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f0d4b231-da4b-4daf-81e4-dfee4931a4aa} (Adware.AskSBAR) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f0d4b231-da4b-4daf-81e4-dfee4931a4aa} (Adware.AskSBAR) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f0d4b231-da4b-4daf-81e4-dfee4931a4aa} (Adware.AskSBAR) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa} (Adware.AskSBAR) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa} (Adware.AskSBAR) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f0d4b23b-da4b-4daf-81e4-dfee4931a4aa} (Adware.AskSBAR) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{f0d4b23b-da4b-4daf-81e4-dfee4931a4aa} (Adware.AskSBAR) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa} (Adware.AskSBAR) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa} (Adware.AskSBAR) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files\AskSBar\bar\1.bin\A2HIGHIN.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\AskSBar\bar\1.bin\A2PLUGIN.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (Adware.AskSBAR) -> Delete on reboot.
C:\Program Files\AskSBar\bar\1.bin\NPASKSBR.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\plugins\NPAskSBr.dll (Trojan.Agent) -> Delete on reboot.

SAS log file

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 04/29/2009 at 11:48 AM

Application Version : 4.26.1000

Core Rules Database Version : 3870
Trace Rules Database Version: 1818

Scan type : Complete Scan
Total Scan Time : 01:17:11

Memory items scanned : 691
Memory threats detected : 0
Registry items scanned : 9728
Registry threats detected : 8
File items scanned : 33920
File threats detected : 7

Adware.Tracking Cookie
C:\Users\bhushan\AppData\Roaming\Microsoft\Windows\Cookies\bhushan@microsoftwlmessengermkt.112.2o7[1].txt
C:\Users\bhushan\AppData\Roaming\Microsoft\Windows\Cookies\bhushan@richmedia.yahoo[1].txt
C:\Users\bhushan\AppData\Roaming\Microsoft\Windows\Cookies\bhushan@adinterax[1].txt
C:\Users\bhushan\AppData\Roaming\Microsoft\Windows\Cookies\bhushan@msnaccountservices.112.2o7[1].txt
C:\Users\bhushan\AppData\Roaming\Microsoft\Windows\Cookies\Low\bhushan@msnportal.112.2o7[1].txt
C:\Users\bhushan\AppData\Roaming\Microsoft\Windows\Cookies\Low\bhushan@msnservices.112.2o7[1].txt
C:\Users\bhushan\AppData\Roaming\Microsoft\Windows\Cookies\Low\bhushan@2o7[2].txt

Adware.MyWebSearch/FunWebProducts
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\FLAGS
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\ProxyStubClsid
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\ProxyStubClsid32
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\TypeLib
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\TypeLib#Version

**chemist** · 05-01-2009, 05:42 AM

All the detections by MBAM and SAS were adware items or cookies, nothing malicious.

Any other problems?

------------------------------------------------------

wind_chariot · 05-01-2009, 06:59 AM

Hello chemist,

There is no other problem. If you think those infections are not something serious, then i will not worry about them. I was worried because these almost 50 infections in total just showed up after we cleaned my computer that other day. And my computer was also acting slowly even after removing those objects.

Thank you again. I think I am good now.

have a good day.

**chemist** · 05-01-2009, 07:05 AM

You have a good day also, wind_chariot!

04-30-2009, 11:18 PM	#3 (permalink)
wind_chariot Registered User Join Date: Apr 2009 Posts: 48 OS: Windows Vista SP2	Re: Computer is acting very slowly I am sorry for the confusion. After removing that infection from java files lastly, i think i started to notice slow behaviour. I was not much concerned about it but after getting those results from those two antispywares, i thought the problem can be serious one. I had about 15 infections found from SAS. After that, i scanned with MBAM and I had another 29 infections. Malwarebytes' Anti-Malware 1.36 Database version: 2057 Windows 6.0.6001 Service Pack 1 4/29/2009 5:03:41 PM mbam-log-2009-04-29 (17-03-41).txt Scan type: Full Scan (C:\\|D:\\|) Objects scanned: 269338 Time elapsed: 4 hour(s), 28 minute(s), 22 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 22 Registry Values Infected: 2 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 5 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{f0d4b230-da4b-4daf-81e4-dfee4931a4aa} (Adware.AskSBAR) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{f0d4b23a-da4b-4daf-81e4-dfee4931a4aa} (Adware.AskSBAR) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{f0d4b23c-da4b-4daf-81e4-dfee4931a4aa} (Adware.AskSBAR) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{b15fd82e-85bc-430d-90cb-65db1b030510} (Adware.AskSBAR) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f0d4b231-da4b-4daf-81e4-dfee4931a4aa} (Adware.AskSBAR) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f0d4b231-da4b-4daf-81e4-dfee4931a4aa} (Adware.AskSBAR) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f0d4b231-da4b-4daf-81e4-dfee4931a4aa} (Adware.AskSBAR) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa} (Adware.AskSBAR) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa} (Adware.AskSBAR) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f0d4b23b-da4b-4daf-81e4-dfee4931a4aa} (Adware.AskSBAR) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{f0d4b23b-da4b-4daf-81e4-dfee4931a4aa} (Adware.AskSBAR) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa} (Adware.AskSBAR) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa} (Adware.AskSBAR) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Program Files\AskSBar\bar\1.bin\A2HIGHIN.EXE (Trojan.Agent) -> Quarantined and deleted successfully. C:\Program Files\AskSBar\bar\1.bin\A2PLUGIN.DLL (Adware.MyWebSearch) -> Delete on reboot. C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (Adware.AskSBAR) -> Delete on reboot. C:\Program Files\AskSBar\bar\1.bin\NPASKSBR.DLL (Trojan.Agent) -> Quarantined and deleted successfully. C:\Program Files\Mozilla Firefox\plugins\NPAskSBr.dll (Trojan.Agent) -> Delete on reboot. SAS log file SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 04/29/2009 at 11:48 AM Application Version : 4.26.1000 Core Rules Database Version : 3870 Trace Rules Database Version: 1818 Scan type : Complete Scan Total Scan Time : 01:17:11 Memory items scanned : 691 Memory threats detected : 0 Registry items scanned : 9728 Registry threats detected : 8 File items scanned : 33920 File threats detected : 7 Adware.Tracking Cookie C:\Users\bhushan\AppData\Roaming\Microsoft\Windows\Cookies\bhushan@microsoftwlmessengermkt.112.2o7[1].txt C:\Users\bhushan\AppData\Roaming\Microsoft\Windows\Cookies\bhushan@richmedia.yahoo[1].txt C:\Users\bhushan\AppData\Roaming\Microsoft\Windows\Cookies\bhushan@adinterax[1].txt C:\Users\bhushan\AppData\Roaming\Microsoft\Windows\Cookies\bhushan@msnaccountservices.112.2o7[1].txt C:\Users\bhushan\AppData\Roaming\Microsoft\Windows\Cookies\Low\bhushan@msnportal.112.2o7[1].txt C:\Users\bhushan\AppData\Roaming\Microsoft\Windows\Cookies\Low\bhushan@msnservices.112.2o7[1].txt C:\Users\bhushan\AppData\Roaming\Microsoft\Windows\Cookies\Low\bhushan@2o7[2].txt Adware.MyWebSearch/FunWebProducts HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E} HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0 HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\FLAGS HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\ProxyStubClsid HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\ProxyStubClsid32 HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\TypeLib HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\TypeLib#Version

05-01-2009, 05:42 AM	#4 (permalink)
chemist Moderator, Analyst, Security Team; Rangemaster, TSF Academy Join Date: Oct 2007 Location: Georgia Posts: 10,593 OS: XP SP3	Re: Computer is acting very slowly All the detections by MBAM and SAS were adware items or cookies, nothing malicious. Any other problems? ------------------------------------------------------ __________________ Our help is free but please donate Proud member of ASAP Proud member of UNITE

05-01-2009, 06:59 AM	#5 (permalink)
wind_chariot Registered User Join Date: Apr 2009 Posts: 48 OS: Windows Vista SP2	Re: Computer is acting very slowly Hello chemist, There is no other problem. If you think those infections are not something serious, then i will not worry about them. I was worried because these almost 50 infections in total just showed up after we cleaned my computer that other day. And my computer was also acting slowly even after removing those objects. Thank you again. I think I am good now. have a good day.

05-01-2009, 07:05 AM	#6 (permalink)
chemist Moderator, Analyst, Security Team; Rangemaster, TSF Academy Join Date: Oct 2007 Location: Georgia Posts: 10,593 OS: XP SP3	Re: Computer is acting very slowly You have a good day also, wind_chariot! __________________ Our help is free but please donate Proud member of ASAP Proud member of UNITE