Recently my computer has been running pretty slow (compared to before). Although i haven't had any error messages, this is pretty annoying. Apart from that, my internet usage reaches 1gb a day easily, when im not even downloading anything.
I have Avira premium 9 installed on my computer with the latest update, as well as threatfire, superantispyware and malwarebytes. I've tried all of these, but nothing seems to change.
I saw a post on this site about running rootrepeal, so i ran it and got the following results, apparently i have a rootkit on my F drive?
ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2010/02/14 23:07
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP2
==================================================
Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xA7CB1000 Size: 98304 File Visible: No Signed: -
Status: -
Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xBA5DA000 Size: 8192 File Visible: No Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xA762B000 Size: 49152 File Visible: No Signed: -
Status: -
Hidden/Locked Files
-------------------
Path: Volume F:\
Status: MBR Rootkit Detected!
Path: Volume F:\, Sector 1
Status: Sector mismatch
Path: F:\Anime
Status: Visible to the Windows API, but not on disk.
Path: F:\System Volume Information
Status: Visible to the Windows API, but not on disk.
Path: F:\Recycled
Status: Visible to the Windows API, but not on disk.
SSDT
-------------------
#: 041 Function Name: NtCreateKey
Status: Hooked by "TfSysMon.sys" at address 0xb9ebca1c
#: 053 Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0xba7bbb8c
#: 063 Function Name: NtDeleteKey
Status: Hooked by "TfSysMon.sys" at address 0xb9ebcc10
#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "TfSysMon.sys" at address 0xb9ebccb6
#: 098 Function Name: NtLoadKey
Status: Hooked by "<unknown>" at address 0xba7bbbaa
#: 119 Function Name: NtOpenKey
Status: Hooked by "TfSysMon.sys" at address 0xb9ebc90c
#: 122 Function Name: NtOpenProcess
Status: Hooked by "<unknown>" at address 0xba7bbb78
#: 128 Function Name: NtOpenThread
Status: Hooked by "<unknown>" at address 0xba7bbb7d
#: 193 Function Name: NtReplaceKey
Status: Hooked by "<unknown>" at address 0xba7bbbb4
#: 204 Function Name: NtRestoreKey
Status: Hooked by "<unknown>" at address 0xba7bbbaf
#: 247 Function Name: NtSetValueKey
Status: Hooked by "TfSysMon.sys" at address 0xb9ebce52
#: 257 Function Name: NtTerminateProcess
Status: Hooked by "TfSysMon.sys" at address 0xb9ebeb30
==EOF====EOF====EOF==
Anyway, what steps should i take now?
PS: Sorry if i posted it in the wrong section, I was getting so confused about which one to post it in (i did read the stickies), so i just put it here

Edited by Orange Blossom, 20 February 2010 - 03:40 PM.
Move to log forum. ~ OB