Post malware removal, 30 minute startup, then computer works fine

You attached the wrong log. We need the C:\MGLogs.zip.

 

It is a very bad idea to allow all users to have Admin. privileges!! Make one account an Admin. and the others limited.

You have traces of McAfee still on your system as well as:
avast! Free Antivirus
EMBASSY Security Center
LiveUpdate 3.1 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)

You need to uninstall all but Avast.

Also, use add/remove programs to uninstall:
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 6
Java(TM) 6 Update 13

Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

After clicking Fix, exit HJT.

* Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
If it is not on your Desktop, the below will not work.
* Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
* If ComboFix tells you it needs to update to a new version, make sure you allow it to update.
* Open Notepad and copy/paste the text in the below code box into it (make sure you scroll all the way down in the code box to get all lines selected ):

Code:

KILLALL::

File::
c:\documents and settings\Reed Erickson\Application Data\37318.bat
C:\WINDOWS\Bguhamiyumihoy.dat
c:\windows\t32rvcr.dll

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Jfegevoy"=-

* Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
* At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
* You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
If it asks you to overide the previous file with the same name, click YES.
* Now use your mouse to drag CFscript.txt on top of ComboFix.exe

* Follow the prompts.
* When it finishes, a log will be produced named c:\combofix.txt
* I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.

Now download and install:
Java Runtime 6

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

* C:\ComboFix.txt
* C:\MGlogs.zip

Make sure you tell me how things are working now!

 

I am not sure why your system is lagging. It is not a malware issue, but we still need to cleanup a bunch of leftovers from McAfee.

Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

After clicking Fix, exit HJT.

* Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
If it is not on your Desktop, the below will not work.
* Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
* If ComboFix tells you it needs to update to a new version, make sure you allow it to update.
* Open Notepad and copy/paste the text in the below code box into it (make sure you scroll all the way down in the code box to get all lines selected ):

Code:

KILLALL::

Driver::
0167661286460343mcinstcleanup
mfefire
mfevtp
mfetdi2k
mfefirek

File::
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
c:\docume~1\REEDER~1\LOCALS~1\Temp\016766~1.EXE
c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe
c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe
c:\windows\system32\drivers\mfetdi2k.sys
c:\windows\system32\drivers\mfefirek.sys

Folder::
C:\Documents and Settings\Reed Erickson\Application Data\MCAFEE
C:\Documents and Settings\All Users\Application Data\MCAFEE
C:\Program Files\McAfee"
C:\Program Files\McAfee.com
C:\Program Files\Common Files\MCAFEE

Registry::
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]

[HKEY_LOCAL_MACHINE\system\controlset001\services\tcpip\parameters]
"DhcpNameServer"="192.168.1.1"

* Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
* At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
* You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
If it asks you to overide the previous file with the same name, click YES.
* Now use your mouse to drag CFscript.txt on top of ComboFix.exe

* Follow the prompts.
* When it finishes, a log will be produced named c:\combofix.txt
* I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

* C:\ComboFix.txt
* C:\MGlogs.zip

Make sure you tell me how things are working now!