Cleaned My System, But It's Still Slow

Good Evening and thank you for your time!

My Windows operating system is XP SP2. AVG detected a few trojan horse downloaders a few days ago that I have since cleaned (I think) from my system. I have run all of the cleaners as instructed, yet my system still is running slow. I was hoping you could take a look at my logs to see if I have missed something.

Additional background information: I was only running XPs firewall prior to discovering the trojans. I have since installed ZoneAlarm. I have run the SmithFraud fix to remove a Zlob trojan. I have deleted all other downloaders that AVG quarantined.

The logs are attached as instructed. Thanks in advance for your help.

Laurie

 

Thanks so much, Tim. I found the source of my memory hog (documents waiting to be printing on an old lexmark printer queue). I had tried to delete the printer when I installed my new one, but it wouldn't let me. I disabled it but didn't realize that it was still trying to print!! Thanks to MajorGeeks I found the solution purely by accident in a different thread. I ran the process explorer program and it found the culprit immediately. Regardless, I still want to make sure I have all of the nasties off my system so I appreciate you looking at my logs. I did the following as recommended:

I deleted the Disney file. My daughter had downloaded a Disney game that she no longer plays.

I also deleted the files that you recommended and have attached a new HJT log.

I noticed that I had viewpoint on the HJT log and that I should have removed it in my initial cleaning. Is viewpoint associated with AOL instant messenger? If so, do I need to keep it if my teenagers use instant messenger?

Also, I searched for information about PrismXL.exe and see that it is possibly associated with Gateway remote access for assistance. I'm guessing I can delete that since I never used this service nor plan to, but would like your opinion.

One last file that I cannot seem to purge from is LEXBCES.exe. I no longer have the lexmark printer. Will HJT take care of purging this if I run a fix on it?

Please take your time responding as my system is running much much better.

Thanks again! You guys are the best.

Laurie

 

Re: Cleaned My System, But It's Still Slow( Here's the Log)

Sorry, I forgot to upload the log.

 

Tim,

I decided to run another HJT scan this morning and found

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

had returned. As you can see from my previous post I removed it after reading your response. Is there something else that I need to do after I delete it using HJT?

Thanks again,

Laurie

 

Tim,

I have attached a new mglog.zip. I have uninstalled and tried to delete the lexbces file multiple times, but cannot get rid of it. I tried through HJT again just now, but no luck.

The aboutblank shows up every time I reboot. System Restore is off.

Thanks for looking.

Laurie

 

Sorry for the delay in replying!

I ran the ATF cleaner and have attached a new MGlogs.zip.

I changed my homepage from about:blank to my schools website so that I could tell if it changed. The R0 line is showing still in the most recent HJT log, as well as the LEXBCES.exe Lexmark file--both after running the ATF cleaner.

Googling the LEXBCES tells me that it is a real booger to remove. I suppose I can live with it on there if I have to though.

By the way, should I still have my System Restore turned off?

Thanks again for your help.

Laurie

 

WooHoo!!!! It worked like a charm! I rebooted, ran another HJT log and it's gone.

Thank You!

Any final instructions?

Laurie

 

Tim,

Apparently when we ran the command prompt to remove the old Lexmark file, it affected my current printer! I just tried to print and got a message that I must first add a printer. I went to the Printer and Faxes section and there is no printer listed at all. I thought I would just go ahead and reinstall the printer, but when I try to Add Printer I get a message that the print spooler is not running and can go no further than that.

I suspected it had to somehow be related to the LEXBCES file that I removed so I googled it and found that that file makes the print spooler dependent (?) and basically disables any other printer. I'm not sure if this is something you can help me with or if I should post it in a different forum. Please feel free to move it.

Thanks in advance for your help/guidance!

Laurie

 

Gosh, Tim, you got back to me much quicker than I expected. Since I was in desperate mode I googled again and found these instructions specific to Lexmark.

http://members.shaw.ca/bsanders/CleanPrinterDrivers.htm#LexmarkDriver

I followed the command prompt entries and all is well. Thanks so much for helping--AGAIN!

Laurie