Computer very slow after Malware removal steps completed

Followed all steps to the word...A lot of things have been fixed. However there are still problems like pop ups and my computer is very slow to connect to the internet.

 

Computer very slow after Malware removal steps completed...bdscan

this is my bdscan results

 

Hi smackd!
Welcome to Major Geeks!

Please run the following and post the results. After you finish ComboFix please rerun ShowNew, GetRunKeys and HijackThis (in that order) and post those three logs as well.


Run this utility:

Thanks!
abri

 

This is my combofix txt, newfiles txt, and runkeys txt

 

and this is HiJack log

 

Hi smackd!
Sorry I couldn't get back to you earlier. I was ill.
The logs from your scan show that your computer was badly infected, is better, but is still in danger of becoming reinfected. Please do the following and then I will ask you for fresh logs so I can catch up on where you are:

1) Please look in Add/Remove Programs for the following and uninstall them if found. If you get any errors just make a note and proceed.

2) If you do not use Windows Messenger (not to be confused with MSN Messenger!!) I would like you to run Disable/Remove Windows Messenger

3) Do you know what the following entry is for? If not, please add it to the list of items to be fixed with HijackThis in the next step.
O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} - http://download.sopcast.com/download/SOPCORE.CAB


4) Run HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

After clicking Fix, exit HJT.

5) If your computer is not in normal mode of msconfig, please go to Start/Run, type in msconfig and check normal startup mode. There are startup programs not showing up in the hijackthis log that are on your computer. I need to see them.

6) And now, please rescan your computer with ShowNew, GetRunKeys and analysethis.exe and post the following fresh logs:

- newfiles.txt
- runkeys.txt
- hijackthis.log

abri

 

Don't worry about it. Here are the logs you asked for. runkeys, newfiles and hijacklog

 

Hi smackd!

There are a couple of bad files left still, which I'll ask you to remove further down. It's important that we get your computer to the point that your restore points can be reset, otherwise we won't be able to keep your computer clean.

1) If you don't use either Nortons (Symantec) or McAfee, AND if whatever you had of these has been PROPERLY uninstalled, then I would like for you to a search of your computer for the word "Symantec" in the file and folder names (not in the body of the files, just in the titles) and remove any files and folders that are remaining. Please move them to a cd which can be thrown away later.

2) Is your BitDefender log from the online scan?

3) Now, please download The Avenger by Swandog46, and save it to your Desktop.

• Extract avenger.exe from the Zip file and save it to your desktop
• Run avenger.exe by double-clicking on it.
• Check the 'Input script manually' box.
• Click on the magnifying glass icon.
• Copy everything in the Quote box below, and paste it in the box that opens:

• Now click the 'Done' button.
• Click on the traffic light icon and OK the prompt.
• You will be prompted to restart, OK the prompt and your PC should reboot, if not, reboot it yourself.
• A log file from Avenger will be produced at C:\avenger.txt

4) Please download ATF Cleaner by Atribune. This program does not require an installation. The executable actually runs the program.

NOTE: This program is for Windows XP and Windows 2000 only. ATF Cleaner will remove all files from the items that are checked so if you have some cookies you'd like to save. Please move them to a different directory first.

• Double-click ATF-Cleaner.exe to run the program.
• Under Main choose: Select All
• Click the Empty Selected button.

If you use Firefox browser

• Click Firefox at the top and choose: Select All
• Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

• Click Opera at the top and choose: Select All
• Click the Empty Selected button.
  • NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main ATF Cleaner menu to close the program.

5) After you have completed the above in the correct order, please attach the following logs. If your logs come up clean, I will have you set a new restore point, remove our tools and give you some light reading on the do's & don't's of computers.

• Avenger Log
• ShowNew Log

abri

 

1) I deleted the remaining symantec files
2) Yes it was an online scan of BitDefender

 

Hi smackd!

Your logs look a lot better. Have any of the steps we've done improved the way your computer is working?

I would like for you to look in the two remaining folders and see if there's anything in them.

The Symantec you should be able to delete altogether and I think the Viewpoint folder is left over from Viewpoint Media Player which you uninstalled. If so, then that can be deleted as well.

It's extremely important that you install both antivirus and a two-way firewall. There are free versions of both of these that are excellent which we recommend and I will point you at a link in the box below (How to protect your computer from malware) where you can read about them and download and install them. They are light-weight, easy, and they work. Also, you seem to be missing a lot of your Windows updates. In a moment I will have you set a clean restore point and after that, you should install some antivirus and get your windows updates. You have a lot of infected restore points, so please don't miss the step of disabling and enabling your restore points.

Please do the following.:

Let me know how everything goes!
abri

 

Hi smackd!

I missed one thing in your HijackThis which still needs fixing, plus the following others which don't need to load at startup and will help your computer's performance. HijackThis should still be in your computer, even if you completed the finishing instructions in the previous post already. Please do the following:

Scan with HijackThis and check the boxes for the following entries:
( Make sure ALL browser windows are closed when you click FIX )

abri