Help needed please

Hi all. My son came home from college and brought his pc with him. It was infected with all kinds of viruses & spyware. I have followed the instructions in the "Read & Run Me First" post. AdAware and Spybot S&D found an unbelievable amount of bad stuff. I ended up purchasing the Spyware Sweeper, and it found many other things that the first two didn't.

When the computer misbehaves (and it's behaving much better now), the whole pc freezes up. It will work for about 3 or 4 seconds, then freezes up for 10. That process just keeps repeating itself. <sigh>

I am attaching a few files:

system info
Panda activescan log
Bitfender log (txt file)
HJT log file

If there is anything else you see that needs fixing by HJT, would you please let me know. Thanks in advance...I really appreciate it!

diane

 

Convert the BitDefender log to a text file using this procedure Saving BitDefender Log as Text File.

 

So sorry...I thought I did that correctly...

Here is a new BitDefender report.

I need to mention that I ran the Panda activescan yesterday and today I purchased and ran Spy Sweeper...so some of the info on the activescan might have been removed by Spy Sweeper. However, the info on the HJT log is the last thing that was done on the machine.

Thanks again!

 

Scan with HijackThis and fix the following:

Download
- Pocket Killbox
- ExplorerXP

Now run Pocket Killbox:

Choose Tools -> Delete Temp Files and click the RED X.

Run Killbox.exe. Paste the below filenames into KILL BOX one at a time. Check mark the box that says "Delete on Reboot" and checkmark the box "Unregister DLL" (If available) Click the RED X and it will ask you to confirm the file for deletion…say YES and when the next box opens prompting you to reboot now...click NO...and proceed with the next file. Once you get to the last one click YES and it will reboot. Note many of the file list below may not exist but we need to check for them anyway.

If Killbox does not reboot or you get a Pending Operations type error message just reboot your PC yourself.

Now boot into SAFE MODE

Open ExplorerXP navigate to and DELETE the following: (Some of these may have already been deleted by Pocket Killbox)

Now run CCleaner. If you have Windows XP delete the contents of C:\WINDOWS\Prefetch.

Then, as an added precaution, Go to Start -> Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

REBOOT to Normal Mode.

Post a fresh HijackThis log.

Tell us how your computer is running?

 

First, I can't thank you enough for all your help. I really appreciate it. Attached is a current hjt log.

The computer is running much better than it was yesterday. But every once in a while it will still freeze up...for 8-10 seconds. Then it unfreezes for 3 or 4 seconds. Then it repeats. I'm baffled. It's not just the mouse freezing. If it's downloading something, the downloading stops and starts, too. Then all of a sudden it works fine.

Let me know if you see anything else I need to take care of, or if you have any other advice. Thanks again!

diane

 

Scan with HijackThis and fix the following:

Run CCleaner before doing the below.

Download WinPFind

Extract it to the root folder of drive C ( C:\ ). This will create a folder called WinPFind in the C:\ folder. Inside C:\WinPFind is a file called WinPFind.exe. Double-click on this file to launch the program. Once it is launched, click on the Start Scan button and wait for it to finish. This program will scan large amounts of files on your computer for known patterns so please be patient while it works as it can take a while, upwards to 30 minutes or more.

When it is done, it will show the results of the scan. Click on the Copy to Clipboard button and then paste the contents of the log in your clipboard. Then save it to a file using notepad and upload the text file here as an attachment.

 

Thanks Shadow. I fixed the one item in HJT, as you requested. Attached is the txt file from the WinPFind scan. It didn't take very long to complete the scan.

Thanks for your quick responses!

 

Open Windows Explorer, navigate to and delete the following files:

Disable Spy Sweeper.

Follow the directions for Running Hoster.

REBOOT

If you have the Full Retail Version of Spy Sweeper installed update the definitions and run Spy Sweeper.

Post the Spy Sweeper log and a fresh HijackThis log when finished.

 

Good morning! And thanks again for your assistance!

I deleted the items as you specified (do I remove them from recycle bin?)

Ran Running Hoster, as directed. Attached are a Spy Sweeper log and new HJT log.

diane

 

Me again...sorry for 2 posts. I just wanted to update you on how the pc is acting. Still freezing up from time to time. After I made the changes this morning that you suggested it behaved normally almost all day long. I though perhaps we had finally gotten it fixed.

Then I came in tonight and it had shutdown & re-started. I have noticed over the past couple days that it sometimes does that...but thought someone was re-starting it. Also, when it does the freezing/unfreezing thing, it almost always behaves normally if I shutdown & restart it...at least for a while.

Just wanted to throw some more info into the mix...

 

OK...sorry yet again, for this 3rd post. I was just sitting by the pc when I saw the "blue screen of death". It was only up long enough for me to read "There was a problem..." and then it disappeared and the computer re-booted. Is there somewhere that a log would have been created that might help us determine what's going on?

I swear I'll try not to write again...

diane

 

Your logs are clean.

For the BSOD issue.

Right-click on My Computer, select Properties. Click-on the Advanced tab, under Startup and Recovery click on the Settings button. Under System Failure uncheck Automatically Restart, click 'OK', click 'Apply', click 'OK'.

Now the next time it happens you will be able to see the BSOD error message without the computer rebooting.

Post that entire error message if it happens again.

 

Hello again Shadow... The computer finally shutdown again and I have attached a txt file with the BSOD message. It looks to me like it has something to do with his d-link wireless card. While I wait for information from you I am going to take it out and re-seat the card, and then look online for any new drivers. Please let me know if you have any other suggestions. Thanks!

diane

 

Uninstall the drivers for your DLink card, shutdown, remove the card, reboot. Now follow the manufacters installation procedures for the card and drivers.

 

Shadow,

It's been 2 whole days and the computer is behaving PERFECTLY! Thank you SO much for your help! You guys rock!!!