Malware removal problems

Please use add/remove programs to uninstall:
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 8
Java 2 Runtime Environment, SE v1.4.1_02

System Alert Popup<-- This will not uninstall thru add/remove?
Can you find and delete the folder and its contents?

Is this an old program that you have deleted:
C:\Program Files\Arovax AntiSpyware <-- if so go ahead and delete the folder.

Use windows explorer to find and delete this:
C:\Program Files\Video Access ActiveX Object

Please copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/sbcydsl/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab

After clicking Fix, exit HJT.

Now attach new logs for:

* GetRunKey - please download the current version first!
* ShowNew
* HJT

 

Your logs look clean. You may uninstall any programs we had you download.

If you are not having any other malware problems, it is time to do our final steps:

1. If we used Pocket Killbox during your cleanup, do the below
* Run Pocket Killbox and select File, Cleanup, Delete All Backups
2. If we used ComboFix you can delete the ComboFix.exe file and associated C:\combofix.txt log that was created.
3. If we user SDFix you can delete all the SDFix related files and folders from your Desktop or whereever you installed it.
4. If we used VundoFix, you can delete the VundoFix.exe file and the C:\VundoFix Backups folder and C:\vundofix.txt log that was created.
5. If we had your run FixWareOut, you can delete the Fixwareout.exe file and the C:\fixwareout folder.
6. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
7. You can delete the ShowNew.Zip and GetRunkey.Zip files and the files that you extracted from the ZIP files. You can also delete the C:\newfiles.txt and C:\runkeys.txt logs that were created
8. If you are running Windows XP or Windows ME, do the below:
* go back to step 8 of the READ & RUN ME to Disable System Restore which will flush your Restore Points.
* Then reboot and Enable System Restore to create a new clean Restore Point.
9. After doing the above, you should work thru the below link:
* How to Protect yourself from malware!

 

WebProxy is related to Panda software ....If it is not your AV ...and you downloaded it instead of the online scanning (I've slept) ....uninstall it and any traces of it (Files and foulders).

Try to do this:
Restore System restore
You may be asked for the Windows XP CD. if you haven't got a retail copy of the XP CD, point your browser to the i386 folder, locate the INF folder and see if you can install System restore form there.

1/ Open Windows Explorer

2/ on the Main toolbar click Tools

3/ From the drop down menu click Folder Options

4/ The folder Options Properties window will now open

5/ Click the View tab

6/ In the advanced Settings list scroll down to the Hidden Files and Folders section

7/ Click on the radio button next to the Show Hidden Files and Folders option

8/ Click OK to close the Folder Options Properties window

9/ In the left hand pane of windows explorer click the + sign next to My Computer

10/ This now expands the drive list

11/ Click the + sign next to the C: drive to expand the folder list

12/ From the folder list navigate to the Windows folder and click the + sign next to this to expand the folder list

13/ Scroll down and click on the INF folder

14/ A list of INF files will appear in the right hand pane of Windows explorer

15/ Look for a file called SR.INF

16/ Once you have located SR.INF Right Click on the folder

17/ From the drop down menu click on Install

18/ System restore should now re-install

19/ If you are asked at any time to insert your Windows XP CD (typically to copy files sr.sys and srframe.mmf) then do so. This enables fresh files to be copied over to your hard drive. Don't try browsing to the Windows directory on your hard drive for the relevant file as all you will be doing is replacing one corrupt file with another.