Ran Malware Removal process but not comfortable

I'm running Windows XP home addition, with SP3. I posted for the first time back in September and you assisted with getting my system back in order after having been infected. I felt like everything was in order but a couple of weeks later, I noticed some changes and I believe I got re-infected (although I religiously keep Avira, SuperAntispyware, Ccleaner, and Spybot up to date). I started to notice that the Welcome screen would remain visible after log-in for what seemed like too long (timed it today before cleaning my system - stays up for about 35 seconds). Then it would take over a minute before any icons beside the system clock would show up in the Systray. When they did, they didn't seem to be in the order that I was used to seeing. Then I was unable to update SuperAntiSpyware or Avira - I kept getting failure messages on Avira on the download, and no messages with SuperAntiSpyware. So I purchased the Professional version of SuperAntispyware earlier this week but got no change in results. So I intentionally blocked it in my Firewall to see the popup msg and it indicated "SSUPDATE.exe (with a destination IP of 127.0.0.1ort 50370 was trying to access the trusted zone". Even clicking allow would not get me the updates. I never could get Avira updated for the past two to three weeks but thought it might be due to server availability after reading some info online. I reran Spybot after booting in safemode and it found one adaware item. I reran Avira in safemode on 10/20 after uninstalling and downloading the free version again (assuming that it gave me the latest updates on the new download and install). It found something called TR/Fakealert.JU Trojan, and JavaAgent.HY Java virus which it quarantined. But I still couldn't update so I came to your website today to do all the cleaning procedures once again.
After getting the MSCONFIG item done, it required a restart, I still saw the login screen for 36 seconds, and it took over 4 minutes before the 1st icon to pop-up in the systray (it was zonealarm and I'm used to seeing Avira first). On this bootup, spybot popped up a window that indicated process ID 1184 (smss.exe) showed "vario.antivirus" was found so I elected to kill that process. That's when I discovered that Teatimer was loaded and I hadn't had that option for many, many months so I have no idea where it came from (maybe MSCONFIG restored an old configuration???). When I got to your Java instructions, I discovered your link showed Java 6.21 but the Sun website showed Java 6.22. So I uninstalled Java 6.21, downloaded 6.22 but it would not install (gave me some installer failed msg which I could not find anything about on the link it provided to their FAQ's). So I reinstalled Java 6.21 which worked fine. Then I went on to do the rest of your clean procedures. Root repeal would still not work (did not work last month either) - says I'm low on VM and it attempts to increase paging file but eventually it hangs the whole machine requiring a power off and on (not sure why since I have over 40GB of free disk space). So I am posting the four log files (since I don't have a root repeal one) and perhaps you can advise if there is anything else I should provide. The system appears to be working (login screen only stays there for about 5 or 6 seconds but I still feel it takes too long before seeing any icons in systray). I thought you might be able to advise me on something that might be related to configuration files if you see anything fishy. Thank you for your assistance!

 

Thank you for the quick response. Before doing the MGtools\analyse.exe, I wanted to mention that Java updated fine to 6.22 after my last boot-up. I'm only mentioning this as I believe the logs sent with my prior post were running with Java 6.21 (due to the problems trying to install 6.22 that I mentioned) and I notice some references to Java in the lines that you are going to have me fix with analyse.exe. So, should I still expect to see those same lines you have posted knowing that I now have 6.22 installed? Also, regarding the four lines you asked me to research, should I use Ccleaner to prevent them from starting up? If not, how do I prevent them from starting. Btw, we have an Olympus camera and I thought those two Olympus lines were needed to load pictures from camera to computer, but not sure about that. Also, will I still be able to use itunes after removing that reference?
I am an OpenOffice user and I see references to McciCMService.exe (after researching that process) - will removing that impact my ability to use OpenOffice?
Lastly, when creating the notepad file, is that character before the right bracket at the end of the HKEY line a period or a dash? same for the next two lines? And assuming I need to have that REGEDIT4 as the first line, should I be leaving a blank line after it in the notepad file. (If I just highlight the whole thing, and paste it to a notepad, it looks identical to yours so that's what I will do).
I also wanted to mention that I am aware of my memory limitations. I got laid off from my job so am trying to keep expenses low. I've had this system for many years but it's only in the last month or two that I've noticed the long delay between icons showing up in the systray area while booting.

 

When I go into control panel to remove Spybot 1.4, it pops up a window asking if I want to undo changes that I had made, tells me I should use recovery if I want to undo. I wasn't sure if I should proceed after reading the entire window. Also, I have another Spybot entry that doesn't have any version after it - do I leave that one alone? Sorry for the questions, but I don't want to mess up the system and since I've been using Spybot all along, I didn't know why it should be removed before proceeding with your other instructions. If it's because 1.4 is not a needed entry in control panel as the other one will still be there, then I understand. Also, the read me implied that MSCONFIG should not be used on removing startups, but you are telling me to go ahead and use it temporarily to disable those 4 lines - is that correct? Then on a reboot, if I don't see any harm, I can re-enable with MSCONFIG and then delete with MGTOOLS, for example? And the copy and paste of into notepad will take care of Mcci service or is that a separate item - sorry for all the questions, but this is getting into areas above me.

 

Ok - I uninstalled Spybot 1.4 via control panel. When finished, it prompted me to reboot. On reboot, I got a Windows pop-up that I had never seen prior to this that stated:

Windows cannot open this file:

File: Adobe Gamma Loader.exe.lnk.disabled
To open this file, WIndows needs to know what program created it. Windows
can go online to look it up automatically, or you can manually select from a list of
programs on your computer.

What do you want do do?
Use the Web service to find the appropriate program
Select the program from a list
Ok Cancel

I didn't do anything except close the pop-up window.

I then ran the analyse.exe program to select and fix the 13 line items you had given me. I also better understood your original instructions regarding the 4 startup items and the Mcci Service item after running MSCONFIG and selecting the different tabs to check and prevent them from loading.

I then ran the fixme.reg file and did see the "...fixme.reg has been successfully entered into the registry." message when it completed.Then I ran the GetLogs.bat file and am attaching MGlogs.zip to this reply per your instructions. After submitting, I will reboot and see if I see any differences regarding startup. If I notice some better performance, please confirm that I next should rerun MGTOOLS to re-enable the 4 startup lines and one service line, and then run something like autoruns to permanently delete them, correct? Will await your response to that as well as any from the MGlogs.zip file before making any further changes. Thank you for all your expert assistance.

 

Hadn't heard back after my prior post which included the latest MGlogs.zip file - should I be restoring things back to the way they were before before trying to isolate the problems (i.e. resetting startup's via MSCONFIG and then deleting with another tool, etc.). I don't think I have problems other than which seems to be longer times for systray icons to show up (only two of them - zonelabs and Avira antivirus). In fact, I see the windows warning icon pop in there warning that I don't have anti-virus software activated and then it disappears when avira starts to load - never used to see that situation until these problems surfaced a couple of weeks ago). Anyway, you indicated that getting more memory should fix that if in fact the operating system has been growing as time goes on. I'll await a reply before putting any changes back if you tell me no there's no other steps to run after reviewing my latest MGlogs.zip file. Thanks for all your assistance!