Read and Run completed, logs attached.

Where is the log?

Do you mean you are replacing the hard disk or your are adding another hard disk? By replacing, do you mean you want to copy all of the stuff from your original drive over to the new drive using a drive imaging program or are you going to reinstall from scratch. If you are so paranoid, you should reinstall from scratch.

I don't see any malware but I do see other issues. Like:

• still having things from McAfee trying to load (and on is still running) while you currently are using Avast.
• Outdated Sun Java version : J2SE Runtime Environment 5.0 Update 6 you should have paid attention to step 6 of the READ ME and uninstall this old version and installed the current version.
• 3 realtime antispyware blockers (AOL, Windows Defender & CounterSpy), although CounterSpy is from running the READ ME. You should uninstall CounterSpy now and then delete the below to folders:
  • C:\Documents and Settings\Mike\Local Settings\Application Data\Sunbelt Software
  • C:\Program Files\Sunbelt Software
• I also recommend you either uninstall AOL AS or Windows Defender.
• I also see Viewpoint Media Player installed. Did you uninstall this in step 0 as requested. Uninstall it now. If it does not show in Add/Remove programs, tell me.

Please run HijackThis and click on the Open the Misc Tools Section button on the open page. Then select Open process manager on the left-hand side. Look for the following process (or processes) and one at a time kill them by selecting it and then click Kill process. Then click yes.
C:\DOCUME~1\Mike\LOCALS~1\Temp\200711620050_mcinfo.exe

After killing all the above processes, click Back.
Then please click Scan and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup
O4 - HKLM\..\Run: [msci] C:\DOCUME~1\Mike\LOCALS~1\Temp\200711620050_mcinfo.exe /insfin
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MSKAgent.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe

After clicking Fix, exit HJT.
Boot into safe mode and use Windows Explorer to delete:
C:\Program Files\McAfee.com <--- the whole folder
C:\Documents and Settings\Mike\Application Data\McAfee.com Personal Firewall <--- the whole folder

Now run Ccleaner .

Now reboot in normal mode

Also delete all files in the below folders except ones from the current date (Windows will not let you delete the files from the current day).
C:\WINDOWS\Temp\
C:\Documents and Settings\Joe Santoro\Local Settings\Temp\

Now attach the below new logs and tell me how the above steps went.

1. ShowNew
2. HJT

 

How can it transfer over if you are going to remove the old drive and not copy anything from it. Don't put the new hard disk in until the old one is removed. It is basically like building a new PC except that you already have all the hardware except the hard disk.

 

Doubt it! And besides your current drive was clean anyway!

 

That's why there are rootkit scanning tools! There are many such tools now. You can scan with a whole bunch more if you like but it really is not necessary since you don't plan on keeping this hard disk in the system when you install the new drive.

 

Once you physically remove the hard disk before putting in the new one, none of those can affect you anymore since they are physically gone because the hard disk is gone which means the OS and anything hiding under it is gone too.

 

Yes in theory all of these things have been discussed in the malware world. And it is possible that things could get into BIOS FLASH and due to the ACPI interface design issues a PCI card could get a rootkit type infection. See: Implementing and Detecting a PCI Rootkit.

But I doubt that you have to worry about this being a problem for you. Your only real answer if you are going to remain so paranoid about this is to throw away your PC and buy a new one. But I would ask you, how do you know that the manufacturer who made it did not get it infected. Perhaps there manufacturing facilities are corrupted/infected. This is just as possible as what you keep worrying about.

 

Yes basically that is it in a nut shell. You're welcome.