Running Slow-ran HJT...

Moved into the malware forum for the guys to look at.

 

You need to attach your logs from step 6! It specifically inidcates that they must be attached. This is a required step of the READ & RUN ME FIRST.

You should also uninstall SpyBlocs. It is a rogue tool. Read about it in the below:

http://netrn.net/spywareblog/archives/2004/08/06/spyblocseblocs-rogue-status-update/

And also it is still on the full list here: http://www.spywarewarrior.com/rogue_anti-spyware.htm

Is your Spy Sweeper a paid subscription version or the free version?

 

Is Spy Sweeper running the current detections version?

Is the below in Add/Remove programs:
need2find

 

Do you know what the below stuff is for? Did you add this to your PC?
O15 - Trusted Zone: http://crmls.fnismls.com
O16 - DPF: {0854D220-A90A-466D-BC02-6683183802B7} (PrintPreview Class) - http://crmls.fnismls.com/Paragon/Codebase/FNISPrintControl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/101ef60e7f20c376d806/netzip/RdxIE601.cab
O16 - DPF: {D270FE47-4F7B-4AFF-BCF8-B023A6FF4DFA} (SystemChecker.CheckerCtrl) - http://crmls.fnismls.com/Paragon/Codebase/SystemChecker.cab

Make sure viewing of hidden files is enabled (per the tutorial).

Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {00000000-0000-4BFC-91EC-E6F6EA7992A8} - C:\Program Files\ProSiteFinder\ProSiteFinder.dll (file missing)
O2 - BHO: (no name) - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - (no file)
O4 - HKCU\..\Run: [SpyBlocs] C:\Program Files\eBlocs\SpyBlocs\GLF3F.exe

After clicking Fix, exit HJT.
Boot into safe mode and use Windows Explorer to delete:
C:\Program Files\eBlocs <--- the whole folder
C:\Program Files\ProSiteFinder <--- the whole folder

Now if running Win XP goto c:\windows\Prefetch and delete all files in this folder.
Now run Ccleaner (installed while running the READ ME FIRST).

Now reboot in normal mode and post a new HJT log. And tell us how things are working.

Reminder Note: Once we have determined you are malware free you will need to disable System Restore, reboot, and re-enable system restore per step 1 of the READ & RUN ME. This only applies to if using WinXP or WinMe.

 

Your HJT log is clean! I don't see anything there related to loading Backweb.

See the below thread on how to run WinPfind and attach the log from it

• Running WinPfind by OldTimer

Improving startup time is really not a malware problem. You should just not load some of the items you are loading. However first let's remove something we installed. Uninstall MS Antispyware. You do not need it since you subscribe to Spy Sweeper. This will help startup faster.

Then have HJT fix the below items that you do not need to load at startup:

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

Also do you really need the below? I doubt it:
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet

 

Did doing any of those previous steps help you startup issues?

If you don't need the Yahoo stuff, then just look in Add/Remove programs and uninstall anything related to Yahoo. I know I saw Yahoo Pager in your log. There could be more.

The Winpfind log did not show any problems.

 

Some speed (boot & normal operation) degradation is necessary and will occur from using all the tools necessary to protect you from the malware that exists. If you uninstalled all antivirus, antispyware, and firewall (and any other protection tools) your PC would boot and run noticeably faster. Even surfing would be faster. However you would also get infected a lot faster and would be spending all your time recovering from the damage that malware can do. Some malware can completely kill your PC make a format necessary. Some can steal your personal info, credit card info, passwords etc causing you financial headaches. The performance hit is a necessary sacrifice that you must pay to enjoy the good things the internet has to offer. It is sort of like paying a load of money for car i nsurance. You would prefer not to pay for it but the risk is too great and the expenses could be too high if you had an accident.

Did you uninstall all the remaining Yahoo stuff?

You're welcome. You can get malware from just about anywhere. If they can send you attachments or things to click on then you can get infected if you open the attachments or click on links that you should not. You have to be very careful no matter where you go. That brings us to the below with some important tips!

If you are not having any other malware problems, it is time to go back to step 1 of the READ & RUN ME to Disable System Restore which will flush your Restore Points. Then reboot and enable System Restore to create a new clean Restore Point.

After that, you should work thru the below link:

How to Protect yourself from malware!