Major Issues

Daniel,

I left the computer for it to do the scan. When I came back, it had rebooted. I clicked my name (On the start thing, to choose who to start under.. mine is the only one). The program reopened and said it was creating a log, do not open any other programs. Well, with my startup -- I hadn't disabled a program and it started. I exited it as quick as I could and left the computer, not touching it anymore. The activity light on my tower is blinking, but I can't tell if anything is happening. It's been like this for 20 minutes or so, does the log usually take this long to create?

Thanks, Im on another computer to just check.

it fine the blue box is still open right

that means right click Avast in your system tray and select stop provider then standard sheild

I should of told him how to disable avast thats my fualt

The blue box is opened. And all my programs (Except for my wireless card ones that start up with it) are closed.

I was just curious as to why it was taking so long, I apologize. Im extraordinarily impatient on things and get itchy at the sight of any problem (Now that I know of them)

Daniel,

The combofix finished and I'm attaching the log as directed.

try to boot in safe mode now

Daniel,

The infected computer is sitting safely in safe mode. It worked!
Waiting for your commands on what to do next!

run sdfix in safe mode

Daniel,

The program is done and I'm attaching the report.
Waiting for your next orders, thanks.

can you post a fresh hijackthis log

Yes, sorry if there was any delay. I thought you might have left for the night. Thanks for checking back.

I've attached the log as requested.

looks alot better

We need to get rid of one of the services running on your machine. To do this, copy (Ctrl +C) and paste (Ctrl +V) the text in the code box below to Notepad.

Code:

@echo off
sc stop Viewpoint Corporation
sc delete Viewpoint Corporation
del service.cmd and exit

Save it to your desktop as File name: service.cmd
Save as type: All Files

Once done, double click service.cmd to run it. A command window will open briefly, then close. This is quite normal.


Please go to Start > Control Panel > Add/Remove Programs and remove the following (if present):

Viewpoint

Then reboot and post a fresh hijackthis log

Daniel,

I've done the first step. In Add/Remove, there are two Viewpoint programs. One is "Viewpoint Manager (Remove Only"

the other is

Viewpoint Media Player.

What should I do?

remove both of them

Daniel, I've attached the log.

When I booted my computer, for the first time in ages msconfig didn't start when the desktop loaded (Any reason why?)

did msconfig always startup even when you first got this computer

No, a long time ago my brother set it up to run at startup. Usually Ill just peek at what's running and then close it and disregard it.

Well it is nothing bad to not have it stratup it could have been detected to be bad so it took it off. Your log looks clean just to make sure I want to run one las online scan it will take time so post back in the morning

TrendMicro™ HouseCall Java Scan

• Please go HERE to run the Trend Micro™ HouseCall Scan.
• Click Scan now. It's free!
• Read and put a Check next to Yes I accept the terms of use.
• Click the Launching HouseCall>> button.
• Under Using Java-based HouseCall kernel click the Starting HouseCall>> button.
• You may receive a Security Warning about the TrendMicro Java applet, click YES.
• Under Scan complete computer for malware, grayware, and vulnerabilities click the Next>> button.
• Please be patient while it installs, updates, and scans your system.
• Once the scan is complete, it will take you to the summary page.
• Under Cleanup options, choose clean all detected infections automatically.
• Click the Clean now>> button.
• If anything was found you may be prompted to run the scan again, you can just close the browser window.

========================================

Now we need to create a new System Restore point.

Click Start Menu > Run > type (or copy and paste)

%SystemRoot%\System32\restore\rstrui.exe

Press OK. Choose Create a Restore Point then click Next. Name it and click Create, when the confirmation screen shows the restore point has been created click Close.

Next goto Start Menu > Run > type

cleanmgr

Click OK, Disk Cleanup will open and start calculating the amount of space that can be freed, Once thats finished it will open the Disk Cleanup options screen, click the More Options tab then click Clean up on the system restore area and choose Yes at the confirmation window which will remove all the restore points except the one we just created.

To close Disk Cleanup and remove the Temporary Internet Files detected in the initial scan click OK then choose Yes on the confirmation window.

======================================

Uninstall ComboFix

• Click Start then Run
• Now Type Combofix /u in the runbox
• Make sure there's a space between Combofix & /u
• Then hit Enter

The above procedure will Delete the following:

• ComboFix & it's associated files & folders.
• Reset the clock settings.
• Hide file extensions, if required.
• Hide system/hidden files, if required.
• Set a new, clean Restore Point.

------------------------------------------------------------------

OTCleanit! by Oldtimer

• Download OTCleanIt
• Click the CleanUp! button.
  (It will go thorugh the list & remove all of the tools it finds and then delete itself) Requiring a reboot

Thanks so much ahead of time, I will follow these instructions throughout the night (If not in the morning, 2:00 AM here now).

Thanks SO much.

I have one last question:

For 5 years I haven't had much online security, etc. I apparently had all these problems, but never noticed. My PC is never really ungodly slow, it was just recently slightly sluggish. Do you have any possible explanation for that? I was just curious is all.

Thanks again, will report back in the morning.