Darksma, Vondo popups - Logs attached

[wreckdiver59]

Hello All,
Need help getting rid of this infestiation. The computer is running very slow, multiple pop-ups when running internet explorer. sometimes can't use internet explorer at all (nothing ever comes up, then locks up). Was unbble to turn on windows update, but that is O.K. after following the 8-step preliminary removal instructions. It is a little better now, but still finding instances of Vundo after more scans with the anti-malware program.
Anyhow the log files are attached...

Thanks in advance...

 

[kimsland]

Just a quick look

Run HJT. Tick and fix the following, then restart, then provide a new HJT
And let me know how the computer's now going, in a reply

C:\Program Files\Nova Development\Greeting Card Factory Deluxe 6.0\ReminderApp.exe
C:\WINDOWS\SM1BG.EXE
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [ReminderApp] C:\Program Files\Nova Development\Greeting Card Factory Deluxe 6.0\ReminderApp.exe
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKCU\..\Run: [basemanager] C:\DOCUME~1\SK\APPLIC~1\TRUSTS~1\SettingsOne.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\SK\Start Menu\Programs\>IMVU\Run IMVU.lnk (file missing)

 

[wreckdiver59]

New HJT Logfile.

The new hjt log file is attached. Still getting multiple pop-ups. Mostly anti-virus or free scan type stuff, but also other spam type ads. Seems to be getting faster to connect with Internet Explorer. I also cleared out some other software not being used. This is not my computer, it's my daughters, so there may be some time lapsed between replies.
Thanks

 

[kimsland]

Make it go even quicker by removing these in HJT

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe (CD Witing quick button)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ISUSPM Startup]
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [tool comp sixth axis] C:\Documents and Settings\All Users\Application Data\Iso setup tool comp\axis help.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

Remove this from Add/Remove Programs:

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

Actually read here first: http://www.bleepingcomputer.com/forums/index.php?showtopic=120989&view=findpost&p=685946



Remove this strange beast!

O20 - AppInit_DLLs: oudwin.dll

Your decision, remove from Add/Remove Programs:

SUPERAntiSpyware
Google Updater

Remove this startup from the actual program settings:
Messenger



And read here, on getting rid of Bonjour:
http://www.raymond.cc/blog/archives/2008/02/10/how-to-uninstall-or-remove-bonjour-mdnsresponderexe/



Finally, if you're really keen, remove McAfee
Try Free Antivirus like Avast or Avira



Then restart (possibly twice with all that!)
Then tell me what you think

 

[wreckdiver59]

Thanks, I'll follow most of your suggestions tonight when I have the chance. Looks like there are a lot of things running at startup that are bogging things down.

I'm still not sure where the popups are coming from. It does not seem to happen when logged on under a different user, if that helps.

Any reason's why you would want to get rid of McAfee? It's free from my service provider and I use the parental controls for the younger ones who use the computer.

 

[kimsland]

All the Internet Securities are now resource hogs

I have tried them all (I like keeping up to date)

Here's the worst lot from Norton No.1

Norton
Trend
McAfee
AVG

These days it seems wiser to get a free Antivirus like Avast or Avira

And then a free firewall (if you must)

This is a personal viewpoint


Oh, by doing the above, I believe you will not have any issues

 

[wreckdiver59]

Thanks kimsland... Everything is much faster. I've removed some others as well. So far IE is running fine. I'm going to play some more. If I can just keep the kids from putting more crap on I'll be fine. It's been a few weeks without their computer, so maybe they learned something.

Now I'm curious to look at my computer and see what I can do to speed it up.

 

[kimsland]

Finally, run CCleaner again

Then Defrag

Your computer should be much faster now