My hijackthis log, slow computer no idea whats going on

[xcannon69]

I followed the steps howard posted in the stickes. My log is attached. Also I have the anti rootkit logs attached.

EDIT: Crap i forgot to save the avg spyware log. I had stuff detected in the avg scan, i ended up deleting everything.

combo fix log

 

[howard_hopkinso]

Hello and welcome to Techspot.

You`re running HJT from the wrong location. SEE HERE.

We need to temporarily disable Spybot search & Destroy`s tea time, as it may interfere with any fix we are trying to run.

Disable Spybot's TeaTimer. This is a two step process.
First:
- Right click Spybot in the System Tray (looks like a calendar with a padlock symbol)
- Choose Exit Spybot S&D Resident
Second:
- Open Spybot S&D
- Click Mode, check Advanced Mode
- Go To Left Panel, Click Tools, then also in left panel, click Resident
- If your firewall raises a question, say OK
- Uncheck the box labeled Resident Tea-Timer and OK any prompts.
- Use File, Exit to terminate Spybot
- Reboot your machine for the changes to take effect.

Go to add remove programmes in your control panel and uninstall anything to do with(if there).

viewpoint
viewpoint toolbar
viewpoint manager
ContextTool
AntiSpywareShield

Close control panel.

Click start/run and type services.msc into the run box and press the enter key.

When the window appears, maximise it. Double click on the following services(if there) and select stop if they are running. Set the startup type to disabled. Click apply/ok for each service you disable.

Viewpoint Manager Service

Close the services window.

Open notepad and copy/paste the text in the code box below into it:
NOTE* make sure to only highlight and copy what is inside the quote box nothing out side of it.
Also ..

Pay particular attention to this :-

Make sure the word File:: is on the first line of the text file you save (no blank line above it, & no space in front of it)
Code:

File::
C:\WINDOWS\system32\rlai.dll
C:\WINDOWS\system32\rlph.dll
C:\WINDOWS\system32\drivers\sptd0237.sys

Folder::
C:\Program Files\Viewpoint
C:\Program Files\AntiSpywareShield
C:\Program Files\ContextTool
C:\VundoFix Backups
C:\Documents and Settings\All Users\Application Data\Viewpoint

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0D39A900-0F3A-4C29-A254-3E65244FDC34}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AntiSpywareShield"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\WINDOWS\system32\rlai.dll

Save this as CFScript.txt

Then drag the CFScript.txt into ComboFix.exe as you see in the screenshot below.

This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a fresh HJT log.

Regards Howard :wave: :wave:

This thread is for the use of xcannon69 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.