PC is slower than usual. Can't boot into safe mode either (Blue screen)

[ppt45]

Hi,

I've used everything from spybot, superantispyware and smitfraudfix to any antivirus software available. I've had onetoo many scans and they still detect something but still it cannot remove it.

I also got this thing popping on my Trend Micro alert box about a "pkxmrong.exe" trying to run in my system but TM keeps blocking it. I also saw it in the running processes on the Task Manager and I ended the task. Well, no more popups from Trend Micro. Still, my computer is slow. Just to make sure, i included the hjt log of the scan for analysis from any of you good guys in the biz. Hope this helps...

 

[BillAllen55]

Use this 8 step process before continuing.

After taking a quick look at your attached file I would recommend this process to you.
This takes you through a process that typically removes many insidious spyware/trojan issues. One might be tempted to do some but not all processes listed. I would recommend all processes be accomplished in the order they are listed.
https://www.techspot.com/vb/post645589-1.html

Regards.

 

[Bobbye]

I looked at you log and you have many processes that are both unpronounceable and unidentifiable:

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: (no name) - {66d8226b-e6d6-4236-b37f-74a1ec202f79} - C:\WINDOWS\system32\pumotozi.dll
O2 - BHO: (no name) - {9D11FA4B-556D-4FA9-A657-2F064D9077E0} - C:\WINDOWS\system32\tuvTjkhh.dll
O4 - HKLM\..\Run: [kiwifiboya] Rundll32.exe "C:\WINDOWS\system32\wigimogo.dll",s
O4 - HKLM\..\Run: [3440557c] rundll32.exe "C:\WINDOWS\system32\awbuetxs.dll",b
O4 - HKLM\..\Policies\Explorer\Run: [Gm1sB3dwc1] C:\Documents and Settings\All Users\Application Data\lonexkfw\pkxmrong.exe
O20 - AppInit_DLLs: C:\PROGRA~1\Sophos\SOPHOS~1\SOPHOS~1.DLL txqbvn.dll,C:\WINDOWS\system32\dezudesu.dll lxxbcr.dll
O20 - Winlogon Notify: iifgEwxY - iifgEwxY.dll (file missing)
O21 - SSODL: WebDsc - {5EE6CB34-F1D8-B61F-57CF-09D117D2175F} - C:\Program Files\kbljcbb\WebDsc.dll
O21 - SSODL: neksolda - {AE7B1CA5-9439-4CD2-AA11-3675F379BB21} - C:\WINDOWS\neksolda.dll (file missing)
O21 - SSODL: xgpsarbm - {18033159-4A66-41A9-AE3A-2E03DD6811A5} - C:\WINDOWS\xgpsarbm.dll (file missing)

Your Java is also out of date:

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

You need to get the most current version, v6u7:
https://www.techspot.com/downloads/6463-java-se.html

I completely agree that you need to begin the malware cleaning process, beginning with disabling some of the many TrendMicro security suite processes before running the programs- keep the antivirus.

Run the programs in the order given, and attach the logs here when through. You will need to run HijackThis again AFTER Malwarebytes and SuperAntispyware have run.

The 020 Sophos process is puzzling- I can't identify any of the .dll files with one exception. There was one foreign site indicating lxxbcr.dll as a Trojan in association with OnLineGames but I didn't open the site.