Need a tune up...

[ladybugsy]

JHolland, you helped me fix my laptop, now I'm hoping to get my desktop running better. I uninstalled msn messenger which REALLY slowed my computer down. I did all of the cleaning in the sticky with the exception of the kasperskys...for some reason it wouldn't update the definitions, so I used Panda and it found 8 viruses, which I'm assuming it removed. I'm attaching the hjt and the Panda. I would really lke to clean out my startup menu and get rid of aything that is unnecessary. Please take a look, and thank you in advance.

[jholland1964]

Your HJT log doesn't show a firewall. The Panda log shows a lot of cookies, you should empty these out.
Give me a bit to go through the rest of the HJT log and I'll get back with you asap ok?

[ladybugsy]

I am using windows firewall, which I checked, and it is on and running normally, I am assuming. I cleared my cookies using atf yesterday and again this morning.

[jholland1964]

Ok on the Windows Firewall, just wanted to be certain.
Several things you need to do here. Nothing "bad" exactly found in the HJT log but things you need to clean up based on both logs.

First of all your Java is way out of date. Please go to Download Java
and download the latest edition which is version 6 update 3. Download the Offline install, which is the second choice, and save it to your desktop.
Once you have downloaded then first go to Start, Control Panel, Administrative Tools, Services. When the Services opens scroll down to the Viewpoint Manager Service. Double click on it and when that box opens click on the Stop button. The service will shut down. Then set the Start up to Disabled. Click Ok and then exit.

Close out the Services. Then go to Start, Control Panel, Add/Remove and Uninstall the Viewpoint program. This is really an unnecessary program which comes bundled with AOL is installed, usually without the users knowledge, will give automatic updates to AIM, Viewpoint Media Player essentially without the users ok. You don't need the Viewpoint Media Player and can update AIM manually. Viewpoint is considered Foistware rather than Malware but is totally not needed. Uninstall it.

Once you have uninstalled Viewpoint then, still in Add/Remove go in and Uninstall All old versions of Java that you find.

Once you have done those uninstalls then click on the new Java program you downloaded and is on the desktop and install the new Java version. Once you have it installed then go here
to verify the Java installed properly.

Enable Viewing of Hidden Files

Next please boot to safe mode and go to

C:\WINDOWS\SYSTEM32\ do a search for the files noted below in RED and DELETE those that you find.

atqqktac.exe
gsbvtlxf.exe
jpjhufja.exe
pbmmxaaa.exe
prclnaaa.exe
pyiwwbht.exe
sdgtaaaa.exe

Still in Safe Mode go here;
C:\Documents and Settings\Rory Slaughter\Local Settings\Application Data\Wildtangent\Cdacache\00\00\0E.dat
Delete File noted in RED. Delete only that FILE...Wildtangent and all that's in it.

Reboot the computer to normal mode. Open Internet Explorer.
Choose “Internet Options” from the Tools menu in IE
Click on the “Privacy” tab.
Click the “Default” button (or manually slide the bar down to “Medium”) under “Settings”.
Click “OK“.
This setting will allow first-party cookies, but will block third-party cookies. First-party cookies means that the cookies put on to your computer are from the web page you are currently viewing. Third-party cookies are cookies left by a domain other than the one you are currently viewing.

Next download RegCleaner
Save it to the desktop.
Doubleclick the program to open it.
Next choose Tools, Registry Cleanup, Do them All.
The program will then scan your system for invalid registry entries. Should only take a few minutes.
Once it is complete it will show you a list of invalid entries.
Go to Select, All. Then click the Remove Selected Button. Items will be remove.
Exit the program.

Next download StartUpControl Panel
It will install in the Control Panel labeled Startup.
Double click to open the program.
Go through the various tabs and remove the checkmarks from the following;
TkBellExe >>>auto update for Real Player
QuickTime Task>>>auto update for Quicktime
Microsoft Works Update Detection>>>Auto update for Works
AIM>>>AOL Instant Messenger.
Click OK.
Close the program.
Reboot the computer.

[ladybugsy]

Ok, all done. I didn't find any of those files in the system 32 folder.

[jholland1964]

That means they are probably gone then. Then run the Panda again to be sure.

[ladybugsy]

Here's my new Panda scan.

[jholland1964]

Did you use RegCleaner?

[jholland1964]

Need you do do an online scan for this unknown file showing in your HJT log. Go to this link virusscan.jotti.org

When you get to that page, right at the top is a box, want you to enter this, exactly in this box;
C:\WINDOWS\system32\lockie.dll
Click the Browse button to locate the file. Once the file is located click the Submit button. This scans suspicious files with several different scanners. Virus definitions are updated hourly. This is usually a very busy website, so you may have to wait a few minutes for access. It will give you a report on the file. Please post back with that report.

[ladybugsy]

Yes I did run regcleaner.

Service load: 0% 100%
File: lockie.dll
Status: OK
MD5: 4f585fbc174e932e7348cee0144f5caa
Packers detected: -
Bit9 reports: File not found

A-Squared Found nothing
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Fortinet Found nothing
Ikarus Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Rising Antivirus Found nothing
Sophos Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found nothing