Computer Hope
Software => Computer viruses and spyware => Virus and spyware removal => Topic started by: dhallmeyer on November 18, 2010, 03:05:52 PM
-
I've been getting redirects and popups in firefox and IE8. And the system seems to be running REALLY slow lately. Here are my logs.
SAS
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 11/18/2010 at 09:42 AM
Application Version : 4.45.1000
Core Rules Database Version : 5880
Trace Rules Database Version: 3692
Scan type : Complete Scan
Total Scan Time : 00:56:51
Memory items scanned : 514
Memory threats detected : 0
Registry items scanned : 6454
Registry threats detected : 0
File items scanned : 23745
File threats detected : 215
Adware.Tracking Cookie
C:\Documents and Settings\Ken's Stakes\Cookies\ken's_stakes@overture[2].txt
C:\Documents and Settings\Ken's Stakes\Cookies\ken's_stakes@media6degrees[1].txt
C:\Documents and Settings\Ken's Stakes\Cookies\ken's_stakes@questionmarket[1].txt
C:\Documents and Settings\Ken's Stakes\Cookies\ken's_stakes@247realmedia[2].txt
C:\Documents and Settings\Ken's Stakes\Cookies\ken'[email protected][1].txt
C:\Documents and Settings\Ken's Stakes\Cookies\ken'[email protected][1].txt
C:\Documents and Settings\Ken's Stakes\Cookies\ken'[email protected][1].txt
C:\Documents and Settings\Ken's Stakes\Cookies\ken's_stakes@tacoda[1].txt
C:\Documents and Settings\Ken's Stakes\Cookies\ken's_stakes@invitemedia[2].txt
C:\Documents and Settings\Ken's Stakes\Cookies\ken's_stakes@advertise[1].txt
C:\Documents and Settings\Ken's Stakes\Cookies\ken'[email protected][1].txt
C:\Documents and Settings\Ken's Stakes\Cookies\ken's_stakes@yieldmanager[1].txt
C:\Documents and Settings\Ken's Stakes\Cookies\ken's_stakes@pointroll[2].txt
C:\Documents and Settings\Ken's Stakes\Cookies\ken'[email protected][2].txt
C:\Documents and Settings\Ken's Stakes\Cookies\ken'[email protected][2].txt
C:\Documents and Settings\Ken's Stakes\Cookies\ken's_stakes@serving-sys[1].txt
C:\Documents and Settings\Ken's Stakes\Cookies\ken'[email protected][2].txt
C:\Documents and Settings\Ken's Stakes\Cookies\ken'[email protected][1].txt
msnbcmedia.msn.com [ C:\Documents and Settings\Ken's Stakes\Application Data\Macromedia\Flash Player\#SharedObjects\HASAQYYB ]
www.naiadsystems.com [ C:\Documents and Settings\Ken's Stakes\Application Data\Macromedia\Flash Player\#SharedObjects\HASAQYYB ]
core.insightexpressai.com [ C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects\WQQ63Q4W ]
media.mtvnservices.com [ C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects\WQQ63Q4W ]
media.scanscout.com [ C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects\WQQ63Q4W ]
media1.break.com [ C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects\WQQ63Q4W ]
secure-us.imrworldwide.com [ C:\Documents and Settings\LocalService\Application Data\Macromedia\Flash Player\#SharedObjects\WQQ63Q4W ]
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\system@adecn[1].txt
C:\Documents and Settings\LocalService\Cookies\system@kontera[2].txt
C:\Documents and Settings\LocalService\Cookies\system@kontera[1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\system@clicksor[2].txt
C:\Documents and Settings\LocalService\Cookies\system@qubedmedia[2].txt
C:\Documents and Settings\LocalService\Cookies\system@lucidmedia[2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\system@dmtracker[1].txt
C:\Documents and Settings\LocalService\Cookies\system@bizzclick[3].txt
C:\Documents and Settings\LocalService\Cookies\system@bizzclick[1].txt
C:\Documents and Settings\LocalService\Cookies\system@finditquick[1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\system@admarketplace[1].txt
C:\Documents and Settings\LocalService\Cookies\system@admarketplace[2].txt
C:\Documents and Settings\LocalService\Cookies\system@2o7[1].txt
C:\Documents and Settings\LocalService\Cookies\system@interclick[3].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\system@interclick[1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\system@atwola[2].txt
C:\Documents and Settings\LocalService\Cookies\system@advertise[2].txt
C:\Documents and Settings\LocalService\Cookies\system@advertise[1].txt
C:\Documents and Settings\LocalService\Cookies\system@specificmedia[1].txt
C:\Documents and Settings\LocalService\Cookies\system@ru4[4].txt
C:\Documents and Settings\LocalService\Cookies\system@ru4[3].txt
C:\Documents and Settings\LocalService\Cookies\system@ru4[2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\system@technoratimedia[1].txt
C:\Documents and Settings\LocalService\Cookies\system@atwola[1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][3].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\system@burstnet[2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\system@adbrite[2].txt
C:\Documents and Settings\LocalService\Cookies\system@adbrite[1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\system@invitemedia[1].txt
C:\Documents and Settings\LocalService\Cookies\system@invitemedia[2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][3].txt
C:\Documents and Settings\LocalService\Cookies\system@media6degrees[1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\system@andomedia[2].txt
C:\Documents and Settings\LocalService\Cookies\system@insightexpressai[1].txt
C:\Documents and Settings\LocalService\Cookies\system@insightexpressai[2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\system@shefinds[1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][3].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\system@legolas-media[3].txt
C:\Documents and Settings\LocalService\Cookies\system@legolas-media[1].txt
C:\Documents and Settings\LocalService\Cookies\system@realmedia[2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\system@myroitracking[1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][3].txt
C:\Documents and Settings\LocalService\Cookies\system@liveperson[3].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\system@liveperson[4].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\system@zedo[2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\system@liveperson[1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\system@findology[2].txt
C:\Documents and Settings\LocalService\Cookies\system@tacoda[1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\system@game-advertising-online[1].txt
C:\Documents and Settings\LocalService\Cookies\system@tacoda[2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\system@tribalfusion[2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\system@tribalfusion[3].txt
C:\Documents and Settings\LocalService\Cookies\system@serving-sys[3].txt
C:\Documents and Settings\LocalService\Cookies\system@serving-sys[1].txt
C:\Documents and Settings\LocalService\Cookies\system@questionmarket[3].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\system@trafficmp[2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\system@questionmarket[2].txt
C:\Documents and Settings\LocalService\Cookies\system@revsci[2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][4].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][4].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][3].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\system@specificclick[3].txt
C:\Documents and Settings\LocalService\Cookies\system@specificclick[1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\system@pointroll[1].txt
C:\Documents and Settings\LocalService\Cookies\system@mediabrandsww[1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\system@businessfind[1].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\system@collective-media[3].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][2].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\system@businessfind[3].txt
C:\Documents and Settings\LocalService\Cookies\[email protected][1].txt
C:\Documents and Settings\LocalService\Cookies\system@imrworldwide[2].txt
C:\Documents and Settings\LocalService\Cookies\system@pointroll[3].txt
C:\Documents and Settings\LocalService\Cookies\system@collective-media[1].txt
media.mtvnservices.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\Q2Z2P5VP ]
media.scanscout.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\Q2Z2P5VP ]
media1.break.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\Q2Z2P5VP ]
secure-us.imrworldwide.com [ C:\Documents and Settings\NetworkService\Application Data\Macromedia\Flash Player\#SharedObjects\Q2Z2P5VP ]
C:\Documents and Settings\NetworkService\Cookies\system@247realmedia[1].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\system@adecn[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@overture[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@lucidmedia[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@dmtracker[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@bizzclick[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@2o7[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@adtech[1].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\system@ru4[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@burstnet[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@adbrite[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@invitemedia[1].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\system@media6degrees[1].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\system@insightexpressai[2].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\system@realmedia[2].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\system@zedo[2].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\system@tribalfusion[2].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\system@pro-market[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@serving-sys[1].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\system@questionmarket[3].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\system@revsci[1].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\system@questionmarket[2].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\system@specificclick[2].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][2].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\system@pointroll[1].txt
C:\Documents and Settings\NetworkService\Cookies\system@collective-media[2].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\[email protected][1].txt
C:\Documents and Settings\NetworkService\Cookies\system@imrworldwide[2].txt
C:\Documents and Settings\NetworkService\Cookies\system@pointroll[3].txt
C:\Documents and Settings\NetworkService\Cookies\system@collective-media[1].txt
Trojan.Agent/Gen-Nullo[Short]
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP15\A0013324.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP16\A0014347.DLL
Malwarebytes
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 5129
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
11/17/2010 3:23:17 PM
mbam-log-2010-11-17 (15-23-17).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 201847
Time elapsed: 1 hour(s), 18 minute(s), 44 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 4
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 6
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe (Trojan.PWS) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\6to4 (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\appinit_dlls (Trojan.Witkinat) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\crntdll (Trojan.Witkinat) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\regedit32 (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wuaucldt (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\temp\vqeh.tmp\setup.exe (Trojan.PWS) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\6to4v32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\certstore.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dllcache\cdrom.sys (Trojan.Patched) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\cdrom.sys (Trojan.Patched) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Quarantined and deleted successfully.
Hijackthis
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:52:50 PM, on 11/18/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\WINDOWS\system32\igfxsrvc.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msnbc.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.com/
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101103134940.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/3,0,0,6143/mcfscan.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
--
End of file - 8204 bytes
-
Apart from the malware that was found and deleted by SUPERAntiSpyware I'm not noticing any other infections. However, I do see that you have two anti-virus protection programs installed on the computer and this will cause a lot of different issues including slowdowns. My first and most recommended solution would be to uninstall one of them either McAfee / ALWIL, if I was choosing I'd uninstall McAfee.
Clear all your browser history and cookies in all your browsers
http://www.computerhope.com/issues/ch000510.htm
After doing this reboot the computer and see if this helps. If you continue to get the popups and issues try running malwarebytes on the computer.
http://www.malwarebytes.org/mbam-download.php
Hope this helps