Slow XP Computer

Hi. My HP computer has been running slowly lately: when I start it up, when I access websites, when I try running programs they open up slowly and work slowly as well. Please help me.
Thank You!
Evelyn

Also, I ran the OTL scan in Safe Mode. Will it make a difference?



OTL logfile created on: 8/28/2011 11:00:01 PM - Run 1
OTL by OldTimer - Version 3.2.26.6 Folder = C:\Users\Evie\Downloads
Windows Vista Business Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 1.27 Gb Available Physical Memory | 65.83% Memory free
4.11 Gb Paging File | 3.58 Gb Available in Paging File | 87.08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74.53 Gb Total Space | 33.29 Gb Free Space | 44.67% Space Free | Partition Type: NTFS
Drive D: | 62.03 Gb Total Space | 61.93 Gb Free Space | 99.83% Space Free | Partition Type: NTFS
Drive E: | 11.48 Gb Total Space | 11.40 Gb Free Space | 99.25% Space Free | Partition Type: NTFS

Computer Name: EVIE-PC | User Name: Evie | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/08/28 22:59:11 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Evie\Downloads\OTL.com
PRC - [2011/07/07 16:04:36 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2008/10/28 23:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2011/07/07 16:04:37 | 001,014,744 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2011/03/24 20:29:23 | 006,053,536 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (SysMain32)
SRV - [2011/05/29 10:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/04/27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011/04/27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/11/19 07:57:14 | 001,150,936 | ---- | M] (PC Tools) [Auto | Stopped] -- C:\Program Files\PC Tools Security\pctsSvc.exe -- (sdCoreService)
SRV - [2010/03/15 15:02:36 | 000,366,840 | ---- | M] (PC Tools) [Auto | Stopped] -- C:\Program Files\PC Tools Security\pctsAuxs.exe -- (sdAuxService)
SRV - [2010/01/15 05:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/01/20 19:23:59 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011/08/28 22:13:50 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D3210A2C-E5CE-47AA-A985-7C82E4CEDE50}\MpKslfff93d34.sys -- (MpKslfff93d34)
DRV - [2011/05/29 10:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/04/27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011/04/18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/12/10 14:24:12 | 000,239,168 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2010/07/16 15:59:54 | 000,656,320 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pctEFA.sys -- (pctEFA)
DRV - [2010/07/16 15:59:54 | 000,338,880 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\pctDS.sys -- (pctDS)
DRV - [2009/06/25 16:58:10 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2009/06/25 16:25:58 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2009/06/25 16:10:48 | 000,044,544 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2009/06/24 06:08:00 | 007,542,208 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2006/11/02 00:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006/06/28 10:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F2 AF 82 05 CF 1F CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = A6 1D 8B 0D 30 1C A7 42 90 57 20 75 1E A5 F6 52 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:52909

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {b79505a1-d1fa-46f8-b678-ae1336c8cb18}:1.0
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 52909
FF - prefs.js..network.proxy.type: 4

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/01/09 22:16:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/01/09 22:16:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/08/28 22:11:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/08/28 22:11:36 | 000,000,000 | ---D | M]

[2010/07/15 20:01:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Evie\AppData\Roaming\Mozilla\Extensions
[2011/08/28 22:38:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Evie\AppData\Roaming\Mozilla\Firefox\Profiles\ltwqujkz.default\extensions
[2010/11/22 17:13:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Evie\AppData\Roaming\Mozilla\Firefox\Profiles\ltwqujkz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/08/28 22:11:40 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\Evie\AppData\Roaming\Mozilla\Firefox\Profiles\ltwqujkz.default\extensions\{b79505a1-d1fa-46f8-b678-ae1336c8cb18}
[2011/07/24 02:20:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Evie\AppData\Roaming\Mozilla\Firefox\Profiles\ltwqujkz.default\extensions\qimasood@gmail.com
[2010/11/22 17:13:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Evie\AppData\Roaming\Mozilla\Firefox\Profiles\ltwqujkz.default\extensions\toolbar@ask.com-trash
[2010/11/22 04:57:47 | 000,002,568 | ---- | M] () -- C:\Users\Evie\AppData\Roaming\Mozilla\Firefox\Profiles\ltwqujkz.default\searchplugins\askcom.xml
[2011/08/28 22:38:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/18 17:07:35 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/07/16 16:41:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/01/09 22:16:23 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO
[2011/01/09 22:16:24 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2010/07/16 16:41:32 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (DivX Plus Web Player HTML5

Hi there HarlequinN and welcome to GeekPolice!

I am Gabethebabe and I will be helping you with this issue. Before we start some general remarks/rules:

• Whilst I´m helping you, please follow my instructions carefully and do not experiment on your own or accept help from other persons.
  
• Feel free to ask questions! Especially if my instructions are not clear. I´m here to help, not confuse you.
  
• I will try and respond quickly, but please understand I do have a real life (job, wife, 3 kids, kinky hobbies).
  
• Stick with me till the end. If your computer starts running better, doesn´t mean it is clean yet!

====================

Please download GooredFix by jpshortstuff from one of the locations below and save it to your desktop:
Download Mirror #1
Download Mirror #2

• Ensure all Firefox windows are closed.
  
• To run the tool, double-click it (WIN XP), or right-click and select Run As Administrator (Vista/WIN7).
  
• When prompted to run the scan, click Yes.
  
• GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).

====================

• Please run OTL.exe again
  
• Under the Custom Scans/Fixes box at the bottom, copy and paste in the following:

• Then click the Run Fix button at the top (Not the Run Scan!).
  
• Allow it to run. It may take some time and you may see some things happen to your desktop - this is normal.
  
• If it asks to reboot the computer, allow it to reboot.
  
• If the program freezes, and the computer fails to reboot - let me know.
  
• Finally, post the contents of the log. (Located at C:\_OTL\Moved Files)

====================

I see you are running internet traffic through a proxy. If you didn´t configure your internet like that, do the following:

Remove the Proxy setting in Internet Explorer and/or in FireFox.

In Internet Explorer

1. Tools Menu -> Internet Options -> Connections Tab -> Lan Settings > uncheck "use a proxy server" or reconfigure the Proxy server again in case you have set it previously.
   

In Firefox

1. Tools Menu -> Options... -> Advanced Tab -> Network Tab -> "Settings" under Connection > Choose "No Proxy"
   
2. Click the apply button and restart that computer in normal mode.

Note that I see that you had a rogueware infection at the end of march, which was not properly removed. Such infections sometimes install bad proxy servers. So In case of doubt or if you have no idea what a proxy server is, please proceed to remove.

====================

Please download aswMBR by Alwil Software from here and save it to your desktop.

• Double click aswMBR.exe to run the tool
  
• Click the Scan button to start the scan
  
• Don´t panic if you see any **Rootkit** entries. The tool sometimes produces false alarms
  
• Once the scan finishes click Save log to save the log to your desktop
  
• Copy and paste the contents of this log (aswMBR.txt) into your next reply.

Thank You

The first time i ran the aswMBR scan, my computer shut off and restarted on its own before the scan was completed.


GooredFix by jpshortstuff (03.07.10.1)
Log created at 19:43 on 02/09/2011 (Evie)
Firefox version 3.6.21 (en-US)

========== GooredScan ==========

Deleting "C:\Users\Evie\Application Data\Mozilla\Firefox\Profiles\ltwqujkz.default\extensions\{b79505a1-d1fa-46f8-b678-ae1336c8cb18}" -> Success!

========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd} [03:01 16/07/2010]
{AB2CE124-6272-4b12-94A9-7303C7397BD1} [00:07 19/01/2011]
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [23:41 16/07/2010]

C:\Users\Evie\Application Data\Mozilla\Firefox\Profiles\ltwqujkz.default\extensions\
qimasood@gmail.com [09:20 24/07/2011]
toolbar@ask.com-trash [00:13 23/11/2010]
{20a82645-c095-46ed-80e3-08825760534b} [00:13 23/11/2010]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [22:01 09/07/2010]
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"="C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video" [05:16 10/01/2011]
"{6904342A-8307-11DF-A508-4AE2DFD72085}"="C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa" [05:16 10/01/2011]

-=E.O.F=-




========== FILES ==========
File\Folder C:\Users\Evie\AppData\Local\r0t835ni0n1t18aj4n071sa4s7m not found.
File\Folder C:\ProgramData\r0t835ni0n1t18aj4n071sa4s7m not found.
File\Folder C:\ProgramData\6i1ylO.dat not found.

OTL by OldTimer - Version 3.2.26.6 log created on 09022011_200224





aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-09-02 20:03:31
-----------------------------
20:03:31.545 OS Version: Windows 6.0.6001 Service Pack 1
20:03:31.546 Number of processors: 2 586 0x4802
20:03:31.550 ComputerName: EVIE-PC UserName: Evie
20:03:34.656 Initialize success
20:03:52.196 Disk 0 \Device\Harddisk0\DR0 -> \Device\0000006a
20:03:52.204 Disk 0 Vendor: FUJITSU_ 892C Size: 76319MB BusType: 8
20:03:52.216 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\0000006c
20:03:52.224 Disk 1 Vendor: FUJITSU_ 892C Size: 76319MB BusType: 8
20:03:54.268 Disk 1 MBR read successfully
20:03:54.279 Disk 1 MBR scan
20:03:54.289 Disk 1 Windows XP default MBR code
20:03:54.307 Disk 1 scanning sectors +156296385
20:03:54.423 Disk 1 scanning C:\Windows\system32\drivers
20:04:04.794 Service scanning
20:04:07.174 Service MpKsl15054d25 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B3A08499-E761-43D0-AADF-F2C70198506E}\MpKsl15054d25.sys **LOCKED** 32
20:04:07.205 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
20:04:08.405 Modules scanning
20:04:28.760 Disk 1 trace - called modules:
20:04:29.246 ntkrnlpa.exe CLASSPNP.SYS disk.sys PCTCore.sys acpi.sys hal.dll nvstor.sys storport.sys partmgr.sys volmgr.sys ecache.sys volsnap.sys Ntfs.sys
20:04:29.268 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x86720ac8]
20:04:29.291 3 CLASSPNP.SYS[885a8745] -> nt!IofCallDriver -> [0x8661d5d8]
20:04:29.314 5 PCTCore.sys[8301b099] -> nt!IofCallDriver -> [0x859e9590]
20:04:29.336 Scan finished successfully
20:04:43.637 Disk 1 MBR has been saved successfully to "C:\Users\Evie\Desktop\MBR.dat"
20:04:43.666 The log file has been saved successfully to "C:\Users\Evie\Desktop\aswMBR.txt"

OK, we kicked out some malware. I don´t know if you have noticed it, but while using Firefox you should have experienced some redirects to unsolicited advertisement sites. These are solved now.

I don´t really see a reason for your computer to be slow. You run two antispyware programs. I would uninstall pctools antispyware.See if that helps.

I see you have malwarebytes installed.

Please open Malwarebytes' Anti-Malware, click the Update tab and click Check for Updates. Then, click the Scanner tab, select Perform Quick Scan and click Scan. Please post the resulting log in your next reply.

I've definitely noticed my computer working better, and those annoying redirects sure are gone. Thanks


Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7674

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.19088

9/7/2011 11:55:20 PM
mbam-log-2011-09-07 (23-55-20).txt

Scan type: Quick scan
Objects scanned: 159927
Time elapsed: 13 minute(s), 37 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\programdata\audiokse32.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\Users\Evie\AppData\Local\Temp\jucheck.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\Users\Evie\AppData\Local\Temp\68100464.exe (Trojan.Tracur) -> Quarantined and deleted successfully.
c:\Users\Evie\AppData\Local\Temp\0.11508476943635326.exe (Exploit.Drop.2) -> Quarantined and deleted successfully.

I see that some malware was in your temp folder. Lets clean out your temporary files entirely - there may be more malware and having a lot of unneeded files may also slow down your computer.

• Please download TFC (Temp File Cleaner) by OldTimer from here and save it to your desktop.
  
• Close all programs before proceeding with the next step.
  
• Double-click TFC.exe to start the cleaning process and allow it to run
  
• Depending on the amount of files that needs to be deleted this can take seconds or up to several minutes.
  
• If requested, allow TFC to reboot your computer to finish the cleaning process.

====================

It appears you have Ask Toolbar installed. Practically all, if not all anti-malware sites, including GeekPolice, have Ask Toolbar flagged as untrustworthy, because it uses shady practices for distributing and installing its toolbar, see here for more info.

I therefore highly recommend you to go to Start >> Control Panel >> Add/Remove Programs and remove the following programs if present:

• AskBarDis
  
• Ask Toolbar

After that go to the C:\Program Files folder and delete the following folders, if present:

• AskBarDis
  
• Ask.com

====================

You need to install the latest version of Java. Having the latest version is important to take advantage of fixes that have eliminated security vulnerabilities.

• Go to Start > Control Panel
  
• Double-click on Add or Remove Programs
  
• Look for entries that say Java, Java RunTime Environment or J2SE.
  
• Uninstall all of them that are not named Java (TM) 6 Update 27

After doing this, you can go to java.com, click on Free Java Download and proceed from there to install the latest version of Java (currently Version 6 Update 27).

After installing Java, go to Start > Control Panel > Java to open the Java Control Panel.
Under the General tab, Temporary Internet Files click Settings, then click Delete Files.
Select both options and click OK to delete the Java cache.

====================

I think that concludes the search for malware. What remains is further optimization. The best you can do it review critically all programs that start up when you start the computer. Review the processes in windows task manager (CTRL-SHIFT-ESCAPE) and see what you can do without and proceed to remove that - Google is your best friend here.

Any more questions?