I need to speed my computer up and get rid of all the stuff I don't use

[Lunora]

Lo and behold! The curse of the System Volume Information and moar!

I'm sorry. But, I'm terribly confused. I've just done that scan and am to the part where I'm supposed to move the immovable stuff...but...

I only get that menu if I right click.

And I don't have any icon like that little red check.

What should I do?

I'm attaching the image cause I only have this forum open in FF and avast still paused.

EDITS:// By the way, I kinda need help on this before 10 because that's when I'm supposed to get off the computer...and turning it off would be a moot point, and leaving it on is kinda dangerous.

[AdvancedSetup]

Just click and see if you can Cure it. If not then try to delete it. You might need to run the Avira boot CD again though if you have something resident that Dr Web is having trouble removing. Though, very odd why/how you would get infected again so quickly.

I can't promise, but I will try to review the Dr Web and update my message. Seems they've changed something.

If those don't work then try the Avira again please.

Avira AntiVir Rescue System

Requires access to a working computer with a CD/DVD burner to create a bootable CD.

• Download the
  Avira AntiVir Rescue System
  from
  here
• Place a blank CD in your burner and double-click on the downloaded file.
  
  
• The program will automatically burn the CD for you.
  
  
• Place the burned CD into the affected computer and start the computer from this CD.
  
  
• On the bottom left side of the screen there are 2 flags. Using your mouse click on the British flag to use English.
  
  
• Click on the
  Configuration
  button.
  
  
  • Select
    Scan all files
  • Select
    Try to repair infected files
    and
    Rename files, if they cannot be removed
    
    
  • Select
    Scan for dialers
    
    
  • Select
    Scan for joke programs (Jokes)
    
    
  • Select
    Scan for games
    
    
  • Select
    Scan for spyware (SPR)
    
    
  [*]
  Click on
  Virus scanner
  [*]
  Click on
  Start scanner
  at the bottom of the screen
  [*]
  Currently the program does not support saving a log. Write down the amount of items for Records, Suspect files, and Warnings

The Avira AntiVir Rescue System is a Linux-based application that allows accessing computers that cannot be booted anymore and is updated several times a day so that the most recent security updates are always available.

Screen resolution problems

Please see the post

here

if you're unable to view the entire screen of Avira.

[Lunora]

Wait. Wait. Wait. Wait!!!!!! My computer can't read CD/DVDs!!!!! What do I do if I this doesn't fix it!?!?!?!

....because my computer can't read CD/DVD's...

EDITS:// I picked cure for all. Did nothing. But these ones deleted. Don't know what to do with the first two though as curing/deleting isn't an option.

If I clear my System Restore again would that get rid of the first two??

I think the second one with the /SDFIX in it's title was within the first one since its RAR....so wouldn't that be in the quarantine?

Here's the log from Dr. Web Scanner:

A0000062.exe;C:\System Volume Information\_restore{C5865CF0-8F95-49F0-8B2D-414EBEF542AC}\RP1;Archive contains infected objects;Moved.;

A0000062.exe\SDFix\apps\Process.exe;C:\System Volume Information\_restore{C5865CF0-8F95-49F0-8B2D-414EBEF542AC}\RP1\A0000062.exe;Tool.Prockill;;

A0000111.exe;C:\System Volume Information\_restore{C5865CF0-8F95-49F0-8B2D-414EBEF542AC}\RP1;Tool.Prockill;Deleted.;

A0000157.exe;C:\System Volume Information\_restore{C5865CF0-8F95-49F0-8B2D-414EBEF542AC}\RP1;Tool.Prockill;Deleted.;

A0000159.exe;C:\System Volume Information\_restore{C5865CF0-8F95-49F0-8B2D-414EBEF542AC}\RP1;Tool.ShutDown.14;Deleted.;

Process.exe;C:\WINDOWS\system32;Tool.Prockill;Deleted.;

And here's the Hijack This Log:

Logfile of Trend Micro HijackThis

v2.0.2

Scan saved at 7:48:21, on 2/17/2009

Platform: Windows XP SP2 (WinNT

5.01.2600)

MSIE: Internet Explorer v7.00

(7.00.6000.16791)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Tall Emu\Online

Armor\oasrv.exe

C:\Program Files\Alwil

Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil

Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\ZCfgSvc.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common

Files\Apple\Mobile Device

Support\bin\AppleMobileDeviceService.

exe

C:\Program

Files\Java\jre6\bin\jqs.exe

C:\Program Files\Tall Emu\Online

Armor\oacat.exe

C:\Program

Files\Viewpoint\Common\ViewpointServi

ce.exe

C:\WINDOWS\wanmpsvc.exe

C:\Program

Files\iTunes\iTunesHelper.exe

C:\Program

Files\Java\jre6\bin\jusched.exe

C:\Program Files\Tall Emu\Online

Armor\oaui.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.e

xe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\MSN

Messenger\MsnMsgr.Exe

C:\Program Files\Alwil

Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil

Software\Avast4\ashWebSv.exe

C:\Program Files\Tall Emu\Online

Armor\oahlp.exe

C:\WINDOWS\System32\alg.exe

C:\Program

Files\iPod\bin\iPodService.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\System32\wbem\wmiprvse.exe

C:\Program Files\Trend

Micro\HijackThis\HijackThis.exe

C:\WINDOWS\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet

Explorer\Main,Start Page =

http://marianregion.proboards107.com/

R1 - HKCU\Software\Microsoft\Internet

Connection Wizard,ShellNext =

http://toshibadirect.com/

R3 - URLSearchHook: Yahoo! Toolbar -

{EF99BD32-C1FB-11D2-892F-0090271D4F88

} - (no file)

O2 - BHO: Java Plug-In SSV Helper

-

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43

} - C:\Program

Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper

-

{9030D464-4C02-4ABF-8ECC-5164760863C6

} - C:\Program Files\Common

Files\Microsoft Shared\Windows

Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV

Helper -

{DBC80044-A445-435b-BC74-9C25C1C588A9

} - C:\Program

Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl -

{E7E6F031-17CE-4C07-BC86-EABFE594F69C

} - C:\Program

Files\Java\jre6\lib\deploy\jqs\ie\jqs

_plugin.dll

O4 - HKLM\..\Run: [iTunesHelper]

"C:\Program

Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [QuickTime Task]

"C:\Program

Files\QuickTime\qttask.exe"

-atboottime

O4 - HKLM\..\Run:

[sunJavaUpdateSched] "C:\Program

Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [@OnlineArmor GUI]

"C:\Program Files\Tall Emu\Online

Armor\oaui.exe"

O4 - HKLM\..\Run: [avast!]

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.e

xe

O4 - HKCU\..\Run: [ctfmon.exe]

C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [msnmsgr]

"C:\Program Files\MSN

Messenger\MsnMsgr.Exe" /background

O4 - Global Startup: Microsoft Office

OneNote 2003 Quick Launch.lnk =

C:\Program Files\Microsoft

Office\OFFICE11\ONENOTEM.EXE

O8 - Extra context menu item: E&xport

to Microsoft Excel -

res://C:\PROGRA~1\MICROS~2\OFFICE11\E

XCEL.EXE/3000

O9 - Extra button: Research -

{92780B25-18CC-41C8-B9BE-3C9C571A8263

} -

C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBA

R.DLL

O9 - Extra button: Real.com -

{CD67F990-D8E9-11d2-98FE-00C0F0318AFE

} - C:\WINDOWS\System32\Shdocvw.dll

O9 - Extra button: (no name) -

{e2e2dd38-d088-4134-82b7-f2ba38496583

} - C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem:

@xpsp3res.dll,-20001 -

{e2e2dd38-d088-4134-82b7-f2ba38496583

} - C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683

} - C:\Program

Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows

Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683

} - C:\Program

Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP:

c:\windows\system32\nwprovau.dll

O14 - IERESET.INF:

START_PAGE_URL=http://www.toshiba.com

O16 - DPF:

{30528230-99F7-4BB4-88D8-FA1D4F56A2AB

} (YInstStarter Class) -

http://us.dl1.yimg.com/download.yahoo

.com/dl/installs/yinst20040510.cab

O16 - DPF:

{48DD0448-9209-4F81-9F6D-D83562940134

} (MySpace Uploader Control) -

http://lads.myspace.com/upload/MySpac

eUploader1006.cab

O16 - DPF:

{6414512B-B978-451D-A0D8-FCFDF33E833C

} (WUWebControl Class) -

http://www.update.microsoft.com/windo

wsupdate/v6/V5Controls/en/x86/client/

wuweb_site.cab?1198714492626

O16 - DPF:

{6E32070A-766D-4EE6-879C-DC1FA91D2FC3

} (MUWebControl Class) -

http://www.update.microsoft.com/micro

softupdate/v6/V5Controls/en/x86/clien

t/muweb_site.cab?1199412274304

O19 - User stylesheet: C:\Documents

and

Settings\Samantha\Desktop\Texts\RBFN.

css (file missing)

O20 - Winlogon Notify: !SASWinLogon -

C:\Program

Files\SUPERAntiSpyware\SASWINLO.DLL

O23 - Service: Apple Mobile Device -

Apple Inc. - C:\Program Files\Common

Files\Apple\Mobile Device

Support\bin\AppleMobileDeviceService.

exe

O23 - Service: avast! iAVS4 Control

Service (aswUpdSv) - ALWIL Software -

C:\Program Files\Alwil

Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus -

ALWIL Software - C:\Program

Files\Alwil

Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner -

ALWIL Software - C:\Program

Files\Alwil

Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner -

ALWIL Software - C:\Program

Files\Alwil

Software\Avast4\ashWebSv.exe

O23 - Service: iPod Service - Apple

Inc. - C:\Program

Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter

(JavaQuickStarterService) - Sun

Microsystems, Inc. - C:\Program

Files\Java\jre6\bin\jqs.exe

O23 - Service: Online Armor Helper

Service (OAcat) - Tall Emu -

C:\Program Files\Tall Emu\Online

Armor\oacat.exe

O23 - Service: Online Armor

(SvcOnlineArmor) - Tall Emu -

C:\Program Files\Tall Emu\Online

Armor\oasrv.exe

O23 - Service: Viewpoint Manager

Service - Viewpoint Corporation -

C:\Program

Files\Viewpoint\Common\ViewpointServi

ce.exe

O23 - Service: WAN Miniport (ATW)

Service (WANMiniportService) -

America Online, Inc. -

C:\WINDOWS\wanmpsvc.exe

--

End of file - 6299 bytes

[AdvancedSetup]

Please turn OFF word wrap in NOTEPAD.

Yes, disable/re-enable System Restore will clean/remove those others. You really need to get a CD/DVD reader/burner that will allow you to use/boot from CD. If the System has a hard drive failure or other serious issue you're going to be stuck period.

I will re-open your post in the HJT forum and we can look at your system again, but as said - something is odd and with all these other scans and software you have in place I don't see how you're getting infected unless you're clicking stuff you shouldn't or you have some deep rooted hidden Malware on the system. But without a CD to boot to it might be very difficult to find.

I'll re-open your HJT post and we'll resume cleanup there again. Please be patient though as I'm sure you see the site is VERY busy and limited amount of people to help.

Thanks.

[Lunora]

The only really odd thing would be my father's 'RAWR D<' policy with my old laptop constantly getting infected because he gives me no anti-virus/spyware/malware stuff. And I'm trying to get money up for a Mac...but that's hard for many reasons. And no, I'm not clicking any shifty sites. The most I use is:

yahoo.com

proboards.com

youtube.com

deviantart.com

Google.com -> and I'm careful what I click and i mainly use it for images

Meebo.com

Dubhappy.com -> anime watching site

And of course MSN but I only accept files from my BF who has outstanding virus protection -is jealous-

I'll work on being patient. I'm sorry for being 'naggy', but if I lost my computer I'd lose everything and be stuck in a hell hole with a bad family. But, yes, I'll work on it and check the other thread.

Thankyou very much for helping me so much =3