Boot Scan insufficient memory

I ran a boot scan last night, and it found a lot of things to dump into the chest, but it didn’t do it because there was “insufficient memory.” There’s gigs and gigs left on my drive, and there shouldn’t be much loaded up in RAM during that time, so I have no idea where this is coming from. Any help would be greatly appreciated…the computer needs cleaned really bad.

Any help would be greatly appreciated...the computer needs cleaned really bad.
if so i recomend our cleaning expert Essexboy to have a look...

follow the guide here and attach the logs…not copy and paste
http://forum.avast.com/index.php?topic=53253.0

AdwCleaner
Malwarebytes
OTL
aswMBR

when done the removal specialists will be notified and analyze your logs…
it may take hours before one arrive so be patient

will do, thank you! I’ll work on that tonight.

okay…here’s the log files in order…

the next one is too big (mbam-log-2012-12-19 (21-58-28), so here’s number 3

and the last one. THANK YOU!!

you have a Siref Rootkit infection…and maybe

the next one is too big (mbam-log-2012-12-19 (21-58-28), so here's number 3
you mean the MBAM log is bigger then 512kb ?.....must have removed lots of stuff you may split it in two before attaching

malware removers are notified, check back after work hours european time. :wink:

Let me know of any problems on completion

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

https://dl.dropbox.com/u/73555776/OTL_Fix.GIF


:OTL
FF - prefs.js..extensions.enabledAddons: %7Bf538af6d-9c26-47bb-bcce-0fa8c59c6692%7D:1.0
FF - prefs.js..extensions.enabledItems: ConsumerInput@Compete:9089
FF - prefs.js..extensions.enabledItems: {f538af6d-9c26-47bb-bcce-0fa8c59c6692}:1.0
[2011/10/20 17:37:39 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\Brolsma\AppData\Roaming\Mozilla\Firefox\Profiles\rxmd6w88.default\extensions\{f538af6d-9c26-47bb-bcce-0fa8c59c6692}
[2012/11/09 12:48:31 | 000,254,567 | ---- | M] () (No name found) -- C:\Users\Brolsma\AppData\Roaming\Mozilla\Firefox\Profiles\rxmd6w88.default\extensions\ConsumerInput@Compete.xpi
O4 - HKU\S-1-5-21-3196843269-3231496207-1772068894-1001..\Run: [Google] "xidpwooedd.exe" File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-3196843269-3231496207-1772068894-1001\Software\Policies\Microsoft\Internet Explorer\restrictions present
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
[2012/11/02 08:43:44 | 000,097,653 | ---- | C] () -- C:\ProgramData\wtxxmmgboqhpoxv
[2012/10/17 06:00:20 | 000,005,120 | -HS- | M] () -- C:\Windows\assembly\GAC_32\Desktop.ini
[2012/10/17 06:00:20 | 000,006,144 | -HS- | M] () -- C:\Windows\assembly\GAC_64\Desktop.ini

:Reg
[HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]
XMLHTTP_UUID_Default=-
[HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]
XMLHTTP_UUID_Default=-
[HKU\S-1-5-21-3196843269-3231496207-1772068894-1001\SOFTWARE\Microsoft\Internet Explorer\Main]
XMLHTTP_UUID_Default=-

:Files
C:\Windows\Installer\{ed688624-a0ec-20fc-6f12-b2d37ecf04db}
C:\Users\Brolsma\AppData\Local\{ed688624-a0ec-20fc-6f12-b2d37ecf04db}

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

  • IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

[*]Double click on ComboFix.exe & follow the prompts.
[*]Accept the disclaimer and allow to update if it asks

http://img.photobucket.com/albums/v706/ried7/NSIS_disclaimer_ENG.png

http://img.photobucket.com/albums/v706/ried7/NSIS_extraction.png

[*]When finished, it shall produce a log for you.
[*]Please include the C:\ComboFix.txt in your next reply.

Notes:

  1. Do not mouse-click Combofix’s window while it is running. That may cause it to stall.
  2. Do not “re-run” Combofix. If you have a problem, reply back for further instructions.
  3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.

Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

okay, here is PART 1 of mbam-log-2012-12-19 (21-58-28).txt

Here is PART 2 of mbam-log-2012-12-19 (21-58-28).txt

essexboy, THANK YOU so much! I will try that over the holiday weekend and let you know. I appreciate it!

Could you attach the combofix log please

here’s the log…not sure how the computer is running totally yet, seems okay. maybe a little sluggish? it had to install 25 updates when the process was over. I now have a social search toolbar in Chrome that wasn’t there before, too.

Could you defragment the drive, also what toolbar is this ?

sorry, went away on vacation. That toolbar was called “Social Serach,” and I uninstalled it no problem. I will defragment…but the computer seems to be running great now. thank you so much for your help!

Let me know when you are happy and I will tidy up