I suspect I have a bad infection that Malwarebytes, eset, Avast, have all failed to find. The symptoms are the following:

First I discovered that my Skype account was highjacked and someone tried to buy credit with my credit card.
Then I noticed that various forums send me notifications of new posts on threads that I have subscribed to but the link takes me to the same post when no new posts have been posted in the thread. I know my system well enough to know when something is VERY strange indeed. I have attached a log from MBRcheck.

follow this guide and attach (not copy and paste) logs from malwarebytes / OTL / aswMBR
http://forum.avast.com/index.php?topic=53253.0

when done the malware remover will be notified…and check the logs when he arrive here later today

Here is the OTL log attached.

aswMBR log attached!

and malwarebytes…

There should also be a file under OTL called Extras. If you see that, can you also attach that to a post?

In the meantime, I have notified Essexboy, one of our malware experts to assist you. He comes on the forum late UK time. Follow his directions, and feel free to ask questions. In the meantime, try to not use this machine and disconnect it from a network if it is connected to one. Thank you.

I cannot find the file in EXTRAS. Where is it located at? I ran OTL from Desktop and the log was saved on desktop. I did a complete search but nothing.

I’ve run OTL 3 times and on all occasions it does dot create the extras.txt log. It only creates the OTL.txt log. ???

the extra.txt is only created first time you run OTL
as the name say it is only some extra tech info and not important…OTL.txt is the important one

still no Malwarebytes log attached ?

Hi I can see nothing evident however, as you have some concerns I will search deeper

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

https://dl.dropbox.com/u/73555776/OTL_Fix.GIF

:OTL FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found. O3 - HKU\S-1-5-21-4149854431-98036347-1619213294-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

:Files
ipconfig /flushdns /c

:Commands
[purity]
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

THEN

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

• IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

[*]Double click on ComboFix.exe & follow the prompts.
[*]Accept the disclaimer and allow to update if it asks

http://img.photobucket.com/albums/v706/ried7/NSIS_disclaimer_ENG.png

http://img.photobucket.com/albums/v706/ried7/NSIS_extraction.png

[*]When finished, it shall produce a log for you.
[*]Please include the C:\ComboFix.txt in your next reply.

Notes:

1. Do not mouse-click Combofix’s window while it is running. That may cause it to stall.
2. Do not “re-run” Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.

Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

Had to split the combo log into 2 parts because it was too large. PC still boots very slowly almost 4 minutes but once it has booted it seems to be running much faster!

here is part 2

No indication there of a keylogger or the like…

That is a long time for 7 to boot…

There may be a solution to that … But mainly how is the computer behaving any problems at all ?

So far things seem to be OK and once the Excruciatingly slow boot is over then the PC runs at lightning speed. It has been a long time since it was this fast. If only the damn thing would boot faster. My laptop with XP boots at 1/4 the time!!!

It seems that his is an unsolvable problem as I have been trying to find a solution to this problem for almost 1 year now. Everyone keeps telling me it is malware that is causing it but I think not.

I wish to thank you all for you help.

This is one of the best forums ever

Well there is a little MS tool that works wonders for a 7’s boot time

Have a look at this page first to install the requisite tool http://www.msfn.org/board/topic/146919-install-the-windows-performance-tools-kit/

Then if you are happy to give it a whirl by following the running instructions on this page http://www.msfn.org/board/topic/140262-how-to-speed-up-boot-process-under-windows-vista-or-windows-7/

The entire process can take up to 30 minutes to run. And once run only use windows defragmenter as that will keep the files in the right place

Thank you very much but, I must decline to use the tool as reading the instructions I got cold feet! I am not confident enough to delve into such deep waters. :-[

I do however deeply appreciate all the help you have given me. I can live with the slow boot so long as the system is working, and so far it seems to be doing just that.

Actually it is not that difficult … In a nutshell you download that small programme (Win32 Development Tools ) and run the relevant cpu programme
Then type the command xbootmgr -trace boot -prepSystem -verboseReadyBoot into an elevated prompt
The system will reboot 6 times and all you need to do is allow the tool to elevate (UAC) after each boot

My 7 boot time is sub 30 seconds

I use Auslogic’s defrag; Does this mean that I will no longer be able to use it and MS defrag too?

I tried it and got this error (please see attached screen shot).

OK I got it to install. Which of the many progs do I run?