Expert: Brian Benosky - 8/17/2008

Question
QUESTION: hi Brian,
There are less threats and infections but there are still many... There are no popups when surfing; at the startup only 1 window about missing ..."spool..".

Here the log of SDfix:
[b]SDFix: Version 1.216 [/b]
Run by Administrator on zo 17/08/2008 at 14:54

Microsoft Windows XP [versie 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:

[b]Name [/b]:
DLLHOST32
lzx32
Microsoft Agent
NtmlSvc
SMSS
Spool SubSystem App
Windows Terminal Services

[b]Path [/b]:
"C:\WINDOWS\system\dllhost.exe"
\??\C:\WINDOWS\System32:lzx32.sys
"C:\WINDOWS\System32\dllcache\sxchost.exe"
%SystemRoot%\System32\svchost.exe -k netsvcs
"C:\WINDOWS\system\smss.exe"
"C:\WINDOWS\system\Spool.exe"
"C:\WINDOWS\system32\vcmon.exe"

DLLHOST32 - Deleted
lzx32 - Deleted
Microsoft Agent - Deleted
NtmlSvc - Deleted
SMSS - Deleted
Spool SubSystem App - Deleted
Windows Terminal Services - Deleted


C:\WINDOWS\system32\Microsoft\backup.ftp Found
C:\WINDOWS\system32\Microsoft\backup.tftp Found

[b]Checking files[/b]:

[b]Genuine[/b]:
C:\WINDOWS\system32\Microsoft\backup.ftp
C:\WINDOWS\system32\Microsoft\backup.tftp



Restoring Default Security Values
Restoring Default Hosts File

Rebooting

Service pe386 - Deleted

[b]Checking Files [/b]:

Trojan Files Found:

C:\WINDOWS\SYSTEM32\ERASEM~2.EXE - Deleted
C:\WINDOWS\SYSTEM32\ERASEM~4.EXE - Deleted
C:\WINDOWS\SYSTEM32\UPDETW~1.EXE - Deleted
C:\WINDOWS\SYSTEM32\WINDS.EXE - Deleted
C:\TSOE.EXE - Deleted
C:\-12272~1 - Deleted
C:\417223~1 - Deleted
C:\WINDOWS\system32\eraseme_42554.exe - Deleted
C:\WINDOWS\system32\eraseme_50765.exe - Deleted
C:\WINDOWS\system32\Microsoft\backup.ftp  - Deleted
C:\WINDOWS\system32\Microsoft\backup.tftp  - Deleted
C:\WINDOWS\system32\winmnpld.lhp  - Deleted





Removing Temp Files

[b]ADS Check [/b]:


C:\WINDOWS\system32
 :lzx32.sys          70816
Total size: 70816 bytes.
system32: deleted 70816 bytes in 1 streams.

Checking for remaining Streams

C:\WINDOWS\system32
No streams found.


         [b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-17 15:08:41
Windows 5.1.2600 Service Pack 1 NTFS

detected NTDLL code modification:
ZwClose

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\WINDOWS\\System32\\MKSTMNTS.EXE"="C:\\WINDOWS\\System32\\MKSTMNTS.EXE:*:Enabled:Medium changer class driver"
"C:\\WINDOWS\\System32\\umcsrjvx.exe"="C:\\WINDOWS\\System32\\umcsrjvx.exe:*:Enabled:Server"
"C:\\WINDOWS\\System32\\rtpfaiul.exe"="C:\\WINDOWS\\System32\\rtp"
"C:\\WINDOWS\\System32\\ybbrnfwk.exe"="C:\\WINDOWS\\System32\\ybb"
"C:\\WINDOWS\\System32\\gjhyexte.exe"="C:\\WINDOWS\\System32\\gjh"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\\WINDOWS\\System32\\umcsrjvx.exe"="C:\\WINDOWS\\System32\\umcsrjvx.exe:*:Enabled:Server"

[b]Remaining Files [/b]:


File Backups: - C:\SDFix\backups\backups.zip

[b]Files with Hidden Attributes [/b]:

Mon  7 Jul 2008     1,429,840 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon  7 Jul 2008     4,891,472 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Sun 10 Dec 2006       561,960 ..SH. --- "C:\WINDOWS\system32\cbeeg.bak1"
Sun 25 Mar 2007       443,648 ..SH. --- "C:\WINDOWS\system32\qttss.tmp"
Thu 25 Jan 2007       438,441 ..SH. --- "C:\WINDOWS\system32\qttss.bak1"
Wed 13 Aug 2008       398,619 A.SH. --- "C:\WINDOWS\system32\qtvwa.tmp"
Tue 23 Oct 2007        97,369 ..SH. --- "C:\WINDOWS\system32\qtvwa.bak1"
Mon 14 Jul 2008       410,127 ..SH. --- "C:\WINDOWS\system32\qtvwa.bak2"
Sat 13 Nov 2004        37,376 ...H. --- "C:\Program Files\Common Files\Adobe\ESD\DLMCleanup.exe"
Tue 29 Jul 2008       393,773 A..H. --- "C:\Documents and Settings\All Users\Application Data\Google Updater\cache\BIT11.tmp"
Tue 29 Jul 2008       393,773 A..H. --- "C:\Documents and Settings\All Users\Application Data\Google Updater\cache\BIT12.tmp"
Tue 29 Jul 2008       393,774 A..H. --- "C:\Documents and Settings\All Users\Application Data\Google Updater\cache\BIT13.tmp"

[b]Finished![/b]



and here the next HJTlog

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:45:57, on 17/08/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\System32\WgaTray.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pandasoftware.com/products/activescan.htm
O2 - BHO: (no name) - {01A33D85-4706-452A-B71A-99510ADA8C0C} - (no file)
O2 - BHO: (no name) - {3F437616-E5FD-4C5B-AEDE-D7351623015A} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {A4FB009D-FAA4-4DF4-A928-D5AB7517028A} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.6972\swg.dll
O2 - BHO: (no name) - {F50B3F5E-856E-4757-9BB1-B35D46CA7719} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O20 - Winlogon Notify: cbXRKDuV - cbXRKDuV.dll (file missing)
O20 - Winlogon Notify: iiffddd - iiffddd.dll (file missing)
O20 - Winlogon Notify: opnkiIBR - opnkiIBR.dll (file missing)
O20 - Winlogon Notify: ssttq - C:\WINDOWS\System32\ssttq.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\System32\HPHipm11.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
O23 - Service: Windows Task Services (TASKMNGR) - Unknown owner - C:\WINDOWS\system\taskmngr.exe (file missing)
O23 - Service: Uninterruptible Power Supply UPShelpsvc (UPShelpsvc) - Unknown owner - C:\WINDOWS\System32\LDR5.tmp.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: Microsoft Windows DMR Service (Windows DMR Service) - Unknown owner - C:\WINDOWS\dmrproc.exe (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

--
End of file - 6361 bytes

Thanks for helping me!!
Dorina


ANSWER: Hi Dorina

You're very welcome for the help.  Things are looking better in your log file.  I will need you to open HJT and click on Scan Only.  Place a check mark in the box next to the following items, close all open windows, and click the Fix Checked button:

O2 - BHO: (no name) - {01A33D85-4706-452A-B71A-99510ADA8C0C} - (no file)
O2 - BHO: (no name) - {3F437616-E5FD-4C5B-AEDE-D7351623015A} - (no file)
O2 - BHO: (no name) - {A4FB009D-FAA4-4DF4-A928-D5AB7517028A} - (no file)
O2 - BHO: (no name) - {F50B3F5E-856E-4757-9BB1-B35D46CA7719} - (no file)
O20 - Winlogon Notify: cbXRKDuV - cbXRKDuV.dll (file missing)
O20 - Winlogon Notify: iiffddd - iiffddd.dll (file missing)
O20 - Winlogon Notify: opnkiIBR - opnkiIBR.dll (file missing)
O20 - Winlogon Notify: ssttq - C:\WINDOWS\System32\ssttq.dll (file missing)
O23 - Service: Windows Task Services (TASKMNGR) - Unknown owner - C:\WINDOWS\system\taskmngr.exe (file missing)
O23 - Service: Uninterruptible Power Supply UPShelpsvc (UPShelpsvc) - Unknown owner - C:\WINDOWS\System32\LDR5.tmp.exe (file missing)
O23 - Service: Microsoft Windows DMR Service (Windows DMR Service) - Unknown owner - C:\WINDOWS\dmrproc.exe (file missing)

Restart the computer.  Next, run a Windows Update.  You are missing very important updates and fixes, including Service Pack 2 & SP3.  After all the updates are done, please advise me of any errors, if any, you are still receiving, and send me one more HJT log.  

Brian

---------- FOLLOW-UP ----------

QUESTION: Dear Brian,

The update doesn't complete...it hangs by "cabfiles making"

While booting the PC, a lot activity on the background makes the pc slow. One of the programs (i think) is Spyware doctor, can it? Then I remove this,ok? Because, its difficult to start internet then, when I click that progress off I can internet.

Can you also say which programs I better let away by starting booting the pc (and how I fix that)?


the HJTlog:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:48:47, on 17/08/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\System32\WgaTray.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pandasoftware.com/products/activescan.htm
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.6972\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\System32\HPHipm11.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
O23 - Service: Windows Task Services (TASKMNGR) - Unknown owner - C:\WINDOWS\system\taskmngr.exe (file missing)
O23 - Service: Uninterruptible Power Supply UPShelpsvc (UPShelpsvc) - Unknown owner - C:\WINDOWS\System32\LDR5.tmp.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: Microsoft Windows DMR Service (Windows DMR Service) - Unknown owner - C:\WINDOWS\dmrproc.exe (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

--
End of file - 5393 bytes

thank you again again and again and again...
good night
Dorina  

Answer
Hi Dorina

Yes, you can uninstall Spyware Doctor.  There are a few other programs that you can uninstall or stop from starting at Windows boot.  Since you are running Bit Defender, you can stop Ad-aware and Spybot from startup.  Google Desktop uses a great amount of memory and CPU cycles, so if your computer is running slow, I would say to uninstall Google first and see how the computer behaves afterwards.  One other thing I need you to do is to open HJT and run a Scan Only.  Then place a check mark in the box next to the following items, close any open windows, and click on the Fix Checked button:

O23 - Service: Windows Task Services (TASKMNGR) - Unknown owner - C:\WINDOWS\system\taskmngr.exe (file missing)
O23 - Service: Uninterruptible Power Supply UPShelpsvc (UPShelpsvc) - Unknown owner - C:\WINDOWS\System32\LDR5.tmp.exe (file missing)
O23 - Service: Microsoft Windows DMR Service (Windows DMR Service) - Unknown owner - C:\WINDOWS\dmrproc.exe (file missing)

If you need further help in installing the updates, let me know the exact error you are receiving.  Otherwise, the computer should now be running better.  Just ask if you need more help.  

Brian