A quick question about doing the Malware thread...

Yes, you can download to a flash drive and move the tools to the infected machine.
You may have to run them in safe mode.

 

Attach logs when you are ready.

 

Did you follow these instructions:
http://forums.majorgeeks.com/showthread.php?t=74220

 

Follow the instructions for Win7.

 

If you can, download them to your desktop. And attach the logs to this thread.

 

Rerun Hitman and have it remove all it finds.

Now rerun RogueKiller and have it fix these items:

Code:

¤¤¤ Registry : 10 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\jxyeJJR ("C:\ProgramData\RpZXHc\jxyeJJR.exe") -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\jxyeJJR ("C:\ProgramData\RpZXHc\jxyeJJR.exe") -> Found

Now have it fix these items:

Code:

¤¤¤ Tasks : 2 ¤¤¤
[Suspicious.Path] \Ifalneho -- "C:\ProgramData\Ifalneho\1.0.4.1\tecinama.exe" ("/e=L3A9MTkwNjAxXi91PTgyMDAxYjAzYzMyMTQ2ZjQ4ZjkwMTM3MDMzZDNkN2UzXi9kPWNyaW1ldGhyZWF0YWxlcnQuY29tXi9uPUNSTUVeL2E9Q3JpbWVXYXRjaF4vdA==") -> Found
[Suspicious.Path] \Mart Component -- C:\WINDOWS\system32\rundll32.exe ("C:\Users\danny\AppData\Local\Mart Component\Bin\MartComponent.dll",#3) -> Found

Download OTM by Old Timer and save it to your Desktop.

• Run OTM.exe by double clicking on it (Note: if using Vista, Win7 or Win8, don't double click, use right click and select Run As Administrator).
• Paste the following code under the area. Do not include the word Code.

Code:

:Processes
explorer.exe

:Files
C:\WINDOWS\TEMP\*.*
C:\Users\danny\AppData\Local\Temp\*.*

:reg
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6167D44D-C80F-462A-8799-DF50D8B8BE70}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}]

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

• Return to OTM, right click in the Paste List of Files/Folders to Move window (under the yellow bar) and choose Paste.
• Push the large button.
• OTM may ask to reboot the machine. Please do so if asked.
• Copy everything in the Results window (under the green bar), and paste it in your next reply.

Now navigate to the C:\_OTM\MovedFiles folder ( assuming your Windows drive is C). This is where your log will be saved in the form of Date and Time mmddyyyy_hhmmss.log. Just look for the most recent .log file. Attach this log file to your next message.

Now rescan in normal mode with both RogueKiller and Hitman and attach the logs along with the OTM log.

 

You have a free trial on Hitman. Just activate it and remove what it found.
I am not seeing any additional malware. You may have to post in the software forum for additional assistance.

 

It must be already active as it did remove a lot of the crap. As to updating, that may help. Let me know if it does. Are you talking about updating to Win 10? What ads are you talking about? And if which browser?

You need to resolve your issues before you upgrade.

 

Please download AdwCleaner by Xplode and save to your Desktop.

• Double click on AdwCleaner.exe to run the tool.
  Vista/Windows 7/8 users right-click and select Run As Administrator
• Click on the Scan button.
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
• The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
• Attach the logfile to your next next reply.
• A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

 

Clean everything it finds. Then reboot and rescan and attach a new log. Be sure to tell me how things are running.

 

Delete the last bit that ADW found. You should be fine to do an upgrade now.

If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware.
2. Renable your Disk Emulation software with Defogger if you had disabled it in step 4 of the READ & RUN ME.
3. Go to add/remove programs and uninstall HijackThis. If you don't see it or it will not uninstall, don't worry about it. Just move on to the next step.
4. If running Vista, Win 7 or Win 8, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
5. Now go to the C:\MGtools folder and find the MGclean.bat file. Double click ( if running Vista, Win7, or Win 8 Right Click and Run As Administrator ) on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
6. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
7. If you are running Win 8, Win 7, Vista, Windows XP or Windows ME, do the below to flush restore points:
   • Refer to the instructions for your WIndows version in this link: Disable And Enable System Restore​
   • What we want you to do is to first disable System Restore to flush restore points some of which could be infected.
   • Then we want you to Enable System Restore to create a new clean Restore Point.
8. After doing the above, you should work thru the below link:
   • How to Protect yourself from malware!

 

You are most welcome. Good luck with the upgrade.