cc cleaner results

CLEANING COMPLETE - (5.492 secs)
------------------------------------------------------------------------------------------
339.2MB removed.


Edit: Inline CCleaner log removed. Not wanted nor needed!

 

super spyware results

resaults are on the attachment

 

mb.exe results

results are atacht

 

We don't need the results from CCleaner and all logs must be attached!

Please follow the instructions in the below link and attach the requested logs when you finish these instructions.

READ & RUN ME FIRST. Malware Removal Guide

If any of the scans will not run or download move on to the next one and let me know what happened like if there were any errors or if they just wouldn't download or run.

Also have a look here. Don't Bump! It Only Hurts You!!!

 

Yea i noticed that a little late my bad sorry about that, but all the logs should be posted below as attachments. I've tried to attached them again but it just keeps telling me there is an error that i have already attached these logs in a previous post so should i just post them as text ?

 

Edit: Inline logs from ComboFix, SAS, MBAM, RootRepeal and HijackThis removed

 

combofix and rr logs are already attached in this log too so here is the mgtools zip

 

Thanks Chas.

We still need the other two logs to be attached.

• ComboFix log
• RootRepeal log

 

Whoops!

On my way....

 

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX Checked until you exit all browser sessions including the one you are reading in right now:

• O1 - Hosts: 91.212.127.226 winguard2009.microsoft.com
• O1 - Hosts: 91.212.127.226 winguard-2009.com
• O1 - Hosts: 91.212.127.226 www.winguard-2009.com
• O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
• O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -

After clicking Fix checked, exit HijackThis.



Now visit this link to reset your Hosts file.Running HostXpert to Reset Default Hosts File



Download Disable/Remove Windows Messenger to the desktop to remove Windows Messenger.

Do not confuse Windows Messenger with MSN Messenger or Windows Live Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

Unzip the file on the desktop. Open the MessengerDisable.exe and choose the bottom box - Uninstall Windows Messenger and click Apply.

Exit out of MessengerDisable then delete the two files that were put on the desktop.

As stated in the READ ME Java must be updated. See here: Updating Sun Java



I see that Comcast AntiSpy is running which I think is part of CA Pest Patrol but I can't tell, and don't think, it this has an antivirus included. Is Comcast AntiSpy a paid version or a trial?


Next run the C:\MGtools\GetLogs.bat file by double clicking on it. Attach the new C:\MGlogs.zip file that will be created.

Also let me know how the computer is running now?

 

when running C:\MGtools\GetLogs.bat file a zip file is never created. also when connecting to the internet my internet explorer will open 2 of them from what my task manager says and the one that is using more memory than the other, when ending the task will refresh the already open explore and then task manager says another IE is open. The only way to terminate the explorer is to end process on IE is by ending process on the one that is using less memory. My computer is still running kinda slow. I also have a question about my network if you are able to answer. When shutting down my computer my router has the symbols for the computer on it 1,2,3 ect.. usually after shutting down a comptuer the light on the designated computer will shut off, which it does when i shut down my other computer, but when i shut down the other one the light goes of for a second and then comes right back on even tho the computer is off?!?!? My bad for responding so late school and work and family kinda take time away from me lol anyways thanks for all that you have done so far and will be waiting for your reply.:wave

 

No worries. I understand.

Did you look in C:\MGlogs.zip ?Have you tried restarting the computer to see if these issues go away? Then try running a new scan with MGtools.

Let's make sure we cover everything found in the logs first then see what all still remains. We may need to send you to another forum to finish up but no need trying to fix something that may go away by what we do here.


Also.

 

yea i checked C:\MGlogs.zip there isnt a zip file in there either. after running the Getlogs.bat. Comcast Antispywear is nothing just something that came with the modem it's probably a trail something i need to remove. I've restarted the computer many times still runnin like crap.

 

Go to Add or Remove Programs and uninstall:

• Comcast Toolbar
• CA Pest Patrol Realtime Protection

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX Checked until you exit all browser sessions including the one you are reading in right now:

(This might not be found.)

- O4 - HKCU\..\Run: [ComcastAntispyClient] \"C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe\" /hide

After clicking Fix checked, exit HijackThis.



Now delete this folder.

C:\Program Files\comcasttb\ComcastSpywareScan


Restart the computer.


Now download and install a new antivirus. These are all good and free for home use.

Remember to only install one antivirus!

1) Avast! Home Edition
2) AVG Free Edition
3) Avira AntiVir Personal


Now update and run a full scan with your new antivirus.

Let me know if it finds anything and also how the computer is running now.

 

alright i picked avast and dled it and it got rid of a trojan it says, but the computer is still kinda slow. and it gets alot of internet explorer can not display mainly when opening for the first time .. but still running 2 internet explorers when opening like i said before .. but i dont know if that is your area lol . just tell me what i need to do next please LOL

 

Run the C:\MGtools\GetLogs.bat file by double clicking on it. Attach the new C:\MGlogs.zip file that should be created.

 

hey there my bad it took so long

 

forgot to hit upload haha :-D

 

Go to Add or Remove Programs and uninstall:

Ask Toolbar



How is the computer running now?

If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
2. If we used Pocket Killbox during your cleanup, do the below
   • Run Pocket Killbox and select File, Cleanup, Delete All Backups
3. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /uninstall
     • Notes: The space between the combofix" and the /u, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
6. If running Vista, it is time to make sure you have re-enabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
7. Go to add/remove programs and uninstall HijackThis.
8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
9. If you are running Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning procedures in step 3 the READ ME for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
10. After doing the above, you should work through the below link:
    • How to Protect yourself from malware!