Computer freezing - have completed scans

You forgot to attach your logs!

 

You still need to attach the log from ShowNew as requested in the READ ME. Please explain your exact problems with it. Did you extract all files from the ZIP file? Are you running the ShowNew.bat file from a Windows Explorer prompt or are you running it from inside the ZIP file? Based on your GetRunKeys log (which is incomplete too) you are not running either program properly. You must follow the directions in the download links. The files MUST BE EXTRACTED from the ZIP file and you must not run the .bat files from inside the ZIP file which is what you are doing.

Follow the directions exactly and attach new logs from ShowNew and GetRunKey.

From what I have seen thus far, you do not have malware problems!

 

You are not following the directions given in the links for ShowNew and GetRunKey and that I explained again in message # 4. If you do not extract the files from the ZIP file and run the ShowNew.bat and GetRunKey.bat files from a Windows Explorer session, they will not work.

Do you understand what extract from the ZIP files means?
Didn't you do this with HijackThis?

Also make sure you download and use the current versions of ShowNew.zip and GetRunKey.zip. They both have changed since you last downloaded them.

I suggest you download the ZIP files. Extract ALL files from both ShowNew.zip and GetRunKey.zip into a single folder named C:\MGtools and then delete the two ZIP files (that way you will not be able to try and run the programs from inside the ZIP file by mistake). Then locate and run the .bat files as requested!

 

It is wrong because you are running the .bat files from inside the ZIP file and you still are. You are using the Windows XP ability to view the files but your are also running the bat files from inside the ZIP file. The procedure tells you to use Windows Explorer!!!!!

Do the following!

• Right click Start and select Explorer
• In the Explorer window navigate to the C:\spyware tools folder you said you created.
• If you see the GetRunKey.zip and ShowNew.zip files in that folder. Delete both of them. DO NOT SKIP THIS STEP! I WANT YOU TO MAKE SURE these two ZIP files are deleted.
• Now locate GetRunKey.bat and double click on it. Then close the notepad window that comes up with the runkeys.txt log.
• Now locate ShowNew.bat and double click on it. Then close the notepad window that comes up with the newfiles.txt log.
• Now upload the c:\runkeys.txt and c:\newfiles.txt logs here!

 

I'm not sure what is going wrong either but it really appears to be a case of the .bat files not being run from outside the ZIP file. The reason I say this is because of the contents in the log. The .bat files report the location of where they are being run from and they cannot do this when run from inside the ZIP file. Since your logs are missing this data, it would appear that they are being run from the ZIP file. The only other possibility is some other kind of error is occurring and you are not seeing the error message and reporting it.

I going to attach a two new versions of the tools but the way this will be run it different. I'm going to attach a file named MGtools.zip. Inside this file is a file named MGtools.exe Just extract MGtools.exe from the ZIP file. And then locate the MGtools.exe file and double click on it. This executable will create a folder named C:\MGtools and it will put all the files needed to run GetRunKey and ShowNew into this folder. It will also automatically run both programs and it will automatically create the two logs. No notepad windows will popup. Just locate the C:\runkeys.txt and C:\newfiles.txt logs afterwards and upload them.

Let's see what happens when this is run. If this does not work, then there must be something else blocking proper execution of the two programs. Maybe your antivirus or maybe some other error within your OS. If this is the case, we will have to try running them from a command prompt windows to see if we can capture the error message.

The main reason we need to get these to work is because your HJT log really does not show any problems. It could well be that your problems are not malware at all but are rather problems with your OS and these same problems may well be the reason that ShowNew.bat and GetRunKey.bat are not running properly.

 

Okay based on this information there is something wrong on your PC that is preventing these tools from running properly. I would expect one of the two errors shown in the download links is actually occuring.

Try the following!

• Open a command prompt window by clicking Start, Run, and entering cmd and clicking OK.
• Then enter the below commands and tell what error mesages if any you receieve.
  • cd c:\MGtools
  • shownew
    • write down the exact error message here if you get one
    • close the newfiles.txt log if it comes up.
  • getrunkey
    • write down the exact error message here if you get one
    • close the runkeys.txt log if it comes up.

Let me know the results!

 

Open up a command prompt window by clicking Start, Run, and enter cmd and click OK.

Now exit ALL running processes on your PC (antivirus, antispyware...etc) and also closed down all browser sessions including this one before you continue.

Now in the command prompt window enter the below commands.
cd c:\MGtools
ShowNew

Now if you get any error messages or warning, tell me exactly what you get.

Then open a browser backup and come back here and attach the newfiles.txt log that was just created but did not popup. Attach this file before continuing on to the next step below or the file will be overwritten.

If you do still get error messages in any form while doing the above, please boot into safe mode and run ShowNew.bat. Then attach this second newfiles.txt log that was created.


The reason I'm trying to get these complete logs is that your other logs do not show any malware. However, if ShowNew and GetRunKey do not run, there is something misconfigured or missing on your PC. Probably not malware but something is wrong.

You do however have two non malware issues!

1. You did not pay attention to step 3 of the READ ME. You have both Authentium's Command Antivirus and McAfee installed. You MUST uninstall one of these NOW. You probably got Command AV along with PestPatrol from your ISP!
2. You did not install the version of Spybot requested in the READ ME. You are running Spybot - Search & Destroy 1.3 which has not been used in over 2 years. Install the proper version.