Malware Protector 2008 - Help!

No!! When you click this: CCleaner You see the title of the program is CCleaner Slim (No Toolbar) 2.08.588

You need to click on one of the dowload links which look like the below

Code:

[IMG]http://majorgeeks.com/images/dl-arrow3.gif[/IMG] [B]Free Downloads From[/B] 
[URL="http://majorgeeks.com/downloadget.php?id=4191&file=15&evp=a12d758b021af1a4f0a6bfe45b0c7a82"][IMG]http://majorgeeks.com/images/american_flag.gif[/IMG] MajorGeeks FL[/URL] - |USA|
[URL="http://majorgeeks.com/downloadget.php?id=4191&file=10&evp=a12d758b021af1a4f0a6bfe45b0c7a82"][IMG]http://majorgeeks.com/images/american_flag.gif[/IMG] MajorGeeks TX[/URL] - |USA|
[URL="http://majorgeeks.com/downloadget.php?id=4191&file=11&evp=a12d758b021af1a4f0a6bfe45b0c7a82"][IMG]http://majorgeeks.com/images/american_flag.gif[/IMG] MajorGeeks TX[/URL] - |USA|
[URL="http://majorgeeks.com/downloadget.php?id=4191&file=15&evp=a12d758b021af1a4f0a6bfe45b0c7a82"][IMG]http://majorgeeks.com/images/american_flag.gif[/IMG] MajorGeeks FL[/URL] - |USA|
[URL="http://majorgeeks.com/downloadget.php?id=4191&file=9&evp=a12d758b021af1a4f0a6bfe45b0c7a82"][IMG]http://majorgeeks.com/images/american_flag.gif[/IMG] MajorGeeks FL[/URL] - |USA|
[URL="http://majorgeeks.com/downloadget.php?id=4191&file=14&evp=a12d758b021af1a4f0a6bfe45b0c7a82"][IMG]http://majorgeeks.com/images/australian_flag2.gif[/IMG] Internode[/URL] - |Australia|

You have been looking at other advertisement links on the page. You do not want and do not need Registry Booster.

 

You need to attach the last log that was requested. The log from running MGtools which will be the C:\MGlogs.zip file as stated in the instructions.

What problems did you have trying to run ComboFix. Your log is very incomplete. It did not run properly. Try again in safe boot mode if necessary.

 

I'm not sure what you mean? Are you saying you don't know how to copy and paste?

Please just run ComboFix by double clicking on the icon on your Desktop. Then attach the log here after it completes.

Are you still having malware problems?

You have no protection software installed! Why not?

 

Your logs do not show Avira to be installed and while TrendMicro's Antispyware shows as installed and it does show loading in your startup but it is not running. Thus that make me believe you only have a trial version which is only a scanner and it provides no protection. SUPERAntipsyware was only from running the READ & RUN ME and it does not provide any protection unless you purchase it. The free program is a scanner only. The Windows firewall is totally inadequate as it provides only one way protection and it is very poor at even doing that.

You have some left overs form Norton hanging around. Please run this Norton Removal Tool (SymNRT) and then reboot your PC.

Run this Disable/Remove Windows Messenger to remove Windows Messenger. Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

Uninstall the below old versions of Sun Java:
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Java 2 Runtime Environment, SE v1.4.2_03
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) SE Runtime Environment 6 Update 1

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe

After clicking Fix, exit HJT.

Now we need to use ComboFix to remove a bunch of malware files.

• Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
  • If it is not on your Desktop, the below will not work.
• Open Notepad and copy/paste the text in the below quote box into it:

• Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
• At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
• You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
• Now use your mouse to drag CFscript.txt on top of ComboFix.exe
• Follow the prompts.
• When it finishes, a log will be produced named c:\combofix.txt
• I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.

Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.

Now run Ccleaner!

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

• C:\ComboFix.txt
• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

You're welcome.

It you like and are happy with TrendMicro AS then keep it. You always get more features and support if you purchase software then you do with free software.

My final instructions below contain a link which gives you many things to do to protect yourself. You will find info in there on firewalls too.

If you are not having any other malware problems, it is time to do our final steps:

1. You can uninstall SUPERAntiSpyware now.
2. We recommed you keep Malwarebytes Anti-Malware as a scanner. It uses no resources except a little disk space until you run a scan.
4. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop & renamed it like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combo-fix" /u
     • Notes: The space between the combo-fix" and the /u, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
   • Delete the C:\combo-fix folder from combofix.
5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
7. Go to add/remove programs and uninstall HijackThis.
8. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
9. If you are running Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
10. After doing the above, you should work thru the below link:
    • How to Protect yourself from malware!

 

You already said you have Avira Antivir Personal. It is your antivirus program.

 

No! I'm not sure why it would do this. In fact if this is truly happening and they are not saying that AntiVir and Spybot were infected, then you should uninstall TrendMicro and ask for a refund since this would be an absurd requirement on their part. Are you sure that you only have TrendMicro AntiSpyware???? Or did you also purchase an the antivirus or worse....the security suite.

That's up to you if you wish to support the company and also get support from them but this has nothing to do with what you said about TrendMicro telling you that you need to uninstall it.