Results from the READ ME FIRST XP Cleaning procedure

The same way you attached the other logs. Just put C:\MGlogs.zip into the box in the Manage Attachments form and click upload. We need this log to continue.

The Malwarebytes log is in the below folder:

C:\Documents and Settings\username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\

Where username needs to be replaced by your actual user account name.

 

Only people who are members of Major Geeks like you.

Because it is not required and impossible to easily do.

No not really. How many people in the world would you guess have the same name for their user account as you? And even knowing that name, what does it tell anyone.

Once you attach the last log, we can continue.


What problems are you currently having?

 

No this is not MGlogs.zip it is exactly what you attached ..... sysinfo.txt.

You need to attach the file that was requested which is c:\MGlogs.zip and nothing else.

Problems with Adobe Reader should be posted in the Software Forum.

The main reason for your PC being slow is probably due to the below which shows you do not have enough memory to properly run Windows XP.

Code:

 Total Physical Memory 512.00 MB 
Available Physical Memory 118.30 MB

At a minimum, you must double your memory to 1 GB but 2 GB is highly recommended.

 

You're welcome. We just have a little more to do.


Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

R3 - URLSearchHook: House of Many Games Toolbar - {6aa39034-952d-4854-90b4-e5498bda7b97} - C:\Program Files\House_of_Many_Games\tbHou1.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: House of Many Games Toolbar - {6aa39034-952d-4854-90b4-e5498bda7b97} - C:\Program Files\House_of_Many_Games\tbHou1.dll
O3 - Toolbar: House of Many Games Toolbar - {6aa39034-952d-4854-90b4-e5498bda7b97} - C:\Program Files\House_of_Many_Games\tbHou1.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\\Program Files\\Common Files\\Symantec Shared\\ccSvcHst.exe (file missing)

After clicking Fix, exit HJT.

Uninstall the below software:
Ask Toolbar
House_of_Many_Games Toolbar

Now run Ccleaner. Only use the Run Cleaner button. Do not run anything else on any other forms.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

Just keep going.

It is right where stated C:\MGtools is the folder it is in and GetLogs.bat is the file. If you ran C:\MGtools\analyse.exe without a problem, why are you having a problem finding GetLogs.bat? Both analyse.exe and GetLogs.bat are located in the same location.

Aren't you use Windows Explorer to navigate to the files?

I did not say to run MGtools.exe but it you ran it and let it run all the way then a new MGlogs.zip file would be created anyway so just attach it.

As stated above, it is in the C:\MGtools folder and you cannot just enter GetLogs.bat into the Run box from the Start button. It will not be found that way since it is not part of the Windows environment. However if you pasted C:\MGtools\GetLogs.bat into the Run box, it would run since that gives it the full path of where to find GetLogs.bat.

 

No that is not Windows Explorer. Windows Explorer can be open many ways, like any of the below for example.

• hold down the Windows Key on your keyboard and at the same time press 'e'
• right click Start and select Explore
• double click My Computer

This brings up Windows Explorer which is the Windows file manager and it allows you to navigate thru files and folders and perform all kinds of operations on files and folders. Including giving you the ability to navigate to the C:\MGtools folder were you can double click on analyse.exe or GetLogs.bat to run them which is what previous steps were saying when they asked you to double click on them. Everyone who uses a PC should know how to open and use Windows Explorer.
Your logs are clean but to finish removing the entry for Ask Toolbar, do the below.

Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.


If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
3. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /uninstall
     • Notes: The space between the combofix" and the /uninstall, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
7. Go to add/remove programs and uninstall HijackThis.
8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning procedures pointed to by step 6 of the READ ME for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
10. After doing the above, you should work thru the below link:
    • How to Protect yourself from malware!

 

You're welcome. Surf safely!

 

You're welcome.

See step 14 of this link I gave you: How to Protect yourself from malware!