Review of Cleaning Logs

Welcome to Major Geeks!

As stated in the cleaning procedure, you really are not supposed to run it more than once. If still having problems after the first time thru, you are supposed to attach the logs from the first run.

There really is not too much more to do, but before we get to that I have to ask did you install and do you use all the National Instruments software (Labview)?

I strongly advise you to cleanup your Desktop. Remove eveything but links to run programs. Do not download and save programs here and defintely do not use it for long term storage. You need to keep ComboFix.exe here for now as we need it, but we will be removing it when we are finished with your cleanup. A cluttered Desktop is malware's playground and it can also cause performance degradation.

I also strongly advise you to uninstall pdfforge Toolbar which install without most people realizing it and it hijacks search settings. This got installed when you recently install PDF Creator.

What are the below folders for?

Code:

"C:\"
COL4426       Aug 14 2009              "col4426"
COL6596       Aug 14 2009              "col6596"
COL6904       Aug 14 2009              "col6904"

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O23 - Service: Viewpoint Manager Service - Unknown owner - C:\Program Files\Viewpoint\Common\ViewpointService.exe (file missing)

After clicking Fix, exit HJT.

Now run this Disable/Remove Windows Messenger to remove Windows Messenger. Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.


Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.

Now run Ccleaner. Only use the Run Cleaner button. Do not run anything else on any other forms.

Now download the current version of MGtools and save it to your root folder. Overwrite your previous MGtools.exe file with this one.

Run MGtools.exe ( Note: If using Vista make sure UAC is still disabled. Also don't double click on it, use right click and select Run As Administrator )


Now attach the below log:

• C:\MGlogs.zip

Make sure you tell me how things are working now!