Virus/Malware SAS/MBam won't instal even in Safemode

You need to finish running the below

READ & RUN ME FIRST. Malware Removal Guide


And then attach the rest of the logs we requested. You only attached 2 of the 5 logs we requested and require in order to help you.

Also what lead you to believe there were malware problems on this PC to begin with? Was it just the lack of internet access?

 

You're welcome.

Just as easily caused by broken protection software.

Also note that according to your MGtools log, it accessed the internet just fine. See the nwktst.txt log in the MGlogs.zip file which shows it could ping by IP address as well as by URL. The log shows full network connectivity.

I'm not sure all your issues are due to malware but I do see a bunch of junkware that needs to be removed.

Let's start though by uninstall Avast since there is a good chance it is broken anyway. Do this now and then continue with the below.

Also uninstall the below now:
CWA Reminder by We-Care.com v4.1.18.3
J2SE Runtime Environment 5.0 Update 6
NetAssistant
Produtools Manuals 2.1 Toolbar
Yontoo 1.10.02



Please download OTM by Old Timer and save it to your Desktop.

• Right-click OTM.exe and select Run as administrator to run it.
• Copy the lines from the below codebox to the clipboard by highlighting ALL of them and pressing CTRL + C
  (or, after highlighting, right-click and choose Copy): Do not include the word Code: which is just a title line of
  the code box

Code:

:Processes
explorer.exe
 
:Files
C:\Documents and Settings\Kristie\Local Settings\Application Data\Smilebox
C:\Documents and Settings\Kristie\Local Settings\Application Data\visi_coupon
C:\Documents and Settings\All Users\Application Data\Tarma Installer
C:\Documents and Settings\All Users\Application Data\WeCareReminder        
C:\Documents and Settings\Kristie\My Documents\My Smilebox 
C:\Documents and Settings\Kristie\Start Menu\Programs\NetAssistant
C:\Documents and Settings\Kristie\Start Menu\Programs\Smilebox.lnk 
C:\Program Files\Free Offers from Freeze.com
C:\Program Files\Freeze.com
C:\Program Files\Yontoo
C:\Documents and Settings\Kristie\Application Data\DefaultTab
C:\Documents and Settings\Kristie\Application Data\Smilebox
c:\Program Files\BearShare Applications

:Reg
[HKEY_USERS\S-1-5-21-1229272821-1303643608-682003330-1003\Software\Microsoft\Windows\CurrentVersion\run]
"ctfmon.exe"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DATAMNGR]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\BearShare Applications\\MediaBar\\Datamngr\\ToolBar\\dtUser.exe"=-
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8CB95106-6966-4E97-B9C1-7A4916937B06}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}]
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}]
:Commands
[purity]
[EmptyTemp]
[start explorer]
[Reboot]

• Return to OTM, right click in the Paste List of Files/Folders to Move window (under the yellow bar
  ) and choose Paste.
• Now click the large button.
• If OTM asks to reboot your computer, allow it to do so. The report should appear in Notepad after the reboot.
• Close OTM.

Now navigate to the C:\_OTM\MovedFiles folder ( assuming your Windows drive is C). This is where your log will be
saved in the form of Date and Time mmddyyyy_hhmmss.log. Just look for the most recent .log file. Attach
this log file to your next message.

Now install the current version of Sun Java from: Sun Java Runtime Environment

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

• the C:\_OTM\MovedFiles log
• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

You should not be doing anything that I do not ask you to. This includes trying to install MBAM, running sfc, and other things you are doing. We know you are trying to fix your PC but it is much better that you only do what we ask and nothing else. Don't even keep trying to uninstall things that did not uninstal. We will come back to this later.

Please boot into safe mode, and attempt to follow the instructions with OTM. Whether it works or not, boot into normal mode to do the C:\MGtools\GetLogs.bat instructions and attach a new MGlogs.zip file.

 

This new log seems much different than the first log you posted. Now MGtools shows no connection to the Internet.

Can you boot this PC in normal boot mode? If yes, please run everything in normal boot mode from now on. Your last MGlog.zip was from safe mode and I specifically stated to boot into normal mode to get this log.

Back in message # 7, you said nothing about having any problems with uninstall NetAssitant that I asked you to uninstall. Please uninstall this now. If you have a problem uninstalling it then use the below program to try and uninstall everything that you could not uninstall from my list.

Revo Uninstaller

Then continue on with the below.

Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.

Now download The Avenger by Swandog46, and save it to your Desktop.



See the download links under this icon

• Extract avenger.exe from the Zip file and save it to your desktop
• Run avenger.exe by double-clicking on it.
• Do not change any check box options!!
• Copy everything in the Quote box below, and paste it into the Input script here: part of the window:

• Now click the Execute button.
• Click Yes to the prompt to confirm you want to execute.
• Click Yes to the Reboot now? question that will appear when Avenger finishes running.
• Your PC should reboot, if not, reboot it yourself.
• A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.

Be patient while doing the below. The fixes can take quite awhile to run. Especially the permissions repairs. It may be best to kick it off and goto bed or do something else. It is better not to run anything while the repairs are going on.



Download Windows Repair by Tweaking.com and unzip the contents into a newly created folder on your desktop.

• Now run Repair_Windows.exe by double clicking on it ( if you are running Vista or Win 7, use right click and select Run As Administrator)
• Now select the Start Repairs tab.
• The click the Start button.
• Create a System Restore point if prompted.
• On the next screen, click the Unselect All button to first deselect all repairs.
• Now select the following repair options:
  • Reset Registry Permissions
  • Reset File Permissions
  • Register System Files
  • Repair WMI
  • Repair Windows Firewall
  • Remove Policies Set By Infections
  • Repair Winsock & DNS Cache
  • Repair Proxy Settings
  • Repair Windows Updates
  • Set Windows Services To Default Startup
• Now on the lower right side check the box to Restart/Shutdown System When Finished
• Then make sure the Restart System radio button is enabled.
• Shutdown any other programs that you are running now before continuing.
• Now click the Start button.
• Be patient while the tool repairs the selected items.
• It should reboot automatically when finished.

Now download the current version of MGtools and save it to your root folder. Overwrite your previous MGtools.exe file with this one.

Now run MGtools.exe ( Note: If using Vista or Win7 make sure UAC is still disabled. Also don't double click on it, use right click and select Run As Administrator )




Then attach the below logs:

• C:\avenger.txt
• C:\MGlogs.zip

Make sure you tell me how things are working now!