Experiencing BIG problems AFTER following READ & RUN ME FIRST

I first came to MajorGeeks looking for an anti keylogger since I had run all my antivirus and antispyware programs and my computer was clean. OK so nothing was particularly wrong with my computer but being curious I thought I'd run the suite of tools that are offered under the READ & RUN ME FIRST http://forums.majorgeeks.com/showthread.php?t=35407 just to see if anything was wrong.

I followed the instructions to the T and pretty much just created logfiles and ran the programs discovering nothing but minor suspicious dead ends. In other words there was no malware. Defogger, RogueKiller, MalwareBytes, tdskiller, hitman pro and MG Tools all ran without a hitch. After finding nothing reran defogger to undo whatever it changed (it didn't apparently change anything) and I transferred all the files and logfiles from my desktop (and MG Tools from the C. drive) into their own folder, "Majorgeeks malware removal suite", and packed them away for later.

However, here's the problem, I had disabled my antivirus and firewall programs and a couple times these programs requested connection to the internet. Even though I had selected no automatic updates while I was connected, with my firewall off, Microsoft decided to sneak some "important" AND "recommended" updates onto my computer.

I rebooted my computer and discovered Microsoft had snuck the files onto my computer (one being a compatibility appraiser to guinnea pig our computers to see if they can take Windows 10 grrrrrr) when it I got the message do not turn your computer off windoes is installing updates. So I went out for a walk and let it just finish. After reboot I turned my firewall and antivirus back on and connected to the internet. Lo an behold all these new programs are requesting permission to connect to the internet!

So knowing it was microsoft I went into programs and features and started uninstalling them one at a time. I ran into two problems where I could not uninstall at least a couple of them Silverlight and KB3020369. When you click on it the uninstall link at the top disappears. So I thought to heck with it I'm just going to use a restore point to just before those updates installed.

The Restore point failed, so I tried another one. That failed too. I also happened to go into Task Scheduler and noticed a few new entries that microsoft had installed despite the fact I had uninstalled the programs related to them. Trying to delete them all their properties were grayed out. So I went to Windows Update again and tried installing some of the important updates I wanted to keep then they failed. So now my computer is really messed up when it was fine before I ran these programs. Anyone know what's going on? I really do not want to burn up my whole weekend and a couple more days reformatting my hard drive.

To add to my frustration when I came to Majorgeeks I tried to login to the account I had created before running the malware tools and someone had deleted my account! I had gotten the confirmations and everything. I am a human! do not delete my account!

Running Windows 7 Home Premium 64bit SP1. Comodo Internet Security Premium.

 

So moving the files particularly MGTools from the C.\ root, nor did defogger have anything to do with it?

I tried running microsoft Fixit and autoruns and removed a couple yellow deadends from the autoruns list one being ysyfer service control manager. Event viewer is showing a lot of ntfs Event 137 errors. For some reason many applications are now trying to connect to IP 224.0.0.22 Internet Assigned Numbers Authority. I hate microsoft. Anyway, here are my logfiles.

 

final logfiles

 

Do you mean PUP.Optional.VideoCNV.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\fa6789c5, , [06e95d36286254e2fe0863886f946e92]?

I believe it is related to one of the video conversion/screen capture programs I am testing. Freemake Video Converter, Vivica Anyvideo Converter HD, AVS4U, or Bandicam. Any idea which one?

 

Yep it was MalwareBytes that requested to connect to the internet to update it's signatures which allowed microsoft to download its "malware" into my computer. My fault though as I failed to reenable my firewall when I reconnected.