In need of help

Welcome to Major Geeks!


You are way out of date with your version Malwarebytes!!! So before we dig any further you need to get properly updated and run new scans.
Now run Malwarebytes and click the Update tab. Then click the Check for Updates button so you update to the current version of the program and database. Then run a new scan with it too. Attach the new log.



Now download the current version of MGtools and save it to your root folder. Overwrite your previous MGtools.exe file with this one.

Run MGtools.exe ( Note: If using Vista make sure UAC is still disabled. Also don't double click on it, use right click and select Run As Administrator )


Now attach the below log:

• the new Malwarebytes logs
• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

And it still is!!!! You still did not click the Update tab and update to the current data base as requested. You are more than 350 database versions out of date. This does not mean that it will find anything but you need to learn to properly update. So please update and run a new scan. Fix everything found and then save a new log to attach.

I strongly advise you to cleanup your Desktop. Remove eveything but links to run programs. Do not download and save programs here and defintely do not use it for long term storage. You need to keep ComboFix.exe here for now as we need it, but we will be removing it when we are finished with your cleanup. A cluttered Desktop is malware's playground and it can also cause performance degradation especially when you start saving large files here like you are doing.


I also advise to read this Warning about Keygens, Cracks, and other Illegal Software and to stop downloading and installing torrents and illegal software which will invariably break your PC..... possibly why you are now having problems. You need to uninstall/delete all cracks and illegal software now.

Please delete the below two file. MGtools does not belong here and neither does ComboFix and they are not documents.
C:\Documents and Settings\Ginkaku\My Documents\Installation EXEs\MGtools.exe
C:\Documents and Settings\Ginkaku\My Documents\Installation EXEs\ComboFix.exe

You need to download the current version of ComboFix.exe to your Desktop as requested or you will not be able to follow later instructions.

Now you must disable Spybot's Teatimer as requested in the READ & RUN ME. See this: How to disable Spybot's TeaTimer


You need to uninstall the below outdate programs to and properly update. Sun Java updates were requested in step 3 of the READ & RUN ME. Don't bother installing the new version of Ad-Aware since it is not worth having. SUPERAntiSpyware & Malwarebytes are much, much much better.
Ad-Aware 2007
Java(TM) 6 Update 11
Java(TM) 6 Update 5
Mozilla Firefox (3.0.10)


Did you knowingly install Swag_Bucks Toolbar?



Now we need to use ComboFix

• Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
  • If it is not on your Desktop, the below will not work.
• Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
• If ComboFix tells you it has expired or need to be updated to a new version, make sure you allow it to update.
• Open Notepad and copy/paste the text in the below quote box into it:

• Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
• At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
• You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
• Now use your mouse to drag CFscript.txt on top of ComboFix.exe
• Follow the prompts.
• When it finishes, a log will be produced named c:\combofix.txt
• I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.


Now run Ccleaner. Only use the Run Cleaner button. Do not run anything else on any other forms.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).


Then attach the below logs:

• the new Malwarebytes log
• C:\ComboFix.txt
• C:\MGlogs.zip

Make sure you tell me how things are working now!

Are you are still having problems are you still having? Be specific.

 

According to your previous logs, you never put ComboFix onto your Desktop. You have it here which is incorrect:
C:\Documents and Settings\Ginkaku\My Documents\Installation EXEs\ComboFix.exe

You need to download and save the current version to your Desktop.

Then just press and hold the Windows key (to the left of the space bar and Alt key) and hit the "e" key which should bring up Windows Explorer. If Windows Explorer opens, navigate to your Desktop and drag the file ontop of ComboFix.exe this way. Recreate the CFScript.txt file first since I just fixed a typo in it.

 

Assuming your Internet Explorer browser functions properly, just enter the below into the address bar and hit enter:

C:\Documents and Settings\Ginkaku\Desktop


This should bring up your Desktop files from where you should be able to drag and drop the CFscript.txt file onto ComboFix.exe as long as both are on your Desktop.

 

Okay let's do this differently. First run a new scan with Malwarebytes, update it again before running the scan to make sure you are current again. It updates all the time.


Copy the bold text below to notepad. Save it as C:\fixme.reg ( that is to your root folder) . Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.

Now download The Avenger by Swandog46, and save it anywhere that you will be able to find it to complete the below.

• Extract avenger.exe from the Zip file and save it to your desktop
• Run avenger.exe by double-clicking on it.
• Do not change any check box options!!
• Copy everything in the Quote box below, and paste it into the Input script here: part of the window:

• Now click the Execute button.
• Click Yes to the prompt to confirm you want to execute.
• Click Yes to the Reboot now? question that will appear when Avenger finishes running.
• Your PC should reboot, if not, reboot it yourself.
• A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.

Now run Ccleaner. Only use the Run Cleaner button. Do not run anything else on any other forms.

Now download the current version of MGtools and save it to your root folder. Overwrite your previous MGtools.exe file with this one.

Run MGtools.exe ( Note: If using Vista make sure UAC is still disabled. Also don't double click on it, use right click and select Run As Administrator )

Then attach the below logs:

• the new Malwarebytes log
• C:\avenger.txt
• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

You will have to be specific and tell me exactly which problems you are referring to.

I'm not seeing any malware in your logs. I'm going to give you a few things to do below; however these are malware fixes. They are for issues withing Windows or for unnecessary startup programs they could be causing problems. You may need to fix you problems in the Software Forum.

You still have Teatimer running. Please uninstall Spybot now. Do not reinstall it at this time and in the future, if you do reinstall, uncheck the Teatimer option.


Now run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O2 - BHO: (no name) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - (no file)
O16 - DPF: {62D1331A-38B3-C074-A5CA-13BB6FBFDB71} - http://download.pcprivacycleaner.com/PCPC_Setup_Free.exe
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} -
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -

Optionally fix the below unnecessary startups, some of which have been know to be trouble makers. Like the stuff from your ISP. Hopefully the Teatimer item is already gone from uninstalling Spybot.
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\TELUSE~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: TELUS eCare.lnk = C:\Program Files\TELUS eCare\bin\matcli.exe

After clicking Fix, exit HJT.

Now run the C:\MGtools\FixFA.bat file by double clicking on it or right clicking and selecting Open or any other method by which you can run it.

Now click Start, Run, and enter sfc /scannow and click OK. There is a space after the sfc. This runs System Rile Checker which looks for missing or corrupted system files and attempts to replace/repair them from files on your hard disk or from the CD if necessary. So it will ask for the Windows CD if it needs it.

Now Reboot your PC!!!!!



Now I want to cleanup a bunch of stuff and then get a new copy of MGtools installed:

1. Uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /uninstall
     • Notes: The space between the combofix" and the /uninstall, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
2. Go to add/remove programs and uninstall HijackThis.
3. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.

Now run Ccleaner. Only use the Run Cleaner button. Do not run anything else on any other forms.

Now download the current version of MGtools and save it to your root folder. Overwrite your previous MGtools.exe file with this one.

Run MGtools.exe ( Note: If using Vista make sure UAC is still disabled. Also don't double click on it, use right click and select Run As Administrator )


Now attach the below log:

• C:\MGlogs.zip

Make sure itemize the details of any problems you have now.