Computer hacked?

Please read this:
How to attach items to your post.

Now please complete these instructions:
READ & RUN ME FIRST. Malware Removal Guide

 

All you needed to do was click the link given in the instructions where it said the below

This sends you to the proper download

 

Are you going to attach the rest of the requested logs? We still need these::
SAS
RootRepeal
ComboFix
C:\MGLogs.zip --> from running the C:\MGTools.exe.

 

Just post back when you have all the logs.

 

No you do not need to redownload MBAM> but we do need the other requested logs.

 

No, since it presumably ran fine without renaming.

 

You can skip running MBAM, but you need to still run these:
SAS ( SuperAntispyware )
RootRepeal ( If it will run ).
ComboFix
C:\MGTools.exe --- which will produce the C:\MGLogs.zip.

 

No need to disable spyware Blaster. Just continue on.

 

Don't worry about them, just continue on!

 

Just ignore it and continue on.

 

Please read this:
How to attach items to your post.

Attach the entire C:\MGLogs.zip
and also attach the other requested logs:
SAS
ComboFix
RootRepeal ( If it ran. )

 

You did just fine.

Your logs are clean. The scans took care of any malware that was on your system.

If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no real time protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.We recommend them for doing backup scans when you suspect a malware infection.
2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /uninstall
     
     • Notes: The space between the combofix" and the /uninstall, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
     
     
   
   
3. Go back to step 6 of the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
7. Go to add/remove programs and uninstall HijackThis.
8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
   
   • Refer to the cleaning procedures pointed to by step 7 of the READ ME
     for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
   
   
10. After doing the above, you should work thru the below link:
    
    • How to Protect yourself from malware!
    
    

Help Support MajorGeeks
Buy Discounted Software @ Majorgeeks Store. Giveaways Too!

Majorgeeks Geek Wear. Hats, T-Shirts, Hoodies

MajorGeeks on FaceBook

 

Yes you can just delete RootRepeal. And to answer your other question, you must always remain in normal start up mode, any other mode is primarily used for troubleshooting and diagnostics purposes.

 

I don't understand what you are referring to. If you want to disable autoruns you can use this utility:
AutoEater.

Why are you trying to backup your registry and what text are you trying to save to notepad?

 

I believe that seelisilus is referring to Step 9 of the How to protect yourself from malware thread.

 

Ah, the cloud parts.

Just highlight the bold text in the quotation box and then paste it into notepad. Be sure to save it as AutoRunDisable.reg and then save the type file as "all files". Then double click it to let it merge with the registry. You can delete it once you are done.

 

Thanks for clearing that up for me.

 

We recommend that you keep both SAS and MBAM for running backup scans when you suspect a malware issue.

 

You can start a new thread for this other machine and post all the logs so we can check them.

 

You are welcome.