Internet security 2012 virus

Download the below file to your Desktop. Once saved on your Desktop, Right click on it and select Install

EXEfix

Then see if you can run EXE files. If you can then move right back into running the READ & RUN ME FIRST.

​

 

No! I will tell you when to toggle System Restore.

And you should never be in selective startup unless you are doing Temporary debugging and then it is only temporary. See the READ & RUN ME step 4 again.

What are the below for?
O4 - HKLM\..\Run: [SQ916D] C:\Program Files\SQ916D\916D.exe
O4 - HKCU\..\Run: [InsaniquariumDeluxeSetup.exe] C:\DOWNLO~1\INSANI~1.EXE /r
O4 - HKCU\..\Run: [Chutes.exe] C:\DOWNLO~1\CHUTES~1.EXE /r


Are you having any problems where icons seem to be missing, or programs are missing from your Start menu, or files seem to be missing from your hard disk ( like things in Program Files )?

Did you knowingly install Zynga Toolbar? If not then uninstall it.
Did you knowingly install facemoods? If not then uninstall it and this program is not recommended!!!

Uninstall Conduit Engine

Also I recommend that you uninstall Ad-Aware. It is not that useful anymore. SUPERAntiSpyware and Malwarebytes are much better tools to have.

Also uninstall Java(TM) 6 Update 21 and update to the current version See: Updating Sun Java


Now delete the below files. Let me know if you have a problem finding and deleting these:
C:\Documents and Settings\jasmin-remelie\Local Settings\Application Data\s4s3uq2wq1302a4035f3d1q82hm24dxldgkd72
C:\Documents and Settings\All Users\Application Data\s4s3uq2wq1302a4035f3d1q82hm24dxldgkd72
C:\aaw7boot.log
C:\AVG6DB_F.DAT
C:\avgun.log


Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista or Win 7, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

R3 - URLSearchHook: {EA551C00-2AE5-11d3-8592-00A0C98E9EA4} - - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

After clicking Fix, exit HJT.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

We will remove them.

facemoods to not get completely removed according to your last MGlogs.zip so we will manually remove leftovers.

As stated already, you should not use MSconfig.

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista or Win 7, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.3.61.0\facemoods.dll
O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.3.61.0\facemoodsTlbr.dll
O4 - HKLM\..\Run: [SQ916D] C:\Program Files\SQ916D\916D.exe
O4 - HKCU\..\Run: [InsaniquariumDeluxeSetup.exe] C:\DOWNLO~1\INSANI~1.EXE /r
O4 - HKCU\..\Run: [Chutes.exe] C:\DOWNLO~1\CHUTES~1.EXE /r

After clicking Fix, exit HJT.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

I don't know what you mean. There is no Start up icon named Windows Security Alert disabled ? Do you mean something under Control Panel? Please clarify.

Do the below folders exist?
c:\documents and settings\all users\start menu\personalsec
c:\program files\common files\personalsecuninstall

 

Yes this is more clear. I though you were talking about click the Start button, but you were just referring to the system tray icon. This is really more of a Windows problem that should be worked in the Software Forum, but I will give you a couple things to try which may correct this inconsistency. In fact have you tried going to Microsoft's Site to do check updates. It may even fail when you have an inconsistency like this. Check it out right now.

......... Okay I was going to post some canned fixes that I have related to Windows Update issues, but then I found the below link which seems to be the same problem you have. So I suggest you check out this link which gives a couple of procedures to try and resolve this:

http://www.1stbyte.com/2011/06/18/windows-security-center-says-automatic-updates-are-turned-off/

 

Excellent news. You're welcome.

Included in the below instructions. Follow them in order.

 

You're welcome. Thanks for the feedback.

But I forgot to post the final instructions.

If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /uninstall
     • Notes: The space between the combofix" and the /uninstall, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
3. Go back to step 6 oof the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
7. Go to add/remove programs and uninstall HijackThis.
8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders
   related to MGtools and some other items from our cleaning procedures.
9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning procedures pointed to by step 7 of the READ ME
     for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
10. After doing the above, you should work thru the below link:
    • How to Protect yourself from malware!