Please Help!! Got Junk On Computer!!

Welcome to Majorgeeks!

Well not based on what you posted. HijackThis is the very last thing requested. You need to attach all the other logs that are asked for in the READ & RUN ME. It asks for the below:

CounterSpy
AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy
Bitdefender - from step 6
Panda Scan - from step 6
runkeys.txt - the log from GetRunKey.bat
newfiles.txt - the log from ShowNew.bat
HijackThis

You also did not install HijackThis were requested and you did not rename it as requested. Please correct this now. You install it here which is NOT a good idea:
C:\Program Files\HijackThis.exe

Install it and rename it so it looks like this:
C:\Program Files\HJT\analyse.exe

You are also running MSconfig! The READ & RUN ME mentions that you must not use this in at least two place. You must get into Normal Startup mode.


Also explain why you cannot run GetRunKey and ShowNew. What exactly is happening? How far do they get? Are you sure you extracted ALL of the files from the ZIP file and are attempting to run them from outside of the ZIP file. Do you see any of the error messages that were explained and solutions were provided on the download pages for both GetRunKey and ShowNew?


Is your copy of Spy Sweeper a paid version or a free trial version?

 

You need to explain what happens when you try to run GetRunKey.bat and ShowNew.bat.

Please attach only the logs requested. We did not ask for a History log for whatever that is and we did not ask for a CCleaner log.

And why do you say the logs did not show anything! Your Panda log shows a bunch of problems! You need to run all the scans and you must attach all logs so that we can help. This also means that you must help me figure out why you say you cannot get the GetRunKey and ShowNew logs which are very important to helping you remove your malware.

You also must make sure that you get HijackThis installed and renamed as requested and you must attach a new log from it, BUT not until all the other scans have been run and their logs are attached.

 

Okay you got GetRunKey to execute properly but your choice of where to extract the files to ( C:\Program Files\attachment\ ) is not such a good idea even though it will work.

However you DID NOT extract ShowNew.bat from the ZIP file. You ran it from inside the ZIP file and thus the log is incomplete.

Let's simplify things!

• Extract the ShowNew.bat file into the C:\Program Files\attachment\ folder where you put all of the files from GetRunKey.
• Then open a Windows Explorer session by right clicking Start and selecting Explorer.
• Then navigate to the C:\Program Files\attachment\ folder and double click on ShowNew.bat.
• The file name that is created is C:\newfiles.txt
• Upload this file. You do not need to rename it to anything else.

Note: You are using a version of Ad-Aware that has not been used in more than two years. You should uninstall it and download and use the current version which is Ad-Aware SE Personal. Do not configure it to run at startup! It serves no purpose doing this all the time. Just run a scan once a week or at least twice a month. However Ad-Aware SE is not one of the steps in the READ ME and we don't need a log from it.


You should now also uninstall CounterSpy and AVG Antispyware since you already have a paid antispyware program (Spy Sweeper) that provides realtime blocking.




Let's cleanup some unnecessary stuff and a few minor malware items! Thus far you are not showing me any real signs of malware.


Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {F2B441CC-E026-47fb-BDC3-A07750FA3D2C} - file://C:\Program Files\EbatesMoeMoneyMaker4\ebatessmmm\ebatestmmm\ebmmC0.htm (file missing) (HKCU)
O15 - Trusted Zone: www.compsourceok.com
O15 - Trusted Zone: www.enigmasoftwaregroup.com
O15 - Trusted Zone: visualtracking.symantec.com
O16 - DPF: {41F31718-2B9D-4F76-85E2-DD11BBA99F8D} - http://install.spywarelabs.com/DistID/2501031120/BundleOuter2501031120.EXE
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150/05469950d03b4cfa8521/netzip/RdxIE2.cab
O16 - DPF: {8FA9D107-547B-4DBC-9D88-FABD891EDB0A} (shizmoo Class) - http://arcade.icq.com/multiplayer/odyssey_web8.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://zone.msn.com/bingame/zuma/default/popcaploader_v5.cab

After clicking Fix, exit HJT.
Boot into safe mode and use Windows Explorer to delete:
C:\WINDOWS\Windows Update Setup Files\searchbarsetup.exe

Now run Ccleaner .

Now reboot in normal mode

Now attach the below new logs and tell me how the above steps went.

1. GetRunKey
2. ShowNew
3. HJT

Make sure you tell me how things are working now!

 

Your logs are basically clean even though some items I asked you to fix are not fixed. Probably due to having Spy Sweeper running and it is blocking the fixes. You need to shutdown Spy Sweeper and fix the below with HJT and when you restart your PC or Spy Sweeper, if it warns you about any changes, you need to allow the changes.

FIX THESE!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1;<local>
O3 - Toolbar: Adorons Easy Security - {F2570A0D-001D-477D-93D1-D05EF5EB95CD} - C:\Program Files\Enigma Software Group\Adorons Easy Security\ETB.dll (file missing)
O9 - Extra button: (no name) - {F2570A0D-001D-477D-93D1-D05EF5EB95CD} - (no file)
O9 - Extra button: (no name) - {F2B441CC-E026-47fb-BDC3-A07750FA3D2C} - file://C:\Program Files\EbatesMoeMoneyMaker4\ebatessmmm\ebatestmmm\ebmmC0.htm (file missing) (HKCU
O16 - DPF: {1B9935E4-8A50-4DD8-BD09-A7518723BF97} (eAssist NetAgent Customer ActiveX Control version 3) - http://www.cabeagent.com/netagent/objects/custappx3.CAB
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab

It does not appear to be malware. Perhaps it is just something you have installed on your PC. Describe your problem in greater detail and exactly when does it occur and how often? Does it also occur in safe mode? Does it occur if you shutdown unnecessary processes like WeatherBug, Windows Messenger, MSN Messenger, QuickBooks, and others?

 

This is definitely not malware. You should post a request for help in the Hardware Forum (possibly the Software Forum but it appears to be more related to hardware). I would also suggest you uninstall all the printer and coupon downloading software and see if that resolves your problems.

Also I would ask does this problem you describe occur when you boot in safe mode.

 

You're welcome. It was not a waste of time. We got some unnecessary stuff & some minore malware removed which will help your PC's performance in the long run.