ABetterInternet my a#!

Welcome to Majorgeeks!

You have a few problems with malware and another in that you Windows Version is way out of date which is a major security risk to you.

Let's start with the below procedure:

Qoologic Removal Procedure

Then attach a new HJT log.

 

You are going to continue to have big problems then! This unpatch version of Windows is full of security holes!!!!

Try the latest version of QooFix available here: http://www.malwarebytes.org/qoofix.php

Post a new log from it and a new HJT log. Don't worry about the other stuff (BetterInternet etc) we will get to it. I first want to work on Qoologic.

 

We have a little more to do!

Click on Start, then Run ... type services.msc into the box that opens up, and press 'OK'. On the page that opens, scroll down to SymWMI Service ... then right click the entry, select 'Properties' and press 'Stop Service'. When it shows that it is stopped, next please set the 'Start-up Type' to 'Disabled'. Press 'OK' until you get back to Windows.

Next, run HJT, but instead of scanning, click on the "None of the above, just start the program" button at the bottom of the choices. At the lower right, click on the 'Config" button, and then the Misc tools' button ... select 'Delete an NT Service" ... copy/paste the following into the box that opens, and press "OK":

SymWSC

If you receive any error messages just ignore them and continue.

Now exit HJT but do not reboot when it tells you it needs to. We will do that further down after running HJT again to fix some other items.

Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O16 - DPF: {127CE7BA-AD89-4108-A913-C52EFC037C36} -
O16 - DPF: {2776DDE9-D4B2-4BF7-9F98-ADC1A1B80AF5} -

After clicking Fix, exit HJT.

Now if you are not having any other malware problems, it is time to go back to step 1 of the READ & RUN ME to Disable System Restore which will flush your Restore Points. Then reboot and enable System Restore to create a new clean Restore Point.

After that, you should work thru the below link:

How to Protect yourself from malware!

 

It is not system critical! It may have done it anyway. Attach a new HJT log so I can see. While waiting for me to respond, make sure you get started on the toggling System Restore and the How to protect thread steps.

 

Okay it looks good other than the below which is still present.

O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)

This is probably coming back because you have the registry locked for editing. See the below in your HJT log:
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

That toolbar is just a leftover from McAfee but you should be able to fix it. You will just have to remove those O6 restrictions lines first (use HJT or remove the restrictions in program you are doing this with - like Spybot or SpywareBlaster or similar). Then fix the O3 line again.

Other than that you are all done (after you finish the How to protect thread)!