Bad Virus/Worm

Because on average there are 200 people in this forum and maybe 2-3 volunteers helping you for FREE. Im sure if you take it to a shop, they will be glad to help you for a large fee. Otherwise, you could have simply read the sticky threads here, rather then repeatedly bumping your own thread and private messaging people, for example:

http://forums.majorgeeks.com/showthread.php?t=104916

Please be patient, they will get to you in order

 

Unless you can get us the logs requested in the READ & RUN ME, we cannot help you. There is nothing in HJT log that you posted but that does not mean very much since HijackThis is not that useful by itself especially when not properly installed.

 

You're welcome! Are you attempting to run as much of the READ & RUN ME as possible? You can also attempt to run things in safe boot mode as an alternative if you have issues in normal boot mode.

 

You're welcome. Make sure you check out the below:

How to Protect yourself from malware!

 

Yes please attach the other requested logs from SUPERAntispyware and from MGtools.exe Make sure that you are not using MSconfig to control startups. See step 1 of the READ ME. Based on your ComboFIx log you ignored this step. You need to attach new logs after you are in Normal Startup mode.

 

I see AOL Spyware Protection, Spy Sweeper and Windows Defender installed. Is AOL's Spyware Protection actually Spy Sweeper? You may be running three antispyware protection programs which is not recommended. They will conflict and make each less effective. If you are going to keey Spy Sweeper, uninstall Windows Defender now and uninstall AOL Spyware Protection too if it is not actually Spy Sweeper.

Did you setup the below yourself?
O24 - Desktop Component 0: (no name) - http://www.defjam.com/llcoolj/assets/images/home-photo2.jpg

Run this Disable/Remove Windows Messenger to remove Windows Messenger. Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

Uninstall the below old versions of software:
Java(TM) 6 Update 3
Viewpoint Media Player <-- should have been uninstalled in step 0 of the READ ME

You have a load of malware trapped in MSconfig. I'm going to give you a fix below to remove this but it will also remove the Spy Sweeper startup unless you put your system into Normal Startup mode first. So put it in normal startup mode now. Later when you go to run ComboFix, just shutdown Spy Sweeper.

Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Now we need to use ComboFix to remove a bunch of malware files.

• Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
  • If it is not on your Desktop, the below will not work.
• Open Notepad and copy/paste the text in the below code box into it (make sure you scroll all the way down in the code box to get all lines selected ):

Code:

KILLALL::
 
Driver::
iMSPQMn
 
File::
C:\DOCUME~1\Owner\LOCALS~1\Temp\iMSPQMn.sys
C:\WINDOWS\qyhsotqe.exe
 
Folder::
C:\Program Files\ISTsvc

• Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
• At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
• You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
• Now use your mouse to drag CFscript.txt on top of ComboFix.exe
• Follow the prompts.
• When it finishes, a log will be produced named c:\combofix.txt
• I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.


After reboot, now install the current version of Sun Java from: Sun Java Runtime Environment

Now run Ccleaner!

Now run the C:\MGtools\GetLogs.bat file by double clicking on it.

Then attach the below logs:

• C:\ComboFix.txt
• C:\MGlogs.zip

Make sure you tell me how things are working now!