cant "explore" windows & control panel/my computer icons still hiding

Welcome to Major Geeks!

No that is not the log. The log is c:\MGlogs.zip Please attach it.

Also you have ComboFix here: F:\ComboFix.exe You MUST put it on your Desktop as specified in the instructions. Also if you ran MGtools from the F drive, it will not work properly. You need to put it where instructed which was the root folder of your C drive and run it from there.

 

Okay you have a Master Boot Record (MBR) infection along with a few other infections.

Why are you running this PC with NO protection????



Please download HelpAsst_mebroot_fix.exe by noahdfear and save it to your Desktop.

• Double click HelpAsst_mebroot_fix.exe to run the tool.
• When the tool completes it will inform you HelpAssistant was successfully removed, or it may require a reboot. DO NOT reboot at this point if it tells you this. Do the below first.
• With Windows Explorer, navigate to the C:\MGtools folder and double click on mbrfix.bat ( If not sure how to use Windows Explorer, you can optionally click Start > Run and enter C:\MGtools\mbrfix.bat into the run box and click OK. ) This will run quickly flashing a black screen in front of you too fast to read.
• NOW REBOOT!

After reboot, download The Avenger by Swandog46, and save it to your Desktop.

• Extract avenger.exe from the Zip file and save it to your desktop
• Run avenger.exe by double-clicking on it.
• Do not change any check box options!!
• Copy everything in the Quote box below, and paste it into the Input script here: part of the window:

• Now click the Execute button.
• Click Yes to the prompt to confirm you want to execute.
• Click Yes to the Reboot now? question that will appear when Avenger finishes running.
• Your PC should reboot, if not, reboot it yourself.
• A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.

After reboot, uninstall the below software:
J2SE Runtime Environment 5.0 Update 3
Java(TM) 6 Update 17
My Way Search Assistant <-- should have been uninstalled in step 5 of the READ ME


Now install the current version of Sun Java from: Sun Java Runtime Environment


Now delete all files in the below folders except ones from the current date (Windows will not let you delete the files from the current day).
C:\WINDOWS\TEMP
C:\Documents and Settings\Kyle\Local Settings\temp

Now run Ccleaner. Only use the Run Cleaner button. Do not run anything else on any other forms.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).


Then attach the below logs:

• C:\avenger.txt
• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

Chaslang has been without power for a few days now and may not get back for a few more.

Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

After clicking Fix, exit HJT.

* Run avenger.exe by double-clicking on it.
* -Do not change any check box options!!
* Copy everything in the Quote box below, and paste it into the Input script here: part of the window:

* Now click the Execute button.
* Click Yes to the prompt to confirm you want to execute.
* Click Yes to the Reboot now? question that will appear when Avenger finishes running.
* Your PC should reboot, if not, reboot it yourself.
* A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.

Now run Ccleaner to clean out only temp files and nothing else!

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

* C:\Avenger.txt
* C:\MGlogs.zip

Make sure you tell me how things are working now!

 

Let's see if we can get Combo to work.

* Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
If it is not on your Desktop, the below will not work.
* Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
* If ComboFix tells you it needs to update to a new version, make sure you allow it to update.
* Open Notepad and copy/paste the text in the below code box into it (make sure you scroll all the way down in the code box to get all lines selected ):

Code:

KILLALL::

File::
C:\Documents and Settings\darlene tuller\Local Settings\Temp\MAR1.tmp
C:\Documents and Settings\darlene tuller\Local Settings\Temp\mar10.tmp    
C:\Documents and Settings\darlene tuller\Local Settings\Temp\mar13.tmp     
C:\Documents and Settings\darlene tuller\Local Settings\Temp\mar2.tmp      
C:\Documents and Settings\darlene tuller\Local Settings\Temp\mar5.tmp     
C:\Documents and Settings\darlene tuller\Local Settings\Temp\mar6.tmp     
C:\Documents and Settings\darlene tuller\Local Settings\Temp\mar7.tmp     
C:\Documents and Settings\darlene tuller\Local Settings\Temp\mar8.tmp     
C:\Documents and Settings\darlene tuller\Local Settings\Temp\mara.tmp     
C:\Documents and Settings\darlene tuller\Local Settings\Temp\marb.tmp     
C:\Documents and Settings\darlene tuller\Local Settings\Temp\rules.ini    
C:\Documents and Settings\darlene tuller\Local Settings\Temp\sts10.tmp   
C:\Documents and Settings\darlene tuller\Local Settings\Temp\sts14.tmp   
C:\Documents and Settings\darlene tuller\Local Settings\Temp\sts1a.tmp   
C:\Documents and Settings\darlene tuller\Local Settings\Temp\sts9.tmp    
C:\Documents and Settings\darlene tuller\Local Settings\Temp\stsd.tmp     
C:\Documents and Settings\darlene tuller\Local Settings\Temp\_tf97.tmp    
C:\Documents and Settings\darlene tuller\Local Settings\Temp\_tg5.tmp 
C:\zip.exe
C:\cleanup.bat
C:\cleanup.exe 

Folder::
C:\Avenger
C:\WINDOWS\SYSTEM32\neburile

* Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
* At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
* You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
If it asks you to overide the prvevious file with the same name, click YES.
* Now use your mouse to drag CFscript.txt on top of ComboFix.exe
http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif
* Follow the prompts.
* When it finishes, a log will be produced named c:\combofix.txt
* I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

* C:\ComboFix.txt
* C:\MGlogs.zip

Make sure you tell me how things are working now!

 

A-Squared is not an anti-virus program and the free program provides zero protection. In addition, we don't recommend it since it has too many false detection issues. You need real protection. I suggest you first uninstall A-Squared now.

I see left overs on your PC from having Norman Antivirus installed at one time too. We will remove them in the next fix below.

Now click Start, Run, and enter sfc /scannow and click OK. There is a space after the sfc. This runs System File Checker which looks for missing or corrupted system files and attempts to replace/repair them from files on your hard disk or from the CD if necessary. So it will ask for the Windows CD if it needs it.

Now uninstall My Way Search Assistant. If you cannot find it or get an error, just continue on.

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe (file missing)

After clicking Fix, exit HJT.

Now we need to use ComboFix to remove a bunch of malware files.

• Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
  • If it is not on your Desktop, the below will not work.
• Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
• If ComboFix tells you it has expired or need to be updated to a new version, make sure you allow it to update.
• Open Notepad and copy/paste the text in the below quote box into it:

• Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
• At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
• You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
• Now use your mouse to drag CFscript.txt on top of ComboFix.exe
• Follow the prompts.
• When it finishes, a log will be produced named c:\combofix.txt
• I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.

Now run Ccleaner. Only use the Run Cleaner button. Do not run anything else on any other forms.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

• C:\ComboFix.txt
• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

Did you run the sfc /scannow command and did it ask for your CD?

You don't appear to be having malware problems now. It seems that the problems are within Windows itself. You would be better off posting remaining issues in the Software Forum. And Event Viewer log may be of use to them. See: http://support.microsoft.com/kb/308427


Also a question! Do these problem occur when you boot in Safe Boot Mode?