Computer infection

Hi, I have several infections on my computer and I was hoping you could help me. See the below copy of my hijackthis log.

Thanks for your help.

 

Hi nogrod,
Welcome to Major Geeks!

We only use HijackThis as one of a number of tools, because it's not comprehensive enough to find the files assoiated with most malware. Despite the fact that you ran your HijackThis incorrectly from the desktop, I can see that you have malware on your computer. Please go through the instructions in the READ & RUN ME FIRST and attach the requested logs.

To help you get started a little more easily, please close all browser windows including this one. Then rerun HijackThis. In the window that opens up, select Do a system scan only. When it's finished, put a checkmark next to O4 - HKCU\..\Run: [e©ùýùÆûïÞóÎéøøãøôÏÊýùñûïÞó] C:\Program Files\XP Antivirus\xpa.exe and then click on fix. Then start your browser again and go to the above link and run through the instructions in the READ ME, so we can see what files still need to be removed.

Be sure to use the Manage Attachments button. We don't use inline logs, because they contain links which may be dangerous to people reading the thread.

Thanks.
abri

 

Here's the logs after running the programs.

 

And one more.

 

Hi nogrod,

Your computer is very streamlined. I don't find any malware in your logs. I'm concerned that you have zero protection on your system except those programs you installed for the procedures here and I can't recommend strongly enough the need for having a resident antivirus program. Online scans simply can't offer the protection a resident antivirus program offers. In the final cleanup instructions in the box at the bottom of this post, in the link How to protect yourself from malware, you'll find our recommendations for the best way to protect your computer using the least resources. Many of the programs listed are free. AVG has recently gone to a security suite and it's been our experience so far that the security suites cannot offer protection that is as good and uses as little resources as stand alone programs. For this reason, I recommend the other two programs on that list, Avast or Antivir.

I would like for you to do the following steps that will make your computer less vulnerable and speed up your startup time a little. Then please DO read through the link I mentioned that you'll find below.


1) Go to add/remove programs and uninstall the below:

Java 2 Runtime Environment, SE v1.4.2_15
Java(TM) 6 Update 5

2) Reboot after uninstalling the above.

3) Install the current version of Sun Java from: Sun Java Runtime Environment


4) If you do not use Windows Messenger (not to be confused with MSN Messenger!!) I would like you to run Disable/Remove Windows Messenger


5) Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (Note: if using Vista, don't double click, use right click and select Run As Administrator). Select Do a system scan only). In the box that opens, find the following entries and put a checkmark next to them (if you need some of them to be in the trusted zone, leave them). After check-marking them, close all your open browser windows and click on FIX:


O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe


After you click fix, just close hijackthis.



6) Download and install Erunt. Use it to create a backup of your registry.

7) Please copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the File Type is set to "all files" Once you have saved it, look for it on your desktop and when you find it, double-click it and allow it to merge with the registry.

8) Now run CCleaner at the default setting with the Windows tab as the top one.


9) And now I would like to give you the final cleanup instructions that will take our tools and logs out of your computer:

abri