Drives shared as C$ and E$ without my knowing!

I tend to doubt this is a malware issue but the only way to really know for sure is for you to complate the procedure further down. Note, the registry key someone told you to edit, only applies if you are using Novell software.

To determin if you have malware, please follow the instructions in the below link and attach the requested logs when you finish these instructions.

READ & RUN ME FIRST. Malware Removal Guide

If you cannot run certain steps, just note what happens at each point and then continue on thru ALL steps. When you return, tell us what happened and attach any requested logs you were able to get. Do note, without logs, we can not do much to give you specific help and can only guess which is not a good thing to do.

 

You need to attach the MGlogs.zip file that was requested too.

 

I don't know where/when you got the version of MGtools you are running but you are WAY out of date. You need to always work from the current online version of the READ ME. Please download the current version of MGtools and get a new log and attach it. Also make sure you are in normal boot mode not safe boot mode as your last log was. Also make sure you save and run MGtools.exe to c:\ and not like you did last time which was:

C:\Documents and Settings\CaptainKeys\My Documents\Messin'\MGtools.exe

 

Well your problems do not appear to be related to malware. I suggest that you post a question about this in the Software Forum. However I do have some steps that you should perform which are unrelated to your problem.

Uninstall the below old versions of software as requested in the READ ME:
J2SE Runtime Environment 5.0 Update 11
Java(TM) 6 Update 3
Now reboot your PC after uninstalling the above.

After reboot, now install the current version of Sun Java from: Sun Java Runtime Environment

Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"

After clicking Fix, exit HJT.

Now Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Then you should do the below:

2. If we used ComboFix then UNINSTALL COMBOFIX (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN
   • Now type combofix /u in the runbox and click OK.
   • Note: The space between the X and the /U, it must be there.
3. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
4. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
5. After doing the above, you should work thru the below link:
   • How to Protect yourself from malware!

 

You're welcome. Surf safely!