Emergency

First I have to ask why you are posting here at Major Geeks when you already have a thread going on these problems at Tech Support Forums. It is a waste of precious resources in forums like this to have multiple forums tied up trying to help you. You really need to work in only one forum. Our cleaning procedures have detected and removed some malware and you appear to have more to remove but this may not be the cause of all of your problems.

You need to read the information given in the Using MGtools link where this error and the fix was already explained.

The other error is not a problem.

Also note that the problem with your monitor is not an issue for the Malware Forum. This is a hardware issue and should be posted in the Hardware Forum. But you were already told this at the other site too. Not being able to send outgoing email may just be a software issue. Did you allow Outlook to have access via your firewall?

 

It does not stop it from running. Attach the MGlogs.zip file.

 

But you are still posting there and you are also posting here. You should finish what you started at the other forum. We cannot afford the waste of resources. We are just too busy to spend the time having people helped in multiple locations. And the logs you have attached thus far are not showing any remaining malware problems so it is unlikely that your issues are malware related.

 

I take this back. I had a note to myself that I forgot about. There were two suspicious files I noticed. Do you have any idea what the below driver file is for that seems to have appearer on May 28th?

S3 luD32;luD32;C:\WINDOWS\System32\drivers\luD32.sys [2008-05-25 29056]

And also the below file which has an old date is suscpicious

1989-12-12 14:10 510,000 -csh--r C:\WINDOWS\eueycvw.exe

Do you recognize this hidden system file.

 

I'm still waiting for the MGlogs.zip file.

 

You have left overs from Symantec on your PC. Please run the below then reboot. After reboot run it one more time.

Norton Removal Tool (SymNRT)

Now run this Disable/Remove Windows Messenger to remove Windows Messenger. Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

Now we need to use ComboFix.

• Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
  • If it is not on your Desktop, the below will not work.
• Open Notepad and copy/paste the text in the below quote box into it:

• Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
• At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
• You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
• Now use your mouse to drag CFscript.txt on top of ComboFix.exe
• Follow the prompts.
• When it finishes, a log will be produced named c:\combofix.txt
• I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.

Also delete all files in the below folders except ones from the current date (Windows will not let you delete the files from the current day).
C:\WINDOWS\Temp
C:\Documents and Settings\Compaq_Owner.MICHELLE\Local Settings\Temp

Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.

Now run Ccleaner!

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

• C:\ComboFix.txt
• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

You did not attach anything and if these are the same kind of errors you attached at the other forum. You can continue to work them there since they are not malware problems and you are still working in that forum. We will only address the malware items I saw in your logs here.

Continue on with the other steps.

 

You need to get ComboFix to run. Try again. This is the main and most important part of the fix. Make sure you exit all security software before trying to run this procedure. Your CA protection software is may be getting in the way.

You need to attach logs here. If they are not attaching it more than likely means you are trying to attach the same logs as the last time and not new logs.

 

Okay let's use another tool.



Now download The Avenger by Swandog46, and save it to your Desktop.

• Extract avenger.exe from the Zip file and save it to your desktop
• Run avenger.exe by double-clicking on it.
• Do not change any check box options!!
• Copy everything in the Quote box below, and paste it into the Input script here: part of the window:

• Now click the Execute button.
• Click Yes to the prompt to confirm you want to execute.
• Click Yes to the Reboot now? question that will appear when Avenger finishes running.
• Your PC should reboot, if not, reboot it yourself.
• A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.

Also delete all files in the below folders except ones from the current date (Windows will not let you delete the files from the current day).
C:\WINDOWS\Temp
C:\Documents and Settings\Compaq_Owner.MICHELLE\Local Settings\Temp

Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.

Now run Ccleaner!

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).



Then attach the below logs:

• C:\avenger.txt
• C:\MGlogs.zip

Make sure you tell me how things are working now!