flec006 please help

Welcome to Major Geeks!

Please follow the instructions in the below link and attach the requested logs when you finish these instructions.

• READ & RUN ME FIRST. Malware Removal Guide

• If something does not run, write down the info to explain to us later but keep on going.

• Do not assume that because one step does not work that they all will not.

Notes:

1. If you run into problems trying to run theREAD & RUN ME or any of the scans in normal boot mode. You can running steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:
   
   • Starting your computer in Safe mode
2. If you have problems downloading on the problem PC, download the tools on another PC and burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.

 

You need to run ALL of the steps in the READ & RUN ME and attach all of the requested logs. MGtools is the very last step and the MGlogs.zip log file is only 1 of the 4 requested logs and it needs to be run after all of the other scans have been run.


Try the below for your Safe Boot mode problem.



Copy the bold text below to notepad. Save it as fixSBM.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.

 

You're welcome.


Now we need to cleanup some items from running ComboFix (that is if you ever ran it).

Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.

If you are not having any other malware problems, it is time to do our final steps:

1. We recommed you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significan amount of resources ( except a little disk space ) until you run a scan.
2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /u
     • Notes: The space between the combofix" and the /u, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
   • Delete the C:\combofix folder from combofix.
3. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
4. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
5. Go to add/remove programs and uninstall HijackThis.
6. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
7. If you are running Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
8. After doing the above, you should work thru the below link:
   • How to Protect yourself from malware!

 

If you are not getting success messages for the registry patches then you are not creating the .reg patches properly. You must follow the instructions exactly. The REGEDIT4 line must be the first line in the file. No blank lines can be above it.

I'm not sure what you are doing now. I asked you long ago for ALL OF THE LOGS from the READ & RUN ME and you never attached them. Then in message # 7 I thought since you still were not attaching the logs we need that you were saying you were all clean. Thus in message # 8, I gave you final instructions to remove all the tools including ComboFix. Now you are attaching a ComboFix log.


If you want to get any help you are going to have to start at the beginning of the READ & RUN ME and complete every step. You should uninstall WinPatrol before running these steps because WinPatrol will get in the way of malware removal. When you finish running all steps, ALL 4 requested logs MUST BE attached. The logs are the below and the must be NEW logs.

• SUPERAntiSpyware
• Malwarebytes
• ComboFix
• MGlogs.zip from running MGtools