HELP....Computer has some major problems!

Yes. That is what the instructions in the READ & RUN ME FIRST tell you to do. You need to try all steps. You also need to try using safe boot mode if things do not run in normal boot mode.

Also something else you could try is to run the below and then immediately try running Malwarebytes.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.
There are 4 different versions. If one of them won't run then download and try to run the other one.

Vista and Win7 users need to right click and choose Run as Administrator

You only need to get one of them to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

1. Rkill.exe
2. Rkill.com
3. Rkill.scr
4. Rkill.pif

If you are having problems running Rkill, try downloading one of the below renamed copies of RKill

• iExplore.exe
• eXplorer.exe
• uSeRiNiT.exe
• WiNlOgOn.exe

Now if Rkill ran, immediately run Malwarebytes and fix anything it finds. Then reboot. Then try to continue with the READ & RUN ME FIRST.

 

You're welcome. You need to attach the requested log from MGtools. This is the MGlogs.zip file.

 

I already did in my last message. MGlogs.zip

The READ & RUN ME FIRST instructions also specifically tell you this. It is the C:\MGlogs.zip file. Do not look in the C:\MGtools folder for it. It is not in that folder.

 

I strongly recommend that you uninstall RegWork and not use programs like this in the future. Registry cleaning is highly controversial but quite frequently, it causes more harm then good. Also most of what they report as issues, are not issues at all.

Now let's continue with your cleaning.

• Please save Win32kDiag file to your desktop.
• Click on Start->Run, and copy-paste the following command (the bolded text) into the "Open" box, and click OK. When it's finished, there will be a log called Win32kDiag.txt on your desktop. Please attach this log

"%userprofile%\desktop\win32kdiag.exe" -f -r

Now we need to use ComboFix

• Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
  • If it is not on your Desktop, the below will not work.
• Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
• If ComboFix tells you it has expired or need to be updated to a new version, make sure you allow it to update.
• Open Notepad and copy/paste the text in the below quote box into it:

• Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
• At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
• You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
• Now use your mouse to drag CFscript.txt on top of ComboFix.exe
• Follow the prompts.
• When it finishes, a log will be produced named c:\combofix.txt
• I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.

If after running Combofix you discover none of your programs will open up because you recieve the following error: Illegal operation attempted on a registry key that has been marked for deletion then you will need to reboot your computer which will normally fix this problem.
Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

• the logs from Win32kdiag
• C:\ComboFix.txt
• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

Give Avira a try. Or try Microsoft Security Essentials.

Don't know for sure. This can also occur for non-malware reasons. Sometimes just because the time/date on a PC is wrong can cause it.


Your logs had shown that other user accounts on this PC were also infected. You really need to make sure that they are all running properly now.

 

To be complete, yes! But are any of the other user accounts having any signs of malware?

Very bad practice!!!!! Everyone should have their own user account and only one user account should have administrator priviledges.