Help removing malware, please!

Hello, echappee

Re-run HitmanPro, activate the 30-day trial license and fix these detections:
Malware
Potential Unwanted Programs

Ignore all other detections.
Afterwards, click the Next button.
HitmanPro may want to reboot the PC in order for the changes to take affect, please do so.

After reboot and when you are back in Windows, run another scan with HitmanPro and then attach the latest HitmanPro log

Please re-run RogueKiller and run a scan. After it finishes the scan, select the Registry tab and then select any of the below that exist and then click the Delete button.

Then delete everything shown under the Files tab.
Afterwards immediately reboot your PC.

After reboot, run a new scan with RogueKiller and save a log as in the original instructions and attach the new log.

Please download the latest version of

Farbar Recovery Scan Tool and save it to your desktop.

Note: Make sure you download the correct version for your PC. Only the correct version will work.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your next reply.
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it also to your reply.

Then run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, Win7 or Win8, don't double click, use right click and select "Run As Administrator").

Then attach the below logs:

• updated Hitman Pro log.txt
• updated RKreport.txt
• FRST.txt
• Addition.txt
• C:\MGlogs.zip

 

These outdated programs should be uninstalled:
Java 2 Runtime Environment, SE v1.4.2_03 <= outdated software
Spybot - Search & Destroy Version: 1.6.0 <= outdated software

Your logs are clean but I'm sure you know Windows XP is also outdated and hasn't been supported by Microsoft for about 18 months now. Personally, I wouldn't connect this machine to the internet again, even with full backups/images. It's a matter of when and not if it will be re-infected.
_____________________

If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase it, it provide no protection. It do not use any significant amount of resources ( except a little disk space ) until you run a scan.
2. Go back to step 6 of the READ ME and re-enable your Disk Emulation software with Defogger if you had disabled it.
3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
4. If running Vista, Win 7/8 - it is time to make sure you have re-enabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
5. Go to add/remove programs and uninstall HijackThis.
6. Go to the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
7. If you are running Win 7/8, Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning procedures pointed to by step 7 of the READ ME
     for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
8. After doing the above, you should work through the below link:
   • How to Protect yourself from malware!

Safe surfing! http://i268.photobucket.com/albums/jj5/drmoriarty/Emoticons/char145.gif

 

Please view this article: http://answers.microsoft.com/en-us/...e/be444176-5c67-4271-9ccf-9fb3dec0834a?auth=1

NOTE: This script was written specifically for this user for use on this particular computer. Running this on another machine may cause damage to your operating system.

• Save the attached (fixlist.txt) to your desktop.
• Right click FRST and run it as admin.
• Click the FIX button.
• A report should pop up, please attach it here in your next reply.

Please download ComboFix to your desktop. Turn off any AV software you have before you run it. Attach the log when finished. *Do not do anything while it is running or it may stall the program.

 

You're welcome.

Please run this online scan.

Using ESET's Online Scanner

Attach the ESETScan.txt to your next reply.

 

Hello again, echappee

Using the previous steps to run FRST , next do this:
* Type the below bolded text in the edit box after "Search:".

security.dll;sendmail.dll​

Then click the Search button.

A progress bar will show the search has began and a pop up message will indicate when the search is completed. The Search.txt log is saved at the same location that FRST.exe is located. Please attach it to your next reply. HOW TO: Attach Items To Your Post