Help!!!

You forgot to attach your Bitdefender log from step 6.

You OS is way out of date and represents a major security risk. You must get updated after we resolve any malware problems you have. You also are running with insufficient protection.

Also you did not follow the directions in step 7 of the READ ME. You must not use MSconfig to control startups.

I also see Limewire running. Most versions of Limewire come bundled with malware.

Now let's fix your problems!

Make sure viewing of hidden files is enabled (per the tutorial).

Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
O4 - HKLM\..\Run: [Microsoft Update] msconfg.exe
O4 - HKLM\..\Run: [MSConfig] H:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunServices: [Microsoft Update] msconfg.exe
O4 - HKCU\..\Run: [Microsoft Update] msconfg.exe

After clicking Fix, exit HJT.
Boot into safe mode and use Windows Explorer to delete:
C:\Windows\System32\msconfg.exe

If you get an error when deleting a file. Right click on the file and check to see if the read only attribute is checked. If it is, uncheck it and try again. Other wise open Task Manager and kill the process if running then delete the file.

Now if running Win XP goto c:\windows\Prefetch and delete all files in this folder.
Now run Ccleaner (installed while running the READ ME FIRST).

Now reboot in normal mode and post a new HJT log.

Make sure you tell me how things are working now.

Reminder Note: Once we have determined you are malware free you will need to disable System Restore, reboot, and re-enable system restore per step 1 of the READ & RUN ME. This only applies to if using WinXP or WinMe.

 

OS is an abbreviation for Operating System. I'm saying the version of Windows (your OS) is way out of date and must be updated.

If you CD drive is still not working, it does not appear to be a malware problem. Your log is now clean. You may be better off waiting until you complete the directions below (where step 1 is to get your Windows updates) and see how things are working afterwards. If it is not working after updating, then you may need to troubleshoot this in the Hardware Forum.

If you are not having any other malware problems, it is time to go back to step 1 of the READ & RUN ME to Disable System Restore which will flush your Restore Points. Then reboot and enable System Restore to create a new clean Restore Point.

After that, you should work thru the below link:

How to Protect yourself from malware!

 

What is "it" ?

 

You must be more exact in your replies. I need to know exactly what is popping up and what it says in the popup. It it tells you about any files, list the files it refers to. Give the complete filenames and path information.

Please run the below procedure and attach the smitfiles.txt log afterwards.

SpywareQuake & SpyFalcon Removal Procedure

 

It does not matter whether you find any of the files and folders. I still need to see the smitfiles.txt log. And did you apply the registry patch?

 

What do you mean you got it to work??? You were supposed to have run it while running the procedure the first time. Are you saying you just ran it now? It did delete a couple of files,

Are you still having problems?

 

Let's get an installed programs list from HijackThis too!

• Run HijackThis, click Open the Misc Tools section
• Click Open Uninstall Manager
• Click Save List (generates uninstall_list.txt)
• Click Save, to save it to a file where you can find it.
• Attach the uninstall_list.txt file to your next message.

Have you done all of the procedure I gave you earlier? How to Protect yourself from malware!


You need to get your OS updated! It could potentially even fix the problem with your CD drives.

 

Please do the first part of my previous message before doing anything else. However I have posted the below link (third time now) , please READ IT.

How to Protect yourself from malware!

 

Why not? Is your copy of Windows legal? Is it activated and Authenticated at Microsoft Update?

 

It means you are not using a valid licensed version of Windows exactly as you indicated when you said you are using a burnt copy of Windows XP Pro. You need to work with Microsoft to purchase a license and then you will be able to receive updates. You alterantive is to format and go back to XP Home if your license is valid and then you will be able to receive updates.

No you should not uninstall Norton unless you don't like it or do not want it anymore. Or also if it is out of date and no longer updating. You need to have an antivirus application that is always current.

 

You now have both AVG and Norton Antivirus applications installed. Please refer to step 3 of the READ ME. Uninstall one of these.

Also uninstall the below two items:
LimeWire 4.3.3 <--- most version of Limewire (including this one) have bundled malware.
Notifier

Now let's fix a bunch of things from your Panda log! Most of these you got from installing Kazaa at some point.

Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Now download and install the below tool:

ExplorerXP


Use ExplorerXP to locate the below files and Folder and delete them:
h:\program files\MyWay <--- the whole folder
C:\Program Files\MyWebSearch <--- the whole folder
C:\Program Files\Common Files\SearchUpgrader <--- the whole folder
C:\Program Files\Common Files\Totem Shared <--- the whole folder
C:\Program Files\Common Files\GMT <--- the whole folder
C:\WINDOWS\browserxtras <--- the whole folder
C:\Documents and Settings\jerm\Local Settings\Temp\MSView.inf
C:\WINDOWS\SYSTEM32\P2P Networking v1262.cpl
C:\WINDOWS\SYSTEM32\l?gonui.exe
C:\WINDOWS\SYSTEM32\netut80ex.vxd
C:\WINDOWS\SYSTEM32\SHAgent.dll
C:\WINDOWS\SYSTEM32\KVI_111.dll
C:\WINDOWS\inf\alchem.inf
C:\WINDOWS\inf\IPINSIGT.inf
C:\WINDOWS\inf\susp.inf
C:\WINDOWS\switchagreement.txt
C:\WINDOWS\Downloaded Program Files\start7.inf
C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.8-2.inf


For your CD ROM issues, you will have to go to the Hardware Forum. This is not a malware problem.