Is my computer infected

Welcome to MG's.....you need to follow the instructions in the malware forum and then post there when you have the requested logs.

READ & RUN ME FIRST. Malware Removal Guide.

 

Note your other new thread has been closed. Please remain in one thread.

We have a little more cleaning to do but any problems you are having do not appear to be due to malware.

Also if you keep running your PC without protection (like it is now) you are going to get infected.

I strongly advise you to cleanup your Desktop. Remove eveything but links to run programs. Do not download and save programs here and defintely do not use it for long term storage. You need to keep ComboFix.exe here for now as we need it, but we will be removing it when we are finished with your cleanup. A cluttered Desktop is malware's playground and it can also cause performance degradation especially when you start saving large files here like you are doing.

Run this Disable/Remove Windows Messenger to remove Windows Messenger. Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.


Now we need to use ComboFix to remove a bunch of malware files.

• Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
  • If it is not on your Desktop, the below will not work.
• Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
• Open Notepad and copy/paste the text in the below quote box into it:

• Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
• At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
• You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
• Now use your mouse to drag CFscript.txt on top of ComboFix.exe
• Follow the prompts.
• When it finishes, a log will be produced named c:\combofix.txt
• I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.

Now run Ccleaner!

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).


Then attach the below logs:

• C:\ComboFix.txt
• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

You're welcome.

Only things that were not links or shortcuts is what I'm referring to. You should not keep saving EXE files, DOC files, URLs, HTM.....etc to your Desktop. If you are really using certain files very frequently and really need quick Desktop access, then just make a shortcut to the real file on your Desktop.

These are links or shortcuts and do no need to be moved.

ComboFix.exe does belong on you Desktop since we need it there. The link to run Ccleaner does belong on your Desktop as do other links ( .lnk files are links or shortcuts to run programs ).

These should not be on your Desktop. It is better to save them in a folder somewhere (like C:\Downloads )

What sites can't you access? Disable your firewall and see if you get access.

Read the step again. You should not be using MSconfig as stated. It should only be used for temporary debugging. Put your PC back into Normal Startup mode and then attach a new log from MGtools ( you need to run GetLogs.bat again after going back to normal startup).

Do you mean it is there sometimes and then goes away?

Which version of AVG? We just deleted all of it with the last fix I gave you. Why are you trying to reinstall it right now? That would just undo what I was trying to cleanup.


Please run the below then reboot. After reboot run it one more time.

Norton Removal Tool (SymNRT)