Malware Removal - Help Please!

Welcome to Major Geeks!

Based on your logs which are clean, your problems are not related to malware. You do need to uninstall one of the Norton AntiVirus program you have installed since you are using the RPS Security Suite (probably from your ISP). The first instructions in the READ & RUN ME stated you must not have multiple antivirus programs installed.

I suggest that you post your problems in the Software Forum after testing to see if the problems occur in safe boot mode. Also check to see if they occur on other user accounts. Provide this information in your message in the Software Forum.

Now we need to cleanup some items from running ComboFix.

Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.

If you are not having any other malware problems, it is time to do our final steps:

1. We recommed you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significan amount of resources ( except a little disk space ) until you run a scan.
2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /u
     • Notes: The space between the combofix" and the /u, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
   • Delete the C:\combofix folder from combofix.
3. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
4. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
5. Go to add/remove programs and uninstall HijackThis.
6. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
7. If you are running Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
8. After doing the above, you should work thru the below link:
   • How to Protect yourself from malware!

 

Try the below!

Run the below then reboot. After reboot run it one more time.

Norton Removal Tool (SymNRT)

Let me know if this works.

 

Yes!

Is ths a company owned PC? I ask because it is a corporate version of Norton. Sometimes this versions have a password and unless you have the password, you cannot uninstall them.

Try doing the below.

Open a command prompt window by clicking Start, Run, and enter cmd and click OK. If the window opens type each of the below commands in. Follow each by the enter key. Note there are spaces after the sc and after the stop and after the delete.

sc stop "Norton AntiVirus Server"
sc delete "Norton AntiVirus Server"

Copy the bold text below to notepad. Save it as fixNAV.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.

Now reboot and delete the below folder:
C:\Program Files\NavNT

 

Hmmm?? Are you sure the fixNAV.reg patch worked? It should have removed the Add/Remove Programs entry. Check again. Also run CCleaner and select its Tools selection in the left column. Then select the Uninstall button. Then look for the Norton entry and select it. Then click the Delete Entry button. Did this work?