Multiple Malware and Trojan threats..!

Welcome to Major Geeks!

Actually it is my malware removal guide. The thread was just started by Major Attitude.

Your system may not be cleanable since your system files are infected. We will attempt to replace some of the ones we can see are infected from copies on your PC. Do you have your Windows XP SP2 CD?

Why are you running this PC we no protection at all? Are you doing this because you have a very very slow processor and don't have even near enough memory in your PC to run Windows XP properly. You only have

The processor speed and low memory are the main reason your PC is slow.

It's strange but I'm not seeing the logs from Malwarebytes or SUPERAntiSpyware showing in your other logs. The should be in the below two folders:

C:\Documents and Settings\HP Authorized Custom\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Logs

C:\Documents and Settings\HP Authorized Custom\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs

Put your PC in normal startup mode and remain there. And then run another fullscan with Malwarebytes. Make sure you fix what it finds before saving a log. Attach the results. If you cannot find the log, copy and paste what it shows here.

Uninstall the below old versions of software:
Java 2 Runtime Environment, SE v1.4.1_02
Kazaa Lite K++ v2.4.3
Mozilla Firefox (1.0.7) <-- way too out of date and ha security issues
Viewpoint Manager (Remove Only) <-- should have been uninstalled in step 1 of the READ ME
Viewpoint Media Player <-- should have been uninstalled in step 1 of the READ ME


You can download and install the current version of FireFox from here: Mozilla FireFox

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52....apple.com/saba/us/win/QuickTimeInstaller.exe
O21 - SSODL: cBgZfcGT - {18491B0E-B2E3-B1A4-5662-4D7C55BA9059} - C:\WINDOWS\system32\scm.dll

After clicking Fix, exit HJT.


Now we need to use ComboFix

• Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
  • If it is not on your Desktop, the below will not work.
• Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
• Open Notepad and copy/paste the text in the below quote box into it:

• Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
• At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
• You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
• Now use your mouse to drag CFscript.txt on top of ComboFix.exe
• Follow the prompts.
• When it finishes, a log will be produced named c:\combofix.txt
• I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.


After reboot, now install the current version of Sun Java from: Sun Java Runtime Environment

Now run Ccleaner to clean out only temp files and nothing else!

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).


Then attach the below logs:

• C:\ComboFix.txt
• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

You're welcome.

Sorry I'm too busy in this forum dealing with malware problems.