my PC needs help, please

You did not follow all the directions in the READ AND RUN ME. Please read all of the info below before reacting and doing anything!!

• you did not run and attacht the log from GetRunKey
• you did not run and attacht the log from ShowNew
• you did not install HijackThis to the correct folder
• you did not obtain your HJT from normal boot mode as requested
• and even more importantly, you did not rename the HijackThis.exe files as required.

Before addressing any of the above issues, I want you to run this first: Qoologic Removal Procedure Save a log and attach it.
Then continue onto the below sentence which basically says to do everything that you have not done yet.

Please complete the above steps and attach those the GetRunKey & ShowNew logs. And then attach a new HJT log after installing it correctly and renaming the EXE.

 

You just lost 28 hours of queue hold time and moved yourself to the bottom of the work queue.

The more messages you post in your thread, the longer it takes to get a response. Each message moves you to the end of the work queue and we work from oldest to newest thread order. So each time you bumped your thread by adding another message, you went to the end of the queue. This made it take more than 24 hours to get an answer!

When we are very busy, you just need to wait your turn. We do this for free and cannot always be here nor can we be here 24 hours per day.

 

You are not following the directions given for running GetRunKey and ShowNew.

You did not extract ALL files from the ZIP file as requested and that is why you got that error for GetRunKey and also why the ShowNew log is incomplete. Please follow the directions and attach new logs from both tools.

By the way the Qoologic removal tool fixed a bunch of problems.

I cannot properly fix all of your remaining problems without those other logs but here is something else you can do:

Click on Start, then Run ... type services.msc into the box that opens up, and press 'OK'. On the page that opens, scroll down to [Bsysmgr64 [/B] ... then right click the entry, select 'Properties' and press 'Stop Service'. When it shows that it is stopped, next please set the 'Start-up Type' to 'Disabled'. Press 'OK' until you get back to Windows.

Next, run HJT, but instead of scanning, click on the "None of the above, just start the program" button at the bottom of the choices. At the lower right, click on the 'Config" button, and then the Misc tools' button ... select 'Delete an NT Service" ... copy/paste the following into the box that opens, and press "OK":

sysmgr64

If you receive any error messages just ignore them and continue.

Now exit HJT and reboot when it tells you it needs to but boot into safe mode

In safe mode look for the below files and delete them if found. Tell me what you find (make sure viewing of hidden and system files is enabled per step 2 of the READ ME):
C:\WINDOWS\System32\oins.exe
C:\WINDOWS\System32\WinNB58.dll
C:\WINDOWS\Setup90.exe
C:\WINDOWS\SmltbXkgSw\mA5Qvr40mT.vbs
C:\WINDOWS\sysmgr64.exe

If you have problems deleting any of these, tell me which ones.