Need Help with Malware Removal--Logs attached

I noticed my internet was seriously lagging and when my pen table quit working, I started nosing around. Funny, the pen table works on any other account but mine! I followed the guide and am attaching my logs.

Thanks for your help in advance!

Awe shoot, I didn't run the MGTools. Will run that and add that to the post when it's done. Sorry about that.

SQT / Laura

 

Here's the MGTools log. Sorry about that. SQT / Laura

 

Hello Laura,

http://img850.imageshack.us/img850/4746/programsandfeatureswin7.gif From Programs and Features (via Control Panel), please uninstall the below:

• IObit Toolbar v4.9
• Java(TM) 6 Update 30
• Java(TM) 7 Update 4
• Java(TM) SE Runtime Environment 6 Update 1

__

http://img825.imageshack.us/img825/2648/hjt.gif Run C:\MGtools\analyse.exe by double-clicking it (Vista/7 right-click and select Run as Administrator)
Shut down your protection software now (antivirus, antispyware...etc) to avoid possible conflicts.
Choose "Do a system scan only" and select the following lines but do not click fix until you exit all explorer windows and all browser sessions including the one you are reading in right now:

• O2 - BHO: ArcadeCandy Games - {AB6BD08C-DB6B-4F02-8A22-4BD343E990FF} - C:\Users\Laura\AppData\Local\ArcadeCandy\candyEX.dll
• O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)

After clicking Fix, exit out of Trend Micro HiJackThis - v2.0.4

__

Open Windows Explorer to find and delete the following folder:

• C:\Users\Laura\AppData\Local\ArcadeCandy

__

http://img205.imageshack.us/img205/4783/regeditb.gif Then download fixme.zip

• Extract the fixme.reg file that is inside fixme.zip onto your desktop.
• Then double-click fixme.reg and allow it to merge into the Windows registry
• Let me know if the merge was successful or not.
• If it was successful, reboot your computer.
• If not successful, don't reboot your computer but instead let me know which error message you received.

__

You missed another procedure: HitmanPro - How to scan and obtain a log
Go ahead and do this once you have completed the above.

 

Thisisu - Thanks a bunch. I'm on it now.

Laura

 

Thisisu,
Ran into problems with the first step. I could only uninstall one of the items. I saved screen shots of the errors, all the same, so you could help me.

Now I see two files that are locked, no access: MyDocuments and my Recycle bin...a lot more is locked too. Getting scary.

Thanks!
Laura

 

Hi Laura,

This is due to those installations being corrupt. Here is how to remove them:

First, download: Windows Installer CleanUp Utility
Second, open Windows Installer Cleanup via Start Menu
Third, find each of the following:

IObit Toolbar v4.9
Java(TM) 6 Update 30
Java(TM) 7 Update 4
Java(TM) SE Runtime Environment 6 Update 1

Within the program, and Remove each. There is also a video on this page of how to use it if you need help.

 

Thanks, Thisisu,

I got all the way to the end and could not get the registry fixes to merge into the Windows registry. I've attached a screen shot of the error. Thank you, this has been the easiest repair yet. I hope I've learned enough to not get to glomed up before realizing I've got some issues. Let me know what I need to do to fix the registry. If you tell me what to insert / replace where, I can do that too.

Laura

 

Run the registry fix from your desktop, NOT a temp folder, then try again.

 

Thisisu,

I ran the registry fix from the desktop and it worked. I had run the HItmanPro, but forgot to copy the log. I went ahead and ran it again as defined by the procedure and am attaching the log. I also had Avira pop up after with the second alert, but I have done nothing--not acted--as I'm waiting for your input.

Thanks again for your help!
Laura

 

Let Avira remove the detection it found and let HitmanPro remove the threats it found as well.

 

All complete. Is that all I need to do? Thanks again!

 

Great, are you still experiencing malware related issues?

 

I seem to be doing fine. A little lag, but I don't think that's a malware problem, more my son using more than his fair share of the bandwidth. : o

Thanks again for your help. I've turned the UAC back on, created a restore point and made a recovery disk just in case. Per the remaining procedure. I will make sure my Avira is back on and updated too. I might run CCleaner just to see what it's got.

I'll open a new thread if I find I'm still having issues.

Have a great rest of the week and weekend.

Laura

 

You're welcome
Enjoy the rest of your week and weekend too