Please Help. Tried everything, don't know what else to do.

Hello everyone,
my name is Mad-Friend,
my PC is a 6 year old Medion. Windows XP. Intel.
2 viruses got into my PC when I changed from free AVG to Avast. Avast hadn't downloaded properly and wouldn't check web browsing and incoming emails. I tried KAspersky. It to downloaded with the same fault. So my PC had to be the reason. I managed to get hold og free AVG and it is running okay, apart from not apparently working until I do upgrades (every day).
I have tried various methods to clean PC.
Run Super-Antispyware.
Run Spyware Blaster.
Run CCleaner & Malwarebytes.
And Spybot, which is causing problems. It won't let me run system clean up and fix errors. Says it is blacklisted. rolleyes.
My PC is running so slow I'm almost in a comma. It crashes on closing.
Windows open up unprompted.
The only reason I haven't done the drastic thing and restored it back to factory settings is I don't know how and because the PC is so old I don't know if it'll create even more problems.
This is a post of my Hijackthis log. I would be very grateful if you could please take a look at it and see if you can find what is wrong.
If you need any info at all please ask, I will do my best to provide it.
Thankyou. Mad-Friend.

 

Hello, TimW,
thankyou for welcoming me, and replying.
I have followed all the advice on Basic Computer Maintainance, step by step.
There was no Malware to uninstall.
Sun Java is the latest verson.
I have done Msconfig; it was running in normal mode.
I'm not sure how to empty all quarantine folders. Please advise.
I booted up, went into safe mode, tried to run CCleaner in both administrator and the only other user, but couldn't find it, only cc_20080724_1440.reg.backup.
Tried to find hidden files and folders, looking for .Ink .pif and .shs. didn't see anything.
Successfully downloaded ComboFix.exe to desktop.
Not sure where root file c:\ is so I can download MGtools.exe to it. Please advise.
Spybot already installed. Do you want me to disconnect teatimer? If so, how do I do that please?

 

Hi TimW,
again, thankyou for your reply and advice.
I followed it to the letter. Combo indicated 115 machines? failed to make it...I couldn't catch the rest.
Google made an attempt to....again couldn't catch the rest.
Below is the attatchment from the Combo log. I hope I have done it right.
Thankyou, Mad-Friend.

 

Hi, TimW,
have followed next part of your instructions. Run and saved a log of MalwareBytes.
It showed 2 infected files.
TROJAN.Agent File C:\Windows\Downloaded Program Files\Ms
and
TROJAN.Agent File C:\Windows|downloaded Program File|P
I haven't taken any action as yet. I'm waiting for your advise, Tim.

I'll download the MGTools.exe now and put it in C: drive and follow rest of your instructions.

Thankyou Tim for your advise. I feel I am getting somewhere now.
Best wishes, Mad-Friend.

 

Sorry to keep posting.
I've attached MGlogs.zip.

The 2 TROJANS Malwarebytes has found, how do I proceed to remove them safely?
Thankyou, Tim.

 

Hello TimW,

thankyou for your excellent advice. Attached is a new log of Malwarebytes and C:\MGlogs.zip file.
Yours sincerely, Mad-Friend.

 

TimW,
consider yourself hugged and kissed (my way of saying thank you).
You are a genius. A lot of problems have beed fixed. I can now run scan and fix errors, plus a host of other glitches.
The current problems are:
1) PC crashes 50% on closing, with a box opening that says Sysfader This Program not responding.
2) Tesco Internet connection keeps popping up with The program "ssupdate", or, "juschad" requests access to internet.
3) clicking behind a word to continue a sentence activates a black highlight on the word, or whole paragraph which will delete it unless I click away from the highlighted word. This happens in word, emails and online while typing this to you.
4) Malfunctions when clicking on back. Window skips two, or closes altogether.

Less probmatical is printing malfunctions. Would you recommend I uninstall and re-install program for printer?

And lastly, I shamefacedly hold my hand up and say I did something really, really dumb.
when uninstalling unused programs I uninstalled Nero Burning. I tried to cancel but it uninstalled anyway. Naturally this means I can no longer burn CDs or activate my memory sticks and load files onto them. I know this is not your problem, but mine. I'd be very grateful if you could steer me in the right direction so I can fix it. I don't (as far as I can determine) have it on recovery disc.

For all the other things you have accomplished Tim please accept my most sincere thanks. You're an angel.
Bless you, Trish.
(Mad-Friend).

 

Erm, TimW,
I have used the link to download ATF cleaner and studied the page carefully but can't find what to click on to open the link for ATF 3.0.0.2.
I do have version 2.0.0.2 installed and can run that if it is okay.

Real sorry, Trish.

 

Hi TimW,
thankyou I am endebted to you. Having followed your instructions I downloaded and ran the new ATF.
Copied the text and saved it as fixME.reg.
Searched and removed SSUPDATE.EXE

My PC has gone from snail speed to Rollroyce.

Only problems now are pages skip or close when clicking on the green back icon.

Clicking behind a word to continue a sentence highlights the word, or whole paragraph, which will then delete unless I click a clear space.
Word seems to be the main culprit. It crashes, malfunctions, causes printer errors (or something does). I'm not sure what to do to get Word back on track.

Nero Burning: while browsing Majorgeeks I found an uninstall download for Nero and the latest free Nero 8 to download. I have held off downloading them until I have your okay. My main concern is will my 6 year old PC cope with this new Nero Burning program?

Thankyou TimW, unsung hero.

 

Hello TimW,
trying to be patient. Just wondered if we are done, although there are still a few tweaks to iron out?
Pages are still skipping when browsing online.
Words are still being highlighted whatever I am doing.
and I was a little premature when I said PC is running like a Rollroyce; some aspects are still slow, such as web-browsing pages slow to load.

Shall I open another thread to sort out Word problems and download the new version of Nero Burning?

For all other things I am truly endebted to you. You are my hero.
Bless you TimW.
THANKYOU.

 

Please don't apologise TimW,
you've been such a great help I am in your debt.

I followed your advice. I encountered the following:
1) Error 1931 Setup cannot find update file C:\WINDOWS\System32\CT CTFMON.EXE because it is protected by Windows.

It then ran, said the update was successful but WORD still had the same malfunctions. So I ran it again. This came up:

2) This file is in use by another application or user C:\Documants and settings\....Normal.dot

it then ran and said the update was successful, but it too hadn't fixed the errors.

I am not sure what you mean by a different browser, sorry . I don't know if my PC uses Foxfire.
But whatever I am typing, whether in Word, Notepad, email, or online, such as this post to you, the same malfunction is occuring: when clicking behind a word to continue sentence that word is highlighted in black, sometimes whole paragraph and unless I click elsewhere it deletes the word/paragraph.

By the way, apart from these glitches, slow web browsing and not having Nero PC is working so well. I am delighted. Thankyou, TimW you did a sterling job.

 

Hello TimW,
didn't see the link you gave me until the other day.

You are my official hero. WORD is now fixed and I am so delighted words can't express it.

THANKYOU, THANKYOU, THANKYOU.

:wave