Read the Read Me First thread and problem

And what about all of the other requested logs? Do you have those? Were you able to run them?

I cannot help you without at least seeing logs from MGTools and ideally from combofix as well.

 

OK. I'll be here waiting

 

Yes just continue and and do what you can Attach logs when you are ready.

 

1. Do not attempt to upgrade just yet, but just to let you know you should have SP3 or at LEAST SP2 installed by now. Not doing so will leave you more at risk.

2. And downloading torrents for cracked software is always a nice quick way to get infected You need to stop doing this.

3. What software are you using from symantec?

4. SAS is out of date but we will deal with that later.

5. You have missing files which you can replace using your windows XP CD.

We will see how your computer is running after doing that as well as the below:

6. Now we need to use ComboFix to remove some files/folders and clear up from the avg that you were using.

• Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
  • If it is not on your Desktop, the below will not work.
• Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
• If ComboFix tells you it needs to update to a new version, make sure you allow it to update.
• Open Notepad and copy/paste the text in the below quote box. Ensure you scroll down to select ALL the lines:

Code:

KILLALL::

File::
C:\Documents and Settings\Owner\Local Settings\Application Data\0rTsTo
C:\Documents and Settings\Owner\Local Settings\Application Data\102kpasP22m
C:\Documents and Settings\Owner\Local Settings\Application Data\rGu4hX2
C:\Documents and Settings\Owner\Local Settings\Application Data\v66l66MW5Tq
C:\System32\ALCXMNTR.EXE

Folder::
c:\documents and settings\Owner\Local Settings\Application Data\fykdqw
c:\documents and settings\Owner\Application Data\AVG9
C:\$AVG
c:\program files\AVG
c:\documents and settings\All Users\Application Data\avg9

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcxMonitor"=-
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}]

• Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
• At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
• You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
• Now use your mouse to drag CFscript.txt on top of ComboFix.exe
  
  http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif
  
  
• Follow the prompts.
• When it finishes, a log will be produced named c:\combofix.txt
• I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.

7. Now run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file that will be created by running this and also attach the log from Combofix.

8. Let us know of any problems you may have encountered with the above instructions and also let me know how things are running now!

 

Then please do the below:

Go to add/remove programs and uninstall:

• LiveReg (Symantec Corporation)
• LiveUpdate 1.80 (Symantec Corporation)

Next, please give the Norton Removal Tool (SymNRT) a run > reboot your machine and then run it again for good measure.

You can discuss this in the software forum.

You also need to install some anti virus!

Keep SAS and MBAM, the final steps I give you will remove the rest.

Also, you can discuss the replacement of the missing files in software too.

Now if all is running okay apart from the afore-mentioned then:

If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
2. If we used Pocket Killbox during your cleanup, do the below
   • Run Pocket Killbox and select File, Cleanup, Delete All Backups
3. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /uninstall
     • Notes: The space between the combofix" and the /uninstall, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
7. Go to add/remove programs and uninstall HijackThis.
8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning procedures pointed to by step 6 of the READ ME for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
10. After doing the above, you should work thru the below link:
    • How to Protect yourself from malware! <--- scroll dwn to section 2, antivirus as well as reading everything else and get yourself protected.