Still Infected

Welcome to Majorgeeks!

Note: You did not follow the directions for running ShowNew and GetRunKey. As a result your logs are incomplete and the below fix may also be incomplete. Please install them and run them as directed next time (at the end of this fix).

Start by downloading a tools we will need - Pocket KillBox

Extract it to its own folder somewhere that you will be able to locate it later.

Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Now run Pocket Killbox by doubleclicking on killbox.exe
Choose Tools > Delete Temp Files and click Delete Selected Temp Files.
Then after it deletes the files click the Exit (Save Settings) button.
NOTE: Pocket Killbox will only list the added files it is able to find on the system. So when you do the below, if some files do not show in the list after pasting them in, just continue.

Select:

• Delete on Reboot
• then Click on the All Files button.
• Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):

C:\Documents and Settings\Dan Chainey\My Documents\Downloads\anti spy\antispy16\activate_crack.exe
C:\Documents and Settings\Dan Chainey\My Documents\Downloads\performance test\PerformanceTest.5.0.Build.1033_CRKEXE-FFF.zip
C:\Documents and Settings\Dan Chainey\My Documents\Downloads\performance test\start.exe
C:\WINDOWS\Downloaded Program Files\AdToolsX.dll
C:\WINDOWS\Downloaded Program Files\WinCtlAdX.dll
C:\WINDOWS\Downloaded Program Files\WinServAdX.dll
C:\WINDOWS\Downloaded Program Files\WinTaskAdX.dll

• Return to Killbox, go to the File menu, and choose Paste from Clipboard.
• Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt.

If you receive a PendingFileRenameOperations prompt, just click OK to continue (But please let me know if you receive this message!).
If Killbox does not reboot just reboot your PC yourself.

Now attach the below new logs and tell me how the above steps went.

1. GetRunKey
2. ShowNew

Make sure you tell me how things are working now!

 

You're welcome! Just a couple more things to do. I had a couple typos in the registry patch so we need to repeat part of it.

Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Also you need to goto Add/Remove Programs and uninstall the below which was requested in step 0 of the READ ME.
Viewpoint Manager (Remove Only)


If you are not having any other malware problems, it is time to do our final steps:

1. If we used Pocket Killbox during your cleanup, do the below
   • Run Pocket Killbox and select File, Cleanup, Delete All Backups
2. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
3. If you are running Windows XP or Windows ME, do the below:
   • go back to step 8 of the READ & RUN ME to Disable System Restore which will flush your Restore Points.
   • Then reboot and enable System Restore to create a new clean Restore Point.
4. After doing the above, you should work thru the below link:
   • How to Protect yourself from malware!

Note: This is up to you if you want to try it before calling your cable company.

1. Try uninstalling all of the McAfee Software you have installed.
2. Replace it with a free antivirus (like AVG from the above How to Protect link) and install a free firewall like ZoneAlarm (also in the above link)

See if that changes anything related to your download problems. If not you can always just uninstall the items you just installed and reinstall McAfee if you prefer it.