svchost.ext and zwinky problem

Welcome to Major Geeks!

???????? All you needed to do was attach the C:\MGlogs.zip file not the individual files.

Also you did not attach the log from ComboFix. Did you have a problem running ComboFix? Did you shut down your antivirus before trying to run ComboFix?

You do not appear to be having any malware problems since your logs are all clean. None of the problems you listed are necessarily malware related but I would like to see a real log from ComboFix. Try running it in safe boot mode if necessary.

Do you use a Proxy Server to connect to the internet? If not, then you need to change your browser settings so that it is not trying to use a proxy. If you do use a Proxy, then you need to make sure the proper values are entered.

 

Yes just try allowing it to run.

 

The ComboFix log is also clean. None of the problems you have mentioned appear to be due to malware. You appear to be having problems with Microsoft Installer since I see it running. This frequently means there is some kind of fail install or uninstall. You will have to work out these issues in the Software Forum.

I do have a few things you should do; however, if Microsoft Installer is not working properly, you may not be able to do some steps.


I strongly advise you to cleanup your Desktop. Remove eveything but links to run programs. Do not download and save programs here and defintely do not use it for long term storage. You need to keep ComboFix.exe here for now as we need it, but we will be removing it when we are finished with your cleanup. A cluttered Desktop is malware's playground and it can also cause performance degradation especially when you start saving large files here like you are doing.


Uninstall the below software:
Java(TM) 6 Update 11
Viewpoint Media Player <-- should have been uninstalled in step 1 of the READ ME

Now reboot.

After reboot, now install the current version of Sun Java from: Sun Java Runtime Environment


Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - (no file)
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - (no file)
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)

After clicking Fix, exit HJT.



Then since you are not having malware problems, it is time to do our final steps:

1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /u
     • Notes: The space between the combofix" and the /u, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
   • Delete the C:\combofix folder from combofix (if it exists)
3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
4. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
5. Go to add/remove programs and uninstall HijackThis.
6. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
8. After doing the above, you should work thru the below link:
   • How to Protect yourself from malware!