Unable to complete Read and Run Me First Due To Problem running Combofix

Welcome to Major Geeks!

You need to keep on going as stated in the beginning of the READ & RUN ME which he below is quoted from

 

Because to much was found by MBAM and SUPERAntiSpyware, I want to just update them and run another set of scans to make sure all was removed.


Since a new version of SUPERAntiSpyware is out, the old version must be uninstall to get the new version installed.

• Please uninstall your current version (this is necessary).
• Then download this SUPERAntiSpyware
• Install this new version. It may tell you that you need to reboot to complete the installation. You must reboot at this time.
• After the reboot, run SUPERAntiSpyware and immediately click the Check for Updates button to get more updates for the database.
• Now run a new full scan of your system. And attach this new log.

Now run Malwarebytes and click the Update tab. Then click the Check for Updates button so you update to the current version of the program and database. Then run a new scan with it too. Make sure you quaranteen/delete the any malware before saving the log.. Attach the new log.


Now follow the instructions below in the order written.


Now download HostsXpert and then follow the below steps.

• Unzip HostsXpert.zip
• It will create a folder named HostsXpert in whatever folder you extract it to.
• Run HostsXpert.exe by double clicking on it.
• Click the Make Writeable? button. (if you only see a Make Read-Only selection, it is already writeable so skip this button).
• Click Restore Microsoft's Hosts File and then click OK.
• Click the X to exit the program

Uninstall the below old versions of software:
Java(TM) 6 Update 15

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKCU\..\Run: [?????????] ??????????????e
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

After clicking Fix, exit HJT.


Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.

Did you knowingly install the 4oD software shown in the below 3 lines? Do you use it? If not, uninstall this.
O4 - HKLM\..\Run: [4oD] "C:\Program Files\Kontiki\KHost.exe" -all
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe

Why do you have the below 2 processes running at startup? I suggest only running them when you need them?
O4 - HKCU\..\Run: [Simplify Media] "C:\Program Files\Simplify Media\SimplifyMedia.exe"
O4 - HKCU\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe


Now install the current version of Sun Java from: Sun Java Runtime Environment

b]Do you know what the below folder is for? If not, what do you see in the folder?[/b]

Code:

"C:\ProgramData\"
38775BE       21 Nov 2009              "38775be"

Also delete all files in the below folders except ones from the current date (Windows will not let you delete the files from the current day).
C:\Windows\Temp
C:\Users\Esther\AppData\Local\Temp

Now run Ccleaner. Only use the Run Cleaner button. Do not run anything else on any other forms.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below log:

• the new SUPERAntiSpyware log
• the new Malwarebytes log
• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

You're welcome.

Sorry to hear of you problem.

You should work thru the below now:

How to Protect yourself from malware!