Unable to run scans

If you downloaded them to your desktop and they wouldn't install, then just right click them and delete them. You didn't mention what happened when you tried to run MGTools. Did that error out as well?

Did you try running any of the tools in safe mode?

 

Please attach that log --- C:\MGLogs.zip

Yes, you should be running these scans on an account with Admin. privileges.

 

Yes, you need to disable the UAC control before running any of the scans. If you need to, switch into an account with Admin, privileges and download MGtools and save it to your root folder. If you can't get it to the C: drive, just run it from the desktop.

 

It is part of MGTools. Don't worry about it, we can try running it later. And don't worry about any info the scan will produce, it will not reveal anything that could make you vulnerable.

 

Double click My Computer and look on the C: drive. It will be there.

 

Download OTL to your desktop.

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Vista and Windows 7 users Right-click OTL and choose Run as Administrator)
• When the window appears, underneath Output at the top change it to Minimal Output.
• Check the boxes beside LOP Check and Purity Check.
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.

Attach both of these logs into your next reply.

 

I am not finding any malware so far. Please uninstall:
Viewpoint Media Player

Please Disable Spybot's TeaTimer --> Should have been done as per the R&R instructions!

* Run Spybot and click Mode
* Select Advanced Mode.
* Then click Tools and select Resident.
* Now in the right window pane, uncheck TeaTimer.
* Also while this is open, in the left column now select IE Tweaks
* and then in the right pane make sure all the Miscellaneous locks are unchecked.
* Now quit Spybot!

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator).

Then attach the below log:

• C:\MGlogs.zip

 

I am not finding any malware in your logs. However, we can clean up a few things.

Please use add/remove programs to uninstall:
Java(TM) 6 Update 2

Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

After clicking Fix, exit HJT.

* Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
If it is not on your Desktop, the below will not work.
* Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
* If ComboFix tells you it needs to update to a new version, make sure you allow it to update.
* Open Notepad and copy/paste the text in the below code box into it (make sure you scroll all the way down in the code box to get all lines selected ):

Code:

KILLALL::

File::
C:\WINDOWS\Temp\TMP0000004579AB787D32BAEDB8

Folder::
C:\WINDOWS\Temp\1f5dc264-7ce9-4396-993c-00a261e1158f
C:\WINDOWS\Temp\2af13a74-b886-41d0-90f3-d34cc70fbc11
C:\WINDOWS\Temp\34703cc8-0699-4910-8abc-34d29372a218
C:\WINDOWS\Temp\7a8e270b-c516-4ccd-a1dd-b28582dbd507
C:\WINDOWS\Temp\7df20854-fcce-4a0f-9eab-8a44413c27c3
C:\WINDOWS\Temp\97fba513-b86d-42c2-85b1-fe15050934fd
C:\WINDOWS\Temp\d6afc652-276a-41b8-9d50-84abde824d73
C:\WINDOWS\Temp\e0f675a4-4543-47e4-8f8c-c8eb2dd05e41

* Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
* At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
* You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
If it asks you to overide the previous file with the same name, click YES.
* Now use your mouse to drag CFscript.txt on top of ComboFix.exe

* Follow the prompts.
* When it finishes, a log will be produced named c:\combofix.txt
* I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.


Now download and install:
Java Runtime 6

Now tell me what issues you are still having, as I may need to send you to the software forum for additional assistance.

 

Just a fault with Combo. You need to tell me what issues you are still having, if any.

 

If it is not showing in HJT ( analyse.exe in the MGTools folder), then don't worry about it.

 

If it is no longer showing in the HJT log, then it is already gone.