Virus removed (supposedly) - Windows broken?

Welcome to Major Geeks!

Move on to the instructions for the actual cleaning where SUPERAntiSpyware, Malwarebytes, ComboFix, RootRepeal and MGtools are run. Try each one, don't stop because any single one does not work. Also disconnect your PC from the internet when running and shutdown all other applications. Also run steps in safe boot mode if you cannot run them in normal boot mode.


Are you sure that your laptop is not overheating? If you simply boot up your laptop and do nothing for whatever length of time it takes to test, does it also still eventually freeze.

 

Please attach the below requested log from SUPERAntiSpyware.

Code:

C:\Users\Sammy\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\Logs\
11 Sep 2010 3547 "SUPERAntiSpyware Scan Log - 09-11-2010 - 21-54-45.log"

Also I want to see the below log from Malwareytes from Sept 2nd

Code:

"C:\Users\Sammy\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\"
2 Sep 2010 2151 "mbam-log-2010-09-02 (18-32-38).txt"

Thus far, it is not looking like your problem is due to malware. It looks like you have been installing too many security applications. You have multiple firewalls ( McAfee and Zonealarm) and you have leftovers from other tools too. I will give you some instructions to follow below and let's see what happens.

First you must disable Spybot's Teatimer as requested in the READ & RUN ME. See this: How to disable Spybot's TeaTimer

Now uninstall ZoneAlarm

Also uninstall Norton Security Scan



Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista or Win 7, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:6092
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O18 - Filter: x-sdch - (no CLSID) - (no file)

Optionally also fix the below unnecessary startups. Manually run this when you need them.
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Sammy\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Sammy\AppData\Local\Google\Update\GoogleUpdate.exe" /c

After clicking Fix, exit HJT.

Now we need to use ComboFix

• Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
  • If it is not on your Desktop, the below will not work.
• Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
• If ComboFix tells you it has expired or need to be updated to a new version, make sure you allow it to update.
• Open Notepad and copy/paste the text in the below quote box into it:

• Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
• At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
• You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
• Now use your mouse to drag CFscript.txt on top of ComboFix.exe
• Follow the prompts.
• When it finishes, a log will be produced named c:\combofix.txt
• I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

• C:\ComboFix.txt
• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

No we did not remove anything related to FireFox. If you still have problems with FireFox, just try uninstalling it and after a reboot, reinstall. The below will explain how to do this without loosing your Favorites.



We are going to be uninstalling your copy of FireFox and installing the new version. So do the below to save bookmarks:

• Run FireFox and click Bookmarks.
• Then select Organize Bootmarks.
• Then on the next window click File and then select Export. Save the bookmarks.html file to your Desktop for later use in importing.

Now download and save the installer for the current version of FireFox but DO NOT install it yet. Get it here: Mozilla FireFox

You will need exit FireFox now and use Internet Explorer to continue with the below until we reinstall FireFox.

Start by uninstalling FireFox and then reboot. Do not skip the reboot.
After reboot, delete the below folders:
C:\Program Files\Mozilla Firefox
C:\users\UserAccount\AppData\Roaming\Mozilla\Firefox

where UserAccount is the actual user account name being used.

Now reinstall FireFox from the file previously downloaded.
Import your bookmarks file. (similar process to exporting).