windows keeps rebooting

can you run Combofix and MGTools in safemode? Attach logs if you are successful. Also attach the log from running Malware Bytes.

 

Your mglogs.zip is incomplete.

This means something went wrong with the running of MGTools.exe.
Did you recieve any errors whilst running it? See the below for possible error messages:

Using MGtools

• Did you let it run to completion?
• Did you agree to the hijackthis license?

Please run it again ensuring you do all of the above. Attach the new mglogs.zip into your next post Then we can start to work a fix for you.

 

Not to worry, but we are still missing a Hijack this log and a couple others that are meant to be included in the zipped file. Did you agree to the hijack this license agreement?

Thanks
Kes

 

Also ensure that MCAfee isn't to blame and could be interfering with the complete running of MGTools

 

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) save the log and attach it here.

Thanks
Kestrel13!

 

afraid you didn't

 

More than likely I will be sending you to the Software Forum where you should disable auto rebooting so you can see the error messages. However, the first thing you need to do is uninstall both McAfee Security Center and Norton Security Center which they should never have installed at the same time. It is best to uninstall both now.

Next let's run the McAfee and Norton removal tools:

1. Please give the Norton Removal Tool (SymNRT) a run > reboot your machine and then run it again for good measure.

2. Please download the McAfee Consumer Product Removal Tool

Run this > Reboot your machine > and Run it again to get rid of remnants of McAfee.

3. Also please can you get me these recent logs from running MBAM?

4. Delete the below using Windows Explorer:

c:\documents and settings\All Users\Application Data\11635784 <--- folder
c:\documents and settings\All Users\Application Data\91645776 <--- folder

C:\d45.bat <--- file
c:\documents and settings\All Users\SPL6E.tmp <--- file

 

You need to run MBAM again and first update it and then run a new scan and attach the new log.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file that will be created by running this.

Thanks
Kes

 

1. Please go to Add/Remove programs and uninstall the following old versions of Java:

• J2SE Runtime Environment 5.0 Update 5
• Java(TM) 6 Update 2

2. Now I would like for you to run scannow, to do so, please refer to the below:

Running SFC Scannow

3. If you do not use Windows Messenger Run this Disable/Remove Windows Messenger to remove Windows Messenger. Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

4. Also delete all files in the below bold folders except ones from the current date (Windows will not let you delete the files from the current day).

5. Next I would like for you to download a new copy of MGTools.

Go to this link Using MGTools and download the new version of MGtools.exe using the black bold print link in the first sentence. Overwrite your previous MGtools.exe file with this one.

6. Run the new MGTools.exe and attach the C:\mglogs.zip file that it generates.

7. Attach it in your next reply.

Thanks

Kes

 

whilst I go thru the rest of your logs please do the following:

reboot your machine (if you haven't already done so since my last instructions) and install the most current and up to date version of Java available here at the below link:

Java Runtime 6

 

almost done! You didn't remove windows messenger though.

Please follow my post #16 step # 3 to do this.

Thanks
Kes

 

Hope you are okay! Get well soon zx2max

you're very welcome!

Tell them safe surfing! :wave

 

If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
2. If we used Pocket Killbox during your cleanup, do the below
   • Run Pocket Killbox and select File, Cleanup, Delete All Backups
3. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /u
     • Notes: The space between the combofix" and the /u, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
7. Go to add/remove programs and uninstall HijackThis.
8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
9. If you are running Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning procedures in step 3 the READ ME for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
10. After doing the above, you should work thru the below link:
    • How to Protect yourself from malware!