XP Internet Security Virus (at a minimum)

Hello, I'm JDWCowboy and I'm having trouble with my computer. I believe there are several types of malware at work here. One is XP Internet Security. It doesn't appear to be the 2010 variety (based on the screenprints I have seen online). This shows on popups, popups on lower right icons, and intercepts whenever the internet is launched. These are present on my sons account, but not on any of the others. On the main account, there are pop-up boxes advertising all kinds of junk.

I have Norton and regularly use Ad-aware and both of these have been run, but did not seem to find these programs. I don't know if they are new or if they have modified the programs to skip them. I could not even launch Ad-aware from my sons account. Would I need to run it from each account or would running it from one account catch issues in all accounts?

I have followed the read and run me first, but much of this did not run.

Step 2: remove redundant packages

I use Norton Internet Security and could not tell if I have multiples and I believe that this is also our firewall. Can you confirm this?

Step 3:

3.1 Add/Remove. The only program I had was WildTangent. I have had this since I receive the computer about 4 years and is needed for several of the games provided by HP. I did not remove it.

3.2 Updated Java and remove old versions

3.3 I could not find the quarantine in Nortorn, so I skipped this step. The examples provided were different from mine.

3.4 Emptied recycle bin

3.5 Could not find Norton Nprotect folder

3.6 Installed and ran CCleaner for all 4 accounts

Step 4

4.1 I have a 32 bit processor and use Windows XP

4.2 I enabled viewing of hidden files

4.3 I was already in normal startup mode

Step 5

None was removed. Only WildTangent was on the list.

Step 6

SuperAntiSpyware - The first time this ran. I was out of the room and came back and noticed my screen was empty (program had closed). I restarted, I got the blue screen of death, with a reference to a file with kernal in the name. I reran, got the BSOD again with a reference to a file with 'bad pool' in the name. I followed instructins and unchecked a couple of the kernal options, then reran, it found 146 items, but after about 10,000 files the computer rebooted and all was lost. I moved on.

Malwarebyte Anti Malware - I had to run this a couple of times to get it to finish. Here is the log.

Combofix - I also had to run this a couple of times. First time through it looked like it finished, but it rebooted before the file was written. The second time through, it appeared to run correctly.

RootRepeal - This did not seem to run at all. It ran for 4 or 5 hours and did not show anything happening, including changing subdirectories.

MGTools - This seemed to run OK.

I have attempted to do all I can and hope this is enough for you to use. Please let me know if you need additional information from me. I am usually pretty good with computers, but I admit I am a little overwhelmed with this.

Thank you for your time and expertise.

JDWCowboy

 

Thanks Chaslang,

I had already removed MGTools.exe from my desktop.

I ran analyse.exe out of the MGTools subdirectory. Then selected the file you mentioned and clicked fix. It created a log, but it was before the fix, so I won't attach it. If you want it or want me to run another log and attach it, I will.

I then successfully ran HostsXpert.

I was then a little confused about the comment at the end about different accounts on my XP account. We have 4 in our family and each has an account. Do I need to repeat this entire 'read and run first' program for each account? My Norton and Ad-aware scan well over 1M files and references files in the other accounts. I can certainly run these from those accounts too, if I need to. Please reconfirm if I need to do this.

JDWCowboy

 

Thanks for the help.

Please close this thread. I will open a thread for my son's account.

JDWCowboy