XP Pro reboots at start, No Safe Mode w/ network, No Spyware Removal exe

Welcome to Major Geeks!

You did not mention running MGtools. Did you try it? If you can run HijackThis then you can likely run MGtools. Also what exactly happens when you try to run Malwarebytes, SUPERAntiSpyware, and ComboFix?

The only thing showing in your HijackThis log is a possible DNS infection and it would not cause the problems you are having with booting in normal mode or not having options for safe mode with networking...etc. Regsistry cleaning however has been known to cause many problems which is a major reason we don't recommend it.

 

Please answer the below question I asked in my last message

 

Okay then let's try the below.

First you must disable Spybot's Teatimer as requested in the READ & RUN ME. See this: How to disable Spybot's TeaTimer

Uninstall the below old versions of software:
J2SE Runtime Environment 5.0 Update 15
Java 2 Runtime Environment, SE v1.4.2_12
Java(TM) 6 Update 15
Java(TM) 6 Update 6

What is the below folder for? It looks very suspicious

Code:

"C:\WINDOWS\"
PRAGMA~1 May 5 2010 "PRAGMApxxyymspvq"

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista or Win 7, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: TBSB07215 - {FA2C50B7-C0D1-446C-9031-9B9FB16599A8} - (no file)
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\RunOnce: [Cleanup] C:\cleanup.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-21-3007948245-2664892597-1091355084-500\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?')
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 93.188.164.121,93.188.160.201
O17 - HKLM\System\CS1\Services\Tcpip\..\{0D491816-B155-4B48-955F-12EB71EEE6C3}: NameServer = 93.188.164.121,93.188.160.201

After clicking Fix, exit HJT.

Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

Make sure that you tell me if you receive a success message about adding the above
to the registry. If you do not get a success message, it definitely did not work.



Now download The Avenger by Swandog46, and save it to your Desktop.

• Extract avenger.exe from the Zip file and save it to your desktop
• Run avenger.exe by double-clicking on it.
• Do not change any check box options!!
• Copy everything in the Quote box below, and paste it into the Input script here: part of the window:

• Now click the Execute button.
• Click Yes to the prompt to confirm you want to execute.
• Click Yes to the Reboot now? question that will appear when Avenger finishes running.
• Your PC should reboot, if not, reboot it yourself.
• A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.

After reboot, now install the current version of Sun Java from: Sun Java Runtime Environment

Now run Ccleaner. Only use the Run Cleaner button. Do not run anything else on any other forms.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).


Then attach the below logs:

• C:\avenger.txt
• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

It is not looking like malware. I suggest that you try running the below and if it does not help, you may could try the Software Forum, but it is looking like you may be reinstalling or possible a repair may help ( both topics for the Software Forum ).


Click Start, Run, and enter sfc /scannow and click OK. There is a space after the sfc. This runs System File Checker which looks for missing or corrupted system files and attempts to replace/repair them from files on your hard disk or from the CD if necessary. So it will ask for the Windows CD if it needs it.