JeanInMontana

System Restore is in Help and Support. Go to Start==>Help and Support==>System Restore. In System Restore, it will guide you to a calendar with highlighted dates to choose for a complete restore of your machine to that point in time. Be sure you choose a point before all this started. Reformat requires you to have an install disk(s) and all data on the hard disk is wiped clean.

Hi The Pup and welcome to Malwarebytes. Please update MBAM post that log and a new HJT log.

No you don't need WinZip. XP will zip it if you just do as I said.

Please go here http://www.malwarebytes.org/forums/index.php?showtopic=2936 and follow the instructions to the best of your abilities and start your own topic in that forum. Avira is a better choice for protection and removal over all. It is always ahead in updates over AVG and AVG has become a resource hog with other drawbacks.

Hello and welcome to both of you. Please read and follow the instructions here http://www.malwarebytes.org/forums/index.php?showtopic=2936 Begin your own topic in that forum. Post your logs in English in the body of your reply and someone will be happy to help you.

I would suggest you have some logs looked at it's very likely your infected. Follow the instructions here http://www.malwarebytes.org/forums/index.php?showtopic=2936 and start your own topic in that forum.

Please be sure you reset System Restore points too. If you use one that is infected ever your going to go through this all over again.

Aww thanks. Be sure you add some prevention stuff to the machine to avoid this in the future. Many infections can be avoided with an added layer of prevention. All recommended programs are free and easy on system resources. You should install them as part of your protection arsenal. Keep MBAM and Spybot Search & Destroy and always immunize SBS&D when you update. You will also need at least one other scanning program Asquared or SuperAntiSpyware are good and there are several other excellent programs with free and paid versions. Read the overviews of what each program below does so you have an understanding of their importance and how to use. A firewall and antivirus are also essential. The Windows firewall in XP and Vista is not sufficient. Preform Windows Updates monthly on the second Tuesday or use automatic updates, and use your scanners weekly at the least. Always update before you scan. Keep other software known for vulnerabilities updated also. Use the Secunia Inspector free scan to identify risks in outdated versions. SpywareBlaster from Javacool Software WinPatrol by BillPStudios SiteHound by FireTrust RogueRemover hpHosts The windows firewall is not sufficient to protect. It doesn't monitor outgoing traffic and this is a must. I use and recommend Online Armor Free Also the full protection of MBAM is offered at a very low price, from the link in my signature.

Did you run CCleaner? What symptoms if any are you having?

Hi sorry for the delay, there was a miscommunication, and I thought someone was helping you. Please update MBAM, run a quick scan, post that log and a new HJT log.

I am so sorry for not replying to you, I think I must not have checked to get an email notice. So how is it running? Logs look good, did the file delete with Killbox? Run HJT in scan only and put a check next to the following and then click fix. O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O23 - Service: QRCNOD - Unknown owner - C:\DOCUME~1\Edward\LOCALS~1\Temp\QRCNOD.exe (file missing) O23 - Service: YLX - Unknown owner - C:\DOCUME~1\Edward\LOCALS~1\Temp\YLX.exe (file missing) Reboot and lets get another GMER log OK let's go for another special scan tool. Download GMER get the zip file and save to your desktop. Just run gmer.exe. All required files ( gmer.dll and gmer.sys ) will by copied to the system during the first lanuch. . Do not click scan.Use the copy button to copy to your clipboard. Post the log in your next reply.

That line can be malware but is not necessarily malware. Are you having any symptoms? If so please follow the instructions here http://www.malwarebytes.org/forums/index.php?showtopic=2936

Hi knevil77 please read and follow the instructions here http://www.malwarebytes.org/forums/index.php?showtopic=2936 to the best of your abilities. Do not post into another thread, keep your replies in this thread and in the body of the reply not as an attachment.

Hello and welcome to Malwarebytes. Please update MBAM, that version is extremely outdated. The current version is 1.30 DB 1402. Run a quick scan post that log and a new HJT log please.

You need to put the file in a zipped folder. Right click on it and choose send to zipped folder. Then attach it here please.

How are things running now? Run HJT in scan only and mark the following be sure to click fix. O2 - BHO: Iterasi.IEPlugin.Bar.InitToolbarBHO - {b21973d1-cbd6-46a8-8fcb-2af7aaaeb9ae} - mscoree.dll (file missing) O3 - Toolbar: iterasi Toolbar - {8e0c19a9-5657-409b-953f-59c941ffba4e} - mscoree.dll (file missing Reboot Be sure Java and Adobe are updated. If you feel your system is clean then proceed to the next steps. Your log looks clean. We need to now reset a clean System Restore point. If you don't and you need to use System Restore you will reinfect yourself. Go to Start>Control Panel>System. Click on the System Restore tab and put a check in Turn off System Restore. Then click OK. Now go to Start>Help and Support > Undo Changes to Your System or System Restore depending on the make of your PC. Click on what ever will open the System Restore box. You will see two options, Choose Create a System Restore Point. Give it a name like Clean Restore Point and today's date. Now if you need to use it you have it. Many infections can be avoided with an added layer of prevention. All recommended programs are free and easy on system resources. You should install them as part of your protection arsenal. Keep MBAM and Spybot Search & Destroy and always immunize SBS&D when you update. You will also need at least one other scanning program Asquared or SuperAntiSpyware are good and there are several other excellent programs with free and paid versions. Read the overviews of what each program below does so you have an understanding of their importance and how to use. A firewall and antivirus are also essential. The Windows firewall in XP and Vista is not sufficient. Preform Windows Updates monthly on the second Tuesday or use automatic updates, and use your scanners weekly at the least. Always update before you scan. Keep other software known for vulnerabilities updated also. Use the Secunia Inspector free scan to identify risks in outdated versions. SpywareBlaster from Javacool Software WinPatrol by BillPStudios SiteHound by FireTrust RogueRemover hpHosts The windows firewall is not sufficient to protect. It doesn't monitor outgoing traffic and this is a must. I use and recommend Online Armor Free Also the full protection of MBAM is offered at a very low price, from the link in my signature.

I'm trying to access something to help you. With nothing able to run it's near impossible. Have you tried System Restore? Is the Recovery Console installed? Reformatting might be the only option for you.

Have you tried doing a System Restore? Do you have the recovery console installed? If we can't run anything on it options are soon gone for a fix other than reformatting.

Hi great to have you here!

This is a extremely nasty infection and requires some diligence and dedication to clean it up. Please follow these instructions here and begin your own topic in that forum. Most importantly is to get the HJT log posted. MBAM has several definition updates to it also since you have last updated.

OK let's try this don't worry about trying to install the recovery console you won't be able to if you don't already have it. Just try to run this and get the log posted. Review this article here how to use ComboFix Be sure you cover the section on How to install and use the Windows XP Recovery Console and make sure it is installed on your machine. This is important should anything go wrong and we need to recover your PC and not lose all the data. 1. Download this file : http://download.bleepingcomputer.com/sUBs/ComboFix.exe save it to your desktop. 2. Double click combofix.exe. It will be a red icon with a white X on your desktop. Follow the prompts you will get a blue cmd prompt screen and a choice to choose Y or N. Choose Y and hit enter. 3. When finished, it shall produce a log for you. This logfile is located at C:\ComboFix.txt. Post that log and a HiJack log in your next reply Note: Do not mouseclick combofix's window while its running. That may cause it to stall.

Yippeee!! OK now some other major uninstalling and updates are crucial. But first run HJT again in scan only put a check next to each line and click fix. O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Testfolder\mbam.exe" /runcleanupscript <===== what's up with that? O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe Reboot Uninstall Java from Add/Remove programs You have an ancient version also uninstall Viewpoint and Adobe reader. You are running an outdated and unsafe version of Java. You need to uninstall it via Add/Remove programs and delete the program file also. Then go here Java Update and install the correct version for your system. Choose the offline installation. Your running an outdated and unsafe version of Adobe Acrobat Reader latest version. Or get the alternative faster lighter on resources Foxit PDF Reader and Editor Look at the Downloads tab here or Downloads if you don't want to see the features etc. After installing. Update Windows also to SP3. Your log looks clean. We need to now reset a clean System Restore point. If you don't and you need to use System Restore you will reinfect yourself. Go to Start>Control Panel>System. Click on the System Restore tab and put a check in Turn off System Restore. Then click OK. Now go to Start>Help and Support > Undo Changes to Your System or System Restore depending on the make of your PC. Click on what ever will open the System Restore box. You will see two options, Choose Create a System Restore Point. Give it a name like Clean Restore Point and today's date. Now if you need to use it you have it. Many infections can be avoided with an added layer of prevention. All recommended programs are free and easy on system resources. You should install them as part of your protection arsenal. Keep MBAM and Spybot Search & Destroy and always immunize SBS&D when you update. You will also need at least one other scanning program Asquared or SuperAntiSpyware are good and there are several other excellent programs with free and paid versions. Read the overviews of what each program below does so you have an understanding of their importance and how to use. A firewall and antivirus are also essential. The Windows firewall in XP and Vista is not sufficient. Preform Windows Updates monthly on the second Tuesday or use automatic updates, and use your scanners weekly at the least. Always update before you scan. Keep other software known for vulnerabilities updated also. Use the Secunia Inspector free scan to identify risks in outdated versions. SpywareBlaster from Javacool Software WinPatrol by BillPStudios SiteHound by FireTrust RogueRemover hpHosts The windows firewall is not sufficient to protect. It doesn't monitor outgoing traffic and this is a must. I use and recommend Online Armor Free Also the full protection of MBAM is offered at a very low price, from the link in my signature. Update MBAM again, run a quick scan post that and a new HJT log too.

Arg are you scanning with MBAM in Safe Mode? The HJT is in Safe I need it in normal boot please. Scan with both in normal boot and post the logs.

Please get CCleaner Install the program run the scan. If you have any queries or comments then please use the Forum or contact us via this form.. Do not use the registry cleaner feature uncheck that option. Clean temp files, cookies, and unnecessary items. Reboot. Update MBAM post a new log and a new HJT log. In this order

Please post your logs in the body of your reply. Since MBAM has updated a few times now please update it post that new log and then a new HJT log.