Cleanup procedure done - should I post results?

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Shazza1954, Feb 23, 2010.

  1. Shazza1954

    Shazza1954 Private E-2

    Hi

    I have performed all the steps suggested in the cleaning procedure. I do not really know how to interpret the logs (I have saved them) Should I post these results on here just in case something is reported in them that needs attention. The reason I ran the clean up is because of what I seem to se on here is a common fault, PC slow to load, running slow, plus a message on startup that an app such as word, excel, powerpoint (it varies) has encountered an error and has had to close, even though i never asked it to open, or windows has encountered an error and had to close, this one can take some getting rid of, need to close several times. However, on this restart after the clean up none of these things happened, but it sometimes did not before, so I am not sure it has been cured.

    Could you please advise whether to post the logs, or should I wait to see what happens. Firefox is still slow opening up by the way.

    My PC details are AMD Athlon XP 2800+
    2.08 GHZ 1.00 GB Ram
    Microsoft XP Pro V2002 Service Pack 3

    Thanks
     
    Shazza1954, Feb 23, 2010
    #1
  2. Shazza1954

    Shazza1954 Private E-2

    Done cleanup, still having even worse problems

    Hi

    Followed the cleanup instructions, now problems worse than ever, first re boot was OK, but now load up slower than ever, more than one app and error message coming up, any help out there please, I am losing it here and ready to throw thw PC out the window. Please help.
     
    Shazza1954, Feb 23, 2010
    #2
  3. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Attach the logs. :) And keep all your replies in this thread. Do not start a new thread asking again for help. We can only assist you if you have followed the Read and Run First instructions and ATTACH the logs.
     
    Last edited: Feb 23, 2010
    TimW, Feb 23, 2010
    #3
  4. Shazza1954

    Shazza1954 Private E-2

    Thanks for getting back, just getting used to forum rules, so sorry I posted twice.

    I am going to try and supply as much info as possible, but I am a novice, so please excuse me if you have to ask for more. Hopefully I will be able to successfully attach the reports, I have tried my best with the clean up procedure, one thing I did notice, the new version of Java loaded VERY quickly, so I hope it does not have bits missing. It does appear in the programmes list.

    During cleanup I was told to close all but one firewalls, as I did not know where to find them, I uninstalled adaware and spybot which are the ones I know of that I have installed, should I have looked in windows? I did disable AVG during installations of recommended tools I have restarted it, the icon is no longer showing at the bottom left near clock, but have gone in via shortcut on desktop and seems to be active. Oh, I could not find the AVG quarantine folder to empty it.

    I think I have done all other necessary steps, or at least tried, but may have got some wrong.

    Problems encountered (getting worse)

    On startup, athough I have removed them from the startup folder on the star menu, a window comes up saying excel has encountered an error and has had to close, when I close this window, Word pops up same message, close that then powerpoint pops up. Initially before clean up I would only get one, mainly powerpoint, now it is all three.

    I was geting the windows error reporting window as well but I have disabled that in systems and that does seem to have stopped.

    The drive seems to be making its whirring busy noise all the time, is that usual, I am pretty sure it has not always done that.

    PC spec is AMD Athlon XP 2800+
    2.08 Ghz 1.00 MB ram
    Microsoft XP pro v 2002 Service pack 3 32 bit

    Super anti spyware quarantined 2 items
    Adware.couponbar
    Rogue.agent/gen-Nullo(DLL)

    Will completely remove these on your advice, but as I do not know what hey are, do not know if they are needed by other apps.

    Will now attempt to attach logs, gather I can attach 4, so am going to try and attach Rootrepeal log, Malwarebytes log, MG tools log and combo log, one is zipped so hope it sends..

    Thanks, long post but hope it saves on subsequent posts
     

    Attached Files:

    Shazza1954, Feb 24, 2010
    #4
  5. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    This is not a malware issue as your logs are clean. I suggest you pursue this in the software forum. Your hard drive making noise could mean it needs defragging or that it may possibly be going out.

    We can clean up a few things while we are here:
    First you need to put ComboFix directly on your desktop, not here:
    Running from: c:\documents and settings\Sharon\My Documents\Downloads\ComboFix.exe

    It should be here:
    c:\documents and settings\Sharon\Desktop\ComboFix.exe

    * Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
    If it is not on your Desktop, the below will not work.
    * Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
    * If ComboFix tells you it needs to update to a new version, make sure you allow it to update.
    * Open Notepad and copy/paste the text in the below code box into it (make sure you scroll all the way down in the code box to get all lines selected ):
    Code:
    KILLALL::

Driver::
avast! iAVS4 Control Service

File::
C:\Documents and Settings\Sharon\Local Settings\Application Data\prvlcl.dat

Folder::
C:\Documents and Settings\All Users\Application Data\Alwil Software

Registry::
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
    * Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
    * At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
    * You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
    If it asks you to overide the prvevious file with the same name, click YES.
    * Now use your mouse to drag CFscript.txt on top of ComboFix.exe
    [​IMG]
    * Follow the prompts.
    * When it finishes, a log will be produced named c:\combofix.txt
    * I will ask for this log below

    Note:

    Do not mouseclick combofix's window while it is running. That may cause it to stall.

    Since you are not having any malware problems, it is time to do our final steps:
    1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no real-time protection. They are useful as backup scanners.They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /uninstall
        • Notes: The space between the combofix" and the /u, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
    3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    4. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    5. Go to add/remove programs and uninstall HijackThis.
    6. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    7. If you are running Vista, Windows XP or Windows ME, do the below:
      • Refer to tahe cleaning procedures ian step 3 the READ ME for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore ato create a new clean Restore Point.
      a
    8. After doing the above, you should work thru the below link:
     
    TimW, Feb 24, 2010
    #5
  6. Shazza1954

    Shazza1954 Private E-2

    Thanks, I have just got this and printed it off, need to set time aside to follow all the instructions. If I have further problems, I will do as you say and put a post in software forum. Thanks for going to so much trouble and being of help. Maybe as you say hard drive is on the way out, it is 8 years old so could well be.

    Again, many thanks
     
    Shazza1954, Feb 24, 2010
    #6
  7. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You are most welcome. Have you run a chkdsk on the drive or a diagnostic test for that drive manufacturer? Something to pursue in software, though. Good luck and safe surfing! :)
     
    TimW, Feb 24, 2010
    #7

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds