Help with malware removal- have run malware removal instructions

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by ssmehta007, Mar 28, 2011.

  1. ssmehta007

    ssmehta007 Private E-2

    I have run the malware removal intructions and when through each programs as they did remove some of the malware and virus. The issue that I am having is that when I open the computer under seperate user and try to run the malware removal programs via internet or through USB drive, I keep seeing a window which pops up asking me which program I want to use to open the program. I have run the computer under the adminstrator and do not seem to have problems running the View attachment mbam-log-2011-03-28 (17-02-07).txt

    View attachment combofix log.txt

    View attachment SUPERAntiSpyware Scan Log - 03-28-2011 - 16-42-24.log

    View attachment hijackthis.log malware removal steps and have attached the reports from the intructions.

    Even when I try to open add or remove programs under control panel- I get the following message: "C\windoesn\system32\rundll32.exe- application not found. I am thinking that It is something to do with AVG and have removed the program with the step.

    Please help.... View attachment mbam-log-2011-03-28 (17-02-07).txt

    View attachment combofix log.txt

    View attachment SUPERAntiSpyware Scan Log - 03-28-2011 - 16-42-24.log
     
  2. dr.moriarty

    dr.moriarty Malware Super Sleuth Staff Member

    Specific download and installation instructions are in our R&R ME FIRST guide :

    ComboFix
    Running from: l:\combifix\ComboFix.exe <--- belongs on your desktop

    RootRepeal
    Save it to your Desktop

    SAS & MBAM
    Installed to the Default Location - "C:/Program Files", as we suggest that you keep them after malware removal.

    MGTools.zip
    Download this file to the root folder of the drive where you have installed Windows (Typically this would be C:\ and thus you would have a C:\MGtools.exe file after downloading). ​

    Please make those corrections and attach the missing RRlog.txt (from RootRepeal) and MGlogs.zip - normally it is C:\MGlogs.zip . Please tell me any problems you still have.
     
  3. ssmehta007

    ssmehta007 Private E-2

    I have downloaded and installed Combofix, RootRepeal, Mbam and SAS to the computer (Combofix and RootRepeal to the desktop). After running each of the programs and restarting the computer- I again get a little pop up on the bottom right hand side letting me know that your computer might be at risk and when I open any file or internet...a window pops uo asking me to "Choose the program you want to use to open the file".
    I have attached the files as you have requested and would appreciate what else can I do to take care of the problem.

    Thanks so much!!

    View attachment comboflog.txt

    View attachment SUPERAntiSpyware Scan Log - 03-29-2011 - 09-13-11.log

    View attachment RootRepeal.txt

    View attachment mbam-log-2011-03-29 (09-21-15).txt
     
  4. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Dr Moriarty still needs to see the C:\MGlogs.zip from running C:\MGTools.exe.
     
  5. ssmehta007

    ssmehta007 Private E-2

    Attaching the file as requested.
     

    Attached Files:

  6. ssmehta007

    ssmehta007 Private E-2

    Here is the file....
     
  7. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Yes. The log file is attached correctly. You will have to wait for Dr M to log in though. Please be patient. :)
     
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    This file is extremely incomplete. Let's see if we can get more information info into it.


    Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

    Then attach the below logs:
    • C:\MGlogs.zip

    Tell us if you have any problems while trying to run the above.
     
  9. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Note, the below is where you now put ComboFix. This is not the Desktop.

    c:\program files\Combofix\ComboFix.exe


    What malware problems are you currently having?
     
  10. ssmehta007

    ssmehta007 Private E-2

    I am not seeing that file under MG Tools ...could it be anywhere else? I have this log report and not sure if this helps...
     
  11. ssmehta007

    ssmehta007 Private E-2

    After clicking on a specific program or internet exploere- a window pops uo asking me to "Choose the program you want to use to open the file".
    I also get a little pop up on the bottom right hand side letting me know that your computer might be at risk and when I open any file or internet...I have runned each programs based on the instructions and not know how to get rid of it...
     
  12. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Did you run MGtools from the Desktop or from C:\MGtools.exe as stated? If you ran it from the L drive like you ran ComboFix originally, MGtools would not work properly. The instructions stated this.

    Do you see the C:\MGtools folder ? Make sure you are looking in this folder and just looking at MGtools.exe which is a file.
     
  13. ssmehta007

    ssmehta007 Private E-2

    Here is the MGlog file...let me know what to do next.
     

    Attached Files:

  14. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Now run the C:\MGtools\FixFA.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

    Now reboot your PC and see if there is any change to this problem.
     
  15. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Also note your logs show you are running scans in Safe Boot Mode. You need to run in Normal Boot Mode unless you cannot run in normal boot mode.
     
  16. ssmehta007

    ssmehta007 Private E-2

    I am not able to run the CCleaner or any other programs when not logging on a safe mode. Everytime I try to open any program it pops up a window asking me to choose the program I want to use to open the file. I am also not able to open control panel.

    Any suggestions or assistance!!
     
  17. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Did you run the FixFA.bat program I asked you to run? Did you try running it is normal boot mode to see what happens?
     
  18. ssmehta007

    ssmehta007 Private E-2

    Thanks you so much!! That did the trick.
     
  19. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. So now it would be a good idea to run at least Malwarebytes and a MGtools again from Normal Boot Mode and attach new logs.
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds