Windows Custom Management

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by mpetro1, Jun 27, 2012.

  1. mpetro1

    mpetro1 Private E-2

    Hi, I had a Fake Trojan on my PC. It said I had 1000 problems with Trojan's, it would not let me get online or use any removal tools. I was able to use Malwarebytes Anti-Malware in Safe Mode and it removed the fake virus. I'm not sure if it removed all of it! I have a desk top icon that i'm not sure about, it's a blue box and has a power button icon in the middle of it (it looks like the button to turn on your computer). below the icon it says sdsetup[1].exe. I'm no expert on computers, that's why I'm asking for someone to check my logs! I will also attach the first scan from Malwarebytes that removed the Trojan! Sorry in advance if you didn't need it!
     

    Attached Files:

  2. mpetro1

    mpetro1 Private E-2

    I hope I attached MGtools log!
     

    Attached Files:

  3. thisisu

    thisisu Malware Consultant

    Hello mpetro1 :)

    [​IMG] From Add/Remove Programs (via Control Panel), please uninstall the below:
    • Java(TM) 6 Update 16

    [​IMG] Please download Disable/Remove Windows Messenger to your desktop.
    • Double-click MessengerDisable.exe to run it.
    • Place checkmarks in "Uninstall Windows Messenger" and "Hide Messenger from Outlook Express"
    • Click Apply
    • Click Exit

    Delete it, it's here:
    • C:\Documents and Settings\Carol\Desktop\sdsetup[1].exe.lnk

    __

    [​IMG] Now install the current version of Sun Java from: here

    __

    The rest of your logs are clean.

    If you are not having any other malware related problems, it is time to do our final steps:
    • Any programs we had you download and/or install can be removed at this time.
    • If we had you download and run ComboFix, here is how to uninstall it:
      • Press and hold the Windows key [​IMG] and then press the letter R on your keyboard.
      • This opens the Run dialog box.
      • Copy and paste the below text inside the text-field:
        • "%userprofile%\desktop\ComboFix" /uninstall
      • Now press ENTER
      • ComboFix will extract its files one last time and you should receive a notification that ComboFix has been uninstalled shortly after.
    • You can re-enable your Disk Emulation software at this time via DeFogger.
    • If we had you create or download a registry patch or "fix" script, these can be deleted at this time.
    • Go into the C:\MGtools folder and run the MGclean.bat file to remove additional traces of our tools.
    • Now we will toggle System Restore to remove any infected system restore points.
    • Lastly, here is a guide to protect you from future infections: How to Protect yourself from malware!
    • Be safe :)
     
  4. mpetro1

    mpetro1 Private E-2

    Thank you! My computer is running great now!!


    Mike :)
     
  5. thisisu

    thisisu Malware Consultant

    You're welcome, Mike.
    Be safe :)
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds