Dell Desktop Virus Cleaned? LOG CHECK - PLEASE! Thanks

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Superlost6, Jul 29, 2012.

  1. Superlost6

    Superlost6 Specialist

    Hello..
    I have a Dell Desktop PC w/ windows7 - The PC received what looks to be cool-web-search infection & possibly windows tools 2010 virus. Nevertheless, it appears I got it all as all the infection popups and High Jacks have stopped.

    Before I give this PC back to my sister if you could check my logs to see if I need to do anything.
    THANK YOU!

    Superlost6

    View attachment MGlogs.zip

    View attachment combo-fix-log.txt

    View attachment RKreport[2].txt

    View attachment SUPERAntiSpyware Scan Log - 07-28-2012 - 23-28-56.log
     
  2. Superlost6

    Superlost6 Specialist

    Sorry, I forgot one other log...
     

    Attached Files:

  3. Superlost6

    Superlost6 Specialist

    One last note:

    I see there is two (2) Icons on my desktop marked " Desktop.ini " this don't seem normal to me?
     
  4. thisisu

    thisisu Malware Consultant

    Hello Superlost6,

    Please attach your log from HitmanPro

    And those icons are your desktop are normal. They will be removed once we turn off "show hidden/system files" again.
     
  5. Superlost6

    Superlost6 Specialist

    Here is the log
    Thank you!
     

    Attached Files:

  6. thisisu

    thisisu Malware Consultant

    [​IMG] From Programs and Features (via Control Panel), please uninstall the below:
    • Ask Toolbar
    • Search Results Toolbar

    Reboot.

    __

    Delete these folders if they still exist:
    • C:\Program Files\MyWebSearch
    • C:\Program Files\Ask.com
    • C:\Program Files\toolbar2

    __


    [​IMG] Open Notepad and copy everything in the code box below into it.
    Code:
    REGEDIT4
    
    [-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}]
    [-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{348bd83c-b2cd-4319-a605-c96bb458dd80}]
    [-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
    "{348bd83c-b2cd-4319-a605-c96bb458dd80}"=-
    "{6c97a91e-4524-4019-86af-2aa2d567bf5c}"=-
    [-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
    [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
    [-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
    [-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
    [-HKEY_CLASSES_ROOT\clsid\{348bd83c-b2cd-4319-a605-c96bb458dd80}]
    [-HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
    • File -> Save As -> Save as type: "All Files" -> File Name: fixme.reg > Save.
    Now merge this into the registry by double-clicking it.
    Let me know if the merge was successful or not.

    __

    If everything above was successful:

    If you are not having any other malware related problems, it is time to do our final steps:
    • Any programs we had you download and/or install can be removed at this time.
    • If we had you download and run ComboFix, here is how to uninstall it:
      • Press and hold the Windows key [​IMG] and then press the letter R on your keyboard.
      • This opens the Run dialog box.
      • Copy and paste the below text inside the text-field:
        • "%userprofile%\desktop\ComboFix" /uninstall
      • Now press ENTER
      • ComboFix will extract its files one last time and you should receive a notification that ComboFix has been uninstalled shortly after.
    • You can re-enable your Disk Emulation software at this time via DeFogger.
    • If we had you create or download a registry patch or "fix" script, these can be deleted at this time.
    • Go into the C:\MGtools folder and run the MGclean.bat file to remove additional traces of our tools.
    • Now we will toggle System Restore to remove any infected system restore points.
    • Lastly, here is a guide to protect you from future infections: How to Protect yourself from malware!
    • Be safe :)
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds