If you have not already downloaded MGtools, download it from here: MGtools and save to the root folder of the drive where you have installed Windows (Typically this would be C:\ and thus you would have a C:\MGtools.exe file after downloading)
FYI to Firefox users: New versions of Firefox will falsely tell you that MGtools.exe is a virus and it will not let you download it. It also does not let you override this false accusation. Do the below to fix this issue:
See the below to disable the Phishing and Malware Protection feature so that you can download MGtools.exe. You can renable it afterwards if you wish but anytime you try to download some file that they don't recognize, you will have this problem.
Important Update Note:
Vista and Win 7 Debugging - If MGtools did not run properly
When all scans are finished running, the command prompt window will look something like the below snapshot depending on whether some of the last few logs being Zip'ed exist or not:
Don't forget to attach the MGLogs.zip file to your message in the Malware Forum. (See: HOW TO: Attach Items To Your Post )
At a later time to get new logs as requested, you can individually run any of the batch files by double clicking on them from a Windows Explorer window. Windows Explorer is easily opened by right clicking Start and selecting Explore. The batch file will create a new log and will also update the MGlogs.zip file with each new log created. The person helping you may either request the MGlogs.zip file or any of the individual log files created by the scans. If you rerun GetLogs.bat (which is the easiest thing to do), it will create new logs to be easely uploaded via the MGlogs.zip file.
Notes: Possible Error Messages
Error Message Type 1
If any of your logs appears to be empty or semi-empty or if you get an error message similar to the below when running any of the three batch files and you are running Windows XP or Windows 2000, follow the steps further down that relate to your OS.
Error Message Type 2
The below error message is not a problem and you could see none of these or a few of these. It just means a registry key we are checking for does not exist. The scan will continue after any of these occur.
Error Message Type 4
If you receive a message similar to any of the below. It just means that you do not have the Microsoft .NET Framework software installed from Microsoft Update. You should install this as many .NET type applications require it. The processdll.exe program which is part of MGtools will not run without this software being installed. You don't have to install it but the output from processdll.exe can sometimes be critical in getting your malware removed. Just click any key or OK to continue and ignore the error. To fix it, install the .NET software.
could Not Find c:\Documents and Settings\USERNAME\Desktop\procdll.txt
You can install the .NET Framework software from Microsoft by clicking the Download button in the below link and then running the dotnetfx.exe file once it is downloaded.
Error Message Type 5
If you see a popup message similar to the below (double click the thumbnail to enlarge), it also means you do not have the Microsoft .NET Framework software installed as stated in the Type 4 error message above.
Just click the OK button to continue and consider installing the .NET Framework software at a later time since it can be quite useful.
"There are 10 types of people in this world. Those who understand binary and those who don't."
Support Majorgeeks on Facebook:
Last edited by chaslang; 03-17-15 at 18:38.. Reason: Firefox and Chrome calling MGtools malware
|The Following 188 Users Say Thank You to chaslang For This Useful Post:|
1i1paco (04-09-11), aamedic (10-24-08), abz1nthe (12-29-09), adamberg (12-14-08), agcity (10-08-08), agtef (03-20-09), ajones7874 (07-13-12), alexgow1 (04-22-14), allexram (02-14-09), Allis_Chalmers (01-11-09), anaka (01-17-09), AnvilForge (10-31-12), AV_Issues (03-29-09), barbrx (09-28-08), beckylousiana (08-05-08), bettnott (01-18-09), Blinx (01-08-10), boogieman (12-26-09), brittanybri (07-29-13), bugsy1275 (07-27-12), butterfly090965 (03-04-09), Chazmataz (12-03-08), chellow (01-16-09), chemalian (09-15-08), Colin13 (07-08-08), compnewbie (01-21-11), concre+e (01-02-09), ConfusedRock (02-08-12), Copy1 (05-05-10), copyman_5 (09-02-08), cpauszek (08-09-08), cshbonawitz (01-31-09), csraposo (03-08-09), cwjones (05-20-13), dakesi (07-20-08), darrenforster99 (07-29-08), deanpants (01-19-09), Deathtoyou (12-20-13), DeeEmmTee (05-01-10), dhillenb (09-01-13), dittosaur (02-19-09), docpaulo (10-31-08), dondd (12-31-08), dragonpete (07-17-08), DRUMMERBUM (09-16-08), d_spice (07-17-08), eddieeffg (09-07-09), edgolfer7 (09-07-08), edwata (09-29-11), Eire32 (08-27-08), erosarriving (04-06-11), esszeeeye (01-31-09), falloutf8s (12-29-08), fangy (12-22-09), Fedatlarge (10-07-08), Fernando Magallanes (06-06-09), fightinharbaughs (12-07-11), Fish Bonz (05-06-09), fubsy (10-18-08), gago (08-30-12), GandalfTG (08-19-08), firstname.lastname@example.org (12-11-08), got money (12-26-08), Grumbles (03-08-09), Gwho (07-02-11), HardCorps (12-14-09), Himo (10-29-08), iamadam (12-28-08), Ibsen3 (06-11-09), infernalinferno (07-27-08), InvisionNole (01-10-09), jasong9800 (07-09-08), jellytots55 (11-20-09), jhutsonhart (12-30-08), jjmontalbo (10-25-08), Josr (01-02-09), jshr (07-30-10), juantuu (05-19-09), Kaddock (06-10-12), KarKar (05-31-10), katornus (05-30-12), KCEngineer (01-19-09), keeferj2 (06-28-08), Kenkita (08-22-13), kevgeez (04-21-10), Kiholo (01-04-11), Kintelligence (08-01-13), kusumahdilaga (06-25-15), Lava (07-27-10), Lavender (08-22-10), lmaliski (11-16-08), lodza (03-26-09), LostraliaN (08-02-08), luminosity (03-05-13), lwhitneysmith (02-12-10), MadDogg80 (01-02-10), marisuca (10-13-09), martiting (11-09-08), mbfranchi (03-05-12), Meilee (04-23-14), Metalflame (12-27-09), Mezzerrick (07-23-08), Mitchle (02-06-13), mnolan202 (07-06-08), Moley (08-20-10), Morphvr6 (05-01-13), mpetro1 (09-11-13), mrdappa (05-12-10), munkeyboi (08-18-08), nanabell1225 (09-23-09), natelaw (03-31-09), naturalagent (01-06-09), newmy51 (03-30-10), nilmar (03-17-09), NO CLUE (05-29-10), oldsimp (12-30-11), ookiepoo (04-12-10), orhalimi (06-26-13), otarpilot (12-28-08), p45cal (01-18-11), PCBeatMe (06-20-09), peteschulte (05-17-09), PhilosophicalCat (04-24-10), pncc29 (03-02-09), popaye85 (07-16-12), popinmid (09-15-08), Puffbunny (10-24-12), Ramachandrea (09-20-08), Reester (10-28-09), rengaw (12-10-12), Retiredndakota (03-18-11), retro-man (09-04-10), Rich_Lovina (10-16-08), rickardlindkvist (10-23-08), RideOn88 (03-30-13), risingTide (05-14-10), rison146 (07-18-12), RJS (12-15-09), robc1776 (07-05-09), rockmegently77 (09-20-08), SafariHat (02-26-09), same (12-18-14), scrapper1115 (01-29-09), shelbot (04-13-14), Sherbet (02-27-11), shikedo (07-25-08), Shunsui (05-06-09), sight7 (06-22-09), skanuga (09-09-08), smileycrossbones (05-06-14), Snaketattoos (04-23-12), soem (01-31-10), SonicV.1 (08-14-08), spoonlamp (01-12-09), SScytrome (03-08-11), steve_wilson (02-05-09), synth3tk (02-06-09), tanyanorthey (03-08-09), Texan2000 (09-28-09), tferrari (09-27-10), thechaz (03-10-09), thorir (06-18-09), tigertom520 (12-05-09), top10nla (04-13-09), totalpkg (09-12-08), email@example.com (06-11-09), trwittig (11-26-08), tsugaman (01-07-12), Tucquan (02-16-09), Turbine (08-16-12), ureritemate (10-25-08), vacat (09-05-13), vinoo (03-31-10), vlashka (12-19-08), WalksAlone74 (09-03-08), waterboy2 (01-23-12), weagle87 (12-12-08), whs8360 (04-01-12), wilkal82 (08-04-09), Will DOS (04-13-13), winepooh (09-13-08), Wrenchman (01-19-09), xtraboost360 (09-01-11), yazzie0 (05-27-13), yolkboy (02-19-10), zDeadly (03-19-10), zela (12-16-09), zero0 (10-10-09)
|Display Modes||Rate This Thread|