MajorGeeks Support Forums

Go Back   MajorGeeks Support Forums > ----------= PC, Desktop and Laptop Support =---------- > Malware Removal > Malware Removal FAQ
Register FAQ Members List Calendar Casino Mark Forums Read

Malware Removal FAQ testing


Closed Thread
 
Thread Tools Rate Thread Display Modes
  #1  
Old 09-29-07, 21:27
chaslang's Avatar
chaslang chaslang is offline
MajorGeeks Admin - Master Malware Expert
 
Join Date: Feb 2004
Location: Northern New Jersey USA
Posts: 79,712
Thanks: 61
Thanked 7,413 Times in 3,965 Posts
Default Win 2000 & 2003 Malware Removal/Cleaning Procedure

Windows 2000 & 2003 Malware Removal/Cleaning Procedure
This procedure expects that you have the latest service pack revisions for Windows 2000 or 2003 already installed. If you do not, you could have difficulties with certain tools not working. You will have to report this later. We do not advise getting any updates for your Windows OS while still infected.


Notes:
  • Some programs (like MGtools mentioned later and maybe other tools too) may not run on restricted user accounts so you may need to temporarily change the user account to an admin type account and then complete the scans.
  • If you are a Spybot Search and Destroy user, make sure that you do not have Teatimer enabled. If you already have Teatimer enabled, see this to disable it: How to disable Spybot's TeaTimer
Step 1: Downloading Tools

In this section we are going to download tools we will use. We will install and configure the programs and then run scans at a later point so please only download right now.

Make sure you download the tools to the exact locations specified below in the procedures to avoid problems later. It is not a good idea to download them to any folder within C:\Documents and Settings.) It is also a bad idea to download and save anything you need into any kind of Temp folder. Malware hides in Temp folders and standard cleaning practices will delete everything from Temp folders.

If you have difficulty knowing how to download and save files to locations on your PC, check out the below Video Tutorial by TimW



Now download the below tools ( PLEASE only download at this point ) If your protection software blocks downloading because it calls these malware then shutdown your protection software because it is mistaken and is just getting in the way.
  • RogueKiller - Save to your Desktop. See the download links under this icon
  • Malwarebytes Anti-Malware - See the download links under this icon
    • Important: Rename the downloaded mbam-setup.exe file to mb.exe to help work around certain malware that will block it from being run.
  • HitmanPro - Save to your desktop. See the download links under this icon
  • MGtools - Recent bugs in many antivirus programs are detecting this as malware. Disable your AV while you download and run MGtools if you have this problem. Rest assured that it is clean. Your AV is incorrect. We prefer that you download this file to the root folder of the drive where you have installed Windows (Typically this would be C:\ and thus you would have a C:\MGtools.exe file after downloading). If you use FireFox and still have it set to defaults, it will not let you choose where to download files to. To change FireFox, run FireFox and Click Tools, Options, and on the Main tab select Always ask me where to save files. If for some reason you still have a problem trying to save MGtools.exe properly which can happen with Vista and Win7, you can download and run it from your Desktop as long as your Desktop folder is located on the same drive that you boot Windows from.
Step 2: Installing Tools and Running Scans - please only run one scan at a time and only run each scan one time. Also try to complete all scans before attaching any logs!
  • RogueKiller Instructions
    • Double click RogueKiller.exe to run (Note: If running Vista or Win 7 use right-click and select Run as Administrator)
    • When it opens, press the Scan button
    • When it is finished, there will be a log on your desktop called RKreport[1].txt
    • Attach RKreport[1].txt to your next message ( after you complete all scans or get as far as you can go). (See: HOW TO: Attach Items To Your Post )
  • Malwarebytes Anti-Malware Instructions
  • HitmanPro Instructions
  • MGtools Instructions
    • Now follow the directions in the below link for running MGtools. It also explains possible reasons for not being able to run MGtools
      • Using MGtools
Step 3: Do You Still Have Problems
  • Yes, I’m still having problems
    • DO NOT run the READ ME again!!!! Please attach your logs as given below.
    • PLEASE ATTACH ALL REQUESTED LOGS whether the find anything or not!!!!! We must check that proper updated versions were run.
    • If you do not already have a thread started, start a new thread otherwise post the following in your original thread. Clearly describe in detail the problems you are having and how long ago they started. Think about what you were doing at the time.
    • Now you need to attach (See: HOW TO: Attach Items To Your Post ) ( Or View: How to Attach Items to Your Posts) the below logs created while running the above scans
      • RKreport[1].txt log from RogueKiller.
      • Malwarebytes Anti-Malware log
      • HitmanPro
      • MGlogs.zip - normally it is C:\MGlogs.zip - only attach this log from MGtools.exe DO NOT attach any logs seen in the MGtools folder.
    • Be patient after posting your logs and wait for one of the helpers to get to you. It can take a while to read thru all of the logs and to create individual fixes for you.
    • Also DO NOT BUMP your thread to try and get a faster answer. This will actually significantly delay getting an answer. See this: Don't Bump! It Only Hurts You!!!
  • No, I’m not having any problems
    • Then jump to the next step below.
Step 4: Keeping your computer safe and secureStep 5: Alternative Scans - If still having problems, see: Alternative Scans


Now surf safely!
__________________
"There are 10 types of people in this world. Those who understand binary and those who don't."


Support Majorgeeks on Facebook:

Majorgeeks Newsletter

Last edited by chaslang; 06-01-13 at 13:29.. Reason: attach logs whether the find anything or not
The Following 4 Users Say Thank You to chaslang For This Useful Post:
gud_noypi (10-14-08), outdoorfun (09-17-09), Sanura (11-17-10), so777 (06-18-10)
Sponsored links
Closed Thread

Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
trojan dns changer Vista Cleaning Procedure, Malwarebytes Anti-Malware arnie4 Software 15 06-04-09 11:35
Malware cleaning procedure attempted, still have problems Aidara Malware Removal 3 03-21-09 23:52
Some sort of Malware. Not solved by cleaning procedure JLong2004 Malware Removal 7 01-17-08 09:25


All times are GMT -5. The time now is 05:13.


MajorGeeks.Com Home Page
| Admin Tools | All In One | Anti-Spyware | Anti-Virus | Appearance | Backup | Benchmarking | BIOS | Browsers | Covert Ops |
Data Recovery | Diagnostics | Drive Cleaners | Drive Utilities | Drivers | Driver Tools Ergonomics | Firewalls | Games | Game Tweaks | Graphics | Input Devices | Internet Tools | Macintosh | Mail Utilities | Memory | Messaging | Monitoring | Microsoft | Multimedia | Networking | Office Tools | Process Management | Processor | Registry | Security | System Info | Toys | Video | Miscellaneous
|
Powered by vBulletin® Version 3.8.4
Copyright © 2009 vBulletin Solutions, Inc. All rights reserved.
Ad Management by RedTyger