My XP cleaning results logs

Discussion in 'Malware Help (A Specialist Will Reply)' started by dirtyc, Jan 26, 2010.

  1. dirtyc

    dirtyc Private E-2

    As per instructions, I am attaching all logs.

    SuperAntiSypwareScanner - nothing found.
    MalwareBytes - 1 infected registry key -> quarantined and removed.
    ComboFix - not sure, see log file.
    RootRepeal - not sure, see log file.
     

    Attached Files:

    dirtyc, Jan 26, 2010
    #1
  2. dirtyc

    dirtyc Private E-2

    MGTools - zipped log attached.
     

    Attached Files:

    dirtyc, Jan 26, 2010
    #2
  3. dirtyc

    dirtyc Private E-2

    Have I forgotten something or done something wrong? I've seen my thread get buried, so I'm just asking the question if more info is needed. I *think* (think being the keyword there) that I'm clean but I have no idea how to read the complicated log files. The only thing that's easy to understand are the programs that either say "yes, you're clean" or "no, you're not, here's what to do about it."

    I guess this is *technically* a bump of sorts (a no-no) but I hope I'll be forgiven.
     
    dirtyc, Jan 26, 2010
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Your thread wasn't buried. We had a mass influx of systems that were seriously damaged by a bad version of ComboFix.

    Did you put this here and what is it:
    C:\HereItIs

    Use windows explorer to find and delelte:
    C:\WINDOWS\system32\-1

    Then run CCLeaner and make sure you remove all that you can in this folder ( windows will not let you delete items from today):
    C:\Documents and Settings\John Baldwin\Local Settings\Temp\

    Tell me what issues you are having.
     
    TimW, Jan 26, 2010
    #4
  5. dirtyc

    dirtyc Private E-2

    Somebody put out a malware detecter infected with malware? Ouch!

    Yes, I put that folder there. It's where I put all of the install progs that were recommended in the "READ & RUN ME FIRST" Thread. No worries.

    I didn't know that was there. Was it mentioned in one of the more complicated log files (MGtools)? I'd love to learn how to read these myself.

    Done.
    I couldn't delete much of anything from this folder. There was a folder inside it named "NAILogs" and a bunch of files with this format: ~DF1E04.tmp.
    I'm guessing those are the items from today that cannot be deleted?

    Very difficult to describe. You know how when you use a computer 12 hours a day you just sort of know when something is off (nerd ESP)? That's where I'm at.

    But everything's coming up roses for SAS and MB so as long as my RootRepeal and MGTools logs look fine to you (I assume you read them)...then I'll try to take a chill pill and quell my paranoia.

    However, I feel paranoia is my proper state of mind at this.
    Reason: I run my business from home.
    I have to be 110% sure that I don't have some sort of trojan/bot/keylogger because if they could get access to my hosting login info they could do tons of damage.

    More importantly, they could steal my 100k+ email database (the opted-in kind, not the BS you buy on the net).
     
    dirtyc, Jan 26, 2010
    #5
  6. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    No. It was a programming error.
    Makes it hard to remove when you need to.

    It was visible in one of your logs.


    Yes, not to worry about.

    Just follow the instructions here:
    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no real-time protection. They are useful as backup scanners.They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /uninstall
        • Notes: The space between the combofix" and the /u, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
    3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    4. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
    5. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    6. Go to add/remove programs and uninstall HijackThis.
    7. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    8. If you are running Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning procedures in step 3 the READ ME for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore ato create a new clean Restore Point.
    9. After doing the above, you should work thru the below link:
     
    TimW, Jan 27, 2010
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds