Clean PC?

mark59 · Mar 13, 2008

I posted a thread on the Software forum. Following their advice I've done some checks with Combofix SUPERAntispyware and MGLogs and I got seven logs which I attch I'd be grateful if they could be checked. Thanks! By they way I reported in the Software Forum that my PC was slow. I believe my PC is clean and its still slow. There are 7 logs so I'll have to post two replies to my thread in order to attach them all.

mark59 · Mar 13, 2008

Here are the next three logs.

mark59 · Mar 13, 2008

Here's the seventh and final log

Lev · Mar 13, 2008

Hi Mark -this is not a random log posting forum

If you think malware is your problem then work through the linkprovided below, step by step, and post up only the requested logs so that an Authorized Malware Fighter can take a look for you

Read & RUN ME FIRST Before Asking for Support

mark59 · Mar 13, 2008

I am somewhat confused now!

I originally posted a thread in MajorGeeks Support Forums.Help & Technical Forums> Software because my PC was running slow. I was assisted by MarkTrent Senior Member of that Forum.

I was advised to worK through
http://forums.majorgeeks.com/showthread.php?t=35407

I worked through all of those and then posted them in a reply to my original thread. Having done this I was advised that this was not the appropriate forum. I was advised to post them in this one.

Lev · Mar 13, 2008

Senior Member is just an automated title based on post count. Everyone has a title, even you.

The advice was correct though. However, you are posting a large number of attachments, some of which have not been requested in the thread I linked to and the one Mark Trent linked to in your Software Forum thread in post #3.

The only logs requested are the Superantispyware log, the ComboFix log, and the MGTools log. Please post those and only those here. A Malware Fighter will advise you if further logs are required based on their findings in these initial logs.

mark59 · Mar 13, 2008

I have posted the three logs requested.

TimW · Mar 14, 2008

Aside from the fact that your ShowNewFiles log is empty (did you get any error messages - did you disable your anti-virus programs before you ran the MGTools.exe?) ...I'm not seeing any malware.

You can fix these two items:
Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
Click to expand...

After clicking Fix, exit HJT.

Then uninstall:
J2SE Runtime Environment 5.0 Update 6

Reboot and install:

Java Runtime 6

mark59 · Mar 14, 2008

Hi

Thanks for looking at my logs. I'm glad it's clean. I appreciate that you're giving me correct advise but before I carry out these actions may I ask what this will do? I note they seem to refer to registry entries with respect to Internet Explorer. I do have IE on my PC but I use Mozilla Firefox as my default browser. I only use IE when 'forced' to, e.g. when using Windows Update.

Plus, if my PC is still running slow can I carry on receiving help in this forum or should I go back to the Software forum for that.

Thank you!

TimW · Mar 14, 2008

They are just nuisance items that can be cleaned up ...no big deal.

As to having a slow system ...yes you can go back to the software section for further advice.
In the meantime, it is time to do our final steps:

1. If we used Pocket Killbox during your cleanup, do the below
* Run Pocket Killbox and select File, Cleanup, Delete All Backups
2. If we used ComboFix, you can delete the ComboFix.exe file, C:\ComboFix folder, C:\QooBox folder, C:\WINDOWS\nircmd.exe, C:\combofix.txt and C:\ComboFix-quarantined-files.txt logs that was created.
3. If we user SDFix you can delete all the SDFix related files and folders from your Desktop or whereever you installed it.
4. If we used SmitFraudFix, you can delete all files and folders related to it now including the c:\rapport.txt log.
5. If we used VundoFix, you can delete the VundoFix.exe file and the C:\VundoFix Backups folder and C:\vundofix.txt log that was created.
6. If we had your run FixWareOut, you can delete the Fixwareout.exe file and the C:\fixwareout folder.
7. If we had you run Avenger, you can delete all files related to Avenger now.
8. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
9. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
10. If you are running Windows XP or Windows ME, do the below:
* Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.
* Then reboot and Enable System Restore to create a new clean Restore Point.
11. After doing the above, you should work thru the below link:
* How to Protect yourself from malware!

Log in or Sign up

Clean PC?

mark59 MajorGeek

mark59 MajorGeek

mark59 MajorGeek

Attached Files:

SASlog.txt

Lev MajorGeek

mark59 MajorGeek

Lev MajorGeek

mark59 MajorGeek

Attached Files:

MGlogs.zip

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

mark59 MajorGeek

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member