Clearing up after MGtools scan

Discussion in 'Malware Help (A Specialist Will Reply)' started by atomic.echo, Jun 9, 2008.

  1. atomic.echo

    atomic.echo Private E-2

    Hi,
    I hope this is not an annoying post, I have tried to search the forum but can't seem to find it dealt with elsewhere. I had your invaluable help a few weeks ago, checking my system for malware, fortunately none was found. Recently I have been trying to clean out my computer a little and I noticed a few files that I think were produced by MGTools, and I just wanted to check whether it was ok to delete them.
    One of them is C:\fb2c400b7b7303e5e20b964e, and has lots of folders inside titled ar-sa, bg-bg, cs-cz etc, each with one file spwizui.dll.mui inside. Can I delete this and other MGTools produced folders in C, or would that be a foolish error.
    Many thanks, you guys do a great job.
     
    atomic.echo, Jun 9, 2008
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    That folder is not related to MGtools. It sounds more like a folder related to a failed Windows Update. You can delete it. However it looks like no one every gave you final cleanup instructions in your previous thread. Thus I will give them to you now.


    Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.
    Make sure that you tell me if you receive a success message about adding the above
    to the registry. If you do not get a success message, it definitely did not work.


    Now to cleanup everything else.

    1. You can uninstall SUPERAntiSpyware now.
    2. We recommed you keep Malwarebytes Anti-Malware as a scanner. It uses no resources except a little disk space until you run a scan.
    4. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop & renamed it like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\cf" /u
        • Notes: The space between the cf" and the /u, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
      • Delete the C:\cf folder from combofix.
    5. If we used SmitFraudFix, you can delete all files and folders related to it now including the c:\rapport.txt log.
    6. If we used VundoFix, you can delete the VundoFix.exe file and the C:\VundoFix Backups folder and C:\vundofix.txt log that was created.
    7. If we had you run Avenger, you can delete all files related to Avenger now.
    8. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
    9. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    10. Go to add/remove programs and uninstall HijackThis.
    11. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
    12. After doing the above, you should work thru the below link:
     
    chaslang, Jun 9, 2008
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds