Have gone through the steps, but was stopped at the last.

Discussion in 'Malware Help (A Specialist Will Reply)' started by Telephonoscope, Aug 13, 2010.

  1. Telephonoscope

    Telephonoscope Private E-2

    Hello, and thank you in advance for any help.

    The situation started with a roommate. She clicked on a link telling her that there was a virus. Something named Vista Antivirus 2010 I believe. I thought I was able to catch the virus and get rid of it, but apparently I wasn't. Although there are no longer typical virus-like behaviors there are still things wrong. Any program I want to run I have to run as administrator. System resources I'm not able to run at all. For example, I replaced an old monitor with a new one, and when I tried to Personalize > Display Settings I get a pop up Open With box with the options of running Adobe Reader, IE, or Winamp to open the file control.exe. This happens with most things. I am able to start a few things through run by accessing it through windows+r. Still, very frustrating.

    Would someone be able to help me with this?

    Details: I used SUPERAntiSpyware. It found nothing. According to the program it was updated when I installed it. In the logs there is a file named SUPERAntiSpyware Scan Log - 08-12-2010 - 21-46-08.log When I highlight that log and then click on view log nothing happens. Nothing pops up.

    I have attached the Malwarebytes log

    I didn't use ComboFix or RootRepeal because my machine is using Vista.

    I also ran MGtools and it ran for a bit and stopped here: Running processdll.exe to find Dlls

    This popup came up: Appllication has generated an exception that could not be handled. Process id = 0xd18 (3352), Thread id = 0d00 (3388). Click ok to terminate the application. Click cancel to debug the information.

    I hit cancel.

    This was next:
    Registered JIT debugger is not available. An attempt to launch a JIT debugger with the following command resulted in an error code of 0x2 (2). Please check computer settings.

    cordbg.exe !a 0xd18

    Click on retry to have the process wait while attaching a debugger manually. Click on cancel to abort the JIT debug request.

    I hit cancel again
     

    Attached Files:

    Telephonoscope, Aug 13, 2010
    #1
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Having combofix run on vista is fine, do you have 64 bit vista? If not I need to see the log from running combofix.

    This error message is explained (Error Message Type 4)

    The log from running it was probably created anyway. Check in in the root folder of your Windows Boot drive, usually C:\ hence --> C:\Mglogs.zip which is what I need to see in order to give you a complete fix which will also include the combofix log once you have run that.

    I hit cancel.

    Not a malware issue.
     
    Kestrel13!, Aug 13, 2010
    #2
  3. Telephonoscope

    Telephonoscope Private E-2

    Yes, it's 64 bit. Sorry.

    Followed the directions. It fixed that error.

    MGlogs.zip is attached.

    Alright.
     

    Attached Files:

    Telephonoscope, Aug 13, 2010
    #3
  4. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Run Ccleaner.

    I am not seeing any malware in those logs. Please visit the software forum for further advice on non-malware issues.

    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /uninstall
        • Notes: The space between the combofix" and the /uninstall, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
    3. Go back to step 6 of the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
    4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
    6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    7. Go to add/remove programs and uninstall HijackThis.
    8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders
      related to MGtools and some other items from our cleaning procedures.
    9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning procedures pointed to by step 7 of the READ ME
        for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.
    10. After doing the above, you should work thru the below link:
     
    Kestrel13!, Aug 13, 2010
    #4
  5. Telephonoscope

    Telephonoscope Private E-2

    Thanks again. I will follow the finishing steps, and I will post in the forums related to non-malware issues.
     
    Telephonoscope, Aug 14, 2010
    #5
  6. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    You're welcome. :) Safe surfing.
     
    Kestrel13!, Aug 16, 2010
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds