Help using Malware Removal Guide

AJBob13 · Jul 21, 2008

This is the first time I have posted a thread so I hope you will forgive me for being a novice.

I am sure that I have a virus and have been trying to remove it for two days. I downloaded a few anti-virus and anti-spyware programs such as Spybot S&D, Avast and Ad-aware. When I found this Malware Removal Guide I was excited to start it right away, however the virus that I have shuts down my explorer.exe and when I try to launch it as a New Task from Task Manager it continually restarts. For this reason I am unable to access the Add/Remove programs function from my Start menu. Does anyone know how I can get to Add/Remove without using my desktop or start menu? Also, if there is another way for me to uninstall programs please let me know?

The anti-virus program I have been using and intend to keep is Nod32. I am running Windows XP Home Edition. I am not sure what information you need. Please let me know if I have left something out.

TimW · Jul 21, 2008

Just skip any steps in the Read and Run First instructions that you can't do ....we really need the logs from running:
ComboFix
SuperAntispyware
MalwareBytes
and the MGLogs.zip from running the MGTools.exe.

If you can't run any of them in normal mode, try safe mode.

AJBob13 · Jul 21, 2008

After running SUPERAntiSpyware I can access my desktop again and my explorer.exe is working properly.

I attached the log for SUPERAntiSpyware below. Now I will run Spybot S&D and continue with the Malware Removal Guide instructions.

TimW · Jul 21, 2008

I don't need the log from S&D ....just the others.

AJBob13 · Jul 21, 2008

Here is the Malwarebytes Anti-Malware log:

AJBob13 · Jul 21, 2008

Here is the ComboFix log:

AJBob13 · Jul 21, 2008

Here is the MGTools log:

TimW · Jul 21, 2008

You didn't attach the MGLogs.zip ....

AJBob13 · Jul 21, 2008

Sorry I thought that I had it on there, but obviously not. Take 2.

TimW · Jul 22, 2008

I am not seeing any malware in your logs ....however, you are running two anti-virus programs:
avast! Antivirus
NOD32 antivirus system

You need to remove one!

What problems are you having?

AJBob13 · Jul 22, 2008

Yes, I want to remove Avast, I just downloaded it to try and remove the virus that was causing the Explorer.exe issue. I will clean up my programs today.

Everything is working great now that I completed the Malware Guide!
If my computer looks clean then I have no other issues.

Just one last thing. Should I keep all of these or delete them?

MGTools, ComboFix, Malwarebytes Anti-Malware and SUPERAntiSpyware?

I will keep Spybot S&D and CCleaner. I like CCleaner better than the RegSeeker that I have been using. Do you think I need them both? (CCleaner & RegSeeker)

I am considering deleting Ad-Aware also.

TimW · Jul 22, 2008

If you are not having any other malware problems, it is time to do our final steps:

1. You can uninstall SUPERAntiSpyware now.
2. We recommed you keep Malwarebytes Anti-Malware as a scanner. It uses no resources except a little disk space until you run a scan.
3. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop & renamed it like we requested.)

* Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
* "%userprofile%\Desktop\combo-fix" /u
o Notes: The space between the cf" and the /u, it must be there.
o This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
* Delete the C:\cf folder from combofix.

4. If we used SmitFraudFix, you can delete all files and folders related to it now including the c:\rapport.txt log.
5. If we used VundoFix, you can delete the VundoFix.exe file and the C:\VundoFix Backups folder and C:\vundofix.txt log that was created.
6. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
7. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
8. Go to add/remove programs and uninstall HijackThis.
9. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
10. If you are running Vista, Windows XP or Windows ME, do the below:

* Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.
* Then reboot and Enable System Restore to create a new clean Restore Point.
11. After doing the above, you should work thru the below link:
How to Protect yourself from malware!

AJBob13 · Jul 23, 2008

I have finished all of the steps you posted below and followed the instructions on How to protect yourself from Malware. Anything else?

TimW · Jul 23, 2008

Nothing else if you are not experiencing any other malware issues.

AJBob13 · Jul 23, 2008

Thank you! You really helped me out!

TimW · Jul 23, 2008

Glad to be of service....safe surfing.

Log in or Sign up

Help using Malware Removal Guide

AJBob13 Private E-2

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

AJBob13 Private E-2

Attached Files:

SUPERAntiSpyware Scan Log - 07-21-2008 - 16-39-58.log

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

AJBob13 Private E-2

Attached Files:

mbam-log-7-21-2008 (18-59-39).txt

AJBob13 Private E-2

Attached Files:

ComboFixlog.txt

AJBob13 Private E-2

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

AJBob13 Private E-2

Attached Files:

MGlogs.zip

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

AJBob13 Private E-2

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

AJBob13 Private E-2

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

AJBob13 Private E-2

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member