Houston, have a problem.

Welcome to MajorGeeks!

You missed this in the READ & RUN ME FIRST. Malware Removal Guide

*You also need to attach the 4th requested log -

MGlogs.zip - normally it is C:\MGlogs.zip - only attach this log from MGtools.exe DO NOT attach any logs seen in the MGtools folder.

Once you have completed attaching your logs - we will get back to you with a set of instructions as soon as possible. Our queue is working the oldest threads first.

Thanks!
dr.m

 

Hello, 1liter

The below fixes are specific to your problem and should only be used for issue(s) on this machine. Also, please do not install any other software while we are still working with you unless instructed. Once we have given you the all clean and final instructions you will be free to install what you want.

*Notes: I've found nothing pertaining to CyberDefender in your logs. We think that this is a false signal from ComboFix.

Step 1:
Using Windows Explorer, navigate to c:\windows\system32\drivers\C4C_BSC2.sys > right-click on Properties. Now see if there is a Version tab in the window. If so, select the Version tab and on the next window select each of the listed Item names (one at a time) to get more info about the file. The most important item is the company name. If there is no Version tab, tell me that too.

Step 2:
To be sure AVG is completely gone, run this tool and re-boot.
AVG Removal Tool

Step 2:
Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

After clicking Fix, exit HJT.

Step 3:
New versions of SAS & MBAM has been released.
Uninstall SAS > run CCleaner > download and update the latest version. Also - update MBAM.

Step 4:
Now run both SAS & MBAM scanners

Step 5:
Run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, use right click and select Run As Administrator).

Then attach the below logs to your next reply:

• SAS.txt log
• MBAM log
• C:\MGlogs.zip

Make sure you tell me if you had any problems running this procedure and give a description of how things are working now!

dr.m

 

Hello, 1liter

*WARNING! Both McAfee SecurityCenter and STOPzilla had "real-time" antispyware blocking... you should only have one installed.

Step 1
Please download and run this tool > re-boot > run it a second time
Norton Removal Tool (SymNRT) 2009.0.5.26]

Step 2
Please look in Add/Remove Programs for the following and uninstall:
STOPzilla

Step 3
Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

After clicking Fix, exit HJT.

Step 4
Run Ccleaner

Step 5
Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista, use right click and select Run As Administrator).

Then attach the below logs to your next reply:

• C:\MGlogs.zip
• C:\combofix.txt

Make sure you tell me if you had any problems running this procedure and give a description of how things are working now!

dr.m

 

Glad to hear that!

Please attach the requested logs so I can give your machine one last look. And if everything's clean -- I'll post our final clean-up steps.

dr.m