icons and start menu disappear-Windows Vista!!

Welcome to Major Geeks!

Please follow the instructions in the below link and attach the requested logs when you finish these instructions.

READ & RUN ME FIRST. Malware Removal Guide

 

You may still be infected with one of the newest forms of Vundo.

MGtools did not run properly. Please follow the below instructions.

We need to turn off UAC ( UAC = User Account Control )

1. Click Start, and then click Control Panel.
2. In Control Panel, click User Accounts.
3. In the User Accounts window, click User Accounts.
4. In the User Accounts tasks window, click Turn User Account Control on or off.
5. If UAC is currently configured in Admin Approval Mode, the User Account Control message appears. Click Continue.
6. Clear the Use User Account Control (UAC) to help protect your computer check box, and then click OK.
7. Click Restart Now to apply the change right away.

After reboot continue with the below.

• Now run C:\MGtools\GetLogs.bat by double clicking on it.
• Now run C:\MGtools\VunFind.bat by double clicking on it
• Now attach the below new logs:
  • C:\MGlogs.zip

 

Then you do not have the current version of MGtools.exe. Please download it and run it to install the current versions.

Download this: MGtools.exe to C:\MGtools It must be saved here.
Then double click on MGtools.exe to extract all of the files. If it does not run properly to completer a full set of logs, you will again have to try running GetLogs.bat manually.

Either way you still need to run VunFind.bat manually.

 

You are in pretty good shape. We just have some miscellaneous things to do.

Did you install the Speed Bit Tool bar yourself. It is not really recommended. See this: http://www.castlecops.com/tk35427-speedsurfers_nl_tt_toolbar.html

Uninstall the below old versions of software:
Java(TM) 6 Update 2
Java(TM) SE Runtime Environment 6

Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

After clicking Fix, exit HJT.

Also delete all files and subfolders in the below folders except ones from the current date (Windows will not let you delete the files from the current day).
C:\Windows\Temp\
C:\Users\Alex\AppData\Local\Temp\

Now run Ccleaner!

Now run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file that will be created.

Make sure you tell me how things are working now!

 

Yes I would recommend that.


If you are not having any other malware problems, it is time to do our final steps:

1. If we used ComboFix then UNINSTALL COMBOFIX (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN
   • Now type combofix /u in the runbox and click OK.
   • Note: The space between the X and the U, it must be there.
2. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
3. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
4. If you are running Windows XP or Windows ME, do the below:
   • Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
5. After doing the above, you should work thru the below link:
   • How to Protect yourself from malware!

 

You're welcome. Surf safely!