MalWare Removal - Combo Fix did not run

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by DaVinman, Apr 11, 2012.

  1. DaVinman

    DaVinman Private E-2

    Followed the read me first for removal.
    PC slowed down, and only sometimes got IE on the internet. Panda Cloud did not find anything.
    CD / DVD drive dissappeared 2 weeks ago and has not re-appeared since.

    Combox Fix expanded, and got to the disclaimer, said okay, screen went black and system restarted, tried again in safe mode, no luck.

    Continued on list, logs generated are attached.

    This is a Vista Home Premium System

    The only user id is CCRCC, all others have been removed.

    Help is much appreciated.
     

    Attached Files:

    DaVinman, Apr 11, 2012
    #1
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Please also download MBRCheck to your desktop
    • Double click MBRCheck.exe to run (vista and Win 7 right click and select Run as Administrator)
    • It will show a Black screen with some information that will contain either the below line if no problem is found:
      • Done! Press ENTER to exit...
    • Or you will see more information like below if a problem is found:
      • Found non-standard or infected MBR.
      • Enter 'Y' and hit ENTER for more options, or 'N' to exit:
    • Either way, just choose to exit the program at this point since we want to see only the scan results to begin with.
    • MBRCheck will create a log named similar to MBRCheck_07.16.10_00.32.33.txt which is random based on date and time.
    • Attach this log to your next message. (See: HOW TO: Attach Items To Your Post )
     
    Kestrel13!, Apr 11, 2012
    #2
  3. DaVinman

    DaVinman Private E-2

    Okay, will download file, (seperate PC) to usb, copy to desktop, run and upload the log it generates. Thanks again.
     
    DaVinman, Apr 16, 2012
    #3
  4. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Good. Then in the mean time you can tell me what is inside of these folders: Give examples from a few please.


    C:\Program Files\    DD20.4.7201203281206
    DD204~1.720 Mar 8 2012 "DD20.4.7201203081500"
    DD204~2.720 Mar 28 2012 "DD20.4.7201203281015"
    DD204~3.720 Mar 28 2012 "DD20.4.7201203281016"
    DD204~4.720 Mar 28 2012 "DD20.4.7201203281030"
    DD27FE~1.720 Mar 28 2012 "DD20.4.7201203281207"
    DD374F~1.720 Mar 28 2012 "DD20.4.7201203281059"
    DD470B~1.720 Mar 29 2012 "DD20.4.7201203291318"
    DDF61F~1.720 Mar 28 2012 "DD20.4.7201203281224"
    DDF63F~1.720 Mar 28 2012 "DD20.4.7201203281045"
    DDF63F~2.720 Mar 28 2012 "DD20.4.7201203281244

    Right on the C:\ Drive.
    C:\DD20.4.7201203281206
    DD204~1.720 Mar 28 2012 "DD20.4.7201203281016"
    DD204~2.720 Mar 28 2012 "DD20.4.7201203281015"
    DD204~3.720 Mar 28 2012 "DD20.4.7201203281030"
    DD204~4.720 Mar 28 2012 "DD20.4.7201203281045"
    DD27FE~1.720 Mar 28 2012 "DD20.4.7201203281207"
    DD374F~1.720 Mar 28 2012 "DD20.4.7201203281059"
    DDF63F~1.720 Mar 28 2012 "DD20.4.7201203281244
     
    Kestrel13!, Apr 16, 2012
    #4
  5. DaVinman

    DaVinman Private E-2

    The MBR files are attached. I selected Y, then 1 for a "dump" mbrdump.txt is the output of that dump. Figured the dump could not hurt anything.

    Those folders were all empty. No documents, nothing in any of them. I figure it would be best to delete them. Nothing is familiar about them, did not ring any bells, so they can "go" as far as I am concerned.

    Thank you again for the help.
     

    Attached Files:

    DaVinman, Apr 16, 2012
    #5
  6. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Hi there. What malware issues remain now? (The CD drive problem is not topic for the malware forum) Here is a link however that could help a bit in steering you in the right direction. You can always post about this in the software forum if you wish.

    CD/DVD drive missing (vista)
     
    Kestrel13!, Apr 17, 2012
    #6
  7. DaVinman

    DaVinman Private E-2

    Internet Explorer seemed a bit touch and go, but it seems to be working now. My searches on Google are going to the right place now, so I guess I am done with the Malware. I will follow link for CD you provided, and am grateful for your help.

    Thank You again.

    Look forward to keeping my notebook clean. You guys rock. (and I did find some cool T-Shirts from you link)
     
    DaVinman, Apr 17, 2012
    #7
  8. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    You are most welcome. Surf safely! :)

    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /uninstall
        • Notes: The space between the combofix" and the /uninstall, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
    3. Go back to step 6 of the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
    4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
    6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    7. Go to add/remove programs and uninstall HijackThis.
    8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders
      related to MGtools and some other items from our cleaning procedures.
    9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning procedures pointed to by step 7 of the READ ME
        for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.
    10. After doing the above, you should work thru the below link:
     
    Kestrel13!, Apr 17, 2012
    #8
  9. DaVinman

    DaVinman Private E-2

    Thank you again! Back running!
     
    DaVinman, Apr 17, 2012
    #9
  10. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Glad to hear it!
     
    Kestrel13!, Apr 18, 2012
    #10

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds