Please review my logs from Malware Removal Exercise

Welcome to Major Geeks!

You should have read the sticky threads and the links given in the email when you signed up. Notably this one: Don't Bump! It Only Hurts You!!!

Each time you posted after your initial message, you just kept making it take longer to get a reply. The 3rd message cost you at least 2 days. And the 4th message cost you at least another 2 days.

Your logs are clean but you do have some minor non-malware cleanup to do.

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

After clicking Fix, exit HJT.

Now please run the below then reboot. After reboot run it one more time.

Norton Removal Tool (SymNRT)




Now if you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
2. If we used Pocket Killbox during your cleanup, do the below
   • Run Pocket Killbox and select File, Cleanup, Delete All Backups
3. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /u
     • Notes: The space between the combofix" and the /u, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
5. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
6. Go to add/remove programs and uninstall HijackThis.
7. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
8. If you are running Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning procedures in step 3 the READ ME for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
9. After doing the above, you should work thru the below link:
   • How to Protect yourself from malware!

 

Just follow the steps as written and see what happens. If you run into problems, you may need to disable UAC and reboot before continuing since it will frequently get in the way.

 

What issue remains?

You logs were clean. Did you ever finish my final instructions? You need to complete 100% of my final instructions before you did anything else.

Spyware Doctor was not part of any of our instructions.

 

No it isn't. The page clearly states it is for the Norton Removal tool. Just like all downloads you need to click on one of the links under the http://www.majorgeeks.com/images/download_ani.gif heading. You are looking at advertisements.