problems installing mgtools

amihaa · Aug 27, 2008

I posted earlier in the week problems with ie. I am almost finished with the xp cleaning procedures. Everything ran fine until I got to the MG Tools. I thought that I downloaded it correctly it is under C but when I find it under C: it says Type: EFW File when I click on it I have to open it with the ie and it says: do you want to run or save this file I say Run. I dont run. I tried to go back and use the link it says the same thing EFW File.

The tools that I ran did find some adaware and maleware and hijacker, but the problem I was having with ie is resolved. Do I still need to run mgtools?

Thank you

Aimee

TimW · Aug 28, 2008

Interesting......did you change the extension from MGTools.efw to MGTools.exe? Is that what is going on?

There is still the possibility that there are still some nasties on your computer so I would like to see the MGLogs.zip.

The MGTools download should just be the exe that you save to the C:\ drive. What or where are you downloading from/to?

amihaa · Aug 28, 2008

I was on the xp cleaning procedure page, finally got to the MG tools. I thought that I had already downloaded it, like the instructions said. I went to find the file to install and run the program, I found it under C:, it looked like a txt. file. It would not open, it almost opened with using the internet explorer. Then it just stopped. It did ask me to save it one time and I did. I saved it under C: but it keeps coming up as efw file. Was I suppose to change the name to MGtools.exe?

I tried to download it again from the Windows XP Cleaning Procedure Page. No luck.

Thanks again,

Aimee

amihaa · Aug 28, 2008

Got the MG tool Log!

Duh! I changed the file name on the mgtool to exe. Bingo! Sorry about that.

TimW · Aug 29, 2008

Your logs look clean.

I will just ask about these two items:
C:\Program Files\HERACTSTG
C:\Program Files\twc

In the meantime, let's clean up from the scans:
Copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.

REGEDIT4

[-HKEY_CURRENT_USER\Software\Kazaa]
[-HKEY_LOCAL_MACHINE\SOFTWARE\knight]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"HideLegacyLogonScripts"=-
"HideLogoffScripts"=-
"RunLogonScriptSync"=-
"RunStartupScriptSync"=-
"HideStartupScripts"=-

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"HideLegacyLogonScripts"=-
"HideLogoffScripts"=-
"RunLogonScriptSync"=-
"RunStartupScriptSync"=-
"HideStartupScripts"=-

Click to expand...

If you receive a success message, then:
it is time to do our final steps:

We recommed you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significan amount of resources ( except a little disk space ) until you run a scan.

If we used Pocket Killbox during your cleanup, do the below

* Run Pocket Killbox and select File, Cleanup, Delete All Backups

If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)

Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required

"%userprofile%\Desktop\combofix" /u

Notes: The space between the combofix" and the /u, it must be there.

This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.

Delete the C:\combo-fix folder from combofix.

If we had you run Avenger, you can delete all files related to Avenger now.

If we had you run RenV.exe, you can delete it and the Log.txt file on your Desktop.

Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.

If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.

If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.

Go to add/remove programs and uninstall HijackThis.

You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip

If you are running Vista, Windows XP or Windows ME, do the below:

Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.

Then reboot and Enable System Restore to create a new clean Restore Point.

After doing the above, you should work thru the below link:

How to Protect yourself from malware!

amihaa · Aug 29, 2008

Thank you so much for all of your help! I did not know what these files were by looking at them. I opened both files:

C:/Program Files\HERACTSTG is a smart acess file in this file is my Road Runner files.

C:/Program Files\twc is my Time Warner Cable, Road Runner Medic and Setup Road Runner Medic

Thank you again Major Geeks is Great!

Aimee

amihaa · Aug 29, 2008

I uninstalled combo fix, yesterday before you posted the message about cleaning up from the scans.

I tried to do the start run "%userprofile%\Desktop\combofix" /u. Of course it couldn't find it, because I already deleted it.

So is there anyway to go and hide the files? I went to start > explore> tools> folder options> Under the hidden file and folders heading, "Show hidden files I unclicked it and checked the boxes for the hide the extention for known file types option and checked the box for hide protected operation system files.

I can still see stuff that I shouldn't when I right click start and explore, Like cmdcons, Config.Msi, Administrator user, and when I turn on my computer it goes to the black Safe Mode screen for a second where it wants you to choose Windows XP. It does choose itself and then goes on to the reguluar window start up.

Sorry, I should have been patient and have waited for instruction. Now I am afraid that one of my family members are going to go in and delete something they should not.

Thanks again,

Aimee

TimW · Aug 29, 2008

Your files should have been rehidden when you uninstalled MGTools....The best way to protect you system is to have accounts with passwords and only have one or two as administrators with the rest as limited accounts.

If you have your xp disc....go to start / run / type "sfc /scannow" without the quotes..let it run twice.

Are you having any other issues?

amihaa · Aug 29, 2008

Re: problems with internet explorer

I do not have a xp disc. I have now discovered that if I go to pogo and try to load a game it says that my java is not working. I went to my aol browser and it will work from there. I went to tools> internet options> advanced and made sure my java was checked. I went to the java program and made sure that internet explorer was checked. I deleted java and reinstalled. I re-installed internet explorer.

TimW · Aug 29, 2008

Do you have the problem with an other browser such as FireFox?

amihaa · Aug 30, 2008

I installed firefox, It works great! Its so much quicker that internet explorer! Thank you for all of your help!::-D

TimW · Aug 30, 2008

You are very welcome .....safe surfing.

Log in or Sign up

problems installing mgtools

amihaa Private E-2

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

amihaa Private E-2

amihaa Private E-2

Attached Files:

MGlogs.zip

ComboFix.txt

SASlog.txt

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

amihaa Private E-2

amihaa Private E-2

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

amihaa Private E-2

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

amihaa Private E-2

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member