Read & Run Cleanup Confirmation

Discussion in 'Malware Help (A Specialist Will Reply)' started by Octavius, Aug 13, 2008.

  1. Octavius

    Octavius Private E-2

    hi there, first off i have to say thanks to you guys. i've posted this problem on another forum that hasn't gotten back to me in 2weeks and i've just gone through your read & run procedure and i think its gotten rid of my problems already!! i'm hoping that someone will be able to have a quick look at my logs to check that everything is clean whilst i have the time to fix it if needs be.

    my problem was originally being flagged as a sasan.a worm and docobj CWS and Virtumonde and win32.IRCBot and i was having problems with the links to my hard-drives on my desktop, everytime i clicked one it would come up with a WScript error. but that seems to have gone now! im loving your work!!!

    thanks again in advance

    3 logs in this one zip file in next

    Cheers
    Octavius
     

    Attached Files:

    Octavius, Aug 13, 2008
    #1
  2. Octavius

    Octavius Private E-2

    Zip file attached
     

    Attached Files:

    Octavius, Aug 13, 2008
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    We are happy to hear our cleaning procedures help you out.

    Your logs are clean, but you PC is not properly protected. The below instructions will cover this in the last step.

    Now we need to cleanup some items from running ComboFix.

    Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.
    Make sure that you tell me if you receive a success message about adding the above
    to the registry. If you do not get a success message, it definitely did not work.



    If you are not having any other malware problems, it is time to do our final steps:
    1. You can uninstall SUPERAntiSpyware now.
    2. We recommed you keep Malwarebytes Anti-Malware as a scanner. It uses no resources except a little disk space until you run a scan.
    3. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop & renamed it like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /u
        • Notes: The space between the combofix" and the /u, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
      • Delete the C:\combofix folder from combofix if found.
    4. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
    5. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    6. Go to add/remove programs and uninstall HijackThis.
    7. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
    8. If you are running Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.
    9. After doing the above, you should work thru the below link:
     
    chaslang, Aug 13, 2008
    #3
  4. Octavius

    Octavius Private E-2

    thanks chaslang! ur a legend!

    i've done the fixme.reg and it was successful. and i'll go through the other steps you mentioned. i have one quick question though, is there any way that the malware i had could be sitting on an external hard-drive or memory stick? i have 2external drives and about 6 memory sticks and the last thing i want to do is infect other systems with one of those.

    thanks again, your help has been MASSIVELY appreciated

    cheers
    Octavius
     
    Octavius, Aug 14, 2008
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome.

    It cannot be ruled out; however it probably did not affect them based on what I saw in your logs.
     
    chaslang, Aug 14, 2008
    #5
  6. Octavius

    Octavius Private E-2

    thanks again chaslang, i've scanned all of my memory sticks with malware bytes and they came up clean. i've scanned one of my externals and that was fine but my second one just keeps scanning the files over and over, it said it had scanned 2million files when in Properties for the drive there are only 250k files!! it didn't show any infections though and i think it might have to do with the fact its a HFS+ drive(?)

    anyways, thanks again for your help, i can know get back on with backing everything up again and moving it all over to a new laptop.

    cheers from London
    Octavius
     
    Octavius, Aug 15, 2008
    #6
  7. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    I'm not sure why but this someime happens with scanners. We have seen it many times. Sometimes a reboot followed by a new scan and everything is fine. It is not a malware issue.

    You're welcome.
     
    chaslang, Aug 15, 2008
    #7

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds