ctmngui.exe still in the system

[kuttus]

STEP 1: Run a HitmanPro scan

1. Download the latest official version of HitmanPro.
   HITMANPRO DOWNLOAD LINK(This link will open a download page in a new window from where you can download HitmanPro)
2. Start HitmanPro bydouble clicking on the previously downloaded file.and then following the prompts.
   
   
3. Once the scan is complete, a screen displaying all the malicious files that the program found will be shown as seen in the image below.After reviewing each malicious object clickNext.
   
   
4. ClickActivate free licenseto start the free 30 days trial and remove the malicious files.
   
   
5. HitmanPro will now start removing the infected objects, and in some instances, may suggest a reboot in order to completely remove the malware from your system. In this scenario, always confirm the reboot action to be on the safe side.

Add to your next reply, any log that HitmanPro might generate.


STEP 2: Run a scan with ESET Online Scanner

1. Download ESET Online Scanner utility from the below link
   ESET ONLINE SCANNER DOWNLOAD LINK (This link will automatically download ESET Online Scanner on your computer.)
2. Double click on the Eset installer program (esetsmartinstaller_enu.exe).
3. Check Yes, I accept the Terms of Use
4. Click the Start button.
5. Check Scan archives
6. Push the Start button.
7. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
8. When the scan completes, push List of found threats
9. Push Export to Text file and save the file to your desktop using a unique name, such as ESET Scan. Include the contents of this report in your next reply.Note - when ESET doesn't find any threats, no report will be created.
10. Push the back button.
11. Push Finish

STEP 3: Run a scan with Kaspersky Virus Removal Tool

1. Download Kaspersky Virus Removal Tool from the below link and then double click on it to start this utility.
   KASPERSKY VIRUS REMOVAL TOOL (This link open an new webpage from where you can download Kaspersky Virus Removal Tool on your computer.)
2. Follow the onscreen prompts until it is installed
3. Click the Options button (the 'Gear' icon), then make sure only the following are ticked:
   • System Memory
   • Hidden startup objects
   • Disk boot sectors
   • Local Disk (C: )
   • Also any other drives (Removable that you may have)
4. Then click on Actions on the left hand side
5. Click Select Action, then make sure both Disinfect and Delete if disinfection fails are ticked
6. Click on Automatic Scan
7. Now click the Start Scanning button, to run the scan
8. After the scan is complete, click the reports button ('Paper icon', next to the 'Gear' icon) on the right hand side
9. Click Detected threats on the left
10. Now click the Save button, and save it as kaslog.txt to your Desktop
11. Please attach kaslog.txt in your next reply.

 

[Jon]

The hitmanpro download link keeps giving a server error on both explorer and firefox


firefox error:
Server not found

Firefox can't find the server at %27http.

Check the address for typing errors such as ww.example.com instead of www.example.com
If you are unable to load any pages, check your computer's network connection.
If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web.

Explorer error:
This page can’t be displayed

• Make sure the web address http://'http is correct.
• Look for the page with your search engine.
• Refresh the page in a few minutes.

do these scans need to be done in the order you instructed or should I go ahead and do the other two in the mean time?

 

[kuttus]

Please try http//www.surfright.nl/en/hitmanpro

 

[Jon]

here is the hitmanpro. I had to save it as a text file because it would not accept the upload of the log file .

here also is the eset scan.

I was able to download KASPERSKY VIRUS REMOVAL TOOL using the link I put the executeable on my desk top. it ask permission to edit registry, starts to work and then gets to the screen asking to install. before I can do anything they system pops up an error stating an error has occured we are taking some data and will restart your computer automatically. and then restarts the system. it does this everytime I try to install.

 

[kuttus]

Okay. Ignore those errors... No need to run it again.

Finally run this one also...

STEP 1 : Run a scan with Kaspersky TDSSKiller

1. Download Kaspersky TDSKiller from the below link.
   KASPERKSY TDSSKILLER DOWNLOAD LINK (This link will automatically download Kaspersky TDSSKiller on your computer)
2. Double-click on TDSSKiller.exe to run the application.
   
   
3. Click Change parameters
   
   
4. Check the boxes next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
   
   
5. Click on the Start Scan button to begin the scan and wait for it to finish.
   NOTE: Do not use the computer during the scan!
6. During the scan it will look similar to the image below:
   
   
7. When it finishes, you will either see a report that no threats were found like below:
   
   
   
   If no threats are found at this point, just click the Report selection on the top right of the form to generate a log. A log file report will pop which you can just close since the report file is already saved.
8. If any infection or suspected items are found, you will see a window similar to below:
   
   
   • If you have files that are shown to fail signature check do not take any action on these. Make sure you select Skip. I will tell you what to do with these later. They may not be issues at all.
   • If Suspicious objects are detected, the default action will be Skip. Leave the default set to Skip.
   • If Malicious objects are detected, they will show in the Scan results. TDSSKiller automatically selects an action (Cure or Delete) for malicious objects
     Make sure that Cure is selected. VERY IMPORTANT! - If Cure is not available, please choose Skip instead. DO NOT choose Delete unless instructed to do so.
9. Click Continue to apply selected actions.
10. A reboot may be required to complete disinfection. A window like the below will appear:
    
    
    
    Reboot immediately if TDSSKiller states that one is needed.
11. Whether an infection is found or not, a log file should have already been created on your C: drive (or whatever drive you boot from) in the root folder named something like TDSSKiller.2.1.1_2.12.2012_14.17.04_log.txt which is based on the program version # and date and time run.
12. Attach this log to your next reply.

 

[Jon]

I downloaded the Kaspersky TDSSKiller. my "change parameter"s has additional settings than the one you sent. here is a screen shot of it. Should I check mine to match yours or include all the additional?

 

[kuttus]

Okay. Run the Scan.

 

[Jon]

I got several different tdsskiller logs between initial attempt this morning when I first asked because of the additional parameters and now after actually running the scan. Here are all the logs

 

[kuttus]

How's Everything working on the computer?

 

[Jon]

the system seems to work fine but it still shows cltmngui.exe listed in the notification area Icons. See attached screen shot, if the scans are showing the system is clean is there any way to get rid of this?

 

[kuttus]

STEP 1: Run Notification Area Cleaner for Windows 7 and Vista

1. Download Notification Area Cleaner from this link. After that save it to your computer Desktop...
2. Extract the notification-area-cleaner-x64.zip and you can see one file NotificationsCleaner.exe inside it.
3. Right Click on NotificationsCleaner.exe
   
   You will be able to see one Black Window as shown below. Press on Clean in that one.
   
   
4. After completing the Clean restart the computer.

 

[Jon]

its not their anymore. Unless there are any more scans, I think we did it thank you so much for your help!!

 

[kuttus]

Double click on OTL to run it

• Click on the Cleanup button at the top.
  
• You will be asked to reboot the machine to finish the Cleanup process. Choose Yes
  
• This will remove itself and other tools we may have used.

---

Now that your PC is clean, I recommend you to create a new System Restore point then purge the old ones after.

For XP
How to create a Restore Point in XP
Delete all restore points except the most recent one

For Vista
Create a restore point
Delete all but the most recent restore point

For Windows 7
Create a restore point
Delete all but the most recent restore point - Click the Delete all but the most recent restore point link

---

Keep your system updated

• Keeping your programs (especially Adobe and Java products) updated is essential. Update Checker will notify you if any of your programs require an update.
• Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office product bugs and vulnerabilities.
• Please ensure you update your system regularly and have automatic updates on. You can learn how to turn Automatic Updates on here

---

I also recommend you to switch your antivirus program to a better one. Here are some suggestions:

• avast! 7 Home Edition - Don't use it with Online Armor
• Avira AntiVir Personal
• Microsoft Security Essentials

In addition to your antivirus, you need additional protection such as a firewall and behavioural blocker.

• Online Armor
• Comodo Firewall - If you are an advance user

Here are only a few suggestions that will improve your system security. Should you wish to allow us to make full recommendations and set your PC up with maximum security, please start a thread here. Our community of PC enthusiasts and experts will give you feedback and help you secure your system from future malware infections.

---

Internet Explorer may be the most popular browser but it's definitely not the most secure browser. Consider using other browsers with addition add-ons to safeguard your system while browsing the internet.

Firefox is a more secure, faster browser than Internet Explorer. Firefox contains less vulnerabilities, reducing the risk of drive-by downloads. In addition, you can add the following add-ons to increase security.

• KeyScramber - Encrypts your keystrokes to protect you against keyloggers that steals personal & banking information
• AdBlock - Disable/blocks advertisements on websites so you won't accidentally click on a malicious ad.
• NoScript - Disables Flash & Java contents to avoid exploits or drive-by attacks
• Web of Trust - Shows the website rating by other users and blocks dangerous and poor-rated sites

Google Chrome is another good browser that is faster and more secure than Internet Explorer by having a sandbox feature. Additionally, you can add the following add-on to Chrome to heighten security.

• AdBlock

Lastly, it is important to perform system maintenance on a regular basis. Here are a few tools and on-demand scanners that you should keep & use every 1-2 weeks to keep your system healthy.

• CCleaner
• Malwarebytes Anti-Malware
• Temp File Cleaner by OldTimer

Other than that, stay safe out there! If you have any other questions or concerns, feel free to ask


What's next?

1. Bulild up your malware defenses by starting a new thread in Security Configuration Wizard forum.
2. Learn how to avoid malware by reading this article How to easily avoid malware
3. Be an active member in the MalwareTips community!
   

My virus removal help is always free. Should you wish to show your appreciation via a donation, it will be much appreciated.​

 

[Jon]

Sorry which program was OTL in again? could you send another link to it?I don't remember getting that one or see any programs with those initails that we installed during cleanup process

 

[kuttus]

Ooops... Please Ignore that one... We didn't use it.

 

[Jon]

okay no problem. Any other steps we need to take then other than the instruction for creating a restore point down?

 

[kuttus]

Nops...

 

[Jon]

sorry it took me so long to get back to you Kuttus thank you for all your help system runs great now.

 

[kuttus]

Great to hear that the computer is back and working fine...

 

[kuttus]

This thread is now closed.
Reason: Issue Resolved​

The procedures contained in this thread are for this user and this user only. Attempting to use the instructions in this thread on your system could result in damaging the Operating System beyond repair.

DO NOT use any of the tools mentioned in this thread without the supervision of a Malware Removal Specialist.

All members requesting Malware Removal Assistance are required to follow all procedures in the thread

My virus removal help is always free. Should you wish to show your appreciation via a donation, it will be much appreciated.​