SMART still showing on desktop

[rkds]

Sorry if this has been covered in another thread.

Obviously my computer got this SMART Data Recovery bug. I went through all the steps and actually had to run the Ant-Malware program twice. It took 27 hours to complete everything. Computer seems to be working okay now.

Here's my problem: There is still a short cut icon on my desktop and system tray for the Data Recovery. How can I be sure every trace of this virus is gone if these things still remain on my desktop? Can I just put these in my recycle and delete them? Is it just leftovers once the virus is eliminated?

Also, anyone know where this malware originated or how my computer picked it up in the first place?

Thanks in advance.

 

[Jack]

Hi and welcome to the MALWARE TIPS forums!

I'm Jack and I am going to try to assist you with your problem. Please take note of the below:

• I will start working on your malware issues, this may or may not, solve other issues you have with your machine.
• The fixes are specific to your problem and should only be used for this issue on this machine!
• The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear.
• If you don't know, stop and ask! Don't keep going on.
• Please reply to this thread. Do not start a new topic.
• Refrain from running self fixes as this will hinder the malware removal process.
• It may prove beneficial if you print of the following instructions or save them to notepad as I post them.

Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.


Before we start:
Please be aware that removing malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Step 1 : Download and run Combofix
 
Download ComboFix from one of the following locations: 
Link 1  
Link 2  
 
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop  
 
* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here  

• Double click on ComboFix.exe & follow the prompts.
• Accept the disclaimer and allow to update if it asks
  
  
  
  
  
  
  
  
  
• When finished, it shall produce a log for you. 
  [*]Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3.  If after the reboot you get errors about programms being marked for deletion then reboot, that will cure it.

<hr />
Step 2 : Download and run OTL

1. Please download the OTL utility from here : http://oldtimer.geekstogo.com/OTL.exe
2. Right-click on OTL.exe and select Run as Administrator to start OTL.
3. Double click on OTL.exe to run it.
4. Under the Custom Scan box paste this in:
   
   

   %SYSTEMDRIVE%\*.exe
   %ALLUSERSPROFILE%\Application Data\*.exe
   %APPDATA%\*.
   /md5start
   atapi.sys
   explorer.exe
   winlogon.exe
   Userinit.exe
   svchost.exe
   csrss.exe
   PrintIsolationHost.exe
   consrv.dll
   /md5stop
   %systemroot%\*. /mp /s
   hklm\software\clients\startmenuinternet|command /rs
   %systemroot%\system32\*.dll /lockedfiles
   %systemroot%\Tasks\*.job /lockedfiles
   %systemroot%\system32\drivers\*.sys /lockedfiles
   CREATERESTOREPOINT

5. Click the Quick Scan button.The scan wont take long.
   
6. When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
   Please post this 2 logs in your first reply.

<hr />



What's next?
Attach the following logs to your post (You can find here details on how to use the Attachment System):

1.Combofix log
2.OTL logs
3.QUESTION: How is your computer running/behaving?