Infected With A Virus, Called The Number And They Removed It But They Needed Access To Computer...

I am fixing a computer that the person was infected with a virus, received a pop up that said "This is microsoft we will help you remove the virus". This person called the number, gave access to her laptop, paid $179.00 (or something like that) for a virus removal tool, spent three hours on the phone with the so-called-microsoft company and thought they were in the clear. I spoke to them, found out the phone number, searched the internet and found out it was a scam. It told the person to phone their credit card company, bank etc and ensure that no charges are coming through.

So now the person is afraid to use the computer and needs it for her daily life. This is where I come in and want to fix this computer so they can use it again. I want to eliminate any chance that the supposed virus removal company has of accessing her computer remotely in case she does banking etc.

I am going to use a USB key for all of the virus checkers etc, but I would love to know what the experts think about how I should begin? Safe mode?

Thanks in advance

 

Any suggestions on what I should start with?

 

I have an issue - I do not want to run my wifi with this laptop at my house. I was hoping to do everything via USB without using this laptop online - but the first thing stated using MB3 is that I need to download an update virus database. Can I get this in advance on my work PC and transfer it to the USB for the laptop?

 

Ok I found the link on the site for how to do it manually

 

Ok, I am stuck. I know I need to upload the logs to the forum, but how can I do that from the infected computer?
1) I don't want to go online with this infected computer at my house
2) Transferring the text file via USB could infect my home computer

What shall I do?

 

Here are the logs, the MGlog, I don't know if it is a newer version, but I couldn't find the log it was talking about so I grabbed the filelog.text , I hope that is it. Let me know if I am missing anything. I did not clear any files where it told me to leave them.

 

I want to give it back to the person and let them know they can do banking and such on it. I was going to install easy cleaner to get rid of remote PC and run all of the virus checkers listed in the RUN FIRST section and clear everything they find.
I was wondering what my next step would be so I can give this back to the person and they are worry free about using it for banking, unemployment submissions etc.

 

I couldn't find them...where are they located? They were not in the c:/MGtools folder. That is why I uploaded filelog.txt because I only found that .

 

I ran it from the USB but did not see it on the desktop...I will have to look again but I really didn't think it was there.

 

Here are the logs for MGtools

 

So this person with the laptop should be ok after that?

I am going to install Spybot, super antispy ware and anti-vira as well for them. I will remove the Remote PC first.