MajorGeeks Support Forums

Go Back   MajorGeeks Support Forums > ----------= PC, Desktop and Laptop Support =---------- > Malware Removal
Register FAQ Members List Calendar Casino Mark Forums Read

Malware Removal Malware removal forum. Please see the READ ME FIRST thread before you post. Forum is staffed by a small number of volunteers, please be patient.


Reply
 
Thread Tools Display Modes
  #1  
Old 01-09-13, 22:26
EscapeCat's Avatar
EscapeCat EscapeCat is offline
Senior Member
 
Join Date: Mar 2009
Posts: 111
Thanks: 8
Thanked 3 Times in 2 Posts
Default Is "US Tech Support Framework" Malware?

I'm taking care of my mom while she is going through a diagnosis of cancer, and will begin treatments soon. I want to be sure her computer is working well during this time, as she has been telling me for ages that she has had problems with it.

For a long, long time, when attempting to run McAfee scans, it freezes. I live in California, and she lives in Missouri.

When looking at her control panel, I am seeing called, "US Tech Support Framework." I am unfamiliar with it, and its rating on the WOT (Web of Trust) site is very poor. However, when I google it, I cannot tell for sure if it's bad or how to remove it. Being I know mom doesn't need it, I attempted to remove it from the Control Panel. A pop-up happens asking me to allow the "Unknown" program to run or not. It says it's an "update" when I click on DETAILS, and it asks if I trust it or not. This happens when I'm trying to REMOVE it, not update it. I don't want to click the wrong thing, so I always cancel that, and then it stops the procedure. If this is malware, I will go through the malware READ ME AND RUN ME FIRST steps. Please let me know if that is what I should do for this or not. (Though I am considering doing it anyway since her PC has been running so poorly.)

Thanks in advance.

Her specs:
Windows Vista Home Premium, SP 2
32-Bit Operating System
RAM 3.00
__________________
Just bumbling around the computer chips and bytes, hoping not to get hit by a bus...
Reply With Quote
Sponsored links
  #2  
Old 01-10-13, 09:13
Kestrel13!'s Avatar
Kestrel13! Kestrel13! is offline
Super Malware Fighter - Major Dilemma
 
Join Date: Apr 2007
Location: cloud cuckoo land
Posts: 28,679
Thanks: 952
Thanked 3,688 Times in 3,592 Posts
Default Re: Is "US Tech Support Framework" Malware?

Yes I think it's undesirable. Follow the instructions for the R&R. READ & RUN ME FIRST. Malware Removal Guide
__________________
Have we been helpful? Did our services here at MajorGeeks save you a whole lot of cash? If you would like to bequest a small amount as a token of your appreciation, please look out for the yellow 'Donate' button on the top right of any page. Thanks!
Reply With Quote
  #3  
Old 01-11-13, 02:56
EscapeCat's Avatar
EscapeCat EscapeCat is offline
Senior Member
 
Join Date: Mar 2009
Posts: 111
Thanks: 8
Thanked 3 Times in 2 Posts
Smile Re: Is "US Tech Support Framework" Malware?

Okay, I have run all the proper scans and the "US Tech Support Framework" remains on the system. I am attaching my logs to this post. I couldn't find the LOGS folder in MBAM, so I saved the log as a .txt in the document folder. I hope that doesn't mess things up. The only folders I saw in MBAM were Chameleon and Languages, no LOG folder???

Should I run McAfee again and see if it freezes as usual? Before these scans (last year, actually) she was having this problem, and I had tried uninstalling and reinstalling the program to see if it solved the problem, and it did not.

Also, this computer has a tendency to go into a sleep, or hibernation type mode during inactivity or scans, and won't "wake up" by pressing the power button. All I can do is hold the power button down (it's a laptop) and "kill" the laptop, then reboot Windows normally. Is that malware related? Or is that a different issue altogether that I should request help for elsewhere in this forum?

Anyway, thanks again, Kestrel, for looking into this matter. You helped me a couple years ago with my own laptop. (Sorry for all my questions. I will try to be less wordy with my next post.)

Thanks!
Attached Files
File Type: txt RKreport[1]_S_01102013_02d2257.txt (2.0 KB, 2 views)
File Type: txt mbam-log-2011-02-13 (23-06-49).txt (1.9 KB, 2 views)
File Type: txt TDSSKiller.2.8.15.0_11.01.2013_02.10.38_log.txt (126.9 KB, 2 views)
File Type: log HitmanPro_20130111_0219.log (1.4 KB, 2 views)
File Type: zip MGlogs.zip (335.2 KB, 5 views)
__________________
Just bumbling around the computer chips and bytes, hoping not to get hit by a bus...
Reply With Quote
  #4  
Old 01-11-13, 10:43
Kestrel13!'s Avatar
Kestrel13! Kestrel13! is offline
Super Malware Fighter - Major Dilemma
 
Join Date: Apr 2007
Location: cloud cuckoo land
Posts: 28,679
Thanks: 952
Thanked 3,688 Times in 3,592 Posts
Default Re: Is "US Tech Support Framework" Malware?

US Tech Support Framework <--- uninstall this.

Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
  • O2 - BHO: (no name) - MRI_DISABLED - (no file)
  • O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
  • O23 - Service: A - Unknown owner - C:\Users\Owner\AppData\Local\Temp\A.exe (file missing)
  • O23 - Service: AWLH - Unknown owner - C:\Users\Owner\AppData\Local\Temp\AWLH.exe (file missing)
  • O23 - Service: BLWVY - Unknown owner - C:\Users\Owner\AppData\Local\Temp\BLWVY.exe (file missing)
After clicking Fix exit HJT.

Delete these files if they show:
  • C:\Users\Owner\AppData\Local\Temp\A.exe
  • C:\Users\Owner\AppData\Local\Temp\AWLH.exe
  • C:\Users\Owner\AppData\Local\Temp\BLWVY.exe

Delete these folders if they exist:
  • C:\Users\Owner\AppData\Roaming\USTechSupport
  • C:\ProgramData\USTechSupport
  • C:\Program Files\USTechSupport
  • C:\Program Files\Common Files\USTechSupport

Now run the C:\MGtools\GetLogs.bat file by double clicking on it. (Right click and run as admin if using Vista or Windows7) Then attach the new C:\MGlogs.zip file that will be created by running this.

Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now!
__________________
Have we been helpful? Did our services here at MajorGeeks save you a whole lot of cash? If you would like to bequest a small amount as a token of your appreciation, please look out for the yellow 'Donate' button on the top right of any page. Thanks!
Reply With Quote
The Following User Says Thank You to Kestrel13! For This Useful Post:
EscapeCat (01-11-13)
  #5  
Old 01-11-13, 20:50
EscapeCat's Avatar
EscapeCat EscapeCat is offline
Senior Member
 
Join Date: Mar 2009
Posts: 111
Thanks: 8
Thanked 3 Times in 2 Posts
Default Re: Is "US Tech Support Framework" Malware?

Thank you for your reply.

I have followed your instructions. Some of the folders did not exist, but some did (most of the US Tech Support folders existed even after I uninstalled the program, but the other ones did not). I am attaching the new MGlogs.zip file to this post for your review.

Her computer is working, but is still sluggish/slow at times. I tried running her McAfee anti-virus (full scan) and it froze at 22% again, while scanning the Quick Time folders. The "quick scan" was able to scan to completion. I had nothing else running at the time the computer froze.

Thanks again for your assistance!
Attached Files
File Type: zip MGlogs.zip (335.4 KB, 1 views)
__________________
Just bumbling around the computer chips and bytes, hoping not to get hit by a bus...
Reply With Quote
Sponsored links
  #6  
Old 01-11-13, 22:24
EscapeCat's Avatar
EscapeCat EscapeCat is offline
Senior Member
 
Join Date: Mar 2009
Posts: 111
Thanks: 8
Thanked 3 Times in 2 Posts
Default Re: Is "US Tech Support Framework" Malware?

Sorry for the double post, but I'm not able to EDIT my post at this point. I've been doing a few more things on mom's computer, and have been trying to update her Quicktime as she was on a website that needed it and it requested that she update it. We tried, and the computer froze again. I had to turn it off again and reboot. I went to apple's website and tried to update it again...but it froze again. I tried opening the task manager, and then was given a black screen with a white box in it that read:

"Logon process has failed to create the security options dialog.

Failure - Security Options

OK"

I was forced to click ok (and still have been unable to update Quicktime), and then had to "kill" the laptop yet again (as in I was unable to shut it down properly). I have never seen this error message before tonight. *sigh* I hope we can fix this soon for her, as I leave next Friday and I want her laptop working.

Thanks again.
__________________
Just bumbling around the computer chips and bytes, hoping not to get hit by a bus...
Reply With Quote
  #7  
Old 01-13-13, 09:53
Kestrel13!'s Avatar
Kestrel13! Kestrel13! is offline
Super Malware Fighter - Major Dilemma
 
Join Date: Apr 2007
Location: cloud cuckoo land
Posts: 28,679
Thanks: 952
Thanked 3,688 Times in 3,592 Posts
Default Re: Is "US Tech Support Framework" Malware?

Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

  • O23 - Service: FCTCDO - Unknown owner - C:\Users\Owner\AppData\Local\Temp\FCTCDO.exe (file missing)

After clicking Fix exit HJT.

Find this file and delete it. Any other files in this "Temp" folder can all be deleted too please.

C:\Users\Owner\AppData\Local\Temp\FCTCDO.exe

Now run the C:\MGtools\GetLogs.bat file by double clicking on it. (Right click and run as admin if using Vista or Windows7) Then attach the new C:\MGlogs.zip file that will be created by running this.
__________________
Have we been helpful? Did our services here at MajorGeeks save you a whole lot of cash? If you would like to bequest a small amount as a token of your appreciation, please look out for the yellow 'Donate' button on the top right of any page. Thanks!
Reply With Quote
  #8  
Old 01-14-13, 05:22
EscapeCat's Avatar
EscapeCat EscapeCat is offline
Senior Member
 
Join Date: Mar 2009
Posts: 111
Thanks: 8
Thanked 3 Times in 2 Posts
Default Re: Is "US Tech Support Framework" Malware?

Let me know what to do next, if I should try running the McAfee scan again, AND if I can try updating QuickTime again, too.

Also, when deleting all the files listed under:
C:\User\Owner\AppData\Local\Temp

I got the attached error message. But when I clicked TRY AGAIN, it said it couldn't be found and it appeared to me that all the contents I was deleting were, in fact, deleted. Just thought I should let you know about that, too.

Thanks again for your help!
Attached Images
File Type: jpg Error Message.jpg (21.8 KB, 5 views)
Attached Files
File Type: zip MGlogs.zip (337.7 KB, 2 views)
__________________
Just bumbling around the computer chips and bytes, hoping not to get hit by a bus...
Reply With Quote
  #9  
Old 01-14-13, 06:18
Kestrel13!'s Avatar
Kestrel13! Kestrel13! is offline
Super Malware Fighter - Major Dilemma
 
Join Date: Apr 2007
Location: cloud cuckoo land
Posts: 28,679
Thanks: 952
Thanked 3,688 Times in 3,592 Posts
Default Re: Is "US Tech Support Framework" Malware?

The logs look good. I would suggest to you that you uninstall Mcafee > run Ccleaner to be rid of temp files (if you have it installed) and then reinstall mcafee. THEN see how it runs.
__________________
Have we been helpful? Did our services here at MajorGeeks save you a whole lot of cash? If you would like to bequest a small amount as a token of your appreciation, please look out for the yellow 'Donate' button on the top right of any page. Thanks!
Reply With Quote
  #10  
Old 01-14-13, 21:50
EscapeCat's Avatar
EscapeCat EscapeCat is offline
Senior Member
 
Join Date: Mar 2009
Posts: 111
Thanks: 8
Thanked 3 Times in 2 Posts
Default Re: Is "US Tech Support Framework" Malware?

Thanks. I did what you asked and McAfee still freezes about 23% through the full system scan. I noticed that it froze while scanning QuickTime stuff. And since I had issues updating QuickTime, I thought maybe I should uninstall QuickTime and try the scan again. Well, I go to uninstall it via the Control Panel, and as it's trying to uninstall, it freezes the PC about 1/4 of the way through the progress bar. I don't know what else to do, or how to fix this??? Any thoughts?
__________________
Just bumbling around the computer chips and bytes, hoping not to get hit by a bus...
Reply With Quote
Sponsored links
  #11  
Old 01-16-13, 15:04
Kestrel13!'s Avatar
Kestrel13! Kestrel13! is offline
Super Malware Fighter - Major Dilemma
 
Join Date: Apr 2007
Location: cloud cuckoo land
Posts: 28,679
Thanks: 952
Thanked 3,688 Times in 3,592 Posts
Default Re: Is "US Tech Support Framework" Malware?

Yes, you can post about it in the software forum as it's non malware related.

If you are not having any other malware problems, it is time to do our final steps:
  1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware.
  2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
    • Press and hold the Windows key and then press the letter R on your keyboard. This opens the Run dialog box.
    • Copy and paste the below into the Run box and then click OK. Note the quotes are required
    • "%userprofile%\Desktop\combofix" /uninstall
      • Notes: The space between the combofix" and the /uninstall, it must be there.
      • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
  3. Go back to step 4 of the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
  4. Go to add/remove programs and uninstall HijackThis. If you don't see it or it will not uninstall, don't worry about it. Just move on to the next step.
  5. If running Vista or Win 7, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
  6. Goto the C:\MGtools folder and find the MGclean.bat file. Double click ( if running Vista, Win7, or Win 8 Right Click and Run As Administrator ) on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
  7. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others) and running MGclean.bat did not remove, you can delete these files now.
  8. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
  9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
    • Refer to the cleaning procedures pointed to by step 6 of the READ ME
      for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
    • Then reboot and Enable System Restore to create a new clean Restore Point.
  10. After doing the above, you should work thru the below link:
__________________
Have we been helpful? Did our services here at MajorGeeks save you a whole lot of cash? If you would like to bequest a small amount as a token of your appreciation, please look out for the yellow 'Donate' button on the top right of any page. Thanks!
Reply With Quote
The Following User Says Thank You to Kestrel13! For This Useful Post:
EscapeCat (01-16-13)
  #12  
Old 01-16-13, 22:53
EscapeCat's Avatar
EscapeCat EscapeCat is offline
Senior Member
 
Join Date: Mar 2009
Posts: 111
Thanks: 8
Thanked 3 Times in 2 Posts
Default Re: Is "US Tech Support Framework" Malware?

Thank you so much, Kestrel. I've followed the instructions, and her PC should be clean now. (Though my brother just went in and created a separate account for her - limited user account - and now everything is slow again. Argh. ) Anyway, I really appreciate your help, and have posted about my QuickTime issues in the Software Subforum. Thanks so much!
__________________
Just bumbling around the computer chips and bytes, hoping not to get hit by a bus...
Reply With Quote
  #13  
Old 01-17-13, 06:55
Kestrel13!'s Avatar
Kestrel13! Kestrel13! is offline
Super Malware Fighter - Major Dilemma
 
Join Date: Apr 2007
Location: cloud cuckoo land
Posts: 28,679
Thanks: 952
Thanked 3,688 Times in 3,592 Posts
Default Re: Is "US Tech Support Framework" Malware?

You're very welcome. Safe surfing!
__________________
Have we been helpful? Did our services here at MajorGeeks save you a whole lot of cash? If you would like to bequest a small amount as a token of your appreciation, please look out for the yellow 'Donate' button on the top right of any page. Thanks!
Reply With Quote
Reply

Tags
us tech support framework

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Cyberlink "Tech Support" FED UP Software 28 02-08-13 18:46
malware 2 icons on my dt called"live safety centre"+"online sercurity guide" plz help prepare4carnage Malware Removal 6 11-14-07 14:57
"Microsoft .NET Framework 1.1 Service Pack 1 Won't Install" rgarr Software 1 12-06-06 14:39
"Security Update for Microsoft .NET Framework" will not install jimbo51 Software 3 04-14-05 10:11
What is this "Microsoft.net Framework 1.0 service pack3 English version"? Blockhead Software 0 09-03-04 17:31


All times are GMT -5. The time now is 11:08.

MajorGeeks.Com Menu

MajorGeeks.Com \ All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ NEW! PC Games \ System Tools \ Macintosh \ Demonews.Com \ Top Downloads

MajorGeeks.Com \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds


All content Copyright MajorGeeks.com source code Powered by vBulletin® Version 3.8.4
Copyright © 2009 vBulletin Solutions, Inc. All rights reserved.
Ad Management by RedTyger