reply to chaslang re sharon2468

Discussion in 'Malware Help (A Specialist Will Reply)' started by bertM, Mar 8, 2014.

  1. bertM

    bertM Private E-2

    Hi Chaslang,

    Sharon2468 here. Thank you so much for replying yesterday to my post titled "logs for 2nd computer attached". I ran the 3 additional tools you suggested, and was ready to reply with the logs - but for some unknown reason the MG site will not let me log in under my original username. I even tried the "forgot password" link, and it said my email address doesn't exist.

    So, I created a new username here (bertM) in order to respond - sorry for the confusion but I didn't know what else to do!

    In answer to you question: No - we did not knowingly install UltraVNC! I tried to locate it in order to delete it and I cant find it - its not in the list of programs. Please let me know if you have any suggestions for how to get rid of it.

    Also, just so you know - I uninstalled the Registry Booster before running these next 3 tools, which you'll probably see in the logs.

    So - attached are the next round of logs you requested. Thank you again for you help in reviewing these and guiding me!

    Sharon

    ps - one more question - TimW replied to my first post (titled: 5 logs attached - thank you!) - and he said to "rerun Hitman and remove that one PUP". I've rerun Hitman, but I dont see the PUP, and I dont how to remove it. Any guidance will be welcomed :) Thx.
     

    Attached Files:

    bertM, Mar 8, 2014
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Looks like somehow your original login was changed to a Guest account. Not sure how that happend.

    Perhaps it is required and was installed by some other software you have running. Like the below:

    FastAccess
    Remote Access Media Server (Apache2.2) - Apache Software Foundation O23 - Service: Remote Access DB
    Remote Access File Sync Service (dsl-fs-sync) - SingleClick Systems
    FAService - Sensible
    File Backup Service (File Backup) - Starfield Technologies


    Your logs are clean.


    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware.
    3. Renable your Disk Emulation software with Defogger if you had disabled it in step 4 of the READ & RUN ME.
    4. Go to add/remove programs and uninstall HijackThis. If you don't see it or it will not uninstall, don't worry about it. Just move on to the next step.
    5. If running Vista, Win 7 or Win 8, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    6. Now goto the C:\MGtools folder and find the MGclean.bat file. Double click ( if running Vista, Win7, or Win 8 Right Click and Run As Administrator ) on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    8. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    9. If you are running Win 8, Win 7, Vista, Windows XP or Windows ME, do the below to flush restore points:
      • Refer to the instructions for your WIndows version in this link: Disable And Enable System Restore
      • What we want you to do is to first disable System Restore to flush restore points some of which could be infected.
      • Then we want you to Enable System Restore to create a new clean Restore Point.
    10. After doing the above, you should work thru the below link:

    Just run JRT on the otherPC too and that should help.
     
    chaslang, Mar 9, 2014
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds