Cleaning Up After Blue Screen/browser Control Scam

Khatru54 · Dec 24, 2015

Hello,

I'm trying to clean up this computer after someone fell for a blue screen scam yesterday and made a payment for anti-virus service/allowed the scammer remote access to their computer. I went through the whole process and am attaching the logs. Can I be confident that the computer is clean? Should I just reinstall the OS?

I keep getting an error message when attaching the TDSSKiller log, saying that the file is empty. TDSSKiller didn't find anything -- is that the reason for the message? Should I try to run it again?

Thank you for your help.

Kestrel13! · Dec 24, 2015

Hi there. Not seeing any malware. You can do this:

Fix item using RogueKiller.

Double-click RogueKiller.exe to run. (Vista/7/8 right-click and select Run as Administrator)
When it opens, press the Scan button
Now click the Tasks tab and locate this detection:

[Suspicious.Path] \UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 -- C:\WINDOWS\TEMP\DeleteFolderTask.exe -> Found

Place a checkmark next to this item, leave the others unchecked.
Now press the Delete button.
When it is finished, there will be a log on your desktop called: RKreport[2].txt
Attach RKreport[2].txt to your next message. (How to attach)
Reboot the machine.

How are things running?

Log in or Sign up

Cleaning Up After Blue Screen/browser Control Scam

Khatru54 Private E-2

Attached Files:

HitmanPro_20151224_0018.log

MalwareBytes.txt

RKlog.txt

MGlogsR.zip

Kestrel13! Super Malware Fighter - Major Dilemma Staff Member