Cmd Pops And Slow Browsers

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by TammyRDH, Feb 6, 2017.

  1. TammyRDH

    TammyRDH Private E-2

    I have some issues with a cmd pop up flashing when using AOL. Also my browsers crash. I use Firefox and AOL mostly. My computer is very slow and many programs become "non responsive". I followed all the steps in the Read Me First directions. I cannot get MGTools to download. It downloads, but then is immediately removed by my computer. I tried IE, Firefox, and Chrome. I used the directions to stop the security features from preventing malicious downloads. I turned off my computer's firewall and Norton. I even tried to download it to a flash drive. The computer eradicates it immediately! So frustrating. So I'm uploading the logs I was able to get so you can begin the process of assisting me. Maybe you have a plan for getting MGTools to load.
     

    Attached Files:

    TammyRDH, Feb 6, 2017
    #1
  2. TammyRDH

    TammyRDH Private E-2

    I have determined that AOL security quarantined mgtools.exe during download because it detected Trojan.Gen.8. I was not running AOL during the download process. Only Firefox...and the other browsers as I got more desperate. I guess security was running in the background, although I have no idea how.
     
    TammyRDH, Feb 7, 2017
    #2
  3. TammyRDH

    TammyRDH Private E-2

    I am not bumping. I am adding more information as the time wears on while I wait for you. My printer keeps dropping off the wifi and the associated software becomes "unresponsive". My amazon password was hijacked last week and fraud happened and now I think it might be from some security breech on my computer. All of my programs freeze/crash now. My desktop rearranges itself after an occasional blackout. I'm worried that the whole thing is going to crash before I can get this sorted out. I need my scanner and printers for important and time urgent matters.
     
    TammyRDH, Feb 8, 2017
    #3
  4. TammyRDH

    TammyRDH Private E-2

    I forgot to add the AdwCleander log
     

    Attached Files:

    TammyRDH, Feb 9, 2017
    #4
  5. TammyRDH

    TammyRDH Private E-2

    I went to task manager to turn off the aol processes so maybe I could load MGTools.exe. AOL kept reloading itself into my processes. Finally, my computer crashed and then I got a blue screen with a message that it will reboot and sent some files to microsoft. ummm.
     
    TammyRDH, Feb 9, 2017
    #5
  6. TammyRDH

    TammyRDH Private E-2

    I am not bumping....just wondering how long am I supposed to wait for support? Everyone else is being helped within one day. I have been waiting for almost 5 days for help with this. I don't see anyone else in line ahead of me, so I must be next in the line. Perhaps no one can help me with my issues. Since I haven't heard back, I don't know if I should stop waiting.
     
    TammyRDH, Feb 10, 2017
    #6
  7. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Rerun Hitman and have it delete all that it finds. Then rerun RogueKiller and have it remove these items:

    ¤¤¤ Registry : 13 ¤¤¤
    [PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\MetaStream -> Found
    [PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\Viewpoint -> Found
    [PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer -> Found
    [PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.aol.com/?mtmhp=hyplogusaolp00000092 -> Found
    [PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.aol.com/?mtmhp=hyplogusaolp00000092 -> Found
    [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2303623631-2466773951-951242291-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.aol.com/?mtmhp=hyplogusaolp00000092 -> Found
    [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2303623631-2466773951-951242291-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.aol.com/?mtmhp=hyplogusaolp00000092 -> Found
    [PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.aol.com/?mtmhp=hyplogusaolp00000092 -> Found
    [PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.aol.com/?mtmhp=hyplogusaolp00000092 -> Found

    ¤¤¤ Files : 9 ¤¤¤
    [PUP.Gen1][Folder] C:\ProgramData\AOL Toolbar -> Found
    [PUP.Gen1][Folder] C:\ProgramData\Viewpoint -> Found
    [PUP.Gen1][Folder] C:\Users\tammy_000\AppData\Local\AOL Toolbar -> Found
    [PUP.Gen1][Folder] C:\Users\tammy_000\AppData\Local\PackageAware -> Found
    [PUP.Gen1][Folder] C:\ProgramData\AOL Toolbar -> Found
    [PUP.Gen1][Folder] C:\ProgramData\Viewpoint -> Found
    [PUP.Gen1][Folder] C:\Program Files\AOL Toolbar -> Found
    [PUP.Gen1][Folder] C:\Program Files (x86)\AOL Toolbar -> Found
    [PUP.Gen1][Folder] C:\Program Files (x86)\Viewpoint -> Found

    Have MBAM remove what it found.

    Reboot and rescan with both Hitman and RogueKiller. Disable your protection software and try to run MGTools.exe.

    Let me know what happens and also how things are running.
     
    TimW, Feb 10, 2017
    #7
  8. TammyRDH

    TammyRDH Private E-2

    I was out of town....I finally got a chance to do this and here is my MGtools logs. I got three pop ups. 1) HijackThis Beta that said for some reason my system denied write access to the hosts file..., 2) ProcessDll.exe-Common Language Runtime Debugging Services that said the application has generated an exception that could not be handled Process id=0x1f58 (8024)m /thread id=0x38 (56) and I pressed "cancel" to debug. 3)ProcessDll.exe- No debugger Found - Registered JIT debugger is not available...cordbg.exe !a 0x1f58. I clicked cancel to abort the JIT debug request.
     

    Attached Files:

    TammyRDH, Feb 20, 2017
    #8
  9. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    I also wanted to see the new logs from Hitman and RogueKiller. Please attach them.
     
    TimW, Feb 20, 2017
    #9
  10. TammyRDH

    TammyRDH Private E-2

    Here's Hitman. RogueKiller is on the way
     

    Attached Files:

    TammyRDH, Feb 20, 2017
    #10
  11. TammyRDH

    TammyRDH Private E-2

    I didn't save these, so I went into the Logs section and copied and renamed the .json files to .txts. I hope these work. I will also run a fresh scan and save the log properly in case you need it.
     

    Attached Files:

    TammyRDH, Feb 20, 2017
    #11
  12. TammyRDH

    TammyRDH Private E-2

    I renamed them to .log
    Sorry for the confusion
     
    TammyRDH, Feb 20, 2017
    #12
  13. TammyRDH

    TammyRDH Private E-2

    I had deleted the viewmgr files, but aol just reinstalls them everytime I log on.
     
    TammyRDH, Feb 21, 2017
    #13
  14. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    The logs are illegible.
     
    TimW, Feb 21, 2017
    #14
  15. TammyRDH

    TammyRDH Private E-2

    here's my recent one
     

    Attached Files:

    TammyRDH, Feb 21, 2017
    #15
  16. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Rerun RogueKiller and have it remove these items:

    ¤¤¤ Registry : 5 ¤¤¤
    [PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\MetaStream -> Found
    [PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\Viewpoint -> Found
    [PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer -> Found

    ¤¤¤ Files : 4 ¤¤¤
    [PUP.Gen1][Folder] C:\ProgramData\Viewpoint -> Found
    [PUP.Gen1][Folder] C:\Users\tammy_000\AppData\Local\PackageAware -> Found
    [PUP.Gen1][Folder] C:\ProgramData\Viewpoint -> Found
    [PUP.Gen1][Folder] C:\Program Files (x86)\Viewpoint -> Found

    Reboot and rescan with rogueKiller and attach the log. I would also like to see a new Hitman log.
     
    TimW, Feb 21, 2017
    #16
  17. TammyRDH

    TammyRDH Private E-2

    Hitman log and RogueKiller log
     

    Attached Files:

    TammyRDH, Feb 21, 2017
    #17
  18. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You can rerun Hitman and remove all it found. I am not finding any malware in those logs. I suggest that if your issues are continuing, post in the software forum for further assistance.

    Since you are not having any malware problems, it is time to do our final steps:
    1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware.
    2. If running Vista, Win 7 or Win 8, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    3. Now goto the C:\MGtools folder and find the MGclean.bat file. Double click ( if running Vista, Win7, or Win 8 Right Click and Run As Administrator ) on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    5. If you are running Win 8, Win 7, Vista, Windows XP or Windows ME, do the below to flush restore points:
      • Refer to the instructions for your Windows version in this link: Disable And Enable System Restore
      • For Windows 8 and 8.1 system restore see this link: Win 8 System Restore - How to enable/disable
      • What we want you to do is to first disable System Restore to flush restore points some of which could be infected.
      • Then we want you to Enable System Restore to create a new clean Restore Point.
    6. After doing the above, you should work thru the below link:
     
    TimW, Feb 21, 2017
    #18
  19. TammyRDH

    TammyRDH Private E-2

    Okay, Thank you for your assistance. I will follow your advice in the final steps. Hopefully, what you've helped me with will resolve my issues.
     
    TammyRDH, Feb 21, 2017
    #19
  20. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You are very welcome.
     
    TimW, Feb 21, 2017
    #20

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds