Hostgator sent me here for clean up

Discussion in 'Malware Help (A Specialist Will Reply)' started by Myles45, Jan 19, 2013.

  1. Myles45

    Myles45 Private E-2

    Hi, I was sent here on the advice of Hostgator after they noticed a large number of outgoing emails with known characteristics of a Trojan infection on my PC. 47627 to be exact!!! :eek I have been through the Read & run me first thread & have downloaded & run all of the suggested softwares for which I have attached the logs. As far as I could tell I am clean, but would just like someone to double check & confirm if that's ok

    Please let me know if you need any further info
    Regards
    Myles
     

    Attached Files:

    Myles45, Jan 19, 2013
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    I am not finding any malware in your logs. Have you cleaned out your email program?
     
    TimW, Jan 19, 2013
    #2
  3. Myles45

    Myles45 Private E-2

    Hi TimW,

    No I didn't think there was anything there to be honest, I had actually only last week gone through a very similar debugging routine with help from the Avast forum, & seemed to be pretty clean, so I think I was just unlucky getting the email attack yesterday.
    I have deleted all of the emails that bounced back (About 500 odd) from my inbox on the server & also outlook express, I still have to do it on my iPhone which is a complete PITA because I can only do them one at a time for some stupid reason!! Other than that how can I clean out my email program? Have also reset passwords obviously.
     
    Myles45, Jan 19, 2013
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    I don't know of any way to delete them from your phone. Maybe someone in the software forum does.

    I hppe you used a different computer to change your passwords.

    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware. You can uninstall RogueKiller and HitManPro.
    2. Go back to step 4 of the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
    3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    4. If running Vista or Win 7, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    5. Go to add/remove programs and uninstall HijackThis.
    6. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders
      related to MGtools and some other items from our cleaning procedures.
    7. After doing the above, you should work thru the below link
    Malware removal from a National Chain = $149
    Malware removal from MajorGeeks = $0
     
    TimW, Jan 20, 2013
    #4
  5. Myles45

    Myles45 Private E-2

    Ohh C**p, so now I feel like a complete incompetent idiot:-o

    The deffoger step.. As far as I know I don't think I have any disk emulation software, it's not something I've ever heard of before so certainly haven't intentionally added it. That's not to say I don't, I just don't know. Not sure how I missed that when I went through Read me other than I was doing it all at about 5am :zzz.

    I've just tried now to download the Defogger but it's not actually downloading for some reason. Maybe something to do with all the malware etc programs I have now. I was looking at the How to protect yourself page over the weekend & downloaded & setup Spybot & spywareblaster (not sure how much use they will be as the seem mainly aimed at IE whereas I tend to use Firefox) Can you assist in download of defogger? I presume if I run it at lease I will establish if I have disk emulation or not & therefore whether I need to rerun the rest of the debugging again.

    I have disabled Avast Firewall & left Windows firewall running. Firewalls was another thing I intended to ask about, because having read Matousec's leaktest I'm actually more confused as to which firewall I would be best to use??

    Finally, I only have the one computer so had no choice regarding changing passwords but I did it using Avast easypass Is that ok or do I still have a problem?

    Sorry about this :(
     
    Myles45, Jan 21, 2013
    #5
  6. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    I don't recall seeing any disc emulation software on your system, so just forget about that step.

    Windows firewall in XP sucks. I suggest you post in the software forum for some suggestions about replacing it.

    Using Avast easypass should be fine. Let me know if you have any other issues.
     
    TimW, Jan 21, 2013
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds