I Don't Know If There's Crap On My Computer Or Not!!!

Discussion in 'Malware Help (A Specialist Will Reply)' started by mrgta67, Jan 13, 2019.

  1. mrgta67

    mrgta67 Private E-2

    All the logs seem to be clean except don't know what's on the MG files. Had several computers not updating the security patches. All but this one resolved itself starting installing all the security patches). This last Tuesday my work program would not load. I called the IT dept. and to make a long story short, was told to buy a new computer with WIN 10 on it. I had a back up from 06/17 (guess I didn't really optimize my back-up system very well) and restored it to that time and updated everything. I was on eBay Friday and was in the middle of buying something when I noticed a few areas on the webpage was in a FOREIGN language. I couldn't believe my eyes!!! It wasn't the entire page, just parts of it. I specifically saw the foreign language in the sign in drop down. It was on the top as well. None of the listings. It was only parts having to do with my account. Sooo, being the paranoid individual I am decided to go through you all to make sure I was all clean. AND now that I think about it, I was actually on the other side using Linux Mink 17.3 on Firefox (which runs ublock origin and noscript) when the weird language crap was going on. SO you probably can't help with that, but I'd appreciate knowing that MG says its all clear :) THANKS in advance for your time and effort!
     

    Attached Files:

  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Please rerun Hitman and remove these:
    Potential Unwanted Programs _________________________________________________

    HKLM\SOFTWARE\Classes\Software.OneClickProcessLauncherMachine.1.0\ (BoxoreOU)
    HKLM\SOFTWARE\Classes\Software.OneClickProcessLauncherMachine\ (BoxoreOU)

    Reboot and rescan with Hitman and attach the new log.
     
  3. mrgta67

    mrgta67 Private E-2

    Thanks for the look over Tim!!!
     

    Attached Files:

  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Looks good. What malware issues are you still having, if any?
     
  5. mrgta67

    mrgta67 Private E-2

    It began with not being able to update the security patches since Sept. or Oct. Nothing else seemed to be problematic until last Tuesday when I could not sign in to my work program. The IT idgets first response was "buy an new computer." I replied, you mean "upgrade" to Win 10? They said, "Yes, our program works so much better with Win 10." I said, I really don't want to because of all the "spyware" and control Win 10 has internally built into it. They replied, "You already have all that junk on your present computer." They were on my computer remotely and instead of telling me to go to the administrative side to work on it suggested me "upgrading." I did a POOR job of backing my laptop up, but was able to restore it to 06/17 and update it. Got all the security patches and my work program loaded up and is working. I don't notice any issues at this time. I appreciate you looking into this and will be backing this up asap.
    BTW: I forgot to back up my bookmarks as well and lost several which were connected to work! I saw you had to do a complete reinstall after Tuesday in the forum. This whole deal must have just been a MS F-up...should have known...
     
  6. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    What I had you remove is the infection that I have seen the most over the last few months. Every thing else is fine. I don't understand how your IT dept. could have overlooked it if they had remote access.

    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware.
    2. Go to add/remove programs and uninstall HijackThis. If you don't see it or it will not uninstall, don't worry about it. Just move on to the next step.
    3. If running Vista, Win 7 or Win 8, it is time to make sure you have re-enabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    4. Now go to the C:\MGtools folder and find the MGclean.bat file. Double click ( if running Vista, Win7, or Win 8 or 10 Right Click and Run As Administrator ) on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    5. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    6. After doing the above, you should work thru the below link:
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds