malware removal help - removal instructions attempted

I posted the software forum yesterday and was instructed to complete the malware removal steps and repost here. I have a new computer running Windows 8.1. When I say new, I mean I started having problems within a couple of hours after turning it on!

I have McAfee antivirus protection and downloaded and installed my MSOffice 2013 Home and Student. All seemed to be fine. The MSOffice was up and running and McAfee said I was protected. Suddenly and I don't remember what I was doing...it said Microsoft something (sounded like an antivirus or firewall something) had detected several problems and I needed to "clean my computer". Oh so ignorant of all that was going on with learning Windows 8.1 after using XP for years I told it to clean. Somewhere in there it suggested I do a system restore. All seemed OK until I realized MSOffice was no longer there. I tried to download it again and reload, but with no luck. It occurred to me it had something to do with the system restore so I tried to undo the restore. That of course didn't help. I'm also now getting messages from McAfee that I am covered and safe but that my firewall is turned off and needs to be turned on. However I can get McAfee to do nothing. I can open a screen, but nothing I do makes it do anything. I tried downloading their "Virtual Technician" before I started the process you recommended and it acted like it was downloading, but 20 minutes later it was still "spinning".

I have attempted to go through all the steps in the recommended malware removal process. I will attach what I saved and here are some notes of what occurred as I attempted this. Please keep in mind this is all very foreign to me and I'm struggling to even function with Windows 8.1 must less dealing with these issues. Please be patient.
- When I turned off UAC and restarted the computer, it said it was installing 40 updates!
- RogueKiller seemed to run fine...log attached
- Malwarebytes- I ran it and it apparently saved a log, I didn't know how to post it, so I exported them as txt files. Hope that works
- TDSSKiller - no threats found and I didn't see anything about a saving a log.
- MGtools - I couldn't get it to download. Each time I tried, it said it downloaded, but it always showed 0 bytes and if I clicked on it, it said it couldn't run on this computer check with software owner.

I don't really know how to tell if things are working OK, but I still cannot install MSOffice (but as I understand it, that may or may not be related to this problem) and I still can't get MCafee to let me do anything. Well at least it doesn't appear to be, but since I didn't know if it was OK for me to try to turn it back on...

Now what?

So much for getting a new computer so I didn't have to worry about threats from using an unsupported XP! LOL

Patti

 

I will try. I will have to figure out how to do safe mode! Windows 8.1 is proving challenging. Just have to ask...Kestrel13, where your screen name came from. I worked for a company named Kestrel for years...any connection?

 

I checked by over my notes and Hitman did run and said no threats found. I'll try to attach what it logged then I'll try the safemode thing.

 

OK, found instructions to boot in safe mode, but then I couldn't get on the internet to click on MGtools to try to download and run. It said I have to sign on as a different user. I don't know whether to try to create another account or what. Guess I'll wait to see if one of you has further instructions.

 

I guess I'm in over my head here. I tried to log in as a different user with no luck. I couldn't get on the internet in safe mode as another user either. This time it didn't even offer IE as an option. I don't have another computer to log in from and don't know how to transfer it to this one if I did! I KNOW I'm not too ignorant to own and use a computer as I've been doing it for more than 25 years, but I've never had a problem like this before and when you add the Windows 8 changes....well I may be defeated. The problem is I live in a rural area and have NO idea where to find local help, but I am determined to get this new computer going. Too much money and time already invested to give up now.

- if I can get someone to download MGtools for me, how do I get it from one computer to another?
- while I'm going back and forth with all this, my antivirus is still turned off. Can I turn it back on for now? It makes me nervous to be on here at all with it turned off.
- I had hoped you were my IT former co-worker from Kestrel (later Ryder International and now Atrion), but I guess that was wishful thinking. Kestrels are beautiful birds. I got to see them up close and personal when a pair nested near a window at work several years ago and the tinted windows kept them from seeing us, but we got a close up view of them and their habits.

Thanks again for all your help, but if you think I'm in over my head, maybe I just need to look for someone locally to help me.

feeling kind of defeated, old and tired right now....Patti

 

OK, I did the tweaking.com thing. It's not obvious to me if that fixed anything, but not sure if I'd know!

I could not get on the internet in safe mode on my account. I can't remember now exactly what it said, just that it could not connect if I can tell anything from my notes. I'm trying to make notes. I don't really understand the "networking" part, but I have noticed when I look at my settings it says "network 2". I'm not sure what I did to create network 2 and where did network 1 go, but then again lots of things are happening that I don't know what caused them! Shall I try the safe mode internet again? Ahhh, should I have selected "network"? I selected "minimal". Could the "turn off UAC" you had me do when I started running scans have anything to do with this?

I tried to turn the McAfee back on, but not sure how. It doesn't seem I did anything. A little concerned I'm feeling unprotected! I am not doing anything but major geeks and using email to find you again when needed so maybe I'm not overly vulnerable.

thanks again. Are we making any progress LOL

 

OK, started in safe mode per your instructions...
- signed on as me it says "This app can't open. IE can't be open using the built in administrator account. Sign in with a different account and try again".

- signed in with a different account and there was no IE app on there. I'm sure it has something to do with how I set up the account, but I don't know what!

I know this must be torture for you and you would probably like to crawl through here and do it for me! Thanks for sticking with me.

I'm going to look quickly and see if I can find how to make that other account have use of IE, but then I really need to go to bed. I have to get up VERY early tomorrow. I will check back in tomorrow afternoon but will let you know before I go to bed if I make any progress with the safe mode download of MG tools tonight.

Thanks,
Patti

 

Found it!! In safemode I did the MGtools and here are the logs (I hope!!)

 

Hmmm, doesn't appear the logs attached. Trying again. Ahh, found the missed step.

Here you go and off to bed for me. I hope you know how much I appreciate you!

 

I don't know how to delete the file you asked me to delete.

Delete this: C:\ProgramData\DP45977C.lfl (what is this anyway??)

I have a folder on C: called Program Files and one called Program Files (x86), but I don't see anything called ProgramData.

Did you run Windows Repair in my post #8? If not please do so. Yes, I did. It ran about 36 minutes so it definitely did something but I don't know what!

Good news on the malware, but now what? Do I just need to contact Dell support and see if they can help. I didn't try them first, even though this is a brand new computer ordered directly from them, because majorgeeks thought it was malware and I didn't think Dell would help with that.

Now what? I still get a message that my McAfee firewall is not active, but can't figure out how to make it active and I still don't have MSoffice installed, but could try that again. Just didn't want to do much while I was in the process of getting help from you. Didn't want to have too many things going on at once.

Patiently awaiting help from above or from Kestrel LOL.
Patti

 

Do I need to attach the logs for the Windows repair? Didn't know if that contained any personal info!