RogueKiller found objects

Discussion in 'Malware Help (A Specialist Will Reply)' started by ManWarBear, Apr 19, 2014.

  1. ManWarBear

    ManWarBear Private First Class

    Good Day,

    Yesterday, when I was in a chat room, I was booted shortly after entering the room. Then, my javascript immediately stopped working on some webpages. I've run the scans as a precaution and RogueKiller found some objects in the hosts tab and in the browser tab. Hitman also found something, that I ignored, so I figured that I should play it safe and have a professional read all the logs to make sure that my computer is clean.
     

    Attached Files:

    ManWarBear, Apr 19, 2014
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    The only thing I am seeing to do is to rerun Hitman and have it remove this entry:

    Quote:
    Potential Unwanted Programs _________________________________________________

    HKU\S-1-5-21-2529950924-2413168481-1851909273-1000\Software\APN PIP\ (AskBar)

    What issues are you having?
     
    Last edited by a moderator: Apr 19, 2014
    TimW, Apr 19, 2014
    #2
  3. ManWarBear

    ManWarBear Private First Class

    Hitman is not allowing me to delete the item. It says that my license has expired.
    I'm not really having issues but it was a little bit suspect the way that some of the folks in the chatroom were speaking. It got me a little worried about possible keyloggers and the like.
    In regards to the hosts file entries that RogueKiller found; those are all fine? Also, the browser addon that RogueKiller found. I don't remember adding that. Will it be safe to remove it?
     
    Last edited: Apr 19, 2014
    ManWarBear, Apr 19, 2014
    #3
  4. ManWarBear

    ManWarBear Private First Class

    So I tried to remove the addon with rogue killer and hit the delete key. It deleted all the registry keys that were listed and now I Don't know how to get them back......
     
    ManWarBear, Apr 19, 2014
    #4
  5. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    There was nothing that needed fixing in RogueKiller. What is your situation now?
     
    TimW, Apr 19, 2014
    #5
  6. ManWarBear

    ManWarBear Private First Class

    My current situation is. Hitman won't let me get rid of the AskBar remnant or whatever it is. I used RogueKiller to get rid of the addon that was in my browser (which my browser would not let me delete) but I fear it may have deleted some registry keys. I'm afraid to restart my computer for that reason, because I have no idea what those registry keys do, but other than that everything is working fine.
     
    ManWarBear, Apr 19, 2014
    #6
  7. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Go aheaad and reboot and then tell me what is happening.
     
    TimW, Apr 19, 2014
    #7
  8. ManWarBear

    ManWarBear Private First Class

    I rebooted a few hours ago upon which time the computer went into CHKDSK mode for some reason but everything seems to be working fine.
     
    ManWarBear, Apr 20, 2014
    #8
  9. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware.
    2. Renable your Disk Emulation software with Defogger if you had disabled it in step 4 of the READ & RUN ME.
    3. Go to add/remove programs and uninstall HijackThis. If you don't see it or it will not uninstall, don't worry about it. Just move on to the next step.
    4. If running Vista, Win 7 or Win 8, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    5. Now goto the C:\MGtools folder and find the MGclean.bat file. Double click ( if running Vista, Win7, or Win 8 Right Click and Run As Administrator ) on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    6. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
     
    TimW, Apr 20, 2014
    #9
  10. ManWarBear

    ManWarBear Private First Class

    Thank you very much for your time, effort and patience.
     
    ManWarBear, Apr 20, 2014
    #10
  11. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You are welcome. ;)
     
    TimW, Apr 20, 2014
    #11

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds