Spring Cleaning

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by moximus, Apr 10, 2020.

  1. moximus

    moximus Private E-2

    My uncle asked me install Norton on his laptop for him and the install kept failing...I also noticed he had a lot of adware/popups so I went ahead and ran the read/run me first thread. It seems to be working better now, but I would still appreciate you all taking a look at the logs to see if there is anything else I need to clear up.

    Thanks,
    Michael
     

    Attached Files:

    moximus, Apr 10, 2020
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Please rerun Hitman and remove all it finds. On RogueKiller, remove:

    [PUP.BeFRugal (Potentially Malicious)] BFHP.exe (6752) -- (BeFrugal.com (Capital Intellect Inc.)) C:\Users\Ken Omland\AppData\Local\Programs\BeFrugal.com\Add-On\2013.3.19.3\BFHP.exe -> Found

    [PUP.Gen0 (Potentially Malicious)] (BeFrugal.com (Capital Intellect Inc.)) C:\WINDOWS\Tasks\BeFrugal.com Toolbar.job -- C:\Users\Ken Omland\AppData\Local\Programs\BeFrugal.com\Add-On\2013.3.19.3\BFHP.exe -> Found

    [PUP.BeFRugal (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-1264479687-3931240383-3318990693-1003\Software\Microsoft\Windows\CurrentVersion\Run|BFHP -- (BeFrugal.com (Capital Intellect Inc.)) C:\Users\Ken Omland\AppData\Local\Programs\BeFrugal.com\Add-On\2013.3.19.3\BFHP.exe -> Found

    [PUP.Gen1|PUP.Ask (Potentially Malicious)] (folder) AskPartnerNetwork -- C:\Users\Ken Omland\AppData\Local\AskPartnerNetwork -> Found

    [PUP.Gen1 (Potentially Malicious)] (folder) IAC -- C:\Users\Ken Omland\AppData\Local\IAC -> Found
    [PUP.BeFRugal (Potentially Malicious)] (folder) BeFrugal.com -- C:\Users\Ken Omland\AppData\Local\Programs\BeFrugal.com -> Found

    [PUP.Gen1 (Potentially Malicious)] (folder) Ask -- C:\ProgramData\Ask -> Found
    [PUP.Gen1|PUP.Ask (Potentially Malicious)] (folder) AskPartnerNetwork -- C:\ProgramData\AskPartnerNetwork -> Found

    [PUP.Gen1|PUP.Ask (Potentially Malicious)] (folder) AskPartnerNetwork -- C:\Program Files

    (x86)\AskPartnerNetwork -> Found

    Reboot and rescan with both Hitman and RogueKiller and attach those new logs.
     
    TimW, Apr 10, 2020
    #2
  3. moximus

    moximus Private E-2

    I've attached the new logs. I couldn't find all of the things you said to delete in Rogue Killer...Could they have possibly already been removed by Hitman?

    Michael
     

    Attached Files:

    moximus, Apr 12, 2020
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Yes...very likely. However, there is one item left in the RogueKiller log:

    [PUP.BeFRugal (Potentially Malicious)] (folder) BeFrugal.com -- C:\Users\Ken Omland\AppData\Local\Programs\BeFrugal.com -> Found

    Please delete that, reboot and rescan with RogueKiller and attach the new log.....be sure to tell me how things are running now.
     
    TimW, Apr 12, 2020
    #4
  5. moximus

    moximus Private E-2

    Attached. Everything seems to be working much faster!

    Michael
     

    Attached Files:

    • RK3.txt
      File size:
      17.2 KB
      Views:
      3
    moximus, Apr 12, 2020
    #5
  6. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Looks good and good to know!! :)

    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware.
    2. Go to add/remove programs and uninstall HijackThis. If you don't see it or it will not uninstall, don't worry about it. Just move on to the next step.
    3. If running Vista, Win 7 or Win 8, it is time to make sure you have re-enabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    4. Now go to the C:\MGtools folder and find the MGclean.bat file. Double click ( if running Vista, Win7, or Win 8 or 10 Right Click and Run As Administrator ) on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    5. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    6. After doing the above, you should work thru the below link:
     
    TimW, Apr 12, 2020
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds