SteelWerx WhoAmI

Discussion in 'Malware Help (A Specialist Will Reply)' started by B_RAD_T07, May 11, 2014.

  1. B_RAD_T07

    B_RAD_T07 Private E-2

    So I'm not sure if I recently downloaded something by mistake, but I have somehow acquired this worm. Any help to remove it entirely (or as much as possible) would be greatly appreciated. Here are the files requested before the thread was made. Thanks again for your help.

    Brad T
     

    Attached Files:

    B_RAD_T07, May 11, 2014
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Please use Revo Uninstaller to remove:
    PC Tools Spyware Doctor with AntiVirus 9.0
    System Update kb70007
    Norton Security Scan

    Rerun Hitman and have it fix everything it finds. Reboot and rescan with Hitman and attach the new log. Tell me how things are running.
     
    Last edited: May 12, 2014
    TimW, May 12, 2014
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    What worm??? SteelWerx WhoAmI is not a worm. It is used by MGtools and some other programs to collect information. So why were you running MGtools to begin with? That is what you should have posted information on.
     
    chaslang, May 12, 2014
    #3
  4. B_RAD_T07

    B_RAD_T07 Private E-2

    Chaslang, I may have been quick to jump to worm. While performing the steps in the "Read & Run me First" this application stopped working. I did a quick google search, found an article, skimmed it, must've caught something else in the mix (haste and all) and jumped to "This must be the problem".

    After uninstalling the applications requested via Revo Uninstaller, I reran hitman right then and nothing appeared to fix. I restarted, ran hitman again and in this log is what has come up.

    As far as how things are running, it appears that the website interjections have gone away (grouped articles/ads that just appear inside of boxes on any site [all the same mind you]), but I am still having a homepage issue, that I am being redirected to a search engine that I've never heard of. V9? I have examined all the settings and can't find where this would be overriding my option of wanting to make Google the starting page or even if I wanted to open a new tab.

    Once again, thank you for your help. I really appreciate it. Even more so that all of my classes are online and having a fully functional computer is a necessity.

    Thanks,
    Brad T
     

    Attached Files:

    B_RAD_T07, May 13, 2014
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    TimW said to fix things with Hitman
    You only ran a scan. Please folow his instructions.
     
    chaslang, May 13, 2014
    #5
  6. B_RAD_T07

    B_RAD_T07 Private E-2

    I ran Hitman again, fixed everything it found, rebooted on it's order. After rebooting, scanned again and here is the new log.

    The small things that were lingering in the web browser have seemed to have disappeared.

    Thanks for your help, guys.

    Brad
     

    Attached Files:

    B_RAD_T07, May 14, 2014
    #6
  7. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You're welcome.

    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware.
    2. Renable your Disk Emulation software with Defogger if you had disabled it in step 4 of the READ & RUN ME.
    3. Go to add/remove programs and uninstall HijackThis. If you don't see it or it will not uninstall, don't worry about it. Just move on to the next step.
    4. If running Vista, Win 7 or Win 8, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    5. Now goto the C:\MGtools folder and find the MGclean.bat file. Double click ( if running Vista, Win7, or Win 8 Right Click and Run As Administrator ) on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    6. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    7. After doing the above, you should work thru the below link:
    8. How to Protect yourself from malware!
     
    TimW, May 14, 2014
    #7

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds