GeekPolice Tech TutorialsLog in

 


[INACTIVE] NetUtils2016: PC badly affected after installing program

Share

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Hi.
I have carried out the Farbar Recovery Scan and have attached both scans 
thanks

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
There are many program entries in the logs for your computer for WildTangent games... Do you want to keep those? I ask, because they are showing a “hidden” flag next to them, which is suspicious activity unless you installed them yourself.

I also have noticed the use of P2P and cracks/keygens in your logs. This is highly unsafe, and the source of infection, including, as of recent, the prevalence of ransomware. Ransomware is a highly dangerous infection, which locks down your files/folders/PC requiring you to pay the hacker in order to restore access to your system. In addition, antivirus and anti-malware software cannot always “catch” an infection to block it... Therefore, I recommend the removal of uTorrent and any other programs related to torrenting. You'll be glad you did...! Smile...

Oh and did you upgrade from Windows XP to Windows 10?

Fix with Farbar Recovery Scan Tool
Notice to outside readers: This fix was created for this user for use on that particular machine.Running it on another one may cause damage and render the system unstable.
Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work! Therefore, if you placed FRST.exe in your “Geek Police” folder, then make sure fixlist.txt goes in the same location as FRST.exe.


  • Right-click on FRST icon and select Run as Administrator to start the tool.
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart of your computer, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.


Please post it to your reply.
Attachments
fixlist.txt

Fixlist.txt

You don't have permission to download attachments.

(6 Kb) Downloaded 5 times

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Hello,
Thank you for your advice and instructions. I will make those changes regarding utorrent.
I bought the pc with Windows 10 preinstalled.
I didn't install Wild Tangent Games or had any idea that it was installed on my pc. How do i remove that ?
I have carried out your instructions regarding Farbar recovery scan tool and I have attached the Fixlog.txt.
I await your comments
thanks

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Very well... Now for the WildTangent Games, go to Start > type in appwiz.cpl and hit enter or choose the result from the search list. Then, in that list, look for the following entry: WildTangent Games. Please uninstall that, and it should remove all of the games along with it.

Then, please do the following:
Re-running FRST to search for any leftovers:

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

  • Right-click on FRST icon and select Run as Administrator to start the tool.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content into your next reply.




Malwarebytes' scanner
If this program is already installed: Skip the installation and run only the scan!
Download and install: Please download Malwarebytes' scanner to your desktop.

  • Double-click mb3-setup-consumer-3.x.x.xxxx and follow the prompts to install the program.
  • Click Finish.
  • On the Dashboard, click the 'Check for Updates' button.
  • After the update completes, then, on the Dashboard, select Settings.
  • Click on Protection.
  • Ensure that Scan for rootkits is checked. If not, check it.
  • Return to the Dashboard and click the 'Scan Now' button.
  • A Threat Scan will begin. Please allow it to progress through the scanning process.
  • When the scan is complete, if there have been detections, click Quarantines Selected button to allow the program to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

How to get logs: (Export log to save as txt)

  • After the restart once you are back at your desktop, open Malwarebytes once more.
  • Click on the Reports tab > Scan Report. (if you have done more than one scan in the past, select the most recent that shows the Date and time of the scan just performed. Press View Report button.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Find the log on your Desktop and Attach that saved log to your next reply.

(Copy to clipboard for pasting into forum replies or tickets)




Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then on Start Scan.





  • If an infected file is detected, the default action will be Cure, click on Continue.



  • If a suspicious file is detected, the default action will be Skip, click on Continue.





  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.




  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents the report here.

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Hi,
I have deleted all Wild Tangent games as per your instructions.
I have run Farbar Recovery Scan Tool again and attached logs.
I ran Malwarebytes once more and again it stuck on Heuristics Analysis with no sign of activity,so i closed it again. I have attached a screen capture of the 9 threats identified that couldn't be removed due to the scan sticking.The screen capture will be in a separate message that will follow this one.
I ran TDSSKiller.exe and it found no problems. The log is attached.
I await your comments.
Thank you again

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
I have been unable to post the screen capture due to size restrictions. The 9 threats found are all PUP files,process modules and registry keys.  Is there another program like Malwarebytes i could use instead?
thanks.

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Okay, let's see what we can do here... This will be a bit rigorous...

Please download the latest version of Hitman Pro

  • After the download completes please double click the program to run it.
  • Accept the terms of the license agreement and click Next
  • Let the scan run. It will not take long
  • When the scan finishes, and all the files have been uploaded to the Scan Cloud, click Next
  • Click Next again. At the bottom left you will see Export Scan Results To XML File. Click that and save it in a convenient location
  • Upload log.xml here for review please


Sophos Virus Removal Tool
Download Sophos Free Virus Removal Tool and save it to your desktop.

  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program


Scan with herdProtect

Please download herdProtect by Reason Software (portable edition) and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here .

  • Right-click on the HerdProtect icon and select Run as Administrator to install the scanner.
  • It will ask for the location - leave the default one (%ProgramFiles%) or select another, convenient one.
  • Agree to the terms, select Launch herdProtect and click Finish.
  • Click Scan. It may take a while, depending on your system and connection specs. Please be patient.
  • When it finishes click on Save Results.
  • A Notepad with a report should open.

Please include the contents of that report in your next reply.
This type of scan often produces false positives. In any case do not remove on your own any of its findings! Removal will be made after the careful analysis of the scan results.
Upon completion of the cleaning you may remove HerdProtect if you wish so. To do it just delete its directory (chosen by you when installing the tool).

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Hello,

Should I remove malicious software that Hitman Pro has discovered?  The scan has completed and is asking me to activate their product which i can do with a 30 day free  license.
thanks

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Yes, go ahead with that. However, only herdProtect you should not remove anything right now, please. Smile...

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Hi.
 I have run Hit man Pro. The log is attached. 
 I have run Sophos Virus removal Tool. The Scan found 1 threat which i removed. It showed an error message when i clicked Details,then View Log File.I Could not retrieve a log.
 I have run herdProtect as requested and have left the scan open on the desktop after completion. The log is attached. I have not attempted anything further with herdProtect. I have split this log into 5 individuals files due to the size of the initial log. I will send part 5 separately.
 I await your response.
  thanks

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Please find attached part 5

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Thanks for letting me know the progress, the system is still heavily infected...

Fix with Farbar Recovery Scan Tool

This fix was created for this user for use on that particular machine.Running it on another one may cause damage and render the system unstable.

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!


  • Right-click on FRST icon and select Run as Administrator to start the tool.
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart of your computer, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.


Please post it to your reply.




RogueKiller Scan


  • Download RogueKiller from the following link and save it on your desktop:
    TechSpot
    Official Site (alternative)
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan




  • Wait for the end of the scan.
  • The report has been created on the desktop.
  • Click on the Delete button.




  • The report has been created on the desktop.


  • Next click on the ShortcutsFix


  • The report has been created on the desktop.

Please post:

All RKreport.txt text files located on your desktop.




CKScanner

Please download CKScanner by askey127 from here
Save it to your desktop.

  • Doubleclick CKScanner.exe and click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify that the file is saved.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.
Attachments
fixlist.txt

Fixlist.txt

You don't have permission to download attachments.

(1 Kb) Downloaded 1 times

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Hello,
I have followed your instructions regarding the Farbar Recovery Scan Tool. The Fixlog.txt is attached to this message.
I have run RogueKiller and after the completion  I opened the report and copied it to the desktop. I have attached same here.
The version of RogueKiller I used was 12.9.7.0 and the layout is different to the one you supplied. It is still open on my desktop. Should i check each item before i select the 'Remove Selected' button.
thanks
Attachments
Fixlog.txt

You don't have permission to download attachments.

(3 Kb) Downloaded 2 times

rk_F195.tmp.txt

You don't have permission to download attachments.

(11 Kb) Downloaded 2 times

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Yes, please do remove those items.

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
I will send you the CKFiles log shortly when it completes
thanks

descriptionRe: [INACTIVE] NetUtils2016: PC badly affected after installing program

more_horiz
Permissions in this forum:
You cannot reply to topics in this forum