Having problem with EpicNet Inc, Trojan.Agent, and PUP.Optional.Glupteba

[Lios]

It's okay human make mistakes

Here

Fixlog.txt

[Maurice Naggar]

I have reviewed the log report.  The script has completed the modifications I mapped out.  Hoping this will be the final run.

Amongst other items, the 2 folders have been removed  ( again )

C:\Users\Dell\AppData\Roaming\EpicNet Inc
C:\Users\Dell\AppData\Local\EpicNet Inc

 

Should any issue or problem happen, I very much need log reports.   Reports are a must have.  ( not just a one-liner or a short note).

 

The following is a special scan.

Please read all of these lines first so that it is all clear to you about our plan. I need a one time run of MBAR like listed here, please.

Please download Malwarebytes Anti-Rootkit (MBAR) from this link here

and save it to your desktop.

 

Doubleclick on the MBAR file and allow it to run.

•Click OK on the next screen, to allow the package to extract the contents of the file to its own folder named mbar.

•mbar.exe will launch automatically. On some systems, this may take a few extra seconds. Please be patient and wait for the program to open.

•After reading the Introduction, click 'Next' if you agree.

•On the Update Database screen, click on the 'Update' button.

•Once you see 'Success: Database was successfully updated' click on 'Next', then click the Scan button.

With some infections, you may see two messages boxes:

1.'Could not load protection driver'. Click 'OK'.
2.'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.

•If malware is found, press the Cleanup button when the scan completes. .

Please attach the log it produces, you'll find the log in that mbar folder as MBAR-log-<date and time>***.txt . Please attach that to your next reply.
 

 

[Maurice Naggar]

Next part:

Uninstall the Program  named Smadav

• Press the Windows Key + R.
• Type appwiz.cpl in the Run box and click OK.
• The Add/Remove Programs list will open. Locate the following programs on the list:

  SMADAV

• Select the program and click Uninstall.
• Restart the computer if prompted.

 

You may get a free antivirus from Avira   ( a well known & respected antivirus )

https://www.avira.com/en/free-antivirus-windows

 

Please keep me advised.

[Lios]

None of the 2 messages boxes you mentioned occur but here the log

mbar-log-2019-10-24 (21-34-26).txt

[Maurice Naggar]

Got it.  Please do as per may last preceding reply.   Uninstall Smadav.   & know that the free Avira antivirus is a good choice for antivirus.

[Lios]

Installed avira

[Lios]

Removed smadav but then I restarted my laptop because avira asked me to

[Maurice Naggar]

I am glad to know that you uninstalled Smadav.   Very good.

[Lios]

What's next? do a malware scan run?

[Lios]

I mean malwarebytes scan run

[Maurice Naggar]

If you wish to do a new scan with Malwarebytes for Windows, then do so  & relay ( attach) the scan log.

 

What I am curious to know is, when you are using web browsing,  are you making sure that you only go to safe sites.

Also, I want to be sure you do not accept any add-ons without first checking them.

[Lios]

I mostly visit those surface web like FB, YouTube, and other web like wikia. I do sometimes visit those web to download games and stuff but very rarely

I only have 3 extensions on chrome including Malwarebytes extension you recommend me earlier

Yay no RiskWares detected even after I reboot the laptop Thank you sir

MBytes scans.txt

[Maurice Naggar]

That is great.  You may delete the Fixlist.txt I had you save.

Also delete Fixlog.txt

Delete MBAR.exe, Rsitx64.exe , esetonlinescanner_enu.exe,   mbst-grab-results.zip . RSITx64.exe ,  RogueKillerx64.exe

Uninstall FRST

• Right-click on Frst.exe/Frst64.exe and select Rename
• Rename the file to Uninstall.exe
• Double-click on Uninstall.exe to uninstall FRST

Delete any other tools we used in the cleanup process.

.

It is not enough to just have a security program installed. Each pc user needs to practice daily safe computer and internet use.

 

Best  practices & malware prevention:
Follow best practices when browsing the Internet, especially on opening links coming from untrusted sources.
First rule of internet safety: slow down & think before you "click".

Never click links without first hovering your mouse over the link and seeing if it is going to an odd address ( one that does not fit or is odd looking or has typos).

Free games & free programs are like "candy". We do not accept them from "strangers".

Never open attachments that come with unexpected ( out of the blue ) email no matter how enticing.
Never open attachments from the email itself. Do not double click in the email. Always Save first and then scan with antivirus program.
 

 

Pay close attention when installing 3rd-party programs. It is important that you pay attention to the license agreements and installation screens when installing anything off of the Internet. If an installation screen offers you Custom or Advanced installation options, it is a good idea to select these as they will typically disclose what other 3rd party software will also be installed.
Take great care in every stage of the process and every offer screen, and make sure you know what it is you're agreeing to before you click "Next".

Use a Standard user account rather than an administrator-rights account when "surfing" the web.
See more info on Corrine's SecurityGarden Blog http://securitygarden.blogspot.com/p/blog-page_7.html
Dont remove your current login. Just use the new Standard-user-level one for everyday use while on the internet.

 
Do a Windows Update.

Make certain that Automatic Updates is enabled.
https://support.microsoft.com/en-us/help/12373/windows-update-faq

 

All my best to you.   I am happy to have helped.   I am closing this topic.

Best wishes.