How in the Heck did YOU Uninstall Multicharts?

GiantDog · Nov 21, 2009

Okay, during the uninstall process it gets to within 14 seconds of being done when whamo, a window pops up that says "The install has insufficient privleges to modify this file: "C:\Program Files\ TS Support\ MultiCharts\HelpDesk.exe".

And you get the option of cancelling or retry which of course doesn't work.

And what is REALLY interesting is my virus program says there is an unwanted file in THIS file called RealAdm-VNC.

What a coincidence! So, wtf to do?

GiantDog · Nov 21, 2009

Quote from GiantDog:

Okay, during the uninstall process it gets to within 14 seconds of being done when whamo, a window pops up that says "The install has insufficient privleges to modify this file: "C:\Program Files\ TS Support\ MultiCharts\HelpDesk.exe".

And you get the option of cancelling or retry which of course doesn't work.

And what is REALLY interesting is my virus program says there is an unwanted file in THIS file called RealAdm-VNC.

What a coincidence! So, wtf to do?
More...

Well, I guess I figured it out by going into C:\blah\blah\blah\ and manually removing the HelpDesk file. I think that is what I did because then the next uninstall worked. For now. Hopefully forever. Stupid program. Stupid me for installing it in the first place.

Lorenzo · Nov 21, 2009

http://www.revouninstaller.com/revo_uninstaller_free_download.html

GiantDog · Nov 22, 2009

Quote from Lorenzo:

http://www.revouninstaller.com/revo_uninstaller_free_download.html
More...

GiantDog · Nov 27, 2009

Quote from GiantDog:

And what is REALLY interesting is my virus program says there is an unwanted file in THIS file called RealAdm-VNC.
More...

This file is back even though it was removed once. The name has changed a little bit and it has the name "restore" in it. Appears to be a virus.

aazzz · Nov 27, 2009

RealAdm-VNC appears to be a new virus identified 11/20/2009. McAfee has it identified here: http://vil.nai.com/vil/content/v_244268.htm#threat-minimum-dat

I haven't found any other information available elsewhere yet.

I found it on a computer that was used minimally in a folder that was shared on the network under a .exe name of another program elsewhere.

GiantDog · Nov 27, 2009

Quote from aazzz:

RealAdm-VNC appears to be a new virus identified 11/20/2009. McAfee has it identified here: http://vil.nai.com/vil/content/v_244268.htm#threat-minimum-dat

I haven't found any other information available elsewhere yet.

I found it on a computer that was used minimally in a folder that was shared on the network under a .exe name of another program elsewhere.
More...

Can you say what file you found it in? Was it a Multicharts file?

MaklodaSux · Nov 28, 2009

It could just be a false positive. That does occur.

jficquette · Nov 28, 2009

Download and intall this free program:

http://www.malwarebytes.org/mbam.php

After install reboot into start mode and run the program.

If it doesn't find anything its more then likely a false positive.

John

aazzz · Nov 28, 2009

Hi GiantDog,

The infected file was MBTNavigator.exe found in a Download folder. I never did open a MBTrading account so the .exe was never run (I don't think) but I did find two MBTNavigator.exe on the same hard drive (one which McAfee identified with the RealAdm-VNC) What concerns me is that I could have sworn running McAfee Full Scan in the past two days on that machine that found nothing so it may have been put there recently via backdoor trojan (ran various AV that came up empty but it must have gotten there somehow). After removing the first RealAdm-VNC, is there another file with the same problem that you found? I've rerun a full scan in safe mode that came up empty so far.