TheJoker
Premium,VIP,MVM
join:2001-04-26
Alexandria, VA
| reply to Mellow
Re: HJT Log - browser hijack can't be found
Hi Mellow
I suggest printing out each set of instructions and reading the entire post before proceeding. It will make following them easier. Please follow the directions in the order listed.
quote:
I downloaded "Up 2009 Pixar Rated PG Decent Cam Copy" and it is full of viruses, as soon as I unrar'd and ran the unzip.exe NOD32 went crazy with all kinds of virus's trying to install.
Illegal pirated software will get you all the time. If you haven't deleted the archive files you downloaded, you should do so now.
quote:
Could not get a log from trendmicro's online scanner but it would pickup .hitbox
Those would be cookies, and cookies are just text tiles, and not a threat.
I see you have Acronis TrueImageHome installed. Do you have a current backup? If you do, you may want to consider restoring the latest backup set if you do full backups. It's what I would do if it was my system. It would be both faster and safer than trying to disinfect (if you restored a backup from before you were infected, you would know that none of it was still there).
Clean your Cache and Cookies in IE:
-Close all instances of Outlook Express and Internet Explorer
-Go to Control Panel > Internet Options > General tab
-Click the "Delete Cookies" button
-Next to it, Click the "Delete Files" button
-When prompted, place a check in: "Delete all offline content", click OK
Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):
Go to Tools > Options.
Click Privacy in the menu on the left side of the Options window.
Click the Clear button located to the right of each option (History, Cookies, Private Data).
Click OK to close the Options window
Alternatively, you can clear all information stored while browsing by clicking Clear All.
A confirmation dialog box will be shown before clearing the information.
Clean other Temporary files + Recycle bin
-Go to start > run and type: cleanmgr and click ok.
-Let it scan your system for files to remove.
-Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.
-Press OK to remove them.
Please download Malwarebytes' Anti-Malware from
Double Click mbam-setup.exe to install the application.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Quick Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Copy & Paste the entire report in your next reply along with a fresh HijackThis log.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.
Please go to VirusTotal and submit the following file for a scan and post the detection results (I don't need the "additional information") in your next reply:
C:\WINDOWS\system32\TgbStarter.exe
Please do a scan with Kaspersky Online Scanner
Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
Click on the Accept button and install any components it needs.
- The program will install and then begin downloading the latest definition files.
- After the files have been downloaded on the left side of the page in the Scan section select My Computer.
- This will start the program and scan your system.
- The scan will take a while, so be patient and let it run.
- Once the scan is complete, click on View scan report
- Now, click on the Save Report as button.
- In the drop down box labeled Files of type change the type to Text file.
- Save the file to your desktop.
- Copy and paste that information in your next post.
Please post a new HijackThis log, the log from MBAM, the results of scanning the file at VirusTotal, the log from Kaspersky's online scan, and note any errors encountered.
--
Proud ASAP member since 2005 |
