Jump to content
Sign in to follow this  
tacticaltal

I've gotten hit

Recommended Posts

I was attempting to download a book yesterday when I got hit with some bad stuff. My browser got hijacked, and I wasn't able to anything as far as going to my home page. The follwoing, which I eventually got rid of with Malware Bytes, got loaded on my machine even though I had canceled the book download before it started:

 

PC Startup

My PC Backup

Synch Folder

Opera

YTDownload

Taplika

 

These shut me down completely and even took me offline until I ran MalwareBytes.

 

In addition, the Hijackthis gave me the follwing message: "for some reason your system denied access to the hosts file", and I had to create a folder for HJT, as it was stated: cannot find the c:\program files(x86)\Trend Micro\Hijackthis\hijackthis.log file.

 

I was not able to get a log file from HJT

 

I think there's still something amiss.

 

 

Thanks.

Share this post


Link to post
Share on other sites

BY4dvz9.pngAdwCleaner

  • Please download AdwCleaner and save the file to your Desktop.
  • Right-Click AdwCleaner.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts.
  • Click Scan.
  • Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate.
  • Ensure anything you know to be legitimate does not have a checkmark, and click Clean.
  • Follow the prompts and allow your computer to reboot.
  • After rebooting, a log (AdwCleaner[s0].txt) will open. Copy the contents of the log and paste in your next reply.
-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

thisisujrt.gif

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
~~

please post

C:\AdwCleaner.txt

JRT.txt

Share this post


Link to post
Share on other sites

# AdwCleaner v4.111 - Logfile created 25/02/2015 at 18:53:44
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [server]
# Operating system : Windows 8.1 (x64)
# Username : Terry - KITCHEN
# Running from : C:\Users\Terry\Downloads\adwcleaner_4.111.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\YTDownloader
Folder Deleted : C:\Users\Terry\AppData\Local\CrashRpt
Folder Deleted : C:\Users\Terry\AppData\Local\BrowserHelper

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v36.0 (x86 en-US)


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [2291 bytes] - [26/12/2014 22:51:06]
AdwCleaner[R1].txt - [1034 bytes] - [25/02/2015 18:49:51]
AdwCleaner[R2].txt - [1094 bytes] - [25/02/2015 18:52:16]
AdwCleaner[s0].txt - [2382 bytes] - [26/12/2014 22:52:39]
AdwCleaner[s1].txt - [1028 bytes] - [25/02/2015 18:53:44]

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1087 bytes] ##########

Share this post


Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 8.1 x64
Ran by Terry on Wed 02/25/2015 at 18:57:29.03
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\WINDOWS\prefetch\GOOGLETOOLBARUSER_32.EXE-CB694AEC.pf



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\pcdr"
Successfully deleted: [Folder] "C:\Users\Terry\AppData\Roaming\pcdr"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 02/25/2015 at 18:58:39.26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...