Author Topic: Resolved: Found one Trojan horse on Windows 7 computer  (Read 7759 times)

Offline essexboy

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 29024
  • Gender: Male
  • Dragons by Sasha
    • Malware fixes
    • Personal Message (Offline)
Re: Found one Trojan horse on Windows 7 computer
« Reply #45 on: November 14, 2012, 01:42:22 PM »
No that is MBAM being pig awkward again.. On some systems it refuses to stop and blocks OTL

Run this fix and it will sail through

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following


Code: [Select]
:Commands
[CREATERESTOREPOINT]

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/howfytdl/{3547C6A4-562D-4EA9-B769-7DAD07F1971C}
IE - HKLM\..\SearchScopes,DefaultScope = {7F4EFF06-7032-458e-AE16-1C1D8255C28A}
IE - HKLM\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://search.speedbit.com/search.aspx?s=CAUe0&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.speedbit.com/?s=CAUe0
IE - HKLM\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = http://search.imgag.com/?appid=egtb&c=&sbs=2&sc=2&f=web&vernum=3.2&uid=&did=%7bee129ccc-e08f-4afb-a60c-3691dd268bb8%7d&component=&q={searchTerms}
IE - HKCU\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = http://search.imgag.com/?appid=egtb&c=&sbs=2&sc=2&f=web&vernum=3.2&uid=&did=%7bee129ccc-e08f-4afb-a60c-3691dd268bb8%7d&component=&q={searchTerms}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=113480&tt=060612_5_&babsrc=SP_ss&mntrId=0c02ff50000000000000001aa072ac13
IE - HKCU\..\SearchScopes\{271DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://jixey.com/?q={searchTerms}&id={8C4D5522-344D-4970-9F3A-48B060C913A8}&src=chr&ver=2.2.5
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://search.speedbit.com/search.aspx?s=CAUe0&q={searchTerms}
IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpro.com/search/browser/howfytdl/{3547C6A4-562D-4EA9-B769-7DAD07F1971C}?q={searchTerms}
FF - prefs.js..browser.search.defaultenginename: "Speedbit Search"
FF - prefs.js..browser.search.defaulturl: "http://search.speedbit.com/search.aspx?s=CAUe0&q="
FF - prefs.js..browser.search.order.1: "Speedbit Search"
FF - prefs.js..keyword.URL: "http://search.speedbit.com/search.aspx?s=CAUe0&q="
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\searchpredict@speedbit.com:
[2011/08/07 18:40:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Clint\AppData\Roaming\Mozilla\Firefox\Profiles\f146a7vj.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
[2012/06/18 22:55:15 | 000,000,000 | ---D | M] (Babylon) -- C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7792546F-70AE-4ABC-B2B6-BE68E9410002} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CF745ACA-6FA6-45ED-AB49-E10A0D1870C5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKCU..\Run: [Wisdom-soft ScreenHunter 5.1 Free] 0 File not found
O4 - HKCU..\Run: [Wisdom-soft ScreenHunter 6.0 Free] 0 File not found
[2012/10/30 00:01:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeedBit
[2012/10/30 00:01:37 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Speedbit
[2012/10/30 00:01:29 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedBit
[2012/10/30 00:01:28 | 000,172,032 | ---- | C] (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) -- C:\Windows\System32\AniGIF.ocx

:Commands
[resethosts]
[emptyjava]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Online Diddy

  • Poster
  • *
  • Posts: 493
  • Gender: Male
    • Personal Message (Online)
Re: Found one Trojan horse on Windows 7 computer
« Reply #46 on: November 14, 2012, 08:23:00 PM »
HI Essexboy I have i am still having trouble otl starts go and then it gets stuck on firefox and it will not go any further.  I uninstalled malwarebytes free off of my computer.  so I put the fix back into otl and pushed on the fix button but again otl was not responding.  What can I do.

Thanks for the help

Windows Vista Home Basic
Free space: 80.6 GB
Used space: 58.2 GB Avast  free 2014.9.0.2016

Offline essexboy

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 29024
  • Gender: Male
  • Dragons by Sasha
    • Malware fixes
    • Personal Message (Offline)
Re: Found one Trojan horse on Windows 7 computer
« Reply #47 on: November 14, 2012, 09:26:03 PM »
Unfortunately that means that there is a corrupt file/folder in firefox.   It appears that your computer is one of the few that gets a bit uppity with OTL, it happens I'm afraid.  The files etc that I am removing are easily handled by AdwCleaner so if you wish to run the scan on that and post the log I will highlight the ones to select for deletion 


Online Diddy

  • Poster
  • *
  • Posts: 493
  • Gender: Male
    • Personal Message (Online)
Re: Found one Trojan horse on Windows 7 computer
« Reply #48 on: November 14, 2012, 09:36:05 PM »
HI here is the adwcleaner log you wish to have.

Thanks
Windows Vista Home Basic
Free space: 80.6 GB
Used space: 58.2 GB Avast  free 2014.9.0.2016

TheHulk

  • Guest
Re: Found one Trojan horse on Windows 7 computer
« Reply #49 on: November 15, 2012, 06:10:42 AM »
boy! still having problems???? o.o

fresh install of windows will sort out the problems like I said before

Offline SpeedyPC

  • avast! Evangelist
  • Massive Poster
  • ***
  • Posts: 2827
  • Avast Free AV shall conquer the whole world
    • Personal Message (Offline)
Re: Found one Trojan horse on Windows 7 computer
« Reply #50 on: November 15, 2012, 06:21:45 AM »
Let Essexboy make that call TheHulk IF he need to reformat his HD and reinstall of windows will sort out the problems.

Essexboy is very good at this solving problem this way without reformatting his HD and reinstall of windows.
« Last Edit: November 15, 2012, 06:23:53 AM by SpeedyPC »
ASUS G75VX-T4153H - Avast Free v9.0.2018 - Outpost Pro Firewall v9.1 - W8 64bit - Firefox (NS/AdP/LP/TSB/TL/Web/Ghost/VT) - Thunderbird (AdP) - MBAM Premium + MBAE - Secunia PSI - CCleaner - MCShield - Macrium Reflect Free

Offline Pondus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 21731
  • Gender: Male
    • Personal Message (Offline)
Re: Found one Trojan horse on Windows 7 computer
« Reply #51 on: November 15, 2012, 06:25:39 AM »
naaaa...Speedy.... firefox problems are easyer solved with a reinstall.  ;D
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline SpeedyPC

  • avast! Evangelist
  • Massive Poster
  • ***
  • Posts: 2827
  • Avast Free AV shall conquer the whole world
    • Personal Message (Offline)
Re: Found one Trojan horse on Windows 7 computer
« Reply #52 on: November 15, 2012, 06:28:42 AM »
naaaa...Speedy.... firefox problems are easyer solved with a reinstall.  ;D

I know that Pondus ;) :P depend on how bad is this Trojan horse he has on his HD
« Last Edit: November 15, 2012, 06:30:31 AM by SpeedyPC »
ASUS G75VX-T4153H - Avast Free v9.0.2018 - Outpost Pro Firewall v9.1 - W8 64bit - Firefox (NS/AdP/LP/TSB/TL/Web/Ghost/VT) - Thunderbird (AdP) - MBAM Premium + MBAE - Secunia PSI - CCleaner - MCShield - Macrium Reflect Free

Offline Pondus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 21731
  • Gender: Male
    • Personal Message (Offline)
Re: Found one Trojan horse on Windows 7 computer
« Reply #53 on: November 15, 2012, 06:34:22 AM »
he may have to buy a new computer.  ;)
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Online Diddy

  • Poster
  • *
  • Posts: 493
  • Gender: Male
    • Personal Message (Online)
Re: Found one Trojan horse on Windows 7 computer
« Reply #54 on: November 15, 2012, 06:57:31 AM »
HI everyone I am sorry I did not make things clear the first time this computer that I am using to type these messages for help under this topic is Windows Vista home basic I made a mistake though when I put on here as the topic title Windows 7.  This is not a Windows 7 operating system
my Windows Vista does not have a virus on it just a bunch of toolbars at least thats what Essexboy told me in a post any ways.

Thanks
Windows Vista Home Basic
Free space: 80.6 GB
Used space: 58.2 GB Avast  free 2014.9.0.2016

Online Diddy

  • Poster
  • *
  • Posts: 493
  • Gender: Male
    • Personal Message (Online)
Re: Found one Trojan horse on Windows 7 computer
« Reply #55 on: November 15, 2012, 07:01:11 AM »
hI Essexboy I was wondering I have uninstalled firefox off of my computer for now I was wondering what would happen if you removed the fix for firefox extensions would the fix and otl work fine then or would it be worthless try this solution.

Thanks

Windows Vista Home Basic
Free space: 80.6 GB
Used space: 58.2 GB Avast  free 2014.9.0.2016

Offline essexboy

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 29024
  • Gender: Male
  • Dragons by Sasha
    • Malware fixes
    • Personal Message (Offline)
Re: Found one Trojan horse on Windows 7 computer
« Reply #56 on: November 15, 2012, 01:03:33 PM »
Everything shown in adwcleaner is stuff that you do not need on your computer, so you could run and select delete to remove them

Uninstall Firefox by all means but it will need to be a full uninstall http://support.mozilla.org/en-US/kb/uninstall-firefox-from-your-computer

It must be stated here that I have never been impressed with firefox and I stick to IE (currently running IE10) .. Watch the fireworks begin  ;D

After the Firefox uninstall then run the OTL fix as there may still be some FF related entries

Online Diddy

  • Poster
  • *
  • Posts: 493
  • Gender: Male
    • Personal Message (Online)
Re: Found one Trojan horse on Windows 7 computer
« Reply #57 on: November 16, 2012, 04:19:08 AM »
HI Essexboy I have uninstalled Firefox fully from my computer and I have removed the mozilla firefox folders from my computer.  I was also going to ask another question Essexboy I would like to run adwcleaner but when it gets done scanning I am afraid that I will delete the wrong file and if windows needs that file then I cannot get that file back right I don't want to goof up my computer.  I re tried otl and the fix and again otl hung on me again so what should I do now.
please guide me what I should do

Thanks



Windows Vista Home Basic
Free space: 80.6 GB
Used space: 58.2 GB Avast  free 2014.9.0.2016

Online Diddy

  • Poster
  • *
  • Posts: 493
  • Gender: Male
    • Personal Message (Online)
Re: Found one Trojan horse on Windows 7 computer
« Reply #58 on: November 16, 2012, 06:20:45 AM »
HI Essexboy I took your advice and used adwcleaner and deleted the toolbars and stuff off my computer and let adwcleaner reboot my computer then the log came back up but I made a mistake I looked at the long and closed it by accident without saving it first so I did another search and saved the file for you to look at sorry for the goof up.  I was wondering when adwcleaner produced the log the first time and I pushed the x to close the long the first time I noticed that adwcleaner was still open waiting for an action how many times does adwcleaner have to reboot my computer to clean out the toolbars and stuff off of my computer.
here is the log

ps: let me now if you want me to do anything else Essexboy

Windows Vista Home Basic
Free space: 80.6 GB
Used space: 58.2 GB Avast  free 2014.9.0.2016

Offline mchain

  • avast! Evangelist
  • Super Poster
  • ***
  • Posts: 2177
  • Gender: Male
  • Spartan Warriors
    • Personal Message (Offline)
Re: Found one Trojan horse on Windows 7 computer
« Reply #59 on: November 16, 2012, 06:31:37 AM »
You are now good to go as far as attaching that log.  Now we wait for essexboy to come around and have a look-see...
XP Pro SP3 P4 3.2 HT 2GB RAM AIS v 2014.9.0.2011 Secunia PSI version 2.0.0.3003 TREND Micro RUBotted Beta Javacool SpywareBlaster version 5.0 Sandboxie v. 4.09 32-bit WOT (Web Of Trust) Browser reputation-based add-on http://www.mywot.com/   New: avast! listing of vendor uninstall tools:  http://www.avast.com/faq.php?article=AVKB11#artTitle
W7 Home Premium 64-bit SP1, 2.8 Pentium D, 3 GB RAM AIS v 2014.9.0.2016 (running same programs as above) Sandboxie 4.09 64-bit

 

Google Chrome

AVAST recommends using the FREE Google Chrome™ browser.

Download Google Chrome Now