Author Topic: I have contracted the trkjmp virus - All logs posted  (Read 5103 times)

0 Members and 1 Guest are viewing this topic.

Sightseek3r

  • Guest
I have contracted the trkjmp virus - All logs posted
« on: September 18, 2012, 04:31:21 AM »
Hi first time using these forums, so please bear with my lack of familiarity with how things are done around here ::)

I ran MBAM and not only did it not get rid of the problem, it didn't even find a problem.
Starting from the moment I post this, I am following the steps outlined in this thread: http://forum.avast.com/index.php?topic=53253.0

I will attach the log from AdwCleaner here as soon as I run it and obtain the log following reboot!

Edit: I am running Windows 7 Home Premium, and the problem occurs when I load webpages in Chrome. Hope that helps some
« Last Edit: September 18, 2012, 06:30:40 AM by Sightseek3r »

Sightseek3r

  • Guest
Re: I have contracted the trkjmp virus
« Reply #1 on: September 18, 2012, 05:24:21 AM »
Had to fix my computer so that it stopped trying to open .txt files with cmd.exe... Boy was that a pain in my ass.

Anyway: AdwCleaner log attached!

Will work on getting the MBAM log next.

Sightseek3r

  • Guest
Re: I have contracted the trkjmp virus
« Reply #2 on: September 18, 2012, 05:34:05 AM »
Once again, my MBAM did not detect any infected files.

Still, I have attached the MBAM log.

Moving on to OTL.

Sightseek3r

  • Guest
Re: I have contracted the trkjmp virus
« Reply #3 on: September 18, 2012, 05:57:03 AM »
Alright, the OTL and Extras logs are now attached.

Next up is aswMBR

Sightseek3r

  • Guest
Re: I have contracted the trkjmp virus
« Reply #4 on: September 18, 2012, 06:05:13 AM »
Alright, the moment of truth (actually that would probably be the testing of any sort of solution to this problem. Alas, I digress)

Attached is the aswMBR log.

I am in your capable hands, avast moderator peoples

Sightseek3r

  • Guest
Re: I have contracted the trkjmp virus - All logs posted
« Reply #5 on: September 18, 2012, 09:10:17 AM »
It may or may not be worth mentioning that the pop-up that avast! has blocked this particular virus no longer pops up. Others dealing with this issue have noticed this as well. I'm worried that means that it found a way around avast! or something  :o

Offline mchain

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5564
  • Spartan Warrior
Re: I have contracted the trkjmp virus - All logs posted
« Reply #6 on: September 18, 2012, 11:12:43 AM »
Hi Sightseek3r,

A certified volunteer malware removal expert has been notified. 

You should see new activity on your post within a few hours.  Logs are needed to see the malware, what it is, where it is, and how best to proceed.  You will be in good hands, but please be patient as the person contacted likely lives in another time zone than you do.
Windows 10 Home 64-bit 22H2 Avast Premier Security version 24.1.6099 (build 24.1.88821.762)  UI version 1.0.797
 UI version 1.0.788.  Windows 11 Home 23H2 - Windows 11 Pro 23H2 Avast Premier Security version 24.2.6105 (build 24.1.8918.827) UI version 1.0.801

Sightseek3r

  • Guest
Re: I have contracted the trkjmp virus - All logs posted
« Reply #7 on: September 20, 2012, 12:10:29 AM »
I would still love some help with this problem. I was reading other posts by people with the same problem as mine and they similarly noticed that the avast! pop-up was no longer appearing. However, the trkjmp URL:Mal was still appearing in the active shields

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37506
  • Not a avast user
Re: I have contracted the trkjmp virus - All logs posted
« Reply #8 on: September 20, 2012, 12:22:30 AM »
seems they have missed your post .... i will send them a PM so they see it when they arrive

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: I have contracted the trkjmp virus - All logs posted
« Reply #9 on: September 20, 2012, 05:33:26 PM »
My apologies for missing you, I thought I had replied..

First could you confirm that it is Chrome only

If so could you run Chrome in incognito mode.. And check to see if they have gone  http://support.google.com/chrome/bin/answer.py?hl=en&answer=95464

Sightseek3r

  • Guest
Re: I have contracted the trkjmp virus - All logs posted
« Reply #10 on: September 20, 2012, 07:44:36 PM »
And check to see if they have gone

By they, do you mean the avast! notification pop-ups? Because they already stopped appearing a couple days ago, even in regular Chrome. Is there another way to check whether avast! is still blocking the trkjmp virus if it doesn't give me pop-ups anymore?

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: I have contracted the trkjmp virus - All logs posted
« Reply #11 on: September 20, 2012, 07:49:38 PM »
That was in part a false positive, the domain is owned by amazon but it had a subdomain with crossrider.  Avast is now only blocking the sub domain.  And there is no indication of crossrider on your system.  Almost everyone else had it though

But you look clean

Sightseek3r

  • Guest
Re: I have contracted the trkjmp virus - All logs posted
« Reply #12 on: September 20, 2012, 08:09:15 PM »
Not to second guess you but are you sure?

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: I have contracted the trkjmp virus - All logs posted
« Reply #13 on: September 20, 2012, 08:27:48 PM »
Yes as we had a surge of them over the weekend, and I think it was only three that did not have crossrider and the alerts ceased for those when Avast updated (You were one of them)


Sightseek3r

  • Guest
Re: I have contracted the trkjmp virus - All logs posted
« Reply #14 on: September 20, 2012, 08:46:07 PM »
Great! Thanks for the help then :)