LandzDown Forum

arosegirl, welcome to the forum I moved your topic here tho, I think I should have put in Hjt..

It will be a few hours before Corrine can get here so I will give you a start ..

Paddy...

Please download ATF Cleaner by Atribune from http://www.atribune.org/index.php?option=com_content&task=view&id=25&Itemid=25 .  Save it to your Desktop.

Run ATF Cleaner

• Double-click ATF-Cleaner.exe to run the program.
• Click Select All found at the bottom of the list.
• Click the Empty Selected button.
• Click Exit on the Main menu to close the program.
• Shutdown/restart the computer.

Please download Malwarebytes' Anti-Malware to your desktop.

• Double-click mbam-setup.exe and follow the prompts to install the program.
  
• At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
  
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select Perform full scan, then click Scan.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Be sure that everything is checked, and click Remove Selected.
  
• When completed, a log will open in Notepad. Please save it to a convenient location.

The log can also be found here: C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt

• Please post contents of that file in your next reply.

Next


Please download HijackThis© from one of the following sites: 
•   http://www.thespykiller.co.uk/files/HJTsetup.exe
•   http://downloads.malwareremoval.com/HJTsetup.exe
•   http://security-central.us/downloads/HJTsetup.exe
At the download prompt, choose "Save" 
•   Navigate to the saved file and double-click the installer, HJTsetup.exe
•   By default, HijackThis will be installed on your computer at C:\Program Files\HijackThis, making an entry in the start menu and also providing a desktop shortcut
•   When the installation is complete, double-click the HijackThis icon on your desktop
•   Select "Scan"
•   When the scan is completed, select "Save log"
•   Select a name for this first log and a text file will be produced in Notepad.
•   Please UNcheck Word Wrap in Notepad (Click Format > UNcheck Word Wrap)
•   Copy the text file and paste it as a reply
•   Do NOT fix anything with HijackThis yet. Most of what is found is harmless or even required
•   Close HijackThis and Notepad

Hi, arosegirl.

The computer tech was wrong.  Malwarebytes is an excellent program, updated frequently with outstanding results.  It was developed by members of the security community.  My question, however, is why didn't the computer tech remove the trojans?

Since you do still have trojans on your computer, in order for us to assist you, we need to see the requested logs.  Please follow the posted instructions exactly as indicated above.

Thank you.

I'm confused ...

Is this computer tech the person at Norton, or someone local who you have talked to since?  I'm trying to figure out "when" you were told that MBAM wasn't any good ... it sounds like you followed numbnuts advice and then someone looked at your computer, but you went the Norton route before all of this.

BTW, what is your operating system, and what steps exactly did the Norton person take you through?

Is there some sort of log that will tell us what was removed, and what wasn't ... and hopefully tell us the file path?

First I contacted Norton, I was connected to a guy called Midhun, probably in India. He took control of my computer working with it for over 3 hours.  He deleted all my cookies for one thing and a lot of my files he said were infected then told me my computer was free from Trojan Horses..the next day when Norton did a scan as it does every day it said 2 remained.  I emailed them twice and still have not heard back from him...this did cost me $99.  I then went to computer help and RavenCajun gave me your link. I have downloaded the Malware and it is doing a scan and I have the other recommeded one on my desktop as directed.  Charlene

Tell me how to post from notepad.  I can't copy and paste sooooo, I don't see a browse, how do you do it here? Charlene

First I contacted Norton, I was connected to a guy called Midhun, probably in India. He took control of my computer working with it for over 3 hours.  He deleted all my cookies for one thing and a lot of my files he said were infected then told me my computer was free from Trojan Horses..the next day when Norton did a scan as it does every day it said 2 remained.  I emailed them twice and still have not heard back from him...this did cost me $99.  I then went to computer help and RavenCajun gave me your link. I have downloaded the Malware and it is doing a scan and I have the other recommeded one on my desktop as directed.  Charlene

Thanks for the explanation.  Did you notice whether the two remaining items were in the Norton quarantine, or some other quarantine folder, or did Norton report them as active?

Don't worry, we'll get you cleaned up.

Hi, arosegirl.  Yes, we understand there is something still wrong with your computer but we cannot help without seeing what it is on your computer.  Please do the following:

Launch MBAM.  Click on the Logs tab.  Double-click the log with today's date.  When it opens in Notepad, click the following:

Edit > Select All > Edit > Copy

Then paste the results here as a reply (right-click in the reply box with your mouse and select paste).

After that, please post a HijackThis log.