TechSpot

cant get rid of TR/small.jq

By abuzip
Dec 28, 2006
  1. Hello everybody! (first time ever post!)

    I can not get rid of the virus TR/small.jq.

    I have followed your instructions for a general clean up and I have Antivir, spybot and a firewall in place.

    Antivir finds TR/small.jq, I delete it, but after a couple of hours antivir finds it again.

    What can I do?

    Thank you for your help!

    Cheers
    Tom
     
  2. kitty500cat

    kitty500cat TS Evangelist Posts: 2,154   +6

    Please read this thread. If then you do decide to clean your system, check out this thread. Then post fresh HJT and AVG logs as attachments into this thread.

    This thread is for the use of abuzip only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in the Security and the Web forum.
     
  3. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    Your system is infected with a very nasty hijack, based on a rootkit.

    If you decide you want to clean your system after reading the link provided by kitty500cat, do the following.

    Download and run the Blacklight programme. follow all the instructions carefully.

    Then, follow the instructions in this thread HERE.

    Attach fresh HJT and AVG Antispyware logs into this thread, Only after doing the above.

    Regards Howard :wave: :wave:

    This thread is for the use of abuzip only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  4. abuzip

    abuzip TS Rookie Topic Starter

    Thanks!

    Thank You for your help.
    I think the online virus scan did the job.

    Cheers
    Tom
     
  5. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    You did not supply an AVG Antispyware log as requested. Pleasr do so in your next reply.

    Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

    O17 - HKLM\System\CCS\Services\Tcpip\..\{00C8FDA4-91B8-40C5-920A-FD1C3176464D}: NameServer = 85.255.114.83,85.255.112.183

    O17 - HKLM\System\CCS\Services\Tcpip\..\{3823BD24-F833-4D3B-A407-006FB5F9F551}: NameServer = 85.255.114.83,85.255.112.183

    O17 - HKLM\System\CCS\Services\Tcpip\..\{51DCFDEF-6B6F-4010-ACE5-503E618CC245}: NameServer = 85.255.114.83,85.255.112.183

    O17 - HKLM\System\CCS\Services\Tcpip\..\{7A90A9C2-A65A-4145-8D9A-64FB88A82C47}: NameServer = 85.255.114.83,85.255.112.183

    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.83 85.255.112.183

    O17 - HKLM\System\CS1\Services\Tcpip\..\{00C8FDA4-91B8-40C5-920A-FD1C3176464D}: NameServer = 85.255.114.83,85.255.112.183

    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.83 85.255.112.183

    O17 - HKLM\System\CS2\Services\Tcpip\..\{00C8FDA4-91B8-40C5-920A-FD1C3176464D}: NameServer = 85.255.114.83,85.255.112.183

    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.83 85.255.112.183

    O20 - Winlogon Notify: scsiusr4 - scsiusr4.dll (file missing)

    Click on the fix checked button.

    Close HJT and reboot your computer.

    Post fresh HJT and AVG Antispyware logs. Also, let me know what the Blacklight results were.

    Regards Howard :)

    This thread is for the use of abuzip only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...