TechSpot

Help Tough Hijacker Virus

By plinkerman
Nov 2, 2011
  1. I downloaded a supposed update patch for Neverwinter Nights 2. I knew better, because it was too small, but its and older game and I was desparate. I scanned file with Malwarebytes' Anti-Malware and Norton's 360 (Quickly becoming a hater of this product). Both have updated definitions and both reported it was clean.

    It hijacks browser and blocks administrator rights. Clever. I downloaded and installed HijackThis. Upon attempting to scan, program simply closed and further attempts to launch yield "Windows cannot access device...You may not have permissions...

    Randonly named exe appears in Task Manager : 2674457099;4094007136.exe

    Also get svchost crash message frequently.

    Please help! Desparate!
     
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Dear Desparate,

    If you knew better, why did you do it? You now have multiple problems and most likely malware!
    Please describe "it hijacks browser" and what are you getting the permission issue on? It would be helpful to know what operating system you're using.
    ----------------------------------
    We do not screen for malware with HijackThis.Please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

    NOTE: If you already have any of the scanning programs on the computer, please remove them and download the versions in these links.

    When you have finished, leave the logs for review in your next reply .
    NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.
    ===============================================
    If the permissions issue persist:
    Please download GrantPerms.zip and save it to your desktop.
    • Unzip the file and depending on the system run GrantPerms.exe or GrantPerms64.exe
    • Copy and paste the following in the edit box:
      Code:
      [B][U][COLOR="Red"](examples only for files with no access)[/COLOR][/U][/B]
      c:\Documents and Settings\peace love\Desktop\explorer.exe
      c:\Documents and Settings\peace love\My Documents\Downloads\ComboFix.exe
      c:\Documents and Settings\peace love\My Documents\Downloads\Copy of george.exe
      
    • Click Unlock. When it is done click "OK".
    • Click List Permissions and post the result Perms.txt that pops up.
    • A copy of Perms.txt will be saved in the same directory the tool is run.
    ====================================
    My Guidelines: please read and follow:
    • Be patient. Malware cleaning takes time and I am also working with other members while I am helping you.
    • Read my instructions carefully. If you don't understand or have a problem, ask me.
    • If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
    • Follow the order of the tasks I give you. Order is crucial in cleaning process.
    • File sharing programs should be uninstalled or disabled during the cleaning process..
    • Observe these:
      [o] Don't use any other cleaning programs or scans while I'm helping you.
      [o] Don't use a Registry cleaner or make any changes in the Registry.
      [o] Don't download and install new programs- except those I give you.
    • Please let me know if there is any change in the system.

    If I don't get a reply from you in 5 days, the thread will be closed. If your problem persist, you can send a PM to reopen it.
    =====================================
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...