Hi, I’m reading everyoes notes, but it seems I’ve done all already. Caught a Virus this morning from a bad web page. Ran avast in boot, first it found 6, than 4, than 2 but into virus chest, deleted it from virus chest, tried to run Microsoft’s care one. wasn’t preforming as it should so I stopped it. Ran malwarebiytes, found 6, removed them. Avast still keeps popping up with every page I go to saying maliouse URL. OK so now I stop system restore, go to safe mode, run Avast - comes up clean, run malwarebytes, come up clean. Come out of safe mode and try running windows security again, Avast keeps warning of malisious URL. Can’t log onto IE, can’t get Microsoft update page. Run windows security again, says Troj/dos partial removal?
When I run boot scan first line reads: NTCreateFile- log Error 0xc0000022 (access denied)
To avoid using multiple post with copy and paste you have to attach the log`s
Lower left corner: Additional Options > Attach ( Malwarebytes log / OTS log ) save OTS log as ANSI
Essexboy will look at the logs when he arrive here later today…
If you deleted the files from the Avast chest, it may have deleted some windows files that the trojan latched onto. From what it sounds like, you have a browser hijacker.
Trojan:Win32/Hiloti. is a trojan horse that may download potentially malicious files from a remote server and report system information back to the server.Please attach the OTS log.
Issue resolved
This is a nasty trojan, embeds itself in the registry and deleting it from the registry is the only way to get rid of it with backup of a rootkit killer. Ran Micro’s Malisious software removal tool, only deleted it partially and said I needed to finish the job manually, so not knowing how I called Microsoft (free tech support) She found the sucker and deleted it. Wow,nasty nasty virus. Thanks guys for all your suggestions.
Didn’t want to go to geeks to go, had a bad experiance with them some years back, cost me $450 to install a program and he knew nothing about the program or how to instal it and I had to pay for his time anyway.
Issue resolved
This is a nasty trojan, embeds itself in the registry and deleting it from the registry is the only way to get rid of it with backup of a rootkit killer. Ran Micro's Malisious software removal tool, only deleted it partially and said I needed to finish the job manually, so not knowing how I called Microsoft (free tech support) She found the sucker and deleted it. Wow,nasty nasty virus. Thanks guys for all your suggestions.
That is why you should post the OTS log so Essexboy can see if everything is removed....
Next time you have a problem, let us know and we can help you here…for free.
Please remember that when you get an alert from Avast to put something in the Virus Chest, do NOT delete it…keep it in there where it is safe for several weeks. You can rescan the file(s) by right-clicking on them after getting virus updates. You can also upload the file to Avast to have it tested to see if it is a true malware or a false positive by right-clicking. Sometimes it may be a false positive (FP) and then you may be able to restore the file. If you delete the file, that file may have been an important file needed to run your machine then you are out of luck. So keep the file in the Chest…this way we know what the file is, the name of the malware, etc. so we can help you…and it is safe there and may be restored in the future.
I’m glad to hear that things have resolved themselves. Feel free to come back any time you need help, to learn something new, or just to ask questions. We are here 24/7 for your convenience. Thank you.
Didn't want to go to geeks to go, had a bad experiance with them some years back, cost me $450 to install a program and he knew nothing about the program or how to instal it and I had to pay for his time anyway
Definitely not the forum that I work at - as all is free ;D
Your right it wasn’t the forum, but the Company. I contacted to have a Geek-To-Go ;D come to my home and install a very difficult program, I asked all the right questions, explained the level of difficulty of the program and what I required before committing and they assured me he would be able to do it. When he got here, I had to pay for him to read the instruction some 30 pages, than call the company’s tech support team for instructions and end result was he still couldn’t get it installed and running. And to add insult to injury charged me from the time he came thru the complex gatehouse, parked the car, a lesially stroll through the parking garage, come up the elevator to my apt and go back an additional 1/2 hour.
Thanks, understood - point well taken, lol I use malwarbytes, virus wouldn’t let me update it. it did find first 6, than 4, than 2 and inbetween false neg’s. I’m not as illit as my name probably know more than most my age and even some younger but when it come’s to things I’m unfamilar with experiance has taught me better to leave it to those that are. This time I was extreamly frustrated as I couldn’t even log into Avast forum without Avast giving me warnings and was concerned the longer I stayed connected the higher the risk the virus would spread and open ports, so I didn’t have time to wait for replies. Also it seemed to block all lititamete downloads and I was to nervious to download anything it would allow for fear it wasn’t legitamente. I never would have been able to find it in the registry on my own, let alone delete it for fear I would be deleting a critical process. But I thank U and all the Guys on the forum for being there when we newbee’s need them. Will update my profile, been wanting to do it anyway.
Could I ask 1 more bit of assistence :-
Seems the trojan corrupted my password to Avast settings, not letting me log in to settings. Called Avast tech support to see if I could simply reset it Answer: uninstall & reinstall. OK
So here’s my dumb question :-\
uninstall using utility or from control panel? If using utility I have it saved on my desktop from an earlier reinstallation, Is it still current or do I need to download it again?
download new install first and save to desktop - and uninstall and reinstall in Safe Mode?
A bit nervious unistalling while connected and leaving myself vulnerable if there are any remnents remaining.
Got a real problem now!!! Avast won’t let me uninstall. Asked for password, Which is why I’m uninstalling in the first place. printed a log but would’nt let me copy to clipboard or copy and past. What now???