Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Malware is reinstalling itself


  • Please log in to reply

#1
Helleshoj

Helleshoj

    New Member

  • Member
  • Pip
  • 3 posts

I've tried everything I know on this virus and it keeps reinstalling itself onto my computer. It hides under the name 'Privoxy'. Privoxy is a proxy program but I don't believe it is supposed to come with viruses. The symptoms are ads being displayed on Chrome, when with adblock installed, and all my browsers using a proxy. If tried running Malwarebytes, adwcleaner, Hitman Pro and Avast. I remove the program about once a week, every time it appears. If you could help I would be very thankful. :)

Spoiler

Edited by Helleshoj, 30 November 2015 - 03:05 PM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,011 posts
  • MVP

I usually don't do Win 10 but your malware looks like it should be fairly straight forward and I expect the other helpers are a little afraid of the Danish.

 

Download the attached fixlist.txt to the same location as FRST
Run FRST and press Fix
A fix log will be generated please post that.  
 
Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer
 
NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.
 
Close  all programs, pause your anti-virus and run AdwCleaner ( right click and Run As Administrator).
 
scan-results.jpg
 
Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
 
The report will be saved in the C:\AdwCleaner folder.
 
 
 
Junkware-Removal-Tool
 
Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus.  Close all browsers.
  • Run the tool by right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
 
 Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.
 
 
 
Do you still see your malware?

  • 0

#3
Helleshoj

Helleshoj

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

Hello again, sorry for taking so long. 

 

I've run the FRST program with the fixlist and used Adwcleaner, but the file for JRT is either broken or doesn't work with win10. I've tried downloading the file from Malwarebytes website, and it could start but couldn't finish even though I ran it as Administator and all that. 

Attached Files


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,011 posts
  • MVP

Delays are no problem.  I don't keep track.  Thanks for the info on JRT & Win 10.  Haven't converted any of my PCs to Win 10 yet.

 

I missed a few entries per FRST so let's run Fixlist again.

 

Download the attached fixlist.txt to the same location as FRST
Run FRST and press Fix
A fix log will be generated please post that.  Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.
 
Are you still seeing signs of malware?

  • 0

#5
Helleshoj

Helleshoj

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

You didn't seem to have attached a new fixlist so i ran the old one again... I didn't know if it was that you meant me to do :P

The malware is normally always removed with a normal virus scan and clean but reinstalls inself once every one or two weeks.

 

I'll of course report back in a few weeks to say if the program reinstalls inself again.

BTW: One more thing about the program is that it changes my proxy settings when it reinstalls. 

Attached Files


Edited by Helleshoj, 02 December 2015 - 10:46 AM.

  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,011 posts
  • MVP

Sorry.  Here it is.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP