Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

...using Emisoft


  • Please log in to reply
2 replies to this topic

#1 b00kwormed0ut

b00kwormed0ut

  • Banned Spammer
  • 80 posts
  • OFFLINE
  •  
  • Local time:02:22 PM

Posted 03 November 2013 - 09:01 PM

I am running on a HP Pavilion g6 Windows 8 System

 

 

 

How do you distinguish the colors ? I have many different colors in the category HIJACKFREE

 

What to do what not to do ? Any knowledgeable technician available know this ?

 

Red, Green, Yellow, White ?

 

Delete, Delete References, save backup ?

 

Kill Process ?

 

the files are HPMSGSVC.exe and hpqWmiEx.exe along with hpservice.exe in red

 

 

 

 

Would anybody mind trying to help me out, please ?


Edited by b00kwormed0ut, 03 November 2013 - 09:17 PM.


BC AdBot (Login to Remove)

 


#2 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:12:22 PM

Posted 06 November 2013 - 11:28 AM

The following is an excerpt from a tutorial for Emsisoft Knowledgebase HiJackFree.  I would suggest that you read this tutorial to gain a better understanding of this software.

 

hijackfree_zps32febd95.png

 

 

Green entries are process names whose process database entries only refer to benign software. You can therefore assume that these processes are highly likely to be not hostile. However, it can never be guaranteed that these processes are benign. This simply means that the process information database contains no information on hostile processes with the same name.

 

Yellow entries are process names that are used by both Malware and benign Software. In this case, you click on the entry and scroll to the online information at bottom of the details window underneath. This shows all the information available in the process database. Now compare the program paths listed here with the path of the active process on your PC. This requires a certain nose for details. Assuming that the path of the active process is:

 

Red entriesin the process list are process names for which the process database contains only information on hostile programs. There can be two reasons for this: Either this is truly a Malware process or there is simply no other information in the process database on a benign process of the same name. Regardless of the reason, it is a good idea to examine this process in more detail.

 

Another Malware program which is suggested quite often here at Bleeping Computer is Malwarebytes AntiMalware.  This is a much simpler program to use.  If you would like to try it, use the instructions below.

 

Please download Malwarebytes Anti-Malware.

 
1)  Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.
 
2)  When the installation has finished, make sure you leave both of these checked:
 
    Update Malwarebytes' Anti-Malware
 
    Launch Malwarebytes' Anti-Malware
 
Then click on Finish.
 
3)  MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. 
 
4)  Click on perform Quick Scan, then click on the Scan button.
 
If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
 
5)  The scan will now begin, this may take some time to complete so please be patient.
 
6)  When the scan is finished click on Show Results to display all objects found.
 
7)  Click OK to close the message box and continue with the removal process.
 
8)  Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
 
Make sure that every item shown in the results has a check mark in the box next to it, then click on Remove Selected.
 
9)  When removal is completed, a log will open in Notepad.
 
This log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of the log in your next post, then exit MBAM.
 
Important:  If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Reagardless if prompted to restart the computer or not, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
 
Please copy the Malwarebytes log and paste it in your next post.
 
To locate this file right click on the Start orb and choose Open Windows Explorer, then click on C: drive.
 
When the C: drive opens click on the following:  ProgramData, Malwarebytes, Malwarebytes' Anti-Malware, Logs.  
 
If there is more than one log, choose the log with the date that you ran scan that I requested.

Edited by dc3, 06 November 2013 - 11:33 AM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#3 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,114 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:10:22 PM

Posted 09 November 2013 - 06:42 AM

Hi b00kw0rmed0ut,

Cookies are small text files that contain certain information stored during visits you make to certain websites. Many of the saved details are truly generic, but some sites will save personal details and while these details are not necessarily shared with third-parties, this can be seen as invasive. Such cookies are typically called "tracking cookies". Because cookies are pretty harmless you can either ignore detected cookies or delete them (this will not negatively impact your browser behavior, but some changes/choice you made on certain sites may be lost).

 

Cookies are not able to actually infect your computer with malware, so there is no need to be afraid of that. As a safety/privacy precaution you can disable third-party cookies in your browser.


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users