Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected by Tabs?


  • Please log in to reply
4 replies to this topic

#1 Tiger360X

Tiger360X

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:31 AM

Posted 07 April 2014 - 02:10 AM

Hello,
I scan my computer daily with hitman pro, yesterday I found these threats:
 
Malware remnants ____________________________________________________________
 
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs\Tabs (Hijacker) -> Deleted
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TNT2User_RASAPI32\ (FindWide) -> Deleted
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TNT2User_RASMANCS\ (FindWide) -> Deleted
 
I removed them, but I need to know what were they doing? where did I get them from? Were my data exposed? Do you think Hitman fully removed them? And if you have any extra info, please enlighten me as I'm really concerned..
OS: Windows7 . . . . . . . : 6.1.0.7600.X64/8
Thanks in advance..


BC AdBot (Login to Remove)

 


m

#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,588 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:31 AM

Posted 07 April 2014 - 09:08 AM

Findwide is a browser hijacker that will add the Findwide Toolbar, change your browser homepage, tabs and default search engine to search.findwide.com. Findwide is not an infection in the typical sense...it is more accurately classified as a Potentially Unwanted Program (PUP) and PUPS do not fall in the same category as malicious files such as viruses, Trojans, worms, rootkits and bots. A PUP is a very broad threat category which can encompass any number of different programs to include those which are benign as well as problematic.

One characteristic of crapware and PUPs is that they insert themselves (components) into various areas of your system to include windows registry. Malware remnants are generally harmless pieces of leftovers (registry keys, file fragments, folders) generally found after the primary file has been removed by a security scanner or uninstall of the parent software.

To learn more about PUPs and how you get them, please read: About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs)

What other security scans (programs) have you used?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Tiger360X

Tiger360X
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:31 AM

Posted 09 April 2014 - 04:04 PM

^^

I have only used hitman pro to scan my computer.. should i try something else? and do you think if some data on my PC has been exposed by any chance?



#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,588 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:31 AM

Posted 09 April 2014 - 05:05 PM


Please download and use the following tools (in the order listed) which will search for and remove many potentially unwanted programs (PUPs), adware, toolbars, browser hijackers, extensions, add-ons and other junkware as well as related registry entries (values, keys) and remnants.

RKill created by Grinler (aka Lawrence Abrams), the site owner of BleepingComputer.
AdwCleaner created by Xplode.
Junkware Removal Tool created by thisisu.

1. Double-click on RKill to launch the tool. A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully. A log file will be created and saved to the root directory, C:\RKill.log. Copy and paste the contents of RKill.log in your next reply.

Important: Do not reboot your computer until you complete the next step.

2. Double-click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


Close all open programs and shut down any protection/security software to avoid potential conflicts.

3. Double-click on JRT.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log file named JRT.txt will automatically open and be saved to your Desktop.
  • Copy and paste the contents of JRT.txt in your next reply.
.
4. As a final step, download and scan with Malwarebytes Anti-Malware 2.0.
When done, please post the complete results of your Malwarebytes scan for review.

To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 1)
  • Open Malwarebytes Anti-Malware.
  • Click the History Tab at the top and select Application Logs.
  • Select (check) the box next to Scan Log. Choose the most current scan.
  • Click the View button.
To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 2)
  • Open Malwarebytes Anti-Malware.
  • Click the Scan Tab at the top.
  • Click the View detailed log link on the right..
Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:31 PM

Posted 09 April 2014 - 05:07 PM

EDITED

Please follow above advice -


Edited by noknojon, 09 April 2014 - 05:10 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users