Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Exploit:JS/Blacole.cx - Found but computer still not functioning
Message
<blockquote data-quote="JML123" data-source="post: 172169" data-attributes="member: 19800"><p>I tried to run Norton power eraser and it needed the updated version, so I downloaded that on another computer and put it on a flash drive onto the infected computer. Tried to run that, which also required a stable internet connection. Did a little research and downloaded Malwarebytes Anti-Malware on my other computer and installed it on the infected computer. Ran a quick scan which then found the trojan C:\Windows\svchost.exe, which was quarantined and deleted. I still couldn't connect to the internet so I ran a full scan, which returned nothing. I then downloaded on another computer the microsoft saftey scanner and installed it on the infected computer. Ran a quick scan which returned nothing. I then ran a full scan yesterday (3/10/2014), which found the following: Exploit: JS/Blacole, Trojans: downloader:asx/winmad.cn, downloader:asx.winmad.cx, and downloader:asx.winmad.cz. It said these were deleted, however that the Exploit required manual steps and to go to the link provided, however the link provided said there were no details on that version of the exploit. The family however did have some details (<a href="http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=JS/Blacole" target="_blank">http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=JS/Blacole</a>). I tried checking the host file and nothing strange is in there. I tried checking the internet settings to see if it was sending to some proxy, but they appeared normal. I tried installing Microsoft Security Defender, however it requires internet connection to run a scan, which I do not have. I cannot update the Java because I don't have an internet connection. I cleared the JAVA cache and I deleted adobe programs (figured I could re-install them later once my computer is clean). I did check for what JAVA is installed on my computer and I see Java 7 Update 17 (Publisher: Oracle, Installed on 3/15/2013, Version: 7.0.170) and Java(TM) 6 Update 14 (64-bit) (Publisher: Sun Microsystems, Inc. Installed on: 2/4/2010, version: 6.0.140). I didn't delete anything because i wasn't sure if both were needed or if one was a prior version that should be deleted. I have cleared my internet history. I tried hard wiring to the internet via an e-thernet cable and running Norton Power Eraser, however it still said I have an unstable internet connection. Ran Kaspersky TDSSKiller and RogueKiller. RogueKiller found some stuff that I deleted, however I still can't connect to the internet or get Norton to work. Norton actually says my service is expired, which is false because I get it through Comcast, which I still have, so it isn't expired. I was going to run Hitman Pro, but that requires an internet connection. I did not fun the scans/files asked because I can't connect to the internet and I don't want to put any files on my computer that is not infected, which is my work computer. I'm stuck.</p></blockquote><p></p>
[QUOTE="JML123, post: 172169, member: 19800"] I tried to run Norton power eraser and it needed the updated version, so I downloaded that on another computer and put it on a flash drive onto the infected computer. Tried to run that, which also required a stable internet connection. Did a little research and downloaded Malwarebytes Anti-Malware on my other computer and installed it on the infected computer. Ran a quick scan which then found the trojan C:\Windows\svchost.exe, which was quarantined and deleted. I still couldn't connect to the internet so I ran a full scan, which returned nothing. I then downloaded on another computer the microsoft saftey scanner and installed it on the infected computer. Ran a quick scan which returned nothing. I then ran a full scan yesterday (3/10/2014), which found the following: Exploit: JS/Blacole, Trojans: downloader:asx/winmad.cn, downloader:asx.winmad.cx, and downloader:asx.winmad.cz. It said these were deleted, however that the Exploit required manual steps and to go to the link provided, however the link provided said there were no details on that version of the exploit. The family however did have some details ([url]http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=JS/Blacole[/url]). I tried checking the host file and nothing strange is in there. I tried checking the internet settings to see if it was sending to some proxy, but they appeared normal. I tried installing Microsoft Security Defender, however it requires internet connection to run a scan, which I do not have. I cannot update the Java because I don't have an internet connection. I cleared the JAVA cache and I deleted adobe programs (figured I could re-install them later once my computer is clean). I did check for what JAVA is installed on my computer and I see Java 7 Update 17 (Publisher: Oracle, Installed on 3/15/2013, Version: 7.0.170) and Java(TM) 6 Update 14 (64-bit) (Publisher: Sun Microsystems, Inc. Installed on: 2/4/2010, version: 6.0.140). I didn't delete anything because i wasn't sure if both were needed or if one was a prior version that should be deleted. I have cleared my internet history. I tried hard wiring to the internet via an e-thernet cable and running Norton Power Eraser, however it still said I have an unstable internet connection. Ran Kaspersky TDSSKiller and RogueKiller. RogueKiller found some stuff that I deleted, however I still can't connect to the internet or get Norton to work. Norton actually says my service is expired, which is false because I get it through Comcast, which I still have, so it isn't expired. I was going to run Hitman Pro, but that requires an internet connection. I did not fun the scans/files asked because I can't connect to the internet and I don't want to put any files on my computer that is not infected, which is my work computer. I'm stuck. [/QUOTE]
Insert quotes…
Verification
Post reply
Top