Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: yt8a.exe virus?  (Read 19631 times)

0 Members and 1 Guest are viewing this topic.

btfanusa

    Topic Starter


    Greenhorn

    Re: yt8a.exe virus?
    « Reply #15 on: October 26, 2008, 11:28:07 AM »
    Hello everyone! Sorry for not following the guide at first as suggested. I have done so now, and my computer "feels" normal again (at least to the untrained eyes of a novice like myself)! It is running at full speed, the computer fan has stopped, and the browser no longer quits automatically when I come to this thread! Well, here are more details:

    1. I uninstalled Norton to install Avast. For some reason, the uninstall process deleted my spybot also.

    2. The SuperAntiWare said I had no infection, so I don't have a log for that.

    3. The MalwareByte said I had 200+ infections! Please see the log.

    4. After I restarted, I ran MalwareByte again to see if I would still have any infection. It turns out I do. This time it says I have 130 infections. Attached is log #2, I know you guys didn't ask for this but I thought it wouldn't hurt to include it here.

    5. I got the latest Java Runtime and then deleted all old versions.

    6. Hijack this wouldn't work for some reason. Then I saw you guys said to change the file name to sniper and then it worked again. Cool! Can someone explain why changing the file name worked? Anyway, attached is the new log.

    Thank you guys so so much. I know I still have tons of infections but my PC seems to be working perfectly again and that's all I can ask for.

    Please let me know what to do next! I will listen I promise ;D

    [Saving space - attachment deleted by admin]

    CBMatt

    • Mod & Malware Specialist


    • Prodigy

    • Sad and lonely...and loving every minute of it.
    • Thanked: 167
      • Yes
    • Experience: Experienced
    • OS: Windows 7
    Re: yt8a.exe virus?
    « Reply #16 on: October 29, 2008, 12:56:39 AM »
    6. Hijack this wouldn't work for some reason. Then I saw you guys said to change the file name to sniper and then it worked again. Cool! Can someone explain why changing the file name worked? Anyway, attached is the new log.

    This is done by some infections.  When they see that hijackthis.exe is running, they will either hide or cause it to crash.  It's a very popular tool when it comes to malware removal, so they know to look out for it.  But when it's named to something else such as sniper.exe, the infection doesn't know what it is, so it doesn't do anything.  Does that make sense?



    In any case, your computer is looking quite a bit better, but there are still some things we need to take care of.  The first thing I'm going to have you do is download ComboFix and save it to your desktop.  Run the program and read its disclaimer (it's fairly short) and make sure you really pay attention to what it says.  Follow the prompts and when finished, it will produce a log at C:\ComboFix.txt.  Go ahead and post that here.  Note: Don't click on the window while it's running; this may cause stalls.
    Quote
    An undefined problem has an infinite number of solutions.
    —Robert A. Humphrey