1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Is my computer hijacked?

Discussion in 'Virus & Other Malware Removal' started by InfectedSalmon, May 13, 2015.

Thread Status:
Not open for further replies.
  1. InfectedSalmon

    InfectedSalmon Thread Starter

    Joined:
    May 13, 2015
    Messages:
    1
    For some reason, every now and then, a random malicious program pops up such as "PCSpeedUp" or "YAC". Am I being hacked/ hijacked? Should I contact the police? I already removed 2 of them using AdwCleaner. What should I do next?
     
  2. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    37,046
    Hiya and welcome to Tech Support Guy :)

    Are you still having this problem? If so, you may just have malware, so the police isn't needed just yet :)

    Can you run the following for me, and we can go from there:

    Download Security Check from here.
    • Save it to your Desktop.
    • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    ----------

    Download OTL to your Desktop


    (Vista or Win 7 => right click and Run As Administrator)

    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • When the window appears, underneath Output at the top change it to Standard Output.
    • At the top, check the box entitled Scan All Users
    • Toward the bottom, check:
      All Users
      LOP Check
      Purity Check
    • Under the Standard Registry box change it to All
      Do not change any settings unless otherwise told to do so.
    • Please copy the text in the code box below and paste it in the Custom Scans/Fixes box in OTL:

      Code:
      DRIVES
      netsvcs
      activex
      msconfig
      drivers32
      %systemroot%\assembly\GAC_32\*.ini
      %systemroot%\assembly\GAC_64\*.ini
      %ALLUSERSPROFILE%\Application Data\*.exe
      %APPDATA%\*.
      safebootminimal
      safebootnetwork
      %SYSTEMDRIVE%\*.*
      %PROGRAMFILES%\*.exe
      %LOCALAPPDATA%\*.exe
      %windir%\Installer\*.*
      %windir%\system32\tasks\*.*
      %windir%\system32\tasks\*.* /64
      %systemroot%\Fonts\*.exe
      %systemroot%\*. /mp /s
      /md5start
      pnrpnsp.dll
      nwprovau.dll
      nlaapi.dll
      napinsp.dll
      mswsock.dll
      winrnr.dll
      wshelper.dll
      consrv.dll
      explorer.exe
      winlogon.exe
      regedit.exe
      Userinit.exe
      svchost.exe
      services.exe
      user32.dll
      atapi.sys
      csrss.exe
      PRINTISOLATIONHOST.EXE
      /md5stop
      hklm\software\clients\startmenuinternet|command /rs
      hklm\software\clients\startmenuinternet|command /64 /rs
      %systemroot%\system32\*.dll /lockedfiles
      %systemroot%\Tasks\*.job /lockedfiles
      %systemdrive%\$Recycle.Bin|@;true;true;true /fp
      %systemroot%\system32\drivers\*.sys /lockedfiles
      C:\Windows\assembly\tmp\U\*.* /s
      %Temp%\smtmp\* \s
      %Temp%\smtmp\1\*.*
      %Temp%\smtmp\2\*.*
      %Temp%\smtmp\3\*.*
      %Temp%\smtmp\4\*.*
      dir "%systemdrive%\*" /S /A:L /C
      CREATERESTOREPOINT
      
    • Click the Run Scan button. The scan wont take long.
      A black box will appear, this is part of the custom scan, so don't be alarmed ;)
      IF OTL SAYS 'NOT RESPONDING' DON'T USE THE MOUSE. IT WILL CARRY ON SCANNING AFTER A FEW MINUTES

    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

    Thanks

    eddie
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1148198

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice