Late Friday evening I stupidly downloaded something not thinking and got more than i bargained for.
Clearance of this defeated me for a time. Chrome was hijacked and brought you "TROTUX" and many other things beside. I knew I copped it.
Every time the culprit folders were deleted - they would come back 1.1 or 2.1... inc Sunnyboy among others. Sadly Spy Bot, despite quarantining them just did not clear them. Following forum advice I used, Adware, Malwarebytes and finally HitmanPRo which did the trick. So thank you SPYBOT forum for that.

Having a habit of looking at the program files which landed about the time of the infestation, I noticed another new folder which appeared Viz. PRACOPH in the PROGRAM (x86) files. While I did glimpse it in the eradication runs, that particular folder has remained.

Also, when I was trying to uninstall insidious items, the other new folder PHIZOTHER popped up. And again that has remained.

Not that I profess to know anything much about computers, I was wondering if anyone could tell me anything about these folders please?

Hello madcap378,



Having a habit of looking at the program files which landed about the time of the infestation, I noticed another new folder which appeared Viz. PRACOPH in the PROGRAM (x86) files. While I did glimpse it in the eradication runs, that particular folder has remained.

Also, when I was trying to uninstall insidious items, the other new folder PHIZOTHER popped up. And again that has remained.

Not that I profess to know anything much about computers, I was wondering if anyone could tell me anything about these folders please?

It might be best for someone to take a look at the system, please see the Malware Removal Forum (http://forums.spybot.info/forumdisplay.php?f=22) sticky which includes guidelines and instructions in post #2 on how to provide the logs from Farbar Recovery Scan Tool and aswMBR, which are the logs used in the preliminary analysis.

http://forums.spybot.info/showthread.php?t=288

Then start a new topic in that forum providing the logs so a volunteer analyst can guide you. :)

All instructions given are customized for that member's personal computer only, the tools used may cause damage if run on a machine with different specs/infections. Please do not take fixes given to another user and apply to your own machine.

Best regards.

Fair Enough!

I will be unable to follow your instructions until tomorrow if that is permissible.

So until then
Thank you
madcap378


Hello madcap378,



It might be best for someone to take a look at the system, please see the Malware Removal Forum (http://forums.spybot.info/forumdisplay.php?f=22) sticky which includes guidelines and instructions in post #2 on how to provide the logs from Farbar Recovery Scan Tool and aswMBR, which are the logs used in the preliminary analysis.

http://forums.spybot.info/showthread.php?t=288

Then start a new topic in that forum providing the logs so a volunteer analyst can guide you. :)

All instructions given are customized for that member's personal computer only, the tools used may cause damage if run on a machine with different specs/infections. Please do not take fixes given to another user and apply to your own machine.

Best regards.

Malware forum topic: https://forums.spybot.info/showthread.php?73903-Weird-things-logs-as-requested