I purchased Norton Internet Security 2009 and downloaded it from their website. While still connected to the internet, I disabled my current virus protection and while trying to install Norton, I got a virus. Multiple pop-ups and the virus "Chin09.win" comes up also.

When I try and connect to the internet, I get the blue screen. This was a work laptop, about 2 yrs old and there is not a restore point.

HELP Please.

jford8444

howdy jford
our malware experts are absent. we'll muddle through this.

Read this:
http://www.suggestafix.com/index.php?showtopic=16053
pay particular attention to renaming hijackthis.exe

Post log file here:
http://www.suggestafix.com/index.php?showforum=15

Any luck on this virus??

If you don't follow instructions, we'll never know...

- Download and run CrapCleaner from http://www.ccleaner.com/
Note: in CCleaner: go to <options/advanced> Uncheck "Only delete files in Windows Temp folders older than 48 hours").

- Download Malwarebytes Anti-Malware from http://www.majorgeeks.com/Malwarebyte'...ware_d5756.html to the desktop.

- Double-click on Download_mbam-setup.exe to install the application.
- When the installation begins, follow the prompts and do not make any changes to default settings.
- When installation has finished, make sure you leave both these checked:
- Update Malwarebytes Anti-Malware
- Launch Malwarebytes Anti-Malware
- Then click Finish.

- MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
- On the Scanner tab:
- Make sure the "Perform Full Scan" option is selected.
- Then click on the Scan button.
- The next screen will ask you to select the drives to scan. Leave all the drives selected and click on the Start Scan button.

- The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.

When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
- Click OK to close the message box and continue with the removal process.
- Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
- Make sure that everything is checked, and click Remove Selected.
- When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)

The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.

Copy and paste the contents of that report in your next reply along with a fresh HijackThis log and exit MBAM.

NB - If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process and, if asked to restart the computer, please do so immediately.

Next, take a look at this pinned topic here: http://www.suggestafix.com/index.php?showtopic=16053. and post a HijackThis log along with the MBAM report.
Note: Remember to rename hijackthis.exe to anything.exe you feel comfortable with, as new baddies may detect hijackthis.exe and hide from it.

Chris

If you do a search on your computer's C-Drive and go to "USERS" then "WHATEVER PROFILE YOU ARE USING (mine is My Computer)" then "APPDATA" then "LOCAL" then "TEMP" and look for the following files beginning with "UAC9a", "UAC9e", "UACF0", and UACF5"
SEARCH WILL LOOK LIKE THIS:

C:\Users\My Computer\AppData\Local\Temp\uac9a
C:\Users\My Computer\AppData\Local\Temp\uac9e
C:\Users\My Computer\AppData\Local\Temp\uacf0
C:\Users\My Computer\AppData\Local\Temp\uacf5

If you find these files... DELETE them IMMEDIATELY and make sure you EMPTY them from your TRASH BIN... then RE-START your computer
WORKS GREAT NOW!!

Old thread.