Jump to content

Keep getting a Windows message about .js

zacRupnow
By zacRupnow
in Troubleshooting
 Share
Go to solution Solved by zanthros,

You may want to look here for the answer as it looks like the malware is adaptive and respawns..........

http://www.bleepingcomputer.com/forums/t/347927/foobar2000-spawning-processes/

Posted
  • Author

Your still getting the prompt asking how to open it?

yup, same one pictured at the top of the post.

I run my browser through NSA ports to make their illegal jobs easier. :P
If it's not broken, take it apart and fix it.
http://pcpartpicker.com/b/fGM8TW

Link to post
Share on other sites
Posted

yup, same one pictured at the top of the post.

That's really odd cos that message says there is no file association or that its being overridden. 

 

Windows 7 or 8? If you go to Control panel > Default programs > Associate a file type or protocol with a program, can you find .js in there? and using definitely set to Windows Script Editor?

Link to post
Share on other sites
Posted
  • Author

That's really odd cos that message says there is no file association or that its being overridden. 

 

Windows 7 or 8? If you go to Control panel > Default programs > Associate a file type or protocol with a program, can you find .js in there? and using definitely set to Windows Script Editor?

Windows 8.1 everything is updated, drivers n stuff.

Control panel

Controlpaneljsfile

winscript

I run my browser through NSA ports to make their illegal jobs easier. :P
If it's not broken, take it apart and fix it.
http://pcpartpicker.com/b/fGM8TW

Link to post
Share on other sites
Posted
  • Author

Have you run a System File Check since you dis-infected the browser? (sfc /scannow at command prompt)

Any idea what I need to look for in the log?

commandpromt

I run my browser through NSA ports to make their illegal jobs easier. :P
If it's not broken, take it apart and fix it.
http://pcpartpicker.com/b/fGM8TW

Link to post
Share on other sites
Posted
  • Solution

You may want to look here for the answer as it looks like the malware is adaptive and respawns..........

http://www.bleepingcomputer.com/forums/t/347927/foobar2000-spawning-processes/

                  Did I help you to fix your problem or at least did offer somewhat valuable advice? Consider giving my post a "informative" or "thumbs up".

SYSTEM 2: Modded G3 case with Gigabyte GA-G33M-S2L, Intel E8600 (O.C to 4.2GHz.), 4GB GSkill PC8500, Nvidia 8800GTS (512M), Cooling provided by Scythe Big Shrunkin, HDD 1 = OSX 10.9.5, HDD 2 = Windows 7 Pro X64. (Placed 3rd in MacMod  of the year 2012) (For info see:  http://insanelymac.com/forum/topic/285641-and-the-winner-for-macmod-of-2012-is/

LAPTOP: Inspiron 1720, Modded BIOS, X9000 Core 2 extreme OC'ed and undervolted to 3.4GHz (windows only) , 6GB DDR2 800, 8600M GT, 1920x1200 Glossy display, Sigmatel Audio, 2 Kingston HyperX 120GB drives (1 with Windows 7 x64 pro & 1 with OSX 10.9.5) X9000 Processor World Record Holder since 02/2013 on Geekbench 2 : http://browser.primatelabs.com/geekbench2/search?dir=desc&q=x9000&sort=score

Link to post
Share on other sites
Posted
  • Author

You may want to look here for the answer as it looks like the malware is adaptive and respawns..........

http://www.bleepingcomputer.com/forums/t/347927/foobar2000-spawning-processes/

I've just used some removal programs from the site you linked and they did find some more files related to Dregol and removed them but once again it's a waiting game. If I don't see the message or anything suspicious before Wednesday then I'll mark this as solved but if it appears after that I'll re-open the subject.

I run my browser through NSA ports to make their illegal jobs easier. :P
If it's not broken, take it apart and fix it.
http://pcpartpicker.com/b/fGM8TW

Link to post
Share on other sites
Posted
  • Author

While the programs I used from http://www.bleepingcomputer.com/forums/t/347927/foobar2000-spawning-processes/ did stop the .js message, I think something may still be around as every now and then when I click a link to a new tab my browser also opens a tab I didn't open to an exploitation ad/contest winning or a page for extension that I refuse to download, however I installed a site blocker and these pages don't come up after I blocked them (I also reported them to google a few times).

I run my browser through NSA ports to make their illegal jobs easier. :P
If it's not broken, take it apart and fix it.
http://pcpartpicker.com/b/fGM8TW

Link to post
Share on other sites
Posted
  • Author

The programs that I used (in addition to anything done previously- all stated in this topic thread) to fix the .js message caused by the hijack malware Dregol are listed below:

 

HijackThis

Anti~mal~ware tool

AdwCleaner

 

Availible from - http://www.bleepingcomputer.com/forums/t/347927/foobar2000-spawning-processes/

I run my browser through NSA ports to make their illegal jobs easier. :P
If it's not broken, take it apart and fix it.
http://pcpartpicker.com/b/fGM8TW

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Troubleshooting

×