|
|
Geoggy
new user
Reg'd: Sat
Posts: 13
|
|
Hi,
Last night Vista would not load my desktop, so I ran AVG and it found a trojan. It said it has cleaned it, so I rebooted in safe mode - ran AVG again and no infections are reported.
This is my log - can anyone tell me if its clean - I would be very grateful.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:20:36 AM, on 9/6/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Windows\System32\ico.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Simplify Media\SimplifyMedia.exe
C:\Users\Ian\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\FinePixViewer\QuickDCF2.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Users\Ian\Downloads\HiJackThis.exe
C:\Program Files\Dell Support Center\gs_agent\dsc.exe
C:\Program Files\Simplify Media\SimplifyPeer.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [Wireless Manager] "C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe" startup
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Simplify Media] "C:\Program Files\Simplify Media\SimplifyMedia.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Ian\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: ExifLauncher2.lnk = C:\Program Files\FinePixViewer\QuickDCF2.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{BA90D03D-FE2B-452D-8422-F71024A3F854}: NameServer = 192.168.1.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: AffinegyService - Affinegy LLC - C:\Program Files\Virgin Broadband Wireless\AffinegyService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 12198 bytes
Many thanks
Geoggy
|
|
bricat
HijackThis Helper
Reg'd: Wed
Posts: 31991
Loc: belfast
|
|
Please download and install SUPERAntiSpyware Home Edition (free)- Once installed, update the program definitions when prompted.
- Click the "Preferences" button and then the "Scanning Control" tab.
- Under "Scanner Options" make sure the following are checked/selected:
- 1>> Close browsers before scanning.
- 2>> Scan for tracking cookies.
- 3>> Terminate memory threats before quarantining.
- 4>> Ignore System Restore/Volume Information on ME and XP.
- Deselect all other scanning options.
- Close SUPERAntiSpyware for use later.
Then boot up in SAFE MODE
Open SUPERAntiSpyware and click the "Scan your computer" button.- On the left, select "C:\Fixed Drive".
- On the right, under "Complete Scan", choose "Perform Complete Scan".
- Click "Next" to start the scan. Please be patient while it scans your computer.
- After the scan is complete a summary box will appear. Click "OK".
- Make sure everything in the white box has a check next to it, then click "Next".
- After quarantining anything found, you may be prompted to reboot, click "Yes".
- Paste the scan log in your next reply (Preferences > Statistics/Logs tab > double-click SUPERAntiSpyware Scan Log)
--------------------
IF I HAVE SAVED YOU MONEY, PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST MALWARE.
 
When the only tool you own is a hammer, every problem begins to look like a nail. 
|
Geoggy
new user
Reg'd: Sat
Posts: 13
|
|
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 09/06/2008 at 11:47 AM
Application Version : 4.21.1004
Core Rules Database Version : 3558
Trace Rules Database Version: 1546
Scan type : Complete Scan
Total Scan Time : 01:28:55
Memory items scanned : 244
Memory threats detected : 0
Registry items scanned : 6988
Registry threats detected : 0
File items scanned : 126205
File threats detected : 43
Adware.Tracking Cookie
C:\Users\Graham\AppData\Roaming\Microsoft\Windows\Cookies\Low\graham@ad.bodybuilding[1].txt
C:\Users\Graham\AppData\Roaming\Microsoft\Windows\Cookies\Low\graham@ad.uk.tangozebra[1].txt
C:\Users\Graham\AppData\Roaming\Microsoft\Windows\Cookies\Low\graham@ad1.emediate[1].txt
C:\Users\Graham\AppData\Roaming\Microsoft\Windows\Cookies\Low\graham@anad.tacoda[1].txt
C:\Users\Graham\AppData\Roaming\Microsoft\Windows\Cookies\Low\graham@dynamic.media.adrevolver[2].txt
C:\Users\Graham\AppData\Roaming\Microsoft\Windows\Cookies\Low\graham@hotbar[2].txt
C:\Users\Graham\AppData\Roaming\Microsoft\Windows\Cookies\Low\graham@iacas.adbureau[2].txt
C:\Users\Graham\AppData\Roaming\Microsoft\Windows\Cookies\Low\graham@imrworldwide[2].txt
C:\Users\Graham\AppData\Roaming\Microsoft\Windows\Cookies\Low\graham@media.adrevolver[3].txt
C:\Users\Graham\AppData\Roaming\Microsoft\Windows\Cookies\Low\graham@metacafe.122.2o7[1].txt
C:\Users\Graham\AppData\Roaming\Microsoft\Windows\Cookies\Low\graham@specificclick[1].txt
C:\Users\Graham\AppData\Roaming\Microsoft\Windows\Cookies\Low\graham@specificclick[2].txt
C:\Users\Graham\AppData\Roaming\Microsoft\Windows\Cookies\Low\graham@stats.endsleigh.co[1].txt
C:\Users\Graham\AppData\Roaming\Microsoft\Windows\Cookies\Low\graham@teenbodybuilding[1].txt
C:\Users\Graham\AppData\Roaming\Microsoft\Windows\Cookies\Low\graham@www.burstbeacon[1].txt
C:\Users\Graham\AppData\Roaming\Microsoft\Windows\Cookies\Low\graham@www.burstnet[2].txt
C:\Users\Graham\AppData\Roaming\Microsoft\Windows\Cookies\Low\graham@www.googleadservices[2].txt
.ads.pointroll.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
.ads.pointroll.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
.ads.pointroll.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
.ads.pointroll.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
.ads.pointroll.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
.ads.pointroll.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
.ads.pointroll.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
.adultfriendfinder.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
.adultfriendfinder.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
.imrworldwide.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
.imrworldwide.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
.richmedia.yahoo.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
.sexsearchcom.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
.view.atdmt.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
.xiti.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
.youporn.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
.youporn.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
.youporn.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
.youporn.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
ads-dev.youporn.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
rotator.adjuggler.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
rotator.adjuggler.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
rotator.adjuggler.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
tour.sexsearchcom.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
wt.sexsearch.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
www1.addfreestats.com [ C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\rxl3ym1b.default\cookies.txt ]
some great websites there! thankfully - i am not one of those users!
|
bricat
HijackThis Helper
Reg'd: Wed
Posts: 31991
Loc: belfast
|
|
just some cookies there, not much to worry about.
DISABLE SYSTEM RESTORE
To flush out infected restore points.
Then restart your system restore.(same page).then create a new restore point :-
click START\ALL PROGRAMS\ACCESSORIES\SYSTEM TOOLS\SYSTEM RESTORE. click on "create new restore point"
click on NEXT and follow the prompts.
this is to ensure that if you have to do a system restore in the future that you don't get the trojan reinstalled again.
Then :-
Download and scan with CCleaner - CCleaner installs the Yahoo Toolbar as an option which IS checkmarked by default during the installation.
IF you do NOT want it, REMOVE the checkmark when provided with the option OR download the toolbar-free or Slim versions instead of the Standard Build.
- Before first use, select Options > Advanced and UNCHECK "Only delete files in Windows Temp folder older than 48 hours"
Then select "Cookies"
Move any cookies you wish to retain, e.g. login cookies, in the left-hand window to the right-hand window by highlighting them and clicking the right arrow in the centre.
- Then select the items you wish to clean up.
In the Windows Tab:
• Clean all entries in the "Internet Explorer" section.
• Clean all the entries in the "Windows Explorer" section.
• Clean all entries in the "System" section.
• Clean all entries in the "Advanced" section.
• Clean any others that you choose.
In the Applications Tab:
• Clean all entries in the Mozilla Firefox Section.
• Clean all in the Opera section if you use it.
• Clean Sun Java in the Internet Section.
• Clean any others that you choose.
- Click the "Run Cleaner" button.
- A pop up box will appear advising this process will permanently delete files from your system.
- Click "OK" and it will scan and clean your system.
- Click "exit" when done.
then DEFRAG your C:\ drive.
to help speed up your system.
--------------------
IF I HAVE SAVED YOU MONEY, PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST MALWARE.
When the only tool you own is a hammer, every problem begins to look like a nail.
|
Geoggy
new user
Reg'd: Sat
Posts: 13
|
|
thanks for all your help mate
|
bricat
HijackThis Helper
Reg'd: Wed
Posts: 31991
Loc: belfast
|
|
glad you're sorted.
--------------------
IF I HAVE SAVED YOU MONEY, PLEASE CONSIDER GIVING A DONATION TO HELP IN MY FIGHT AGAINST MALWARE.
When the only tool you own is a hammer, every problem begins to look like a nail.
|
|
|
Previous
Index
Next
Threaded
Edit
Reply
Quote
