Angelfire777

Hi,

were you the one who created this index.html page? C:\WINNT\index.html? If not, can you check it out for me please.

Also, were you the one who created this batch file: C:\tmp.bat? If not, please right click it and select edit. Notepad will open with some contents. Please post the contents here. DO NOT double click it.


*Click Start > Control Panel > Add or Remove Programs and uninstall the items I listed in bold if found.

Internet Speed Monitor
Outerinfo

The following are leftovers from your norton installation. You can remove them now.

LiveReg (Symantec Corporation)
LiveUpdate 1.6 (Symantec Corporation)
________

Open HijackThis > choose Scan Only > Place a checkmark in the boxes beside these entries in bold.

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm

Close your browsers and all open windows except for HijackThis, then click "Fix checked". Exit HijackThis.
________

Combofix Deletions

• Open notepad.
• Copy and paste the text inside the code box below to notepad

• Save and Name it as "CFScript"
• Drag and drop CFScript.txt to your copy of combofix.
• You can take a look at the image below if you're unsure on how to do it.
  
• Combofix wil restart your machine then it will produce a log afterwards.
• Please post the contents of that log along with a fresh HijackThis log.

_________

Please do an online scan with Kaspersky WebScanner

Warning: If you had kaspersky online scanner installed before 10-5-2007, please uninstall it as kaspersky released a new version. Previous version had a serious flaw which could result in a buffer overflow.

You will be promted to install an ActiveX component from Kaspersky, Click Yes.

• The program will launch and then begin downloading the latest definition files:
• Once the files have been downloaded click on NEXT
  
• Now click on Scan Settings
• In the scan settings make that the following are selected:
  • Scan using the following Anti-Virus database:
  • Extended (if available otherwise Standard)
  • Scan Options:
  • Scan Archives
    Scan Mail Bases
• Click OK
• Now under select a target to scan:
  • Select My Computer
• This will program will start and scan your system.
• The scan will take a while so be patient and let it run.
• Once the scan is complete it will display if your system has been infected.
  • Now click on the Save as Text button:
• Save the file to your desktop.
• Copy and paste that information in your next post.

Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the licence, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.
_________

Your Java is out of date....
Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version Java components.

• Click Start > Control Panel
• Click Add/Remove Programs
• Check any item with Java Runtime Environment (JRE or J2SE) in the name.
• Click the Remove button.
• Repeat as many times as necessary to remove all versions of Java.
• Reboot your computer once all Java components are removed.

Then download Java Runtime Environment 6u6, and install it to your computer.

On your next reply, please include a

• Fresh HijackThis log.
• kaspersky scan log
• combofix log

__________________
Proud member of UNITE and ASAP since 2006


If we have helped you, please consider donating.

The past won't be able to hurt you unless you keep on looking back at it.