sUBs

Please go to the root of Drive C & check if you have this log - C:\Q-Log.tx. If so, kindly post it in your next reply.


Please read this post completely before begining the fix.


Right click on this & choose "Save As..." DelO15Domains.inf - DelO15Domains.inf
Right click on DelO15Domains.inf and choose Install. It will run immediately (you won't be able to see anything happen). You may delete the file afterwards.

SpywareBlaster 3.5.1 - Install & update SpywareBlaster with the latest definitions.
After you have updated, click the button - enable protection for all unprotected items

IE-SpyAD - Extract the contents to a new folder
From within the folder, double-click install.bat
Select Option #2 - Install the new IE-SPYAD list.
Then return to the main menu.
Select option #4 - Add the old porn sites domain


* * * * * * FIXING ENTRIES WITH HIJACKTHIS * * * * * * * * * *


Do a HijackThis scan & place a check next to these items and select "Fix checked":

O16 - DPF: {197AB1D7-A7DD-4C86-A938-1FCC0DB21B85} (DMProxyCtl Class) - http://dm.cometsystems.com/dm/dm_286.cab


* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *


Uninstall the following programs, if present, using Control Panel->Add/Remove Programs:

• Network Monitor
  Startnow Navigation Helper (v1.0.1.1.)

* * * * * * ADDITIONAL DATA REQUIRED * * * * * * * * * * * *


I require a bit more data about this program - BLM2.44.00

Start HJT & goto Config > Misc Tools - Open Uninstall Manager
From the box on the left, select BLM2.44.00 & look up the the uninstall command from the right
Please let me know the entry's uninstall command


* * * * * * DELETING FILES/FOLDERS * * * * * * * * * * * * * * *


Delete the contents of this folder, leaving it empty:

• C:\Program Files\Norton AntiVirus\Quarantine\

* * * * * * PURGING TEMP FOLDERS * * * * * * * * * * * * * * *


Run Cleanup! using the following configuration:

1. Click Options...
2. Set the slider initially to Standard CleanUp!
3. Uncheck the following:

• Delete Newsgroup cache
• Delete Newsgroup Subscriptions
• Scan local drives for temporary files

4. Click OK
5. Press the CleanUp! button to start the program.


* * * * * *


This will clear the infected files from the System Volume Information folder
Go to Start >> Run - type control sysdm.cpl,,4 & press Enter

• Tick on the checkbox - Turn off System Restore on all drives
• Click Apply

Turn it back 'On' by unticking the same checkbox & click OK


* * * * * *


Reboot the machine & post the following logs:

1. fresh Hijackthis log.
2. Q-Log.tx (if available)
3. The uninstall command for BLM2.44.00

* * * * * *


After you have posted the required logs, I shall require you to update your copy of Sun's java. Older versions of Java have been identified as entry for malware.

Updating Java and Clearing Cache

1. Go to Start > Control Panel double-click on the Java Icon (coffee cup) in the Control Panel.
2. It will say "Java Plug-in" under the icon.
3. If it is not visible, click on 'Switch to Classic View' in the left pane of the Control Panel or 'Other Control Panel Options'
4. Please find the Update button or tab in the Java Control Panel. Update your Java then reboot.
5. If you are unable to update you can manually update by going here:
   
   http://www.java.com/en/download/manual.jsp
   
   
6. After the reboot, go back into the Control Panel and double-click the Java Icon.
7. Under the Advanced Tab, click <Applet> tag support and select the browser(s) you are using.
8. Under Temporary Internet Files, click the Delete Files button.
9. There are three options in the window to clear the cache - Leave ALL 3 Checked
   • Downloaded Applets
     Downloaded Applications
     Other Files
10. Click OK on Delete Temporary Files Window
    Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
11. Click OK to leave the Java Control Panel.