There is a Tracking cookie for this site:
C:\Documents and Settings\Karen\Cookies\karen@adultfriendfinder[1].txt
Let's get rid of the Tracking Cookies, block them in the future and restrict the site:
1. Did you check the line in SAS to remove what it found?
2.
Reset Cookies:
Internet Explorer: Internet Options (through Tools or Control Panel) Privacy tab> Advanced button> CHECK 'override automatic Cookie handling'> CHECK 'accept first party Cookies'> CHECK 'Block third party Cookies'> CHECK 'allow per session Cookies'> Apply> OK.
3. Put the site in the Restricted Zone:
Open Internet Options> Security tab> Restricted Zone> Sites> type this in:
*.adultfriendfinder
Add
IF you get a message that it is already in another zone, go to the Trusted Zone> Sites> remove it from there, then put it in restricted Zone.
Might be a good time to do a disc cleanup to get rid of the temporary internet files, including History and cookies.
EDIT: Forgot to check HijackThis log: you have been Hijacked!
Remove bad HijackThis entries
• Run HijackThis
• Click on the System Scan Only button
• Put a check beside all of the items listed below (if present):
O17 - HKLM\System\CCS\Services\Tcpip\..\{A1B21B80-CE62-4284-8CC5-03DAB223C694}: NameServer = 218.93.202.110,218.93.202.111
O17 - HKLM\System\CCS\Services\Tcpip\..\{B38D9EAD-A45E-45AB-B593-58F7736A7E6F}: NameServer = 218.93.202.110,218.93.202.111
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD4EF44B-4F57-4807-8210-F415FF304E89}: NameServer = 218.93.202.110,218.93.202.111
O17 - HKLM\System\CCS\Services\Tcpip\..\{E0974E5D-A99A-45F4-A664-B43DC859028E}: NameServer = 218.93.202.110,218.93.202.111
• Close all open windows and browsers/email, etc...
• Click on the
"Fix Checked" button
• When completed, close the application.
This IP 218.93.202.110 is in the Asian Pacific Network, Chinanet to be specific.
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
You also need to update both of the following:
Update Java:
Your version of Java is now outdated. Java vulnerabilities are commonly exploited by viruses so I strongly recommend you update. Click here to download the latest version of java ( Java Runtime Environment (JRE) 6.0 Update 13 ):
http://java.com/en/download/manual.jsp
Please install it and then reboot your computer.
Remove the older versions of Java:
1. Click Start, Control Panel, Add/Remove Programs.
2. Delete all Java updates except J2SE Runtime Environment 6.0 Update 13
Update Adobe: Most current version: Adobe Reader 9.1
Your Adobe Reader is out of date. Vulnerabilities can be exploited. Click here to download the latest version :
https://www.techspot.com/downloads/345-adobe-reader.html
OR
Install the FoxIt Reader: this does the same thing as Adobe, but doesn’t have the bloat:
http://www.foxitsoftware.com/pdf/rd_intro.php
Please rescan with HijackThis when finished all of above and attach new log.