Oh my! Is my love of chocolate coming through my fingertips?! Wasn't so much in the lunch but in the bags of chocolate I brought home! Sign.
I'm going to take the 2 Eset entries and show you what I do with them. It is possible that they will no longer show up, but some other files will be cleaned- so this gives you an idea why we don't remove them in the scan:
Please download
OTMovit by Old Timer and save to your desktop.
- Double-click OTMoveIt3.exe to run it. (Vista users, please right click on OTMoveit3.exe and select "Run as an Administrator")
- Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
Code:
:Processes
D:\Flight Simulator Files\Modules and Utilities\gamebooster22.exe
:Files
C:\Users\Aministrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\6c4 043a7-5b765c36
:Commands
[purity]
[emptytemp]
[clearjavacache]
[start explorer]
[Reboot]
- Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window and choose Paste.
- Click the red Moveit! button.
- A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
- Close OTMoveIt3
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose
Yes.
===============================
1. The entry on the C Drive is from the
Java cache. Malware usually gets in the when there is an outdated version of Java still on the system.
2. The entry on the D Drive is for what we call a PUP> Potentionally Unwanted Program. Thw
Widgi Toolbar comes from Spigot:
Type: Spyware/Adware
Analysis: Installs & gathers info from a PC without user permission.
Infection: By downloading freeware & shareware.
Symptoms: Changes PC settings, excessive popups & slow PC performance.
3. The 'internetinspection' URL refers to a domain for Tucows. The domain itself is legitimate.
===============================
Other than those 2 entries on OTM, I don't see any problem with this system other than adding Avast, which need to be removed. The logs look good, the Services came put okay, Java is now up to date.
I don't know what is happening with the 'redirect', but I don't think they are redirects al all.