also @ TechSpot: Google, Samsung unveil Chromebook, Chromebox with Chrome OS 19

TechSpot
Register now for a live online demo to see how the Office 365 suite of tools
- professional email, calendars, video conferencing, and file sharing -

[Solved] Search-results.com hijack

Discussion in 'Virus and Malware Removal' started by Jimmy99, Dec 18, 2011.

Page 2 of 2

  1. Jimmy99 Newcomer, in training

    I'm assuming I turn AVG back on Broni?
    Jimmy99, Dec 23, 2011
    #21

  2. Jimmy99 Newcomer, in training

    OK - just seen your last post. That's going to take some doing. I'm away to bed now - and back in a week. I'll turn off and then follow these steps when I get back.

    Many thanks for your help Broni. Really appreciate it.

    Happy christmas/holidays

    Jimmy.
    Jimmy99, Dec 23, 2011
    #22

  3. Broni Malware Annihilator

    Yes.

    [IMG]
    Broni, Dec 23, 2011
    #23

  4. Jimmy99 Newcomer, in training

    OK - here's the OTL log from first run.



    All processes killed
    ========== OTL ==========
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Fuppin
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Fynnj
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Guest
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Lovely Wiffle
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    User: Swithin
    ->Temp folder emptied: 183565 bytes
    ->Temporary Internet Files folder emptied: 35673225 bytes
    ->Flash cache emptied: 1092 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 11515 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 34.00 mb


    [EMPTYFLASH]

    User: All Users

    User: Default
    ->Flash cache emptied: 0 bytes

    User: Default User
    ->Flash cache emptied: 0 bytes

    User: Fuppin
    ->Flash cache emptied: 0 bytes

    User: Fynnj
    ->Flash cache emptied: 0 bytes

    User: Guest
    ->Flash cache emptied: 0 bytes

    User: Lovely Wiffle
    ->Flash cache emptied: 0 bytes

    User: Public

    User: Swithin
    ->Flash cache emptied: 0 bytes

    Total Flash Files Cleaned = 0.00 mb



    OTL by OldTimer - Version 3.2.31.0 log created on 12232011_230631

    Files\Folders moved on Reboot...
    C:\Users\Swithin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Swithin\AppData\Local\Trusteer\Rapport\user\logs\koan.3260.log moved successfully.
    C:\Users\Swithin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Swithin\AppData\Local\Trusteer\Rapport\user\logs\koan.4816.log moved successfully.
    C:\Users\Swithin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Swithin\AppData\Local\Trusteer\Rapport\user\logs\koan.7932.log moved successfully.
    C:\Users\Swithin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IH3GMT3K\emily[3].htm moved successfully.
    C:\Users\Swithin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IH3GMT3K\evolution-christmas-and-the-atonement[1].htm moved successfully.
    C:\Users\Swithin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EN87FEHN\google_co_uk[1].htm moved successfully.
    C:\Users\Swithin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EN87FEHN\hub.1324331373[1].htm moved successfully.
    C:\Users\Swithin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\EN87FEHN\tweet_button.1324331373[1].htm moved successfully.
    C:\Users\Swithin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\C6KF6Z76\showthread[1].htm moved successfully.
    C:\Users\Swithin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8U4WXO49\iframe3[1].htm moved successfully.
    C:\Users\Swithin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8U4WXO49\iframe3[2].htm moved successfully.
    C:\Users\Swithin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\8U4WXO49\iframe3[3].htm moved successfully.
    C:\Users\Swithin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\57UWQSDG\22620-2[1].htm moved successfully.
    C:\Users\Swithin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\57UWQSDG\22622-15[1].htm moved successfully.
    C:\Users\Swithin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\57UWQSDG\26799-15[1].htm moved successfully.
    C:\Users\Swithin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\57UWQSDG\like[1].htm moved successfully.
    C:\Users\Swithin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\20WQD111\afr[1].htm moved successfully.
    C:\Users\Swithin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\20WQD111\afr[2].htm moved successfully.
    C:\Users\Swithin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
    C:\Users\Swithin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

    Registry entries deleted on Reboot...
    Jimmy99, Dec 23, 2011
    #24

  5. Broni Malware Annihilator

    The issue seems to be resolved.
    Broni, Dec 28, 2011
    #25
Page 2 of 2