Google Redirect (Google webhp)
- Thread starter medley
- Start date
- Status
Bobbye
Posts: 16,313 +36
Welcome to TechSpot, medley. I'll help with the malware.
There's noit too much in these logs to be concerned about. I would like to direct your attention to HijackThis: it is not on our list of prelim programs and you actually tan it too soom. but you will need to delete this version- somehow you found a v2.0.0 (BETA) which is way out of date. so remove that and when it's time, I'll have you get the correct version.
==================
Please download ComboFix from Here and save to your Desktop.
Note: Make sure you re-enable your security programs, when you're done with Combofix..
==============================
Then Run Eset NOD32 Online AntiVirus Scanner HERE
Please leave both of those logs in the next reply,
There's noit too much in these logs to be concerned about. I would like to direct your attention to HijackThis: it is not on our list of prelim programs and you actually tan it too soom. but you will need to delete this version- somehow you found a v2.0.0 (BETA) which is way out of date. so remove that and when it's time, I'll have you get the correct version.
==================
Please download ComboFix from Here and save to your Desktop.
[1]. Do NOT rename Combofix unless instructed.
[2].Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
[3].Close any open browsers.
[4]. Double click combofix.exe & follow the prompts to run.- NOTE: Combofix will disconnect your machine from the Internet as soon as it starts. The connection is automatically restored before CF completes its run. If it does not, restart your computer to restore your connection.
[5]. If Combofix asks you to install Recovery Console, please allow it.
[6]. If Combofix asks you to update the program, always allow. - Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
[7]. A report will be generated after the scan. Please post the C:\ComboFix.txt in next reply.
Note: Make sure you re-enable your security programs, when you're done with Combofix..
==============================
Then Run Eset NOD32 Online AntiVirus Scanner HERE
- Tick the box next to YES, I accept the Terms of Use.
- Click Start
- When asked, allow the Active X control to install
- Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
- Click Start
- Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
- Click Scan
- Wait for the scan to finish
- Re-enable your Antivirus software.
- A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.
Please leave both of those logs in the next reply,
Bobbye
Posts: 16,313 +36
Please repeat the Eset scan. When you are finished, leave the entire log, not just the lower part. there is a part of a Trojan showing but what's it's in is missing.
There are 3 file sharing programs installed on your system:
You are currently using 3 files sharing programs:
Vuze
uTorrent
Azureus
P2P or 'file sharing Warning:
Even if you are using a "safe" P2P program, it is only the program that is safe. I suggest that you uninstall all of them for the following reasons:
Please read the information on P2P Warning to help you better understand these dangers.
If you choose not to uninstall them, please do not use them while I am cleaning the system
====================
Custom CFScript
Save this as CFScript.txt, in the same location as ComboFix.exe
Referring to the picture above, drag CFScript into ComboFix.exe
When finished, it will produce a log for you at C:\ComboFix.txt . Please attach to your next reply.
There are 3 file sharing programs installed on your system:
You are currently using 3 files sharing programs:
Vuze
uTorrent
Azureus
P2P or 'file sharing Warning:
Even if you are using a "safe" P2P program, it is only the program that is safe. I suggest that you uninstall all of them for the following reasons:
- As long as you are using file sharing networks and programs which are from sources that are not documented, you cannot verity that a download is legitimate.
- Malware writers use these program to include malicious content.
- Fie sharing is usually unmonitored and there is a danger that your private files might be accessed.
- The 'sharing' also includes malware that the shared system has on it.
- Files that are illegal can be spread through file sharing.
Please read the information on P2P Warning to help you better understand these dangers.
If you choose not to uninstall them, please do not use them while I am cleaning the system
====================
Custom CFScript
[1]. Close any open browsers.
[2]. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
[3]. Open notepad and copy/paste the text in the code below into it:
Code:
File::
C:\Documents and Settings\day\Local Settings\temp\NOD1F07.tmp
c:\documents and settings\day\Local Settings\Application Data\tuxbjwkmq
c:\documents and settings\All Users\Application Data\TEMP
c:\docume~1\day\LOCALS~1\Temp\pcwiz32.sys
Folder::
Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"cpuz129"=-
"FXDRV"=-
Driver::
cpuz129
FXDRVReferring to the picture above, drag CFScript into ComboFix.exe
When finished, it will produce a log for you at C:\ComboFix.txt . Please attach to your next reply.
- Status
Similar threads
