Please check HJT log

[hatty]

Hello,

Have just cleaned my friend's family pc which was having various viral symptoms; re-booting and hanging. It now seems to be running ok having followed your 8 step virus removal. AVG results were:

Trojan Horse downloader. generic3.IFP
Potentially Harmful Program Dialer.GJK
Virus Found Downloader.Swizzor
Adware Generic.RLK

I have attached Malwarebytes, Superantispyware and HJT logs, and also extra Malwarebytes and Superantispyware logs that found some infected files after I ran them in safe mode.

please let me know if you see anything that requires further action.

Thanks!

 

[SpiritWind]

Hi :

Posting a HijackThis log run in "Safe" Mode is of little help; best to post logs run in
"Normal" Mode" . From what I could see, you have the malware-prone Adobe
Reader . Researchers found a new hackertoolkit that uses nothing but Adobe securityleaks in order to infect systems. "PDF Xploit Pack" ( http://www.trustedsource.org/blog/15...e-PDF-Exploits )adds all kind of exploits to PDF-files. When a certain exploit has succesfully infected the OS, the IP address is sent to the attackers, so they need to try again. This to reduce the time it takes to manage the bots.

Use of PDF-files is becoming more and more popular amongst malcreants, this because other toolkits also have PDF exploits now. A year ago only 3% of the exploits were PDF directed.

So I recommend you uninstall Adobe and "switch" to the safer "Foxit Reader" .

Also noticed you have ZA's misnamed "Spy Blocker" on your computer; this is nothing
more than the Adware "ask.com" toolbar . You should seriously consider getting
rid of it after reading the very reliable Info at http://securitygarden.blogspot.com/2...zonealarm.html .

And Ad-Aware from Lavasoft has not been a top antispyware program for a
couple of yrs plus it has an unnecessary "Service" running; best to uninstall
this program .

 

[hatty]

Thanks for your reply spiritwind.

here's a HJT log run in normal mode.