Hey Jury,
My apologies now for the delay in my response, we're just late I guess, lol.
OK all of the cookies I was talking about were attached to your mozilla browser. I would uninstall mozilla, and if you need it, you can always reinstall. It seems strange that there were so many if you don't use it any more.
I am curious why you answered this one this way
Please download and run Shoot the Messenger from my signature, it will disable the Windows Messenger utility that is unnecesary and leaving you vulnerable to PopUp attacks.
>That one is not applicable here
Everything is showing that you do have the Windows Messenger enabled. Including some issues that showed up in your Spy Sweeper log.
Did you complete the instructions as given for CCleaner? That one doesn't have a log, it has a registry backup. When you say that you ran the "online scan," are you refering to Housecall, which is an online virus scan. It should have allowed you to save a log file.
You are still showing signs of the Look2me infection, and a SDBOT worm. Please download
Sysclean utility by Trend Micro, and downloading
Look2Me-Destroyer.exe , save them both to your desktop.
Please follow the attached instructions for using Sysclean.
Then to make sure that this worm does not continue to restart itself we need to shut down it's service capability.
Click Start>Run and type in: services.msc
Click OK
In the Services window find: [/b]BusinessC [/b]
Select/highlight and right click the entry, and choose: Properties
On the General tab, under Service Status click the Stop button
Beside: Startup Type, in the drop menu, select: Disabled
Repeat for any additional services.
Click Apply, then OK
Open
HJT and click config > misc tools > ?delete an NT service?
Copy and paste:
BusinessContinuity.
Click OK.
- Close all windows before continuing.
- Double-click Look2Me-Destroyer.exe to run it.
- Put a check next to Run this program as a task.
- You will receive a message saying Look2Me-Destroyer will close and re-open in approximately 10 seconds. Click OK
- When Look2Me-Destroyer re-opens, click the Scan for L2M button, your desktop icons will disappear, this is normal.
- Once it's done scanning, click the Remove L2M button.
- You will receive a Done Scanning message, click OK.
- When completed, you will receive this message: Done removing infected files! Look2Me-Destroyer will now shutdown your computer, click OK.
- Your computer will then shutdown.
- Turn your computer back on.
- Please post the contents of C:\Look2Me-Destroyer.txt when you post back here.
Then please run HijackThis again, and fix the following entries if they are still there:
O20 - Winlogon Notify: Hints - C:\WINDOWS\system32\fplq0335e.dll (file missing)
O20 - Winlogon Notify: Telephony - C:\WINDOWS\system32\guard.tmp (file missing)
O23 - Service: BusinessC (BusinessContinuity) - Unknown owner - C:\WINDOWS\msstl.exe (file missing
Search for and delete the files in bold if they are still there. Rerun
HJT and post back here with the new log, as well as the log for Look2me Destroyer, and the Housecall log.
Looking forward to your reply,
TTFN
LGW
PC Help Forum
» Security & Safety
» [Fixed] Hijackthis! Logs
»
[Resolved] Laptop too slow (RAM query)
Linear Mode
