Oh, don't worry about it. It's really not a big deal; it's just a bit more convenient when you post it. And I'm sorry about my late response. I've been dealing with a bit of an...ordeal over here at home. But that's over with now and I'm ready with some instructions for you. I promise, it doesn't normally take this long!
From looking at your log, I can see that your Java is out of date (we'll take care of this in a bit) and that you don't have any active anti-virus programs. I also don't see any evidence of a firewall (other than perhaps the standard Windows firewall, which is average at best). Do you have any protection installed on your computer?
Now, with that said, let's take care of a couple of things...
You appear to have
Vundo, so...
1. Download
VundoFix and save it to your desktop.
2. Run VundoFix and click on
Scan For Vundo.
3. Once it's done scanning, click on
Remove Vundo.
4. When it prompts you to remove the files, click on Yes.
5. Your desktop will go blank as it's removing files. Don't worry, this is normal.
6. It will prompt you to restart your computer, so click OK.
7. When your computer is turned back on, your problem should be gone.
8. The program normally produces a
Vundofix.txt file. Please locate this file and paste the contents in your next post.
And then, just to be thorough...
1. Download
VirtumundoBeGone and save it to your desktop.
2. Reboot into Safe Mode.
3. Once you are in Safe Mode, run VirtumundoBeGone and follow the instructions.
4. Exit when it has finished and reboot back into normal mode. Vundo should now be removed from your computer.
Another infection I see is
PurityScan.
Copy everything inside the quote box below (starting with
dir) and paste it into Notepad. Go up to
File > Save As... and click the drop-down box to change the "Save As Type" to "All Files". Save it as
findfile.bat on your Desktop.
dir C:\Program Files\Common Files\?ystem /a h > files.txt
notepad files.txt
Locate
findfile.bat on your Desktop and double-click on it. It will open Notepad with some text in it. Please post the contents of that Notepad file here.
I also see evidence of
SmitFraud, so please download
SmitfraudFix (by
S!Ri) to your Desktop.
Double-click
SmitfraudFix.exeSelect option #1 -
Search by typing
1 and press "
Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.
**If the tool fails to launch from the Desktop, please move SmitfraudFix.exe directly to the root of the system drive (usually C:), and launch from there.Note :
process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.http://www.beyondlogic.org/consulting/proc...processutil.htmFollow all of these instructions and post back with the requested logs, along with a new HijackThis log (there are a few other things we'll need to deal with) and an update on how your computer is running.
Also, before posting, you should download
CCleaner (install without Yahoo! toolbar) and configure it according to
this guide.
