findthewebsiteyouneed

Following a major infection and subsequent removal
(I followed directions at A2K forums and used on line scans, ewido adaware and spybot as well as ccleaner) the following files appeared in my hjt log

......findthewebsiteyouneed

Having Googled the file name and followed links to Symantics website I found these listed as a spywear registry change.
I downloaded and ran the recomended tool "FxDtcmtb"

This tool reported no malware and did not remove the entries from HJT.

I removed the files using HJT.

Is it cause for concern that symntecs tool did not find any spy wear?

I enclose 2 HJT logs

 

Thanks for the speling lesson chaslang I'll be sure to return next time I need a spell check.

With repect, the proceedures i have followed are almost exactly the same as yours. i included the logs in case there was something unusual about the enteries.

I am not having a problem with malware at this time I was more curiouse about why the entries were still there and the symantec tool had not removed them.

from the symantec web site..................

When Spyware.Dotcomtoolbar runs, it does following:

6. Adds the values:

"Search Bar" = "[Web site on the searchbar.findthewebsiteyouneed.com domain]"
"Default_Search_URL" = "[Web site on the searchbar.findthewebsiteyouneed.com domain]"

to the registry subkey:

HKEY_ALL_USERS\Software\Microsoft\Internet Explorer\Main

---------------------------------------------------------------------

Was it necessary to remove the files in question?

If you feel i am wasting your time please say so and i will get out of your Hair.

 

Re: findthewebsiteyouneed (Resolved)

My apologies for using the wrong terminology I meant registry keys, (which i think you knew). As a matter of interest, in this thread, i have never refered to registry keys.

chaslang Thanks for taking the time to correct my spelling and improve my knowledge of technical terminology. Its been an absolute pleasure to do business with you.