Hijack This Log Help

Helping buddy with adware. Major problem he's having is browser redirection but there are some foreign/unwanted procs too. Not bogging the cpu though, just major nuisance level stuff.

This site has been a tremendous help in the past. Read Hijack this statements in forum.

Ran Trend Micros online tool, reported 168 threats removed. Ran Hijack this, searched for info on the different browser items in the report. Removed some redirects. Searched for info on startup programs and removed a few of those. Reran hijack this and attached updated log.

Computer seems better, wanted to post the log for expert opinions as I know how this adware works and there's usually something still incubating there at this point.

Thanks in advance!
hundel

 

You have HijackThis installed incorrectly; install HijackThis to C:\HJT.

After you have reinstaled HijackThis do the following:

In HJT Choose Open the Misc Tools Section choose Process Manager, Highlight:

Choose Kill Process

Now scan and have HJT Fix the following:

Follow the instruction in Running Ewido Security Suite.

Post the Spy Sweeper log and a fresh HijackThis log.

 

Thanks for taking your own time to identify the processes to kill & remove. That's a huge help.

The Ewido link installed a program called "Spyware Doctor", and I've attached the results. They seem to give accurate findings about the registry but they would take a significant amount of time to manually clean up. The HJT log I've attached is from after a reboot.

I've recommended that the computer's owner either purchase Spyware Doctor or update their Norton virus definitions and add Norton Internet Security Suite.

Thanks for your help and let me know if there are other next steps he should be taking.

 

You must have clicked on the Spyware Doctor Advertisement on the Web Page. The download should have started automatically, otherwise look above the Advertisement for the download link.

Please post the Spy Sweeper log.

Please run Panda Online Scan. After the scan attach the log to your next post. Also please follow the below:

1 - Please EXTRACT all files from Qoologic Tool to its own folder - C:\Program Files\QoologicFinder . Then, DoubleClick Find-Qoologic.bat to run the tool. It should produce a log - Please attach that with your next post!

2 - Please EXTRACT all the files form RKFiles Tool to its own folder named C:\Program Files\RKTOOL. Then, Please boot to SAFE MODE and DoubleClick rkfiles.bat to run the tool. Let it run and then, when it finishes, look for a log at C:\Log.txt and please attach that log.

Now come back here and post all three logs as attachments