Thread: go.google hijack, antivirus sites blocked, sophos affected(?)
View Single Post
Join Date: Jul 2008
Posts: 3,083
Reputation: jholland1964 is a name known to all jholland1964 is a name known to all jholland1964 is a name known to all jholland1964 is a name known to all jholland1964 is a name known to all jholland1964 is a name known to all 
Solved Threads: 175
Moderator
Featured Poster
jholland1964 jholland1964 is offline Offline
Posting Sensei

Re: go.google hijack, antivirus sites blocked, sophos affected(?)

 
0
  #5
Sep 7th, 2008
Yeah, they take awhile. It does save the log automatically. If you cannot find it open the program and click the Logs tag, they all should be there and they are dated and the time is listed also if you ran more than one on any particular day.
Be sure to have it fix everything found.

You have at least two bad entries in the HJT log;
O4 - HKCU\..\Run: [Insider] C:\Program Files\Insider\Insider.exe
O4 - HKCU\..\Run: [WinTouch] C:\Documents and Settings\Suzie\Application Data\WinTouch\WinTouch.exe
Insider is a variant of the Trojan.Win32.Agent.bnd Trojan.
WinTouch is identified as a variant of the Win32/Matcash.BU malware.

Once the Malwarebytes program is complete then you need to look for both programs, if they remain after the Malwarebytes scan and see if you can Uninstall them. Look first in Add/Remove. If you don't see them there then look in C:\Program Files\ for the Insider program and C:\Documents and Settings\Suzie\Application Data\ folder for the WinTouch program.
Last edited by jholland1964; Sep 7th, 2008 at 3:39 pm.