Thread: Are the trojans really gone? (Hijackthis log inside)
View Single Post
Join Date: Jul 2008
Posts: 3,083
Reputation: jholland1964 is a name known to all jholland1964 is a name known to all jholland1964 is a name known to all jholland1964 is a name known to all jholland1964 is a name known to all jholland1964 is a name known to all 
Solved Threads: 175
Moderator
Featured Poster
jholland1964 jholland1964 is offline Offline
Posting Sensei

Re: Are the trojans really gone? (Hijackthis log inside)

 
0
  #8
Jan 8th, 2009
The files unable to be cleaned by ESET were part of the infection all ready deleted is why they couldn't be cleaned.
Run HJT again and put check marks next to the following entries
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {43CEC76F-CEA0-4C13-9C9B-15FEB741B74C} - C:\WINDOWS\system32\yaywtRiH.dll (file missing)
O4 - HKLM\..\Run: [GIZMO2] C:\Program Files\GIZMO2\GIZMO.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
Once the check marks are in place click the Fix Checked button.
Exit HJT

Now your java program is way out of date, one of the reasons I believe for the infection. You need to download the newest version from HERE. Download the Offline Install and save it to the desktop. Then go to Add/Remove and Uninstall ALL old versions of Java you find there. Once you have completed the uninstalls then double click that install file on the desktop and install the new version. When the install is complete go back to the download page and click Verify Now on the right side of the page. That will take you to the verification page where you can test to be sure the install was complete.
Reboot the system and run a new HJT scan and post the log.
Reply With Quote