R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Here's the output from another run: Logfile of Trend Micro HijackThis v2.0.2Ĭ:\Program Files\Common Files\Acronis\Schedule2\schedul2.exeĬ:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exeĬ:\Program Files\Bonjour\mDNSResponder.exeĬ:\Program Files\Dell Network Assistant\hnm_svc.exeĬ:\Program Files\Spyware Terminator\sp_rsser.exeĬ:\Program Files\Java\jre6\bin\jusched.exeĬ:\Program Files\Dell\Media Experience\DMXLauncher.exeĬ:\Program Files\Common Files\InstallShield\UpdateService\issch.exeĬ:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exeĬ:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exeĬ:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exeĬ:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exeĬ:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exeĬ:\Program Files\Maxtor\MSS Backup\maxbackservice.exeĬ:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exeĬ:\Program Files\Maxtor\ManagerApp\msssort.exeĬ:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exeĬ:\Program Files\Zone Labs\ZoneAlarm\zlclient.exeĬ:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeĬ:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exeĬ:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exeĬ:\Program Files\iPod\bin\iPodService.exeĬ:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exeĬ:\Program Files\Logitech\SetPoint II\SetpointII.exeĬ:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXEĬ:\Program Files\Skype\Plugin Manager\skypePM.exeĬ:\Program Files\FireTrust\MailWasher Pro\MailWasher.exeĬ:\Program Files\Internet Explorer\IEXPLORE.EXEĬ:\Program Files\Trend Micro\HijackThis\HijackThis.exe I rebooted and ran again: Malwarebytes' Anti-Malware 1.31 I'm not sure if these files were related or existed previously as I used the Removal option to get rid. I then came across the advice here and downloaded MalwareBytes' Anti-Malware, updated it and ran: -Ĭ:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd (Rogue.Multiple) -> Quarantined and deleted successfully.Ĭ:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009 (Rogue.Multiple) -> Quarantined and deleted successfully.
#PWSAFE USE HOST OREGISTRY WINDOWS#
I used DELAny to remove wJQs.exe from the Temp directory and the Windows prefetch directory and then ran ST which from memory was clean.
#PWSAFE USE HOST OREGISTRY DOWNLOAD#
One hit recommended using DELAny.exe to remove any instances of the file to avoid any replication and to download and run Spyware Terminator. I then started googling for details of it but only found a couple of hits. ZoneAlarm Security suite intercepted a request from wJQs.exe to access the trusted zone / internet. As mentioned in the thread that spawned this one, I too saw a request from wJQs.exe to access the internet.
0 kommentar(er)
