Mobile/PDA About Us Advertise here
User User name Password  
  Not registered yet? Register here.
Lost your password? Click here. 		 
  Home   News   Guides   Downloads   Glossary   Hardware   Profiles   Forums   v4  
 Advertise at AfterDawn.com     Link to us!     Private messages     Compose a private message     List of all updated threads     Threads without replies     Search messages
Friday 29.8.2025 / 13:35
Search AfterDawn Forums:        In English   Suomeksi   På svenska
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > help please!
Show topics
 
Forums
Forums
Help Please!
  Jump to:
 
Posted Message
frnresq
Junior Member
_ 		27. December 2006 @ 10:17 _ Link to this message    Send private message to this user   
Did a AVG scan prior to this and found alot, have a log on scan and HjT.

Logfile of HijackThis v1.99.1
Scan saved at 3:14:32 PM, on 12/27/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lexmark 3300 Series\lxccmon.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Symantec\Ghost\ngserver.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Webroot\Accelerate\accelerate.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Webroot\Washer\wwDisp.exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\Windows\xpupdate.exe
C:\Program Files\Linksys\WMP11 Config Utility\WMP11CFG.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\WINDOWS\system32\ati2sgag.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Symantec\Ghost\ngserver.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
D:\HJT\HijackThis_v1.99.1.exe

O2 - BHO: (no name) - {371EE1EF-F177-1390-7807-08525DC0E55C} - C:\WINDOWS\System32\nweipeg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [lxccmon.exe] "C:\Program Files\Lexmark 3300 Series\lxccmon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [RunDll] c:\windows\system32\wuauclt1.4.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NGServer] C:\Program Files\Symantec\Ghost\ngserver.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Accelerate] C:\Program Files\Webroot\Accelerate\accelerate.exe /S
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [System] C:\WINDOWS\System32\kernels1118.exe
O4 - HKLM\..\Run: [hrcopul.dll] C:\WINDOWS\System32\rundll32.exe "C:\Documents and Settings\Shane Farr\Local Settings\Application Data\hrcopul.dll",vuljcec
O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\RunServices: [RunDll] c:\windows\system32\wuauclt1.4.exe
O4 - HKLM\..\RunServices: [RunDll] c:\windows\system32\wuauclt1.4.exe
O4 - HKLM\..\RunServices: [SystemTools] C:\WINDOWS\System32\kernels1118.exe
O4 - HKLM\..\RunOnce: [Index Washer] C:\Program Files\Webroot\Washer\WashIdx.exe "Shane Farr"
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe /startup
O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe /startup
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKCU\..\Run: [Key] C:\DOCUME~1\SHANEF~1\LOCALS~1\Temp\1F5.tmp
O4 - HKCU\..\RunOnce: [Index Washer] C:\Program Files\Webroot\Washer\WashIdx.exe "Shane Farr"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Wireless PCI Card Configuration Utility.lnk = C:\Program Files\Linksys\WMP11 Config Utility\WMP11CFG.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/29df7dbf4302...ip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdat...b?1164297169281
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
O16 - DPF: {C52439A0-2693-4E40-B141-9F9AD5257241} (Lexmark eDiagnostics Class) - https://ediagnostics.lexmark.com/serval.cab
O20 - Winlogon Notify: winsys2freg - C:\Documents and Settings\All Users\Documents\Settings\winsys2f.dll
O21 - SSODL: XFXsXhTXGU - {54376CE7-FE9D-C64D-32AB-237E73B1B945} - C:\WINDOWS\System32\ji.dll (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ICF - Unknown owner - C:\WINDOWS\System32:svchost.exe
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\System32\lxcccoms.exe
O23 - Service: Symantec Ghost Database Service (ngdbserv) - Symantec Corporation - C:\Program Files\Symantec\Ghost\bin\dbserv.exe
O23 - Service: Symantec Ghost Configuration Server (NGServer) - Symantec Corporation - C:\Program Files\Symantec\Ghost\ngserver.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

AVG Scan log:

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 3:11:42 PM 12/27/2006

+ Scan result:



C:\Program Files\BraveSentry -> Adware.Bravesentry : Ignored.
C:\Program Files\BraveSentry\BraveSentry.exe -> Adware.Bravesentry : Ignored.
C:\Program Files\BraveSentry\BraveSentry.lic -> Adware.Bravesentry : Ignored.
C:\Program Files\BraveSentry\BraveSentry0.bs -> Adware.Bravesentry : Ignored.
C:\Program Files\BraveSentry\BraveSentry0.dll -> Adware.Bravesentry : Ignored.
C:\Program Files\BraveSentry\BraveSentry1.bs -> Adware.Bravesentry : Ignored.
C:\Program Files\BraveSentry\BraveSentry1.dll -> Adware.Bravesentry : Ignored.
C:\Program Files\BraveSentry\BraveSentry2.dll -> Adware.Bravesentry : Ignored.
C:\Program Files\BraveSentry\BraveSentry3.dll -> Adware.Bravesentry : Ignored.
C:\Program Files\BraveSentry\Uninstall.exe -> Adware.Bravesentry : Ignored.
C:\System Volume Information\_restore{68F54977-974D-48F7-A790-8A27D855BBB9}\RP25\A0006582.exe -> Adware.WebHancer : Ignored.
C:\Documents and Settings\Shane Farr\Local Settings\Temp\maxdd1.game -> Dialer.GBDialer.i : Cleaned with backup (quarantined).
C:\WINDOWS\system32\maxd641.exe -> Dialer.GBDialer.i : Cleaned with backup (quarantined).
C:\WINDOWS\system32\regapi.exe -> Downloader.Agent.axh : Cleaned with backup (quarantined).
C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\IWRK8B9A\new[1].php -> Downloader.Agent.bi : Cleaned with backup (quarantined).
C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\IWRK8B9A\new[2].php -> Downloader.Agent.bi : Cleaned with backup (quarantined).
C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\Q46TV9SW\new[1].php -> Downloader.Agent.bi : Cleaned with backup (quarantined).
C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\0VFJYOPD\exp2[1].htm -> Downloader.Agent.bx : Cleaned with backup (quarantined).
C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\CHU7SX2J\exp2[1].htm -> Downloader.Agent.bx : Cleaned with backup (quarantined).
C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\IWRK8B9A\exp2[1].htm -> Downloader.Agent.bx : Cleaned with backup (quarantined).
C:\WINDOWS\system32\sfc_os.dll -> Downloader.SFC.os : Cleaned with backup (quarantined).
C:\Documents and Settings\Shane Farr\Local Settings\Temp\1.dllb -> Downloader.Small : Cleaned with backup (quarantined).
C:\WINDOWS\system32\dlh9jkd1q1.exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\Documents and Settings\Shane Farr\Local Settings\Temp\v4x3.ga2me -> Downloader.Small.cxx : Cleaned with backup (quarantined).
C:\Documents and Settings\Shane Farr\Local Settings\Temp\v5x2.g3ame -> Downloader.Small.cxx : Cleaned with backup (quarantined).
C:\WINDOWS\system32\vxga3me2.exe -> Downloader.Small.cxx : Cleaned with backup (quarantined).
C:\WINDOWS\system32\vxga5me3.exe -> Downloader.Small.cxx : Cleaned with backup (quarantined).
C:\Documents and Settings\Shane Farr\Local Settings\Temp\5.dllb -> Downloader.Small.dgk : Cleaned with backup (quarantined).
C:\WINDOWS\system32\dlh9jkd1q5.exe -> Downloader.Small.dgk : Cleaned with backup (quarantined).
C:\WINDOWS\system32\kernels1118.exe -> Downloader.Small.dgk : Cleaned with backup (quarantined).
[2508] C:\WINDOWS\System32\dlh9jkd1q5.exe -> Downloader.Small.dgk : Cleaned with backup (quarantined).
[2596] C:\WINDOWS\System32\dlh9jkd1q5.exe -> Downloader.Small.dgk : Cleaned with backup (quarantined).
C:\Documents and Settings\Shane Farr\Local Settings\Temp\v5x4.ga2me -> Downloader.Small.dzd : Cleaned with backup (quarantined).
C:\WINDOWS\system32\vxg6ame4.exe -> Downloader.Small.dzd : Cleaned with backup (quarantined).
C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\5N31N9BO\krab03[1].exe -> Dropper.Agent.ol : Cleaned with backup (quarantined).
C:\Documents and Settings\Shane Farr\Local Settings\Temp\1E8.tmp -> Hijacker.Costrat.l : Cleaned with backup (quarantined).
C:\Documents and Settings\Shane Farr\Local Settings\Temp\1F3.tmp -> Hijacker.Costrat.l : Cleaned with backup (quarantined).
C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\F6V9PPBJ\m[1].exe -> Hijacker.Costrat.l : Cleaned with backup (quarantined).
C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\ZZ5JRP0S\runfile[1].exe -> Hijacker.Small.cc : Cleaned with backup (quarantined).
C:\Documents and Settings\Shane Farr\Local Settings\Temp\1F0.tmp -> Logger.Small.ak : Cleaned with backup (quarantined).
C:\Documents and Settings\Shane Farr\Local Settings\Temp\1F2.tmp -> Logger.Small.ak : Cleaned with backup (quarantined).
C:\Documents and Settings\Shane Farr\Local Settings\Temp\1F5.tmp -> Logger.Small.ak : Cleaned with backup (quarantined).
C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\2R4HIJER\msmail[1].exe -> Logger.Small.ak : Cleaned with backup (quarantined).
C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\2BWFVC5C\exp4[1].htm -> Not-A-Virus.Exploit.HTML.VML.d : Ignored.
C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\2R4HIJER\exp4[1].htm -> Not-A-Virus.Exploit.HTML.VML.d : Ignored.
C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\CPMJ0X6N\exp4[1].htm -> Not-A-Virus.Exploit.HTML.VML.d : Ignored.
C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\IWRK8B9A\exp4[1].htm -> Not-A-Virus.Exploit.HTML.VML.d : Ignored.
C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\2R4HIJER\exp5[1].htm -> Not-A-Virus.Exploit.JS.XMLCore.a : Ignored.
C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\CHU7SX2J\exp5[1].htm -> Not-A-Virus.Exploit.JS.XMLCore.a : Ignored.
C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\F6V9PPBJ\exp5[1].htm -> Not-A-Virus.Exploit.JS.XMLCore.a : Ignored.
C:\WINDOWS\desktop.html -> Not-A-Virus.Hoax.Win32.Renos.cy : Ignored.
[3224] C:\WINDOWS\System32\dlh9jkd1q2.exe -> Not-A-Virus.Hoax.Win32.Renos.fi : Ignored.
C:\WINDOWS\system32\ji.dll -> Proxy.Agent.df : Cleaned with backup (quarantined).
:mozilla.11:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.12:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.13:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.14:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.10:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.37:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.15:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.38:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Shane Farr\Cookies\shane farr@enhance[1].txt -> TrackingCookie.Enhance : Cleaned.
C:\Documents and Settings\Shane Farr\Cookies\shane farr@ehg-inforspaceinc.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Shane Farr\Cookies\shane farr@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.22:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.23:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.24:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.26:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.27:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.58:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.25:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.28:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.29:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.30:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.31:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Shane Farr\Local Settings\Temp\rsysinit.exe -> Trojan.ExitWin.z : Cleaned with backup (quarantined).
C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\0VFJYOPD\load[1].php -> Trojan.Small.kp : Cleaned with backup (quarantined).
C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\Q46TV9SW\adwerkz[1].cab/adwerkz.dll -> Trojan.ZQuest : Cleaned with backup (quarantined).


::Report end
[ + quote]
frnresq
Junior Member
_ 		27. December 2006 @ 10:20 _ Link to this message    Send private message to this user   
Sorry, forgot, i keep getting "your computer is infected" popping up on the taskbar by the clock. THX
[ + quote]
vurbal
Staff Member

2 product reviews
_ 		27. December 2006 @ 10:38 _ Link to this message    Send private message to this user   
Read the rules before posting again. Pay particular attention to the part about thread titles in Rule #7.

Closed
[ + quote]
Rich Fiscus
@Vurbal on Twitter
AfterDawn Staff Writer
This thread is closed and therefore you are not allowed reply to this thread.
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > help please!
 

Digital video: AfterDawn.com | AfterDawn Forums
Music: MP3Lizard.com
Gaming: Blasteroids.com | Blasteroids Forums | Compare game prices
Software: Software downloads
Blogs: User profile pages
RSS feeds: AfterDawn.com News | Software updates | AfterDawn Forums
International: AfterDawn in Finnish | AfterDawn in Swedish | AfterDawn in Norwegian | download.fi
Navigate: Search | Site map
About us: About AfterDawn Ltd | Advertise on our sites | Rules, Restrictions, Legal disclaimer & Privacy policy
Contact us: Send feedback | Contact our media sales team
 
  © 1999-2025 by AfterDawn Ltd.

  IDG TechNetwork