Help Please!

Discussion in 'Windows - Virus and spyware problems' started by frnresq, Dec 27, 2006.

Thread Status:
Not open for further replies.
  1. frnresq

    frnresq Member

    Joined:
    Sep 14, 2004
    Messages:
    68
    Likes Received:
    0
    Trophy Points:
    16
    Did a AVG scan prior to this and found alot, have a log on scan and HJT.

    Logfile of HijackThis v1.99.1
    Scan saved at 3:14:32 PM, on 12/27/2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lexmark 3300 Series\lxccmon.exe
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
    C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\Symantec\Ghost\ngserver.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Webroot\Accelerate\accelerate.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\System32\rundll32.exe
    C:\Program Files\Webroot\Washer\wwDisp.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    C:\Windows\xpupdate.exe
    C:\Program Files\Linksys\WMP11 Config Utility\WMP11CFG.exe
    C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
    C:\WINDOWS\system32\ati2sgag.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Symantec\Ghost\ngserver.exe
    C:\Program Files\CyberLink\Shared files\RichVideo.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\MsPMSPSv.exe
    D:\HJT\HijackThis_v1.99.1.exe

    O2 - BHO: (no name) - {371EE1EF-F177-1390-7807-08525DC0E55C} - C:\WINDOWS\System32\nweipeg.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [lxccmon.exe] "C:\Program Files\Lexmark 3300 Series\lxccmon.exe"
    O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [RunDll] c:\windows\system32\wuauclt1.4.exe
    O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
    O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
    O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [NGServer] C:\Program Files\Symantec\Ghost\ngserver.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [Accelerate] C:\Program Files\Webroot\Accelerate\accelerate.exe /S
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [System] C:\WINDOWS\System32\kernels1118.exe
    O4 - HKLM\..\Run: [hrcopul.dll] C:\WINDOWS\System32\rundll32.exe "C:\Documents and Settings\Shane Farr\Local Settings\Application Data\hrcopul.dll",vuljcec
    O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
    O4 - HKLM\..\RunServices: [RunDll] c:\windows\system32\wuauclt1.4.exe
    O4 - HKLM\..\RunServices: [RunDll] c:\windows\system32\wuauclt1.4.exe
    O4 - HKLM\..\RunServices: [SystemTools] C:\WINDOWS\System32\kernels1118.exe
    O4 - HKLM\..\RunOnce: [Index Washer] C:\Program Files\Webroot\Washer\WashIdx.exe "Shane Farr"
    O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe /startup
    O4 - HKCU\..\Run: [Window Washer] C:\Program Files\Webroot\Washer\wwDisp.exe /startup
    O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
    O4 - HKCU\..\Run: [Key] C:\DOCUME~1\SHANEF~1\LOCALS~1\Temp\1F5.tmp
    O4 - HKCU\..\RunOnce: [Index Washer] C:\Program Files\Webroot\Washer\WashIdx.exe "Shane Farr"
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: Wireless PCI Card Configuration Utility.lnk = C:\Program Files\Linksys\WMP11 Config Utility\WMP11CFG.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O12 - Plugin for .bcf: C:\Program Files\Internet Explorer\Plugins\NPBelv32.dll
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/29df7dbf43025b7ac417/netzip/RdxIE601.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1164297169281
    O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
    O16 - DPF: {C52439A0-2693-4E40-B141-9F9AD5257241} (Lexmark eDiagnostics Class) - https://ediagnostics.lexmark.com/serval.cab
    O20 - Winlogon Notify: winsys2freg - C:\Documents and Settings\All Users\Documents\Settings\winsys2f.dll
    O21 - SSODL: XFXsXhTXGU - {54376CE7-FE9D-C64D-32AB-237E73B1B945} - C:\WINDOWS\System32\ji.dll (file missing)
    O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: ICF - Unknown owner - C:\WINDOWS\System32:svchost.exe
    O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\System32\lxcccoms.exe
    O23 - Service: Symantec Ghost Database Service (ngdbserv) - Symantec Corporation - C:\Program Files\Symantec\Ghost\bin\dbserv.exe
    O23 - Service: Symantec Ghost Configuration Server (NGServer) - Symantec Corporation - C:\Program Files\Symantec\Ghost\ngserver.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

    AVG Scan log:

    ---------------------------------------------------------
    AVG Anti-Spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 3:11:42 PM 12/27/2006

    + Scan result:



    C:\Program Files\BraveSentry -> Adware.Bravesentry : Ignored.
    C:\Program Files\BraveSentry\BraveSentry.exe -> Adware.Bravesentry : Ignored.
    C:\Program Files\BraveSentry\BraveSentry.lic -> Adware.Bravesentry : Ignored.
    C:\Program Files\BraveSentry\BraveSentry0.bs -> Adware.Bravesentry : Ignored.
    C:\Program Files\BraveSentry\BraveSentry0.dll -> Adware.Bravesentry : Ignored.
    C:\Program Files\BraveSentry\BraveSentry1.bs -> Adware.Bravesentry : Ignored.
    C:\Program Files\BraveSentry\BraveSentry1.dll -> Adware.Bravesentry : Ignored.
    C:\Program Files\BraveSentry\BraveSentry2.dll -> Adware.Bravesentry : Ignored.
    C:\Program Files\BraveSentry\BraveSentry3.dll -> Adware.Bravesentry : Ignored.
    C:\Program Files\BraveSentry\Uninstall.exe -> Adware.Bravesentry : Ignored.
    C:\System Volume Information\_restore{68F54977-974D-48F7-A790-8A27D855BBB9}\RP25\A0006582.exe -> Adware.WebHancer : Ignored.
    C:\Documents and Settings\Shane Farr\Local Settings\Temp\maxdd1.game -> Dialer.GBDialer.i : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\maxd641.exe -> Dialer.GBDialer.i : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\regapi.exe -> Downloader.Agent.axh : Cleaned with backup (quarantined).
    C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\IWRK8B9A\new[1].php -> Downloader.Agent.bi : Cleaned with backup (quarantined).
    C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\IWRK8B9A\new[2].php -> Downloader.Agent.bi : Cleaned with backup (quarantined).
    C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\Q46TV9SW\new[1].php -> Downloader.Agent.bi : Cleaned with backup (quarantined).
    C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\0VFJYOPD\exp2[1].htm -> Downloader.Agent.bx : Cleaned with backup (quarantined).
    C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\CHU7SX2J\exp2[1].htm -> Downloader.Agent.bx : Cleaned with backup (quarantined).
    C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\IWRK8B9A\exp2[1].htm -> Downloader.Agent.bx : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\sfc_os.dll -> Downloader.SFC.os : Cleaned with backup (quarantined).
    C:\Documents and Settings\Shane Farr\Local Settings\Temp\1.dllb -> Downloader.Small : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\dlh9jkd1q1.exe -> Downloader.Small : Cleaned with backup (quarantined).
    C:\Documents and Settings\Shane Farr\Local Settings\Temp\v4x3.ga2me -> Downloader.Small.cxx : Cleaned with backup (quarantined).
    C:\Documents and Settings\Shane Farr\Local Settings\Temp\v5x2.g3ame -> Downloader.Small.cxx : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\vxga3me2.exe -> Downloader.Small.cxx : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\vxga5me3.exe -> Downloader.Small.cxx : Cleaned with backup (quarantined).
    C:\Documents and Settings\Shane Farr\Local Settings\Temp\5.dllb -> Downloader.Small.dgk : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\dlh9jkd1q5.exe -> Downloader.Small.dgk : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\kernels1118.exe -> Downloader.Small.dgk : Cleaned with backup (quarantined).
    [2508] C:\WINDOWS\System32\dlh9jkd1q5.exe -> Downloader.Small.dgk : Cleaned with backup (quarantined).
    [2596] C:\WINDOWS\System32\dlh9jkd1q5.exe -> Downloader.Small.dgk : Cleaned with backup (quarantined).
    C:\Documents and Settings\Shane Farr\Local Settings\Temp\v5x4.ga2me -> Downloader.Small.dzd : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\vxg6ame4.exe -> Downloader.Small.dzd : Cleaned with backup (quarantined).
    C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\5N31N9BO\krab03[1].exe -> Dropper.Agent.ol : Cleaned with backup (quarantined).
    C:\Documents and Settings\Shane Farr\Local Settings\Temp\1E8.tmp -> Hijacker.Costrat.l : Cleaned with backup (quarantined).
    C:\Documents and Settings\Shane Farr\Local Settings\Temp\1F3.tmp -> Hijacker.Costrat.l : Cleaned with backup (quarantined).
    C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\F6V9PPBJ\m[1].exe -> Hijacker.Costrat.l : Cleaned with backup (quarantined).
    C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\ZZ5JRP0S\runfile[1].exe -> Hijacker.Small.cc : Cleaned with backup (quarantined).
    C:\Documents and Settings\Shane Farr\Local Settings\Temp\1F0.tmp -> Logger.Small.ak : Cleaned with backup (quarantined).
    C:\Documents and Settings\Shane Farr\Local Settings\Temp\1F2.tmp -> Logger.Small.ak : Cleaned with backup (quarantined).
    C:\Documents and Settings\Shane Farr\Local Settings\Temp\1F5.tmp -> Logger.Small.ak : Cleaned with backup (quarantined).
    C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\2R4HIJER\msmail[1].exe -> Logger.Small.ak : Cleaned with backup (quarantined).
    C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\2BWFVC5C\exp4[1].htm -> Not-A-Virus.Exploit.HTML.VML.d : Ignored.
    C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\2R4HIJER\exp4[1].htm -> Not-A-Virus.Exploit.HTML.VML.d : Ignored.
    C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\CPMJ0X6N\exp4[1].htm -> Not-A-Virus.Exploit.HTML.VML.d : Ignored.
    C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\IWRK8B9A\exp4[1].htm -> Not-A-Virus.Exploit.HTML.VML.d : Ignored.
    C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\2R4HIJER\exp5[1].htm -> Not-A-Virus.Exploit.JS.XMLCore.a : Ignored.
    C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\CHU7SX2J\exp5[1].htm -> Not-A-Virus.Exploit.JS.XMLCore.a : Ignored.
    C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\F6V9PPBJ\exp5[1].htm -> Not-A-Virus.Exploit.JS.XMLCore.a : Ignored.
    C:\WINDOWS\desktop.html -> Not-A-Virus.Hoax.Win32.Renos.cy : Ignored.
    [3224] C:\WINDOWS\System32\dlh9jkd1q2.exe -> Not-A-Virus.Hoax.Win32.Renos.fi : Ignored.
    C:\WINDOWS\system32\ji.dll -> Proxy.Agent.df : Cleaned with backup (quarantined).
    :mozilla.11:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.12:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.13:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.14:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.10:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
    :mozilla.37:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
    :mozilla.15:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
    :mozilla.38:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
    C:\Documents and Settings\Shane Farr\Cookies\shane farr@enhance[1].txt -> TrackingCookie.Enhance : Cleaned.
    C:\Documents and Settings\Shane Farr\Cookies\shane farr@ehg-inforspaceinc.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
    C:\Documents and Settings\Shane Farr\Cookies\shane farr@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.22:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.23:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.24:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.26:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.27:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
    :mozilla.58:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.25:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    :mozilla.28:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    :mozilla.29:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    :mozilla.30:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    :mozilla.31:C:\Documents and Settings\Shane Farr\Application Data\Mozilla\Firefox\Profiles\b8njo4uw.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    C:\Documents and Settings\Shane Farr\Local Settings\Temp\rsysinit.exe -> Trojan.ExitWin.z : Cleaned with backup (quarantined).
    C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\0VFJYOPD\load[1].php -> Trojan.Small.kp : Cleaned with backup (quarantined).
    C:\Documents and Settings\Shane Farr\Local Settings\Temporary Internet Files\Content.IE5\Q46TV9SW\adwerkz[1].cab/adwerkz.dll -> Trojan.ZQuest : Cleaned with backup (quarantined).


    ::Report end
     
  2. frnresq

    frnresq Member

    Joined:
    Sep 14, 2004
    Messages:
    68
    Likes Received:
    0
    Trophy Points:
    16
    Sorry, forgot, i keep getting "your computer is infected" popping up on the taskbar by the clock. THX
     
  3. vurbal

    vurbal Administrator Staff Member

    Joined:
    Nov 30, 2002
    Messages:
    2,573
    Likes Received:
    1
    Trophy Points:
    66
    Read the rules before posting again. Pay particular attention to the part about thread titles in Rule #7.

    Closed
     
Thread Status:
Not open for further replies.

Share This Page