Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93101 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

HijackThis help.

Started by Kev , Nov 29 2005 10:23 AM

  • This topic is locked This topic is locked
6 replies to this topic

#1 Kev

Kev

    New Member

  • New Member
  • Pip
  • 4 posts

Posted 29 November 2005 - 10:23 AM

This is the first time I've posted and not completly sure what i'm doing. I've a got a trojan i can't get rid of. Its called QLowZones-2.gen. Any help would be much appreciated, here is my hijackthis log.

Logfile of HijackThis v1.99.1
Scan saved at 4:21:06 PM, on 11/29/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe
C:\WINDOWS\system32\srvany.exe
C:\WINDOWS\system32\resetservice.exe
C:\Program Files\Network Associates\VirusScan\VsStat.exe
C:\Program Files\Network Associates\VirusScan\Vshwin32.exe
C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\Avconsol.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Kev\Desktop\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [links] links.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zon...er.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.co...ad/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pdownloader.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zon...wn.cab31267.cab
O16 - DPF: {FF3F0F03-0F01-131A-A3F9-08F02B23E0CC} - http://66.117.37.13/dba2161.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: reset5 - C:\WINDOWS\SYSTEM32\reset5.dll
O23 - Service: AVSync Manager (AvSynMgr) - Unknown owner - C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe
O23 - Service: McShield - Unknown owner - C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
O23 - Service: Reset 5 - Unknown owner - C:\WINDOWS\system32\srvany.exe


Thanks - Kev

    Advertisements

Register to Remove

#2 Kev

Kev

    New Member

  • New Member
  • Pip
  • 4 posts

Posted 04 December 2005 - 11:02 AM

I posted my hijack log a while ago but no-one has got back to me, what do I do now?? Kev

#3 Siggyx

Siggyx

    SuperHelper

  • Authentic Member
  • PipPipPipPipPipPip
  • 6,776 posts

Posted 04 December 2005 - 12:01 PM

Please download WebRoot SpySweeper from HERE (It's a 2 week trial):
Click the Free Trial link under to "SpySweeper" to download the program.
Install it. Once the program is installed, it will open.
It will prompt you to update to the latest definitions, click Yes.
Once the definitions are installed, click Options on the left side.
Click the Sweep Options tab.
Under What to Sweep please put a check next to the following:
Sweep Memory
Sweep Registry
Sweep Cookies
Sweep All User Accounts
Enable Direct Disk Sweeping
Sweep Contents of Compressed Files
Sweep for Rootkits
Please UNCHECK Do not Sweep System Restore Folder.
Click Sweep Now on the left side.
Click the Start button.
When it's done scanning, click the Next button.
Make sure everything has a check next to it, then click the Next button.
It will remove all of the items found.
Click Session Log in the upper right corner, copy everything in that window.
Click the Summary tab and click Finish.
Paste the contents of the session log you copied into your next reply.

NEXT
Step # 1

Please download and run CWShredder. Make sure that all browser windows are closed with the exception of Cwshredder and choose FIX.

http://www.majorgeek...7fd6b3ff02edc90

REBOOT

Step #2

Please download and run Spybot 1.4 & AdAware SE Then follow the instructions in the link below to run.

Spybot & Adaware Tutorial

REBOOT

Step # 3

Then do a virus scan here >>> Trend Micro

Step # 4

Please download the trial version of Ewido Security Suite here:
http://www.ewido.net/en/download/

Install it, and update the definitions to the newest files.

Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.

Then please run Ewido, and run a full scan. Save the logfile from the scan.

Restart your computer in normal mode and please post a new HijackThis log, as well as the log from the Ewido scan.

#4 Kev

Kev

    New Member

  • New Member
  • Pip
  • 4 posts

Posted 06 December 2005 - 06:26 PM

OK, I've done all that, here's my logs.

Logfile of HijackThis v1.99.1
Scan saved at 12:22:21 AM, on 12/7/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINDOWS\system32\srvany.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\system32\resetservice.exe
C:\Program Files\Network Associates\VirusScan\VsStat.exe
C:\Program Files\Network Associates\VirusScan\Vshwin32.exe
C:\Program Files\Network Associates\VirusScan\Avconsol.exe
C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Kev\Desktop\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zon...er.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.co...ad/MsnPUpld.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pdownloader.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zon...wn.cab31267.cab
O16 - DPF: {FF3F0F03-0F01-131A-A3F9-08F02B23E0CC} - http://66.117.37.13/dba2161.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: reset5 - C:\WINDOWS\SYSTEM32\reset5.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: AVSync Manager (AvSynMgr) - Unknown owner - C:\Program Files\Network Associates\VirusScan\Avsynmgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: McShield - Unknown owner - C:\Program Files\Common Files\Network Associates\McShield\Mcshield.exe
O23 - Service: Reset 5 - Unknown owner - C:\WINDOWS\system32\srvany.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 12:04:01 AM, 12/7/2005
+ Report-Checksum: C098D4C9

+ Scan result:

C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\Cache\D497DCB8d01 -> Dialer.Generic : Cleaned with backup
:mozilla.12:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.22:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Trafic : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.84:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.111:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.247realmedia : Cleaned with backup
:mozilla.112:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Pro-market : Cleaned with backup
:mozilla.119:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.120:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.136:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.137:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.139:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.142:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.144:C:\Documents and Settings\Kev\Application Data\Mozilla\Firefox\Profiles\72urh02u.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Kev\Local Settings\Temporary Internet Files\Content.IE5\PZ3R1H8E\dba2161[1].exe -> Dialer.Generic : Cleaned with backup
C:\WINDOWS\system32\links.exe -> Trojan.LowZones.df : Cleaned with backup


::Report End


Thanks for your help Siggyx :D

Kev

#5 Siggyx

Siggyx

    SuperHelper

  • Authentic Member
  • PipPipPipPipPipPip
  • 6,776 posts

Posted 06 December 2005 - 10:43 PM

Looks ok :) How is it running?

#6 Kev

Kev

    New Member

  • New Member
  • Pip
  • 4 posts

Posted 07 December 2005 - 08:18 AM

Its running alot better, thx again for all your help!

#7 Siggyx

Siggyx

    SuperHelper

  • Authentic Member
  • PipPipPipPipPipPip
  • 6,776 posts

Posted 07 December 2005 - 08:36 AM

Glad we could be of assistance. This topic is now closed. If you wish it reopened, please send us an email (Click for address) with a link to your thread.

Do not bother contacting us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.
Make sure you use proper prevention to keep from having problems occur to your computer in the future.

Coyote's Installed programs for prevention:

http://forums.tomcoy...showtopic=31418

The help you receive here is free. If you wish to show your appreciation, then you may donate to help keep us online.

Visit the CoyoteStore http://TomCoyote.org/coyotestore.php

Related Topics

Back to Virus, Spyware & Malware Removal · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Spyware / Malware / Virus Removal
  3. Virus, Spyware & Malware Removal
  4. Privacy Policy
  5. Terms of Use ·