Sharky009 Posted November 16, 2005 Share Posted November 16, 2005 About the ISP.. Yep it's correct. I don't have to hijackthis fix it. And I didn't fix this Fileplanet stuff.. My computer is still very slow and I'm unable to select my background. Remember that I couldnt delete this file?? Adware:adware/cws.searchmeup No disinfected C:\WINDOWS\kl.e3e (CAUTION - executable file) Maybe it's the trouble maker.. Don't know. I didn't turn off the system restore while running the cwshredder. Did I have to? Oh and I can't update my windows.. :( Link to comment Share on other sites More sharing options...
coltm4carbine Posted November 16, 2005 Share Posted November 16, 2005 My computer is still very slow and I'm unable to select my background. Remember that I couldnt delete this file?? Code: Adware:adware/cws.searchmeup No disinfected C:\WINDOWS\kl.e3e (CAUTION - executable file) Maybe it's the trouble maker.. Don't know. I didn't turn off the system restore while running the cwshredder. Did I have to? No you did not have to. If it was CWS it would of got deleted/ fixed - unless you haven't updated it. go to add/remove programs and list all the wierd things that you haven't seen before. Link to comment Share on other sites More sharing options...
Sharky009 Posted November 16, 2005 Share Posted November 16, 2005 "EAX4 Unified Redist" was the only one I could find... Link to comment Share on other sites More sharing options...
Sharky009 Posted November 16, 2005 Share Posted November 16, 2005 So I made 2 screenshots of this "kl[Caution: ExecutableFile]" file I tried to delete it manually... I opened it... Link to comment Share on other sites More sharing options...
coltm4carbine Posted November 16, 2005 Share Posted November 16, 2005 something is running on your system that shouldn't be but i can't seem to see it in the log. Open HijackThis, click Config, click Misc Tools Click "Open Uninstall Manager" Click "Save List" (generates uninstall_list.txt) Click Save, copy and paste the results in your next post if i can't figure out whats the prob i might have to use the canned fix for smitfraud.c. it might not work (doubt it) but it is gonna be worth a try. lets see if i can find out whats wrong first. *edit* kk seen the screenshots now. i might get you to use BFU or killbox or delete it on reboot. Link to comment Share on other sites More sharing options...
Sharky009 Posted November 16, 2005 Share Posted November 16, 2005 So here is the list.. ACDSee 5.0 PowerPack Ad-aware 6 Personal Ad-Aware SE Personal Adobe Acrobat 5.0 Adobe Photoshop 6.0 Adobe Photoshop 7.0 America's Army AMRConverter AresLite 2.0.0 AVG Free Edition Battlefield 2(TM) BootSkin Browser MOUSE ccCommon CCleaner (remove only) Codec Pack - All In 1 6.0.2.2 Counter-Strike 1.6 CursorXP DAEMON Tools EAX4 Unified Redist ewido security suite FEAR FlatOut Football Generation Fraps HijackThis 1.99.1 Hitman Contracts hp deskjet 3320 series (Remove only) IconPackager Internet Worm Protection J2SE Runtime Environment 5.0 Update 4 Kaspersky On-line Scanner LiveReg (Symantec Corporation) LiveUpdate 2.5 (Symantec Corporation) LogonStudio Macromedia Dreamweaver 4 Macromedia Extension Manager Macromedia FreeHand 10 Macromedia Shockwave Player Magic ISO Maker v5.0 (build 0166) Microsoft Office XP Professional with FrontPage MSN Messenger 7.0 Nero 6 Ultra Edition Nokia Connectivity Cable Driver Norton AntiVirus 2005 Norton AntiVirus 2005 (Symantec Corporation) Norton AntiVirus Help Norton AntiVirus Parent MSI Norton AntiVirus SYMLT MSI Norton WMI Update NVIDIA Drivers Panda ActiveScan Silent Hunter III SmartFTP Client Soldier of Fortune II - Double Helix MP TEST SPBBC Spy Sweeper Spybot - Search & Destroy 1.4 Stardock Central SuperCleaner Symantec Symantec Script Blocking Installer SymNet ubi.com Ulead DVD MovieFactory 3 Disc Creator Winamp (remove only) WinCustomize Browser WindowBlinds Windows Media Encoder 9 Series Windows Media Encoder 9 Series WinRAR archiver Worms 3D Worms 4 Mayhem Demo Xfire (remove only) Link to comment Share on other sites More sharing options...
coltm4carbine Posted November 16, 2005 Share Posted November 16, 2005 gtg soon. have you ever updated your windows? Please submit the following file to one of these online file scanners. C:\WINDOWS\kl.e3e (CAUTION - executable file) Jotti File Scan VirusTotal File Scan This will produce a report after the scan is complete, please copy and paste those results in your next post with the results of the scan below. cos i gtg soon run this so i will be able to see the report when i log on tomoz (hopefully). I need you to download ]MWav to a convenient location. This scan might take around 3+ hours to finish when set to scan everything. I need you to run MWav by double-clicking on mwav[Caution: ExecutableFile]. Put a check next to the below items before scanning: [*:dcoy3mts]Memory [*:dcoy3mts]Startup Folders [*:dcoy3mts]Drive - All Local Drives [*:dcoy3mts]Folder - then click "browse" to change the directory to C: (default is C:\Windows) [*:dcoy3mts]Registry [*:dcoy3mts]System Folders [*:dcoy3mts]Services [*:dcoy3mts]Include Sub-Directory [*:dcoy3mts]Scan All Files Please make sure ALL of these are checked, then press the Scan button. This typically will take hours to complete. **NOTE*** Sometimes MWav will pause and it appears to be finished, but it isn't done. Just let it run until it says it's complete. On the bottom portion of the window, you will see the lower panel where MWav is listing "infected items", please highlight everything in that lower panel and copy them by holding CTRL + C then paste it here. The whole log will be extremely BIG so there is no way to post the log. I just need the infected items list. Link to comment Share on other sites More sharing options...
DJpailo Posted November 19, 2005 Share Posted November 19, 2005 you should only have one anti-virus, and I can see more than one. Only use one. Link to comment Share on other sites More sharing options...
coltm4carbine Posted November 19, 2005 Share Posted November 19, 2005 hi dj, aint seen u posting on the ccleaner forums for a while. lol. uninstall avg if your norton is a paid one and if it's up-to-date. Link to comment Share on other sites More sharing options...
DJpailo Posted November 19, 2005 Share Posted November 19, 2005 hi dj, aint seen u posting on the ccleaner forums for a while. lol. uninstall avg if your norton is a paid one and if it's up-to-date. lol, dont wry, I start posting on them again ;-) Link to comment Share on other sites More sharing options...
Sharky009 Posted November 22, 2005 Share Posted November 22, 2005 Sorry for the delay. I was busy and not home. :roll: Jotti virusscan found.. Nothing Service load: 0% 100% File: kl[Caution: ExecutableFile] Status: OK MD5 6422adddabd9d54361a1ab5151049698 Packers detected: - Scanner results AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing Fortinet Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing UNA Found nothing VBA32 Found nothing Virus total found nothing also. :( ____ I'm gonna start the MWav virus scan in a few hours and let it scan the whole night. So hoping to post the results tomorrow. Link to comment Share on other sites More sharing options...
coltm4carbine Posted November 22, 2005 Share Posted November 22, 2005 ok forget the scan. i am getting you to try this spysheriff and smitfraud fix. donno will it work but it might solve your desktop hijacking problem. Download smitRem.zip and save the file to your desktop. Right click on the file and extract it to it's own folder on the desktop. Place a shortcut to Panda ActiveScan on your desktop. Please download the trial version of Ewido Security Suite here: http://www.ewido.net/en/download/ Install it, and update the definitions to the newest files. Do NOT run a scan yet. If you have not already installed Ad-Aware SE 1.06, follow these download and setup instructions, otherwise, check for updates: Don't run it yet! Next, please reboot your computer in SafeMode by doing the following: [*:3ef6htf0]Restart your computer [*:3ef6htf0]After hearing your computer beep once during startup, but before the Windows icon appears, press F8. [*:3ef6htf0]Instead of Windows loading as normal, a menu should appear [*:3ef6htf0]Select the first option, to run Windows in Safe Mode. Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen. Wait for the tool to complete and disk cleanup to finish. Open Ad-aware and do a full scan. Remove all it finds. Now open Ewido Security Suite [*:3ef6htf0]Click on scanner [*:3ef6htf0]Make sure the following boxes are checked before scanning: [*:3ef6htf0]Binder [*:3ef6htf0]Crypter [*:3ef6htf0]Archives [*:3ef6htf0]Click on Start Scan [*:3ef6htf0]Let the program scan the machineWhile the scan is in progress you will be prompted to clean files, click OK Once the scan has completed, there will be a button located on the bottom of the screen named Save report [*:3ef6htf0]Click Save Report [*:3ef6htf0]Save the report to your desktopClose Ewido Next go to Control Panel click Display > Desktop > Customize Desktop > Website > Uncheck "Security Info" if present. Reboot back into Windows and click the Panda ActiveScan shortcut, then do a full system scan. Make sure the autoclean box is checked! Save the scan log and post it along with a new HijackThis Log and the Ewido Log by using Add Reply. grrr... i hate it when i forget to click the submit ubtton :S. Link to comment Share on other sites More sharing options...
Sharky009 Posted November 22, 2005 Share Posted November 22, 2005 I can't find the Panda Activescan shortcut... Ok, gotta go to sleep. Will come here 1-st thing after school tomorrow. Link to comment Share on other sites More sharing options...
Sharky009 Posted November 26, 2005 Share Posted November 26, 2005 Wee... I can change my wallpaper. lol. I did the things that I had to do in Safemode. After that, now I can change my wallpaper. I didn't do this Panda search. Do I still have to do it? Ok. Here is the HiJackThis log Logfile of HijackThis v1.99.1 Scan saved at 13:44:53, on 26.11.2005 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss[Caution: ExecutableFile] C:\WINDOWS\system32\winlogon[Caution: ExecutableFile] C:\WINDOWS\system32\services[Caution: ExecutableFile] C:\WINDOWS\system32\lsass[Caution: ExecutableFile] C:\WINDOWS\system32\svchost[Caution: ExecutableFile] C:\WINDOWS\System32\svchost[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\ccSetMgr[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\SNDSrvc[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: ExecutableFile] C:\WINDOWS\system32\spoolsv[Caution: ExecutableFile] C:\PROGRA~1\COMMON~1\Stardock\SDMCP[Caution: ExecutableFile] C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload[Caution: ExecutableFile] C:\WINDOWS\Explorer[Caution: ExecutableFile] C:\Program Files\Java\jre1.5.0_04\bin\jusched[Caution: ExecutableFile] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05[Caution: ExecutableFile] C:\WINDOWS\System32\RUNDLL32[Caution: ExecutableFile] C:\Program Files\Browser MOUSE\mouse32a[Caution: ExecutableFile] C:\Program Files\D-Tools\daemon[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: ExecutableFile] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc[Caution: ExecutableFile] C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile] C:\Program Files\MSN Messenger\MsnMsgr[Caution: ExecutableFile] C:\Documents and Settings\Sander\Desktop\ares\Ares Lite Edition\AresLite[Caution: ExecutableFile] C:\Program Files\CursorXP\CursorXP[Caution: ExecutableFile] C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr[Caution: ExecutableFile] C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc[Caution: ExecutableFile] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc[Caution: ExecutableFile] C:\Program Files\ewido\security suite\ewidoctrl[Caution: ExecutableFile] C:\Program Files\Norton AntiVirus\navapsvc[Caution: ExecutableFile] C:\Program Files\Norton AntiVirus\IWP\NPFMntor[Caution: ExecutableFile] C:\WINDOWS\System32\nvsvc32[Caution: ExecutableFile] C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService[Caution: ExecutableFile] C:\Program Files\Webroot\Spy Sweeper\WRSSSDK[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc[Caution: ExecutableFile] C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr[Caution: ExecutableFile] C:\WINDOWS\System32\wuauclt[Caution: ExecutableFile] C:\Program Files\Internet Explorer\IEXPLORE[Caution: ExecutableFile] C:\Hijackthis\HijackThis[Caution: ExecutableFile] O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck[Caution: ExecutableFile] O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched[Caution: ExecutableFile] O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32[Caution: ExecutableFile] C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz[Caution: ExecutableFile] /install O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05[Caution: ExecutableFile] O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32[Caution: ExecutableFile] C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Browser MOUSE\mouse32a[Caution: ExecutableFile] O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon[Caution: ExecutableFile]" -lang 1033 O4 - HKLM\..\Run: [bootSkin Startup Jobs] "C:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin[Caution: ExecutableFile]" /StartupJobs O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio[Caution: ExecutableFile]" /RANDOM O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: ExecutableFile]" O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt[Caution: ExecutableFile] O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon[Caution: ExecutableFile] /Consumer O4 - HKLM\..\Run: [spySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper[Caution: ExecutableFile]" /startintray O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc[Caution: ExecutableFile] /STARTUP O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]" /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr[Caution: ExecutableFile]" /background O4 - HKCU\..\Run: [areslite] "C:\Documents and Settings\Sander\Desktop\ares\Ares Lite Edition\AresLite[Caution: ExecutableFile]" -h O4 - HKCU\..\Run: [CursorXP] "C:\Program Files\CursorXP\CursorXP[Caution: ExecutableFile]" -s O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire[Caution: ExecutableFile] O4 - Global Startup: Adobe Gamma Loader[Caution: ExecutableFile].lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader[Caution: ExecutableFile] O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader[Caution: ExecutableFile] O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA[Caution: ExecutableFile] O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL[Caution: ExecutableFile]/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan_unicode.cab O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {D3A7982E-915D-4589-8ECE-249F70D0C941} (Launch Control) - http://aaotracker.4players.de/LaunchGame.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F28B19E0-2F1A-4189-97C7-CF3FDED1F881}: NameServer = 194.126.115.18 194.126.101.34 O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr[Caution: ExecutableFile] O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc[Caution: ExecutableFile] O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc[Caution: ExecutableFile] O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: ExecutableFile] O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc[Caution: ExecutableFile] O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr[Caution: ExecutableFile] O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl[Caution: ExecutableFile] O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc[Caution: ExecutableFile] O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor[Caution: ExecutableFile] O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32[Caution: ExecutableFile] O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan[Caution: ExecutableFile] O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ[Caution: ExecutableFile] O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc[Caution: ExecutableFile] O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc[Caution: ExecutableFile] O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService[Caution: ExecutableFile] O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK[Caution: ExecutableFile] O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc[Caution: ExecutableFile] O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr[Caution: ExecutableFile] Here's the Ewido Security Suite report --------------------------------------------------------- ewido security suite - Scan report --------------------------------------------------------- + Created on: 13:33:28, 26.11.2005 + Report-Checksum: 20FE8782 + Scan result: C:\Documents and Settings\Sander\Cookies\[email protected][1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup C:\Documents and Settings\Sander\Cookies\sander@burstnet[2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup C:\Documents and Settings\Sander\Cookies\sander@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup C:\Documents and Settings\Sander\Cookies\sander@ivwbox[1].txt -> Spyware.Cookie.Ivwbox : Cleaned with backup C:\Documents and Settings\Sander\Local Settings\Temporary Internet Files\Content.IE5\NF5NRH8W\load[1][Caution: Executable File] -> TrojanDownloader.Small.bws : Cleaned with backup C:\Documents and Settings\Sander\Local Settings\Temporary Internet Files\Content.IE5\NF5NRH8W\load[2][Caution: Executable File] -> TrojanDownloader.Small.bws : Cleaned with backup C:\Documents and Settings\Sander\Local Settings\Temporary Internet Files\Content.IE5\WZBBAWTL\load[1][Caution: Executable File] -> TrojanDownloader.Small.bws : Cleaned with backup C:\WINDOWS\tool3[Caution: ExecutableFile] -> TrojanDropper.Small.aja : Cleaned with backup ::Report End Link to comment Share on other sites More sharing options...
coltm4carbine Posted November 26, 2005 Share Posted November 26, 2005 I didn't do this Panda search. Do I still have to do it? if you did it would make sure your system is cleaner. Download and install ]CleanUp! Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu). Set the program up as follows: Click "Options..." Move the arrow down to "Custom CleanUp!" Put a check next to the following (Make sure nothing else is checked!): [*:1gvguc0l]Empty Recycle Bins [*:1gvguc0l]Delete Cookies [*:1gvguc0l]Delete Prefetch files [*:1gvguc0l]Cleanup! All UsersClick OK Press the CleanUp! button to start the program. It may ask you to reboot at the end, click Yes. Note: For 98 and ME users Under Options put a check next to the following [*:1gvguc0l]Empty Recycle Bins [*:1gvguc0l]Delete Cookies [*:1gvguc0l]Scan local drives for temporary files [*:1gvguc0l]Cleanup! All Users Click OK Press the CleanUp! button to start the program. It may ask you to reboot at the end, click Yes. Link to comment Share on other sites More sharing options...
Sharky009 Posted November 27, 2005 Share Posted November 27, 2005 Ok. Did that. Everything seems to be ok for now. Thank you very much Colt. If I have some other problems in the future, I'll post them here. So an IT genius like u could help me. :wink: Link to comment Share on other sites More sharing options...
coltm4carbine Posted November 27, 2005 Share Posted November 27, 2005 k, if you have any more problem you might want to start a new post because I might get too confused. glad it worked out. :D Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now