 |  |  |  |  |  |  |  |
suspected spyfalcon infection
 |
•
•
Join Date: Jul 2005
Posts: 1,542
Reputation: 
Solved Threads: 98
Smitfraudfix, almost always works on that faimly of infections. 
.
Speaking of which, we need to see that log, before we continue.
Sorry Burton, I didn't even see you posted ewido instuctions in the post above mine
.Speaking of which, we need to see that log, before we continue.
Sorry Burton, I didn't even see you posted ewido instuctions in the post above mine
Firefox
Ewido
Tune up windows
Get detailed system information
My Fixes
Member - Alliance of Security Analysis Professionals - Since 2006
Ewido
Tune up windows
Get detailed system information
My Fixes
Member - Alliance of Security Analysis Professionals - Since 2006
SmitFraudFix v2.45
Scan done at 14:20:51.88, 05/19/2006 Fri
Run from C:\Documents and Settings\HP_Owner\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600]
������������ C:\
������������ C:\WINDOWS
������������ C:\WINDOWS\system
������������ C:\WINDOWS\Web
������������ C:\WINDOWS\system32
������������ C:\Documents and Settings\HP_Owner\Application Data
������������ Start Menu
������������ C:\DOCUME~1\HP_Owner\FAVORI~1
������������ Desktop
������������ C:\Program Files
������������ Corrupted keys
������������ Desktop Components
������������ Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{e04408db-4812-4478-8d4d-e46edcffd3b6}"="AutoDisc Ware"
[HKEY_CLASSES_ROOT\CLSID\{e04408db-4812-4478-8d4d-e46edcffd3b6}\InProcServer32]
@="C:\WINDOWS\system32\fyhhxw.dll"
[HKEY_CURRENT_USER\Software\Classes\CLSID\{e04408db-4812-4478-8d4d-e46edcffd3b6}\InProcServer32]
@="C:\WINDOWS\system32\fyhhxw.dll"
������������ Scanning wininet.dll infection
������������ End
Scan done at 14:20:51.88, 05/19/2006 Fri
Run from C:\Documents and Settings\HP_Owner\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600]
������������ C:\
������������ C:\WINDOWS
������������ C:\WINDOWS\system
������������ C:\WINDOWS\Web
������������ C:\WINDOWS\system32
������������ C:\Documents and Settings\HP_Owner\Application Data
������������ Start Menu
������������ C:\DOCUME~1\HP_Owner\FAVORI~1
������������ Desktop
������������ C:\Program Files
������������ Corrupted keys
������������ Desktop Components
������������ Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{e04408db-4812-4478-8d4d-e46edcffd3b6}"="AutoDisc Ware"
[HKEY_CLASSES_ROOT\CLSID\{e04408db-4812-4478-8d4d-e46edcffd3b6}\InProcServer32]
@="C:\WINDOWS\system32\fyhhxw.dll"
[HKEY_CURRENT_USER\Software\Classes\CLSID\{e04408db-4812-4478-8d4d-e46edcffd3b6}\InProcServer32]
@="C:\WINDOWS\system32\fyhhxw.dll"
������������ Scanning wininet.dll infection
������������ End
for some reason, that one didn't show right...
SmitFraudFix v2.45
Scan done at 17:49:23.49, 05/20/2006 Sat
Run from C:\Documents and Settings\HP_Owner\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600]
������������ C:\
������������ C:\WINDOWS
������������ C:\WINDOWS\system
������������ C:\WINDOWS\Web
������������ C:\WINDOWS\system32
������������ C:\Documents and Settings\HP_Owner\Application Data
������������ Start Menu
������������ C:\DOCUME~1\HP_Owner\FAVORI~1
������������ Desktop
������������ C:\Program Files
������������ Corrupted keys
������������ Desktop Components
������������ Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{e04408db-4812-4478-8d4d-e46edcffd3b6}"="AutoDisc Ware"
[HKEY_CLASSES_ROOT\CLSID\{e04408db-4812-4478-8d4d-e46edcffd3b6}\InProcServer32]
@="C:\WINDOWS\system32\fyhhxw.dll"
[HKEY_CURRENT_USER\Software\Classes\CLSID\{e04408db-4812-4478-8d4d-e46edcffd3b6}\InProcServer32]
@="C:\WINDOWS\system32\fyhhxw.dll"
������������ Scanning wininet.dll infection
������������ End
SmitFraudFix v2.45
Scan done at 17:49:23.49, 05/20/2006 Sat
Run from C:\Documents and Settings\HP_Owner\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600]
������������ C:\
������������ C:\WINDOWS
������������ C:\WINDOWS\system
������������ C:\WINDOWS\Web
������������ C:\WINDOWS\system32
������������ C:\Documents and Settings\HP_Owner\Application Data
������������ Start Menu
������������ C:\DOCUME~1\HP_Owner\FAVORI~1
������������ Desktop
������������ C:\Program Files
������������ Corrupted keys
������������ Desktop Components
������������ Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{e04408db-4812-4478-8d4d-e46edcffd3b6}"="AutoDisc Ware"
[HKEY_CLASSES_ROOT\CLSID\{e04408db-4812-4478-8d4d-e46edcffd3b6}\InProcServer32]
@="C:\WINDOWS\system32\fyhhxw.dll"
[HKEY_CURRENT_USER\Software\Classes\CLSID\{e04408db-4812-4478-8d4d-e46edcffd3b6}\InProcServer32]
@="C:\WINDOWS\system32\fyhhxw.dll"
������������ Scanning wininet.dll infection
������������ End
|
Similar Threads
- suspected spyfalcon infection (Viruses, Spyware and other Nasties)
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: Problems with Cookies
- Next Thread: Slow Internet
| Thread Tools | Search this Thread |
Latest Viruses, Spyware and other Nasties Posts
Related Forum Features
Tag cloud for Viruses, Spyware and other Nasties
adware anti-malware anti-virussitesaccessissue antivirus apple attack audio avg backtoschoolspeech bar blackhat botnet botnets censorship china commercial conficker connect control cyber cybercrime cyberwarfare ddos domains education email europe exam exploit facebook fake fancheckvirus gaming gtaiv halloween herss.exe hijack hosting internet iphone kaspersky legal logfiles malware mcafee mega-d messagelabs microsoft mobile msn nazi news obama onlinethreats paedophile panel parents patch phishing police policeprovirusmba-mblockedinternetaccess president privacy pro redirect redirecting report research rogueantivirus samhain sans scareware search security seopoisoning sites software spam spyware spywareexternalwindows7adminstratortrojans sqlinjection symantec system teen translate trojan unabletoaccessanti-virussites unwanted update usa virus viruses vista volume war warning windows worm yahoo zeroday
