Jump to content

WSPPurge.exe


Recommended Posts

Not sure if this is considered malware or not, but it is a progam that runs on startup and I can only find it in the windows task manager, It is always (not responding) and ties up a ton of processor space. Also I always seem to have near 100 processes running, which concerns me. Thanks in advance for your advice and the logs are attached.

dds.txt

attach.txt

Link to post
Share on other sites

Welcome to the forum.

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller to your desktop.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

MrC

Link to post
Share on other sites

RogueKiller V7.6.6 [08/10/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User: A93B [Admin rights]

Mode: Scan -- Date: 08/17/2012 07:11:28

¤¤¤ Bad processes: 3 ¤¤¤

[sUSP PATH] rpcld.exe -- C:\Documents and Settings\All Users\Application Data\Rpcnet\Bin\rpcld.exe -> KILLED [TermProc]

[sUSP PATH] VM331_STI.EXE -- C:\WINDOWS\VM331_STI.EXE -> KILLED [TermProc]

[RESIDUE] CmgShieldUI.exe -- C:\WINDOWS\System32\CMGShieldUI.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 4 ¤¤¤

[sUSP PATH] HKLM\[...]\Run : 331BigDog (C:\WINDOWS\VM331_STI.EXE) -> FOUND

[RANDOMNAME] HKLM\[...]\Run : CmgShieldUI (C:\WINDOWS\System32\CMGShieldUI.exe) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

SSDT[71] : NtEnumerateKey @ 0x8062493C -> HOOKED (CmgShREG.sys @ 0xB9562AA4)

SSDT[73] : NtEnumerateValueKey @ 0x80624BA6 -> HOOKED (CmgShREG.sys @ 0xB9562B60)

SSDT[177] : NtQueryValueKey @ 0x80622314 -> HOOKED (CmgShREG.sys @ 0xB95628C6)

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: FUJITSU MHZ2080BH G2 +++++

--- User ---

[MBR] 74f7426acbc7cc6b9f2293d67e3dd44d

[bSP] 0f6d289bc876346444a57e829a92e3c3 : Windows XP MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 63 | Size: 15366 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31471335 | Size: 60949 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

Link to post
Share on other sites

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 9:13:26 AM, on 8/17/2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\CmgShieldSvc.exe

C:\WINDOWS\system32\EMSService.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\WINDOWS\system32\agrsmsvc.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Juniper Networks\Common Files\dsNcService.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\inetsrv\inetinfo.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\o2flash.exe

C:\Program Files\PC Tools Firewall Plus\FWService.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\snmp.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\WINDOWS\system32\SearchIndexer.exe

C:\WINDOWS\system32\mqsvc.exe

C:\WINDOWS\system32\mqtgsvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\WINDOWS\SYSTEM32\WISPTIS.EXE

C:\WINDOWS\System32\tabbtnu.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe

C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe

C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe

C:\Program Files\Fujitsu\Utils\FjDspMon.exe

C:\Program Files\Fujitsu\Utils\fjevents.exe

C:\Program Files\Fujitsu\Utils\FjMenu.exe

C:\WINDOWS\system32\igfxext.exe

C:\Program Files\Fujitsu\Utils\FjLidMon.exe

C:\WINDOWS\system32\EmsServiceHelper.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Citrix\ICA Client\concentr.exe

C:\Program Files\Citrix\ICA Client\wfcrun32.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\iTunes\iTunes.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe

C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\Documents and Settings\A93B\My Documents\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - (no file)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe

O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [331BigDog] C:\WINDOWS\VM331_STI.EXE

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe

O4 - HKLM\..\Run: [FjStrtAp] c:\Program Files\Fujitsu\Utils\FjStrtAp.exe

O4 - HKLM\..\Run: [indicatorUtility] C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [sSUtility] C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe

O4 - HKLM\..\Run: [Aflac_Do_Not_Remove] C:\Aflac2000\WSPInfo.exe

O4 - HKLM\..\Run: [WSPPurge] C:\Program Files\Aflac\Common\WSPPurge.exe

O4 - HKLM\..\Run: [VerifyAfariaDownload] C:\Program Files\Aflac\SNG\VerifyAfariadownload.exe

O4 - HKLM\..\Run: [FJUPDNV_Chitose] C:\Program Files\Fujitsu\fjdvrupd\fjdvrupd.exe

O4 - HKLM\..\Run: [CmgShieldUI] C:\WINDOWS\System32\CMGShieldUI.exe

O4 - HKLM\..\Run: [EmsService] EmsServiceHelper.exe

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll

O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [boincmgr] "C:\Program Files\BOINC\boincmgr.exe" /a /s

O4 - HKLM\..\Run: [boinctray] "C:\Program Files\BOINC\boinctray.exe"

O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://us.fujitsu.com/computers

O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) - https://lowes.2020.net/planner/Core/Player/2020PlayerAX_Win32.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/JuniperSetupClient.cab

O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: CMGShield - Credant Technologies, Inc. - C:\WINDOWS\system32\CmgShieldSvc.exe

O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files\Juniper Networks\Common Files\dsNcService.exe

O23 - Service: EMS - CREDANT Technologies, Inc. - C:\WINDOWS\system32\EMSService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: O2Flash Memory Service (O2Flash) - O2Micro International - C:\WINDOWS\system32\o2flash.exe

O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - Unknown owner - C:\Program Files\PC Tools Firewall Plus\FWService.exe

O23 - Service: Remote Procedure Call (RPC) LD (rpcld) - Unknown owner - C:\Documents and Settings\All Users\Application Data\Rpcnet\Bin\rpcld.exe (file missing)

--

End of file - 14324 bytes

Link to post
Share on other sites

[*]Close all programs leaving only HijackThis running. Place a check against each of the following, making sure you get them all and not any others by mistake:

O2 - BHO: (no name) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - (no file)

O4 - HKLM\..\Run: [Aflac_Do_Not_Remove] C:\Aflac2000\WSPInfo.exe

O4 - HKLM\..\Run: [WSPPurge] C:\Program Files\Aflac\Common\WSPPurge.exe

O4 - HKLM\..\Run: [VerifyAfariaDownload] C:\Program Files\Aflac\SNG\VerifyAfariadownload.exe

Click on Fix Checked when finished and exit HijackThis.

Let me know, MrC

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.