sigsauer Posted December 29, 2005 ID:508 Share Posted December 29, 2005 Logfile of HijackThis v1.97.7Scan saved at 9:45:18 PM, on 12/28/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\STOPzilla!\szserver.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\cisvc.exec:\program files\mcafee.com\agent\mcdetect.exec:\PROGRA~1\mcafee.com\vso\mcshield.exec:\PROGRA~1\mcafee.com\agent\mctskshd.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\MsPMSPSv.exeC:\WINDOWS\Explorer.EXEC:\PROGRA~1\mcafee.com\agent\mcagent.exeC:\Program Files\McAfee.com\VSO\mcvsshld.exeC:\Program Files\McAfee.com\VSO\oasclnt.exeC:\Program Files\iTunes\iTunesHelper.exeC:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJA.EXEC:\Program Files\STOPzilla!\STOPzilla.exeC:\Program Files\QuickTime\qttask.exec:\progra~1\mcafee.com\vso\mcvsescn.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\iPod\bin\iPodService.exeC:\WINDOWS\System32\svchost.exec:\progra~1\mcafee.com\vso\mcvsftsn.exeC:\WINDOWS\system32\cidaemon.exeC:\WINDOWS\system32\cidaemon.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exeC:\DOCUME~1\THOMAS~1\LOCALS~1\Temp\Temporary Directory 7 for hijackthis.zip\HijackThis.exeO2 - BHO: (no name) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dllO3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllO4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exeO4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exeO4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exeO4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktaskO4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [EPSON Stylus Photo R340 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJA.EXE /P30 "EPSON Stylus Photo R340 Series" /O19 "\\D2TLCW31\EPSONSty" /M "Stylus Photo R340"O4 - HKLM\..\Run: [EPSON Stylus Photo R340 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJA.EXE /P39 "EPSON Stylus Photo R340 Series (Copy 1)" /O6 "USB001" /M "Stylus Photo R340"O4 - HKLM\..\Run: [sTOPzilla] C:\Program Files\STOPzilla!\STOPzilla.exe /autostartO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [EPSON Stylus Photo R340 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJA.EXE /P39 "EPSON Stylus Photo R340 Series (Copy 1)" /M "Stylus Photo R340" /EF "HKCU"O4 - HKCU\..\Run: [EPSON Stylus Photo R340 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJA.EXE /P30 "EPSON Stylus Photo R340 Series" /M "Stylus Photo R340" /EF "HKCU"O9 - Extra button: AIM (HKLM)O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1127663733796O16 - DPF: {9C024426-7859-4B2D-AB4C-B1E370AE7549} - http://us.mcafee.com/Apps/WSC/en-us/WscWlanScannerCtrl.cabO16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/get/flash...ent/swflash.cab Link to post Share on other sites More sharing options...
jwbirdsong Posted December 29, 2005 ID:511 Share Posted December 29, 2005 You are using a VERY outdated version of HijackThis. Please download HijackThis version 1.99.1 from here:http://www.downloads.subratam.org/hijackthis.zip .You are also running HijackThis from a temp folder/location please make sure to unzip it to it's own, permanentfolder. (eg. C:\HijackStuff\HijackThis.exe or you could have a folder named HijackFixers on your desktop and put it in there.) Then please run HijackThis, click Scan and Save log, and post the new log here. I would be happy to take a look at it. Link to post Share on other sites More sharing options...
sigsauer Posted December 29, 2005 Author ID:512 Share Posted December 29, 2005 Logfile of HijackThis v1.99.1Scan saved at 10:54:32 PM, on 12/28/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\STOPzilla!\szserver.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\cisvc.exec:\program files\mcafee.com\agent\mcdetect.exec:\PROGRA~1\mcafee.com\vso\mcshield.exec:\PROGRA~1\mcafee.com\agent\mctskshd.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\MsPMSPSv.exeC:\WINDOWS\Explorer.EXEC:\PROGRA~1\mcafee.com\agent\mcagent.exeC:\Program Files\McAfee.com\VSO\mcvsshld.exeC:\Program Files\McAfee.com\VSO\oasclnt.exeC:\Program Files\iTunes\iTunesHelper.exeC:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJA.EXEC:\Program Files\STOPzilla!\STOPzilla.exeC:\Program Files\QuickTime\qttask.exec:\progra~1\mcafee.com\vso\mcvsescn.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\iPod\bin\iPodService.exeC:\WINDOWS\System32\svchost.exec:\progra~1\mcafee.com\vso\mcvsftsn.exeC:\WINDOWS\system32\cidaemon.exeC:\WINDOWS\system32\cidaemon.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exeC:\Documents and Settings\Thomas Noonan\Desktop\spyware\hijack\HijackThis.exeO2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dllO3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllO4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exeO4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exeO4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exeO4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktaskO4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [EPSON Stylus Photo R340 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJA.EXE /P30 "EPSON Stylus Photo R340 Series" /O19 "\\D2TLCW31\EPSONSty" /M "Stylus Photo R340"O4 - HKLM\..\Run: [EPSON Stylus Photo R340 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJA.EXE /P39 "EPSON Stylus Photo R340 Series (Copy 1)" /O6 "USB001" /M "Stylus Photo R340"O4 - HKLM\..\Run: [sTOPzilla] C:\Program Files\STOPzilla!\STOPzilla.exe /autostartO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [EPSON Stylus Photo R340 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJA.EXE /P39 "EPSON Stylus Photo R340 Series (Copy 1)" /M "Stylus Photo R340" /EF "HKCU"O4 - HKCU\..\Run: [EPSON Stylus Photo R340 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJA.EXE /P30 "EPSON Stylus Photo R340 Series" /M "Stylus Photo R340" /EF "HKCU"O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exeO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1127663733796O16 - DPF: {9C024426-7859-4B2D-AB4C-B1E370AE7549} - http://us.mcafee.com/Apps/WSC/en-us/WscWlanScannerCtrl.cabO16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cabO20 - Winlogon Notify: STOPzilla - C:\WINDOWS\SYSTEM32\IS3WLHandler.dllO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exeO23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exeO23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exeO23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exeO23 - Service: MS Software Generic Host Process for Win32 Services (SVCHOST) - Unknown owner - C:\WINDOWS\SYSTEM\SVCHOST.exe (file missing)O23 - Service: STOPzilla Service (szserver) - Unknown owner - C:\Program Files\Common Files\STOPzilla!\szserver.exe Link to post Share on other sites More sharing options...
jwbirdsong Posted December 29, 2005 ID:514 Share Posted December 29, 2005 Go to Start > Run and type "Services.msc" (without quotes) then hit OkScroll down and find the below services:MS Software Generic Host Process for Win32 Services (SVCHOST)When you find it, double-click on it. In the next window that opens, under the General tab click the Stop button, then click the drop-down box to change the Startup Type to Disabled. Now hit Apply and then Ok.Open HiJackThis, click on "None of the above, just start the program". Now, click on the "Config" button (bottom right), then click on "Misc Tools", then click on "Delete an NT Service" a window will pop up. Enter the below item into that field (make sure there are NO spaces before or after the name):MS Software Generic Host Process for Win32 Services (SVCHOST)Click OK.It should pull up information about the service, then ask if you want to reboot. Click YES.Then run this online virus scan: ActiveScan Once you are on the Panda site click the Scan your PC button A new window will open...click the Check Now button- Enter your Country- Enter your State/Province- Enter your e-mail address and click send(*NOTE it's perfectly safe to do so..You will NOT be spammed from this)- Select either Home User or Company Click the big Scan Now buttonIf/when you get a notice that Panda wants to install an ActiveX component allow itIt will start downloading the files it requires for the scan (Note: It may take a couple of minutes)When download is complete, click on Local Disks to start the scanWhen the scan completes, if anything is detected, click the See Report button, then Save Report and save it to a convenient location like your desktop.Reboot and post the log from the Panda Scan and a New HijackThis Link to post Share on other sites More sharing options...
sigsauer Posted December 29, 2005 Author ID:520 Share Posted December 29, 2005 panda software log:Incident Status Location Adware:Adware/BrilliantDigitalNot disinfected C:\Program Files\KaZaA Lite\bdcore.dll Adware:adware/ncase Not disinfected C:\temp\salmau.dat Adware:Adware/SAHAgent Not disinfected C:\WINDOWS\INF\bi419.inf Spyware:spyware/betterinet Not disinfected C:\WINDOWS\INF\biini.inf Adware:Adware/SAHAgent Not disinfected C:\WINDOWS\SYSTEM32\xmltok.dll HiJackthis re-scan:Logfile of HijackThis v1.99.1Scan saved at 12:04:16 PM, on 12/29/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Common Files\STOPzilla!\szserver.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\cisvc.exec:\program files\mcafee.com\agent\mcdetect.exec:\PROGRA~1\mcafee.com\vso\mcshield.exec:\PROGRA~1\mcafee.com\agent\mctskshd.exec:\PROGRA~1\mcafee.com\vso\OasClnt.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\System32\MsPMSPSv.exec:\program files\mcafee.com\vso\mcvsshld.exec:\program files\mcafee.com\agent\mcagent.exec:\progra~1\mcafee.com\vso\mcvsescn.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\STOPzilla!\STOPzilla.exeC:\Program Files\QuickTime\qttask.exeC:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJA.EXEC:\Program Files\iPod\bin\iPodService.exec:\progra~1\mcafee.com\vso\mcvsftsn.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\Internet Explorer\iexplore.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\cidaemon.exeC:\WINDOWS\system32\cidaemon.exeC:\WINDOWS\system32\NOTEPAD.EXEC:\Documents and Settings\Thomas Noonan\Desktop\spyware\hijack\HijackThis.exeO2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dllO3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllO4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exeO4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exeO4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exeO4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktaskO4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [EPSON Stylus Photo R340 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJA.EXE /P30 "EPSON Stylus Photo R340 Series" /O19 "\\D2TLCW31\EPSONSty" /M "Stylus Photo R340"O4 - HKLM\..\Run: [EPSON Stylus Photo R340 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJA.EXE /P39 "EPSON Stylus Photo R340 Series (Copy 1)" /O6 "USB001" /M "Stylus Photo R340"O4 - HKLM\..\Run: [sTOPzilla] C:\Program Files\STOPzilla!\STOPzilla.exe /autostartO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [EPSON Stylus Photo R340 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJA.EXE /P39 "EPSON Stylus Photo R340 Series (Copy 1)" /M "Stylus Photo R340" /EF "HKCU"O4 - HKCU\..\Run: [EPSON Stylus Photo R340 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAJA.EXE /P30 "EPSON Stylus Photo R340 Series" /M "Stylus Photo R340" /EF "HKCU"O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exeO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...90/mcinsctl.cabO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1127663733796O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cabO16 - DPF: {9C024426-7859-4B2D-AB4C-B1E370AE7549} - http://us.mcafee.com/Apps/WSC/en-us/WscWlanScannerCtrl.cabO16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,23/mcgdmgr.cabO20 - Winlogon Notify: STOPzilla - C:\WINDOWS\SYSTEM32\IS3WLHandler.dllO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exeO23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exeO23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exeO23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exeO23 - Service: STOPzilla Service (szserver) - Unknown owner - C:\Program Files\Common Files\STOPzilla!\szserver.exe Link to post Share on other sites More sharing options...
jwbirdsong Posted December 30, 2005 ID:522 Share Posted December 30, 2005 Click HERE to download Atri's ATF Cleaner (Atri'sTempFile)..Download to your desktopMore info on this tool HERENext, please reboot your computer in Safe Mode by doing the following: Restart your computer After hearing your computer beep once during startup, but before the Windows icon appears, tap F8. Instead of Windows loading as normal, a menu should appear Select the first option, to run Windows in Safe Mode.For additional help in booting into Safe Mode, see the following site:http://www.pchell.com/support/safemode.shtmlRun the ATFcleaner you downloaded earlier>check Select All>Click Empty Selected>OK>Close itDelete the following files IF they exist stillC:\Program Files\KaZaA Lite\bdcore.dllC:\temp\salmau.datC:\WINDOWS\INF\bi419.inf C:\WINDOWS\INF\biini.infC:\WINDOWS\SYSTEM32\xmltok.dllBoot back yo Windows and post a new HijackThis along with a report of how your system is running.NOTE..IF you are using Kazaa lite I REALLY REALLY suggest you uninstall and get a clean version..Read more HEREIt MAY be very hard to remove ..there is a program just for Kazaa removal if you want to use it. Link to post Share on other sites More sharing options...
Recommended Posts