Hi,
There are files in Norton Quarantine folder which Kaspersky found, you can delete/remove these by following instructions
Here.
There are also files within Housecall quarantine folder, you can delete those as well.
Kaspersky also detected this:
Quote:
|
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Identities\{D190EE07-1887-4595-8F62-6253114299D2}\Microsoft\Outlook Express\Deleted Items.dbx Suspicious: Trojan-Spy.HTML.Fraud.gen 2
|
It does not say which e-mail is the suspicious one, it would be best if you empty all the e-mails contained within deleted items folder(do not delete the folder).
==========
Open notepad and copy/paste the text in the quotebox below into it:
Quote:
File::
c:\windows\system32\dllcache\OLD49.tmp
c:\windows\system32\dllcache\OLD3F.tmp
c:\windows\system32\euqugsjryckwl.dll-uninst.exe
C:\Program Files\Real\RealArcade\Setup\setup_rac.exe
Folder::
c:\documents and settings\HP_Administrator\Application Data\LimeWire
c:\program files\Java\jre1.5.0_09
Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
|
Save this as
CFscript
Refering to the picture above, drag CFscript into ComboFix.exe
Follow the prompts, and post the resulting log,
C:\ComboFix.txt
Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.
Warning:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall
========
Open HijackThis and click on 'Do a System Scan and save a Logfile'. Save the log file and post it here.
========
Logs Required
C:\Combofix.txt
Hijackthis Log