Slow Internet Connection

**marley07712** · 03-13-2005, 09:34 AM

My broadband connection is extremely slow. Any help with this log file is appreciated.

Logfile of HijackThis v1.99.1
Scan saved at 11:26:30 AM, on 3/13/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Jon\Local Settings\Temp\Temporary Directory 1 for hijackthis_199.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.my.yahoo.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SpywareGuardDLBLOCK.CBrowserHelper - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\Common Files\aolshare\Coach\en_en\player\plugin\ToolBar.dll
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/ca...C_1_0_0_44.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z.net/content.info...TunesSetup.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

**marley07712** · 03-13-2005, 01:34 PM

After my first post my son informed me that norton AV detected and deleted some trojans. As a result, I ran TDS-3 and 5 alarms were detected.

13:49:33 [Init] Trojan Defence Suite v3.2.0 (UNLICENSED)
13:49:33 [Init] Started 13-03-05 13:49:33 Eastern Standard Time (UTC: 5), Internet Time @826.08
13:49:33 [Init] Loading TDS-3 Systems ...
13:49:33 [Init] Token successfully adjusted.
13:49:33 [Init] • TDS Privileges : OK. Adjusted TDS-3 token privileges to maximum
13:49:33 [Init] • Plugins : OK. Loaded 13
13:49:33 [Init] • Exec Protection : Not Installed
13:49:33 [Init] WARNING: Your Radius.TD3 database needs to be updated!
13:49:33 [Init] Please download the latest from http://tds.diamondcs.com.au/radius.td3
13:49:33 [Init] Licensed users can use the Update facility from the TDS menu
13:49:33 [Init] Loading Radius Advanced Scanning Systems ... <R3 Engine, DCS Labs>
13:49:39 [Init] • Radius Advanced Specialist Extensions on standby for 13 trojan families
13:49:39 [Init] • Systems Initialised [49214 references - 24509 primaries/12517 traces/12188 variants/other]
13:49:39 [Init] Radius Systems loaded. <Databases updated 13-03-2005>
13:49:39 [Init] TDS-3 Ready. <Jon@192.168.2.34, 127.0.0.1 - United States>
13:49:39 [Tip Of The Day] Ever wanted to know what your IRC client and IRC server were saying to each other? You can view, analyse, and even inject data into almost any TCP Client/Server combination using the Traffic Bridge utility.
13:49:39 [TDS] Good afternoon Jon.
13:49:45 [Mutex Memory Scan] Started...
13:49:46 [Mutex Memory Scan] Finished (no trojan mutexes found).
13:49:46 [TDS-3] This is an EVALUATION demo of TDS-3. Please see the help file for help on registering.
13:49:57 [CRC32] Started - verifying 29 files ...
13:50:02 [CRC32] Test finished.
13:51:33 [Memory Scan] Memory scan started, please wait a moment ...
13:51:34 [Memory Scan] Memory scan complete.
13:51:34 [Mutex Memory Scan] Started...
13:51:35 [Mutex Memory Scan] Finished (no trojan mutexes found).
13:51:35 [Trace Scan] Started...
13:51:43 [Trace Scan] Finished.
13:51:43 [ServiceScan] Scanning for services and drivers ...
13:51:49 [ServiceScan] Scanned 323 services and drivers.
13:51:49 [File Scan] Scanning in A:\ ...
13:51:50 [File Scan] Scanned 0 files: 0 alarms in 1.125 seconds (Avg 1. files/sec)
13:51:50 [File Scan] Scanning in C:\ ...
14:21:46 [File Scan] Scanned 45326 files: 5 alarms in 1796.047 seconds (Avg 26.24 files/sec)
14:21:46 [File Scan] Scanning in D:\ ...
14:22:00 [File Scan] Scanned 98 files: 5 alarms in 13.5625 seconds (Avg 8.23 files/sec)
14:22:00 [File Scan] Scanning in E:\ ...
14:22:00 [File Scan] Scanned 0 files: 5 alarms in 0.015625 seconds (Avg 1. files/sec)
14:22:00 [Scan] Finished.
14:39:33 [TDS] Good afternoon Jon.

Here are the alarms:

Scan Control Dumped @ 15:33:56 13-03-05
Positive identification: Riskware.ProcessRestart
File: c:\program files\kodak\kodak software updater\7288971\6.3.2.62-7288971l\program\restart.exe

Suspicious Filename: Dual extensions
File: c:\windows\pcdoc.bat.pif

Positive identification: TrojanDropper.Win32.Delf.z2
File: c:\windows\bundles\helperinstaller.exe

Positive identification: TrojanDropper.Win32.SurfSide.a
File: c:\windows\bundles\ssk_b5.exe

Positive identification (DLL): Adware.Adstart.c2 (dll)
File: c:\windows\system32\ljnug.dll

greyknight17 · 03-14-2005, 11:03 PM

Nothing looks suspicious in your HijackThis log.

Just delete these two:

c:\windows\bundles\ - delete folder
c:\windows\system32\ljnug.dll

Any problems now?

**marley07712** · 03-15-2005, 06:05 PM

No problems now. Thanks for your help.

03-13-2005, 09:34 AM	#1 (permalink)
marley07712 I helped the forums. Join Date: Nov 2004 Posts: 169 OS: XP	Slow Internet Connection My broadband connection is extremely slow. Any help with this log file is appreciated. Logfile of HijackThis v1.99.1 Scan saved at 11:26:30 AM, on 3/13/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe C:\WINDOWS\system32\drivers\KodakCCS.exe C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\AOL\ACS\AOLDial.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\Jon\Local Settings\Temp\Temporary Directory 1 for hijackthis_199.zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.my.yahoo.com/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SpywareGuardDLBLOCK.CBrowserHelper - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\Common Files\aolshare\Coach\en_en\player\plugin\ToolBar.dll O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/ca...C_1_0_0_44.cab O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z.net/content.info...TunesSetup.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

03-14-2005, 11:03 PM	#3 (permalink)
greyknight17 Analyst, Security Team Join Date: Jul 2004 Location: New York Posts: 14,331 OS: Windows 98 & Windows XP Home/Pro My System	Nothing looks suspicious in your HijackThis log. Just delete these two: c:\windows\bundles\ - delete folder c:\windows\system32\ljnug.dll Any problems now? __________________ Please do NOT PM me. Post whatever questions you may have in the forum and we will take a look at it when we get to it. If you have waited for more than 3 days, you may then and ONLY then PM me for assistance. I will take a look at it. Adaware :: CWShredder :: HijackThis :: Panda ActiveScan :: Spybot S&D Anti-Spyware Tutorial :: Spyware Prevention Tools

03-13-2005, 01:34 PM	#2 (permalink)
marley07712 I helped the forums. Join Date: Nov 2004 Posts: 169 OS: XP	After my first post my son informed me that norton AV detected and deleted some trojans. As a result, I ran TDS-3 and 5 alarms were detected. 13:49:33 [Init] Trojan Defence Suite v3.2.0 (UNLICENSED) 13:49:33 [Init] Started 13-03-05 13:49:33 Eastern Standard Time (UTC: 5), Internet Time @826.08 13:49:33 [Init] Loading TDS-3 Systems ... 13:49:33 [Init] Token successfully adjusted. 13:49:33 [Init] • TDS Privileges : OK. Adjusted TDS-3 token privileges to maximum 13:49:33 [Init] • Plugins : OK. Loaded 13 13:49:33 [Init] • Exec Protection : Not Installed 13:49:33 [Init] WARNING: Your Radius.TD3 database needs to be updated! 13:49:33 [Init] Please download the latest from http://tds.diamondcs.com.au/radius.td3 13:49:33 [Init] Licensed users can use the Update facility from the TDS menu 13:49:33 [Init] Loading Radius Advanced Scanning Systems ... <R3 Engine, DCS Labs> 13:49:39 [Init] • Radius Advanced Specialist Extensions on standby for 13 trojan families 13:49:39 [Init] • Systems Initialised [49214 references - 24509 primaries/12517 traces/12188 variants/other] 13:49:39 [Init] Radius Systems loaded. <Databases updated 13-03-2005> 13:49:39 [Init] TDS-3 Ready. <Jon@192.168.2.34, 127.0.0.1 - United States> 13:49:39 [Tip Of The Day] Ever wanted to know what your IRC client and IRC server were saying to each other? You can view, analyse, and even inject data into almost any TCP Client/Server combination using the Traffic Bridge utility. 13:49:39 [TDS] Good afternoon Jon. 13:49:45 [Mutex Memory Scan] Started... 13:49:46 [Mutex Memory Scan] Finished (no trojan mutexes found). 13:49:46 [TDS-3] This is an EVALUATION demo of TDS-3. Please see the help file for help on registering. 13:49:57 [CRC32] Started - verifying 29 files ... 13:50:02 [CRC32] Test finished. 13:51:33 [Memory Scan] Memory scan started, please wait a moment ... 13:51:34 [Memory Scan] Memory scan complete. 13:51:34 [Mutex Memory Scan] Started... 13:51:35 [Mutex Memory Scan] Finished (no trojan mutexes found). 13:51:35 [Trace Scan] Started... 13:51:43 [Trace Scan] Finished. 13:51:43 [ServiceScan] Scanning for services and drivers ... 13:51:49 [ServiceScan] Scanned 323 services and drivers. 13:51:49 [File Scan] Scanning in A:\ ... 13:51:50 [File Scan] Scanned 0 files: 0 alarms in 1.125 seconds (Avg 1. files/sec) 13:51:50 [File Scan] Scanning in C:\ ... 14:21:46 [File Scan] Scanned 45326 files: 5 alarms in 1796.047 seconds (Avg 26.24 files/sec) 14:21:46 [File Scan] Scanning in D:\ ... 14:22:00 [File Scan] Scanned 98 files: 5 alarms in 13.5625 seconds (Avg 8.23 files/sec) 14:22:00 [File Scan] Scanning in E:\ ... 14:22:00 [File Scan] Scanned 0 files: 5 alarms in 0.015625 seconds (Avg 1. files/sec) 14:22:00 [Scan] Finished. 14:39:33 [TDS] Good afternoon Jon. Here are the alarms: Scan Control Dumped @ 15:33:56 13-03-05 Positive identification: Riskware.ProcessRestart File: c:\program files\kodak\kodak software updater\7288971\6.3.2.62-7288971l\program\restart.exe Suspicious Filename: Dual extensions File: c:\windows\pcdoc.bat.pif Positive identification: TrojanDropper.Win32.Delf.z2 File: c:\windows\bundles\helperinstaller.exe Positive identification: TrojanDropper.Win32.SurfSide.a File: c:\windows\bundles\ssk_b5.exe Positive identification (DLL): Adware.Adstart.c2 (dll) File: c:\windows\system32\ljnug.dll

03-15-2005, 06:05 PM	#4 (permalink)
marley07712 I helped the forums. Join Date: Nov 2004 Posts: 169 OS: XP	No problems now. Thanks for your help.