ninjaflute
2007-03-19, 23:53
hi, i have been following the instruction given by shaba on this thread
http://forums.spybot.info/showthread.php?t=11691
when i ran SmitfraudFix.exe. i had one more thing shown in my infection results:
换换换换换换换换换换换换 Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{634be415-da12-496b-b89e-329b73c4807f}"="cam"
[HKEY_CLASSES_ROOT\CLSID\{634be415-da12-496b-b89e-329b73c4807f}\InProcServer32]
@="C:\WINDOWS\system32\tvomnc.dll"
[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{634be415-da12-496b-b89e-329b73c4807f}\InProcServer32]
@="C:\WINDOWS\system32\tvomnc.dll"
and after i did the online spyware check using Kaspersky Online Scanner. i found out that this tvomnc.dll in my system32 is a trojan downloader. actually that may not be the case because there were couple more.
however, the computer runs fine. but that System Alert! keeps poping up, weather left click or right click, it opens up a web-page http://spydawn.com/?aff=321. in the add/remove applications i can't remove the system alert popup. it is rather annoying...and it feels like this is a spyware/virus/malware/add-ware.
how do i get rid of it? please help.
regards
http://forums.spybot.info/showthread.php?t=11691
when i ran SmitfraudFix.exe. i had one more thing shown in my infection results:
换换换换换换换换换换换换 Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{634be415-da12-496b-b89e-329b73c4807f}"="cam"
[HKEY_CLASSES_ROOT\CLSID\{634be415-da12-496b-b89e-329b73c4807f}\InProcServer32]
@="C:\WINDOWS\system32\tvomnc.dll"
[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{634be415-da12-496b-b89e-329b73c4807f}\InProcServer32]
@="C:\WINDOWS\system32\tvomnc.dll"
and after i did the online spyware check using Kaspersky Online Scanner. i found out that this tvomnc.dll in my system32 is a trojan downloader. actually that may not be the case because there were couple more.
however, the computer runs fine. but that System Alert! keeps poping up, weather left click or right click, it opens up a web-page http://spydawn.com/?aff=321. in the add/remove applications i can't remove the system alert popup. it is rather annoying...and it feels like this is a spyware/virus/malware/add-ware.
how do i get rid of it? please help.
regards