Hello!
It is a P2P program like Vuze. I will remove it for you.
Run CFScript
- Close any open browsers.
- Open Notepad by click start
- Click Run
- Type notepad into the box and click enter
- Notepad will open
- Copy and Paste everything from the Code box into Notepad:
Code:
File::
C:\exefix.reg
Folder::
c:\program files\DNA
c:\documents and settings\Administrator\Application Data\DNA
c:\documents and settings\change me\Application Data\Azureus
c:\documents and settings\All Users\Application Data\Azureus
c:\docume~1\CHANGE~1\APPLIC~1\Azureus
c:\program files\Vuze
c:\program files\Exterminate It!
c:\documents and settings\change me\Application Data\Smart PC Solutions
c:\docume~1\CHANGE~1\APPLIC~1\Smart PC Solutions
c:\documents and settings\change me\Application Data\.ABC
c:\docume~1\CHANGE~1\APPLIC~1\.ABC
Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Vuze\\Azureus.exe"=-
"c:\\Program Files\\DNA\\btdna.exe"=-
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"25766:TCP"=-
"25766:UDP"=-
"65535:TCP"=-
"65535:UDP"=-
"12863:TCP"=-
"12863:UDP"=-
"20422:TCP"=-
"20422:UDP"=-
DDS:
DPF: {680285A8-96D3-43DA-9D3D-51DD987D0B77}
- Save this as CFScript.txt, in the same location as ComboFix.exe (on your desktop)
- Refering to the picture below, drag CFScript into ComboFix.exe
- When finished, it shall produce a log for you at C:\ComboFix.txt
NOTE: Do not mouseclick combofix's window whilst it's running. That may cause it to stall it.
ATF-Cleaner
Please download ATF Cleaner by Atribune.
- Save it to your desktop
- Double-click ATF-Cleaner.exe to run the program.
- Under Main choose: Select All
- Click the Empty Selected button.
If you use Firefox browser - Click Firefox at the top and choose: Select All
- Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords please click No at the prompt. - Click Exit on the Main menu to close the program.
Kaspersky Online Scan
You can use either Internet Explorer or Mozilla FireFox for this scan.
Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
- Please go to Kaspersky website and perform an online antivirus scan.
- Read through the requirements and privacy statement and click on Accept button.
- It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
- When the downloads have finished, click on Settings.
- Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
- Spyware, Adware, Dialers, and other potentially dangerous programs
- Archives
- Click on My Computer under Scan.
- Once the scan is complete, it will display the results. Click on View Scan Report.
- You will see a list of infected items there. Click on Save Report As....
- Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
- Please post this log in your next reply along with a fresh HijackThis log.
Logs/Information to Post in Next Reply
Please post the following logs/Information in your reply:
- ComboFix log (found at C:\Combofix.txt)
- Kaspersky Log
- A fresh HijackThis Log ( after all the above has been done)
- A description of how your computer is behaving