1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

jfgifgf.dll in my C:winnt\system32 folder...

Discussion in 'Virus & Other Malware Removal' started by Jarkeld_ia, Apr 7, 2004.

Thread Status:
Not open for further replies.
Advertisement
  1. Jarkeld_ia

    Jarkeld_ia Thread Starter

    Joined:
    Nov 28, 2003
    Messages:
    91
    ...and I can't delete it. When I try I get the message "Cannot delete jfgifgf: The specified file is being used by Windows." I have run CWShredder, H/T, Adaware and spybot search, rebooted and I still can't delete it. After I run the above my homepage is "blank". However if I reset my homepage to yahoo.com and then close and then reopen the browser I'm stuck with some ******** search page. And the above dll is still around. I don't know if this is causing the hijacking but I suspect it is. How do I get rid of it? What is it doing? Why is windows using it? Can anyone help me?

    Thanks,
    Jarkeld_ia
     
  2. Nok1

    Nok1

    Joined:
    Feb 15, 2004
    Messages:
    826
    The file is in use and that is why it cannont be deleted. Before you delete anything, please download HijackThis from here. Make a new folder for the program and then open it, click Scan. When it finishes scanning, do no remove anything but instead save the log and post it here.

    Someone will then help you
     
  3. Jarkeld_ia

    Jarkeld_ia Thread Starter

    Joined:
    Nov 28, 2003
    Messages:
    91
    Nok1,
    Thanks for the help. As requested.

    Jarkeld


    Logfile of HijackThis v1.97.7
    Scan saved at 19:07:00 PM, on 4/7/2004
    Platform: Windows 2000 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    C:\WINNT\System32\DRIVERS\CDANTSRV.EXE
    C:\WINNT\System32\svchost.exe
    C:\PROGRA~1\Iomega\System32\AppServices.exe
    C:\WINNT\system32\regsvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINNT\system32\MSTask.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\System32\mspmspsv.exe
    C:\WINNT\System32\ZipToA.exe
    C:\Program Files\Iomega\AutoDisk\ADService.exe
    C:\WINNT\explorer.exe
    C:\Program Files\ahead\InCD\InCD.exe
    C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
    C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
    C:\Program Files\PopUp Killer\PopUpKiller.EXE
    C:\Program Files\3dfx Interactive\3dfx Tools\Apps\3dfxMan.exe
    C:\Program Files\12Ghosts\12popup.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Lavasoft\Hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\System32\dpbk.dll/sp.html (obfuscated)
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\System32\dpbk.dll/sp.html (obfuscated)
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\System32\dpbk.dll/sp.html (obfuscated)
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\System32\dpbk.dll/sp.html (obfuscated)
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\System32\dpbk.dll/sp.html (obfuscated)
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\System32\dpbk.dll/sp.html (obfuscated)
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
    O2 - BHO: (no name) - {94181B2E-30F2-4D59-8BC4-F7D82D041F28} - C:\WINNT\System32\dpbk.dll
    O4 - HKLM\..\Run: [InCD] C:\Program Files\ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
    O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
    O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
    O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe
    O4 - HKLM\..\Run: [PopUpKiller] C:\Program Files\PopUp Killer\PopUpKiller.EXE
    O4 - HKLM\..\Run: [Decal] D:\Asheron's Call\Utils\Decal\Decal\DenAgent.exe
    O4 - HKLM\..\Run: [3dfx Task Manager] "C:\Program Files\3dfx Interactive\3dfx Tools\Apps\3dfxMan.exe"
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - Startup: 12Ghosts Popup-Killer.lnk = C:\Program Files\12Ghosts\12popup.exe
    O4 - Startup: MemTurbo.lnk = C:\Program Files\Silicon Prairie Software\MemTurbo\memturbo.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
     
  4. Nok1

    Nok1

    Joined:
    Feb 15, 2004
    Messages:
    826
    Download and run CWShredder from here. Before running the program, make sure that all windows besides CWShredder are closed. Open the program, and click on Fix Now and not Scan only.

    remove these entries from HJT

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\System32\dpbk.dll/sp.html (obfuscated)

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\System32\dpbk.dll/sp.html (obfuscated)

    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\System32\dpbk.dll/sp.html (obfuscated)

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\System32\dpbk.dll/sp.html (obfuscated)

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\System32\dpbk.dll/sp.html (obfuscated)

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\System32\dpbk.dll/sp.html (obfuscated)

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank

    O2 - BHO: (no name) - {94181B2E-30F2-4D59-8BC4-F7D82D041F28} - C:\WINNT\System32\dpbk.dll


    Post another log when done.
     
  5. Jarkeld_ia

    Jarkeld_ia Thread Starter

    Joined:
    Nov 28, 2003
    Messages:
    91
    Nok1,
    Something is really strange. I just looked at my last log and this file is there:

    O2 - BHO: (no name) - {94181B2E-30F2-4D59-8BC4-F7D82D041F28} - C:\WINNT\System32\dpbk.dll


    However, when I just ran and deleted the ones listed it wasn't there, instead, it was replaced with the jfgifgf.dll. Not sure what that means. I'm posting this, then rebooting. I'll repost a log when the CPU comes back up.

    Jarkeld


    Logfile of HijackThis v1.97.7
    Scan saved at 19:18:17 PM, on 4/7/2004
    Platform: Windows 2000 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    C:\WINNT\System32\DRIVERS\CDANTSRV.EXE
    C:\WINNT\System32\svchost.exe
    C:\PROGRA~1\Iomega\System32\AppServices.exe
    C:\WINNT\system32\regsvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINNT\system32\MSTask.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\System32\mspmspsv.exe
    C:\WINNT\System32\ZipToA.exe
    C:\Program Files\Iomega\AutoDisk\ADService.exe
    C:\WINNT\explorer.exe
    C:\Program Files\ahead\InCD\InCD.exe
    C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
    C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
    C:\Program Files\PopUp Killer\PopUpKiller.EXE
    C:\Program Files\3dfx Interactive\3dfx Tools\Apps\3dfxMan.exe
    C:\Program Files\12Ghosts\12popup.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Lavasoft\Hijackthis\HijackThis.exe

    O4 - HKLM\..\Run: [InCD] C:\Program Files\ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
    O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
    O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
    O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe
    O4 - HKLM\..\Run: [PopUpKiller] C:\Program Files\PopUp Killer\PopUpKiller.EXE
    O4 - HKLM\..\Run: [Decal] D:\Asheron's Call\Utils\Decal\Decal\DenAgent.exe
    O4 - HKLM\..\Run: [3dfx Task Manager] "C:\Program Files\3dfx Interactive\3dfx Tools\Apps\3dfxMan.exe"
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - Startup: 12Ghosts Popup-Killer.lnk = C:\Program Files\12Ghosts\12popup.exe
    O4 - Startup: MemTurbo.lnk = C:\Program Files\Silicon Prairie Software\MemTurbo\memturbo.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
     
  6. Jarkeld_ia

    Jarkeld_ia Thread Starter

    Joined:
    Nov 28, 2003
    Messages:
    91
    Ran H/T again and they are all back.


    Logfile of HijackThis v1.97.7
    Scan saved at 19:26:14 PM, on 4/7/2004
    Platform: Windows 2000 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    C:\WINNT\System32\DRIVERS\CDANTSRV.EXE
    C:\WINNT\System32\svchost.exe
    C:\PROGRA~1\Iomega\System32\AppServices.exe
    C:\WINNT\system32\regsvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINNT\system32\MSTask.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\System32\mspmspsv.exe
    C:\WINNT\System32\ZipToA.exe
    C:\Program Files\Iomega\AutoDisk\ADService.exe
    C:\WINNT\explorer.exe
    C:\Program Files\ahead\InCD\InCD.exe
    C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
    C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
    C:\Program Files\PopUp Killer\PopUpKiller.EXE
    C:\Program Files\3dfx Interactive\3dfx Tools\Apps\3dfxMan.exe
    C:\Program Files\12Ghosts\12popup.exe
    C:\Program Files\Lavasoft\Hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\System32\jfgifgf.dll/sp.html (obfuscated)
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\System32\jfgifgf.dll/sp.html (obfuscated)
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\System32\jfgifgf.dll/sp.html (obfuscated)
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\System32\jfgifgf.dll/sp.html (obfuscated)
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\System32\jfgifgf.dll/sp.html (obfuscated)
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\System32\jfgifgf.dll/sp.html (obfuscated)
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
    O2 - BHO: (no name) - {D0E4EE6A-AEF9-4A20-ABA4-09DF30D1CEEA} - C:\WINNT\System32\jfgifgf.dll
    O4 - HKLM\..\Run: [InCD] C:\Program Files\ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
    O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
    O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
    O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe
    O4 - HKLM\..\Run: [PopUpKiller] C:\Program Files\PopUp Killer\PopUpKiller.EXE
    O4 - HKLM\..\Run: [Decal] D:\Asheron's Call\Utils\Decal\Decal\DenAgent.exe
    O4 - HKLM\..\Run: [3dfx Task Manager] "C:\Program Files\3dfx Interactive\3dfx Tools\Apps\3dfxMan.exe"
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - Startup: 12Ghosts Popup-Killer.lnk = C:\Program Files\12Ghosts\12popup.exe
    O4 - Startup: MemTurbo.lnk = C:\Program Files\Silicon Prairie Software\MemTurbo\memturbo.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
     
  7. Nok1

    Nok1

    Joined:
    Feb 15, 2004
    Messages:
    826
    Please submit the jfgifgf.dllfile to the following link before you remove.

    http://www.lavahelp.com/submit/

    Next, lets remove these files:
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\System32\jfgifgf.dll/sp.html (obfuscated)

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\System32\jfgifgf.dll/sp.html (obfuscated)

    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\System32\jfgifgf.dll/sp.html (obfuscated)

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\System32\jfgifgf.dll/sp.html (obfuscated)

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\System32\jfgifgf.dll/sp.html (obfuscated)

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\System32\jfgifgf.dll/sp.html (obfuscated)

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank

    O2 - BHO: (no name) - {D0E4EE6A-AEF9-4A20-ABA4-09DF30D1CEEA} - C:\WINNT\System32\jfgifgf.dll


    Post another log.
     
  8. Jarkeld_ia

    Jarkeld_ia Thread Starter

    Joined:
    Nov 28, 2003
    Messages:
    91
    Nok1,
    Ok, ran H/T again, deleted those 8 files. Rebooted. Ran H/T again and here is the log:

    Logfile of HijackThis v1.97.7
    Scan saved at 19:40:58 PM, on 4/7/2004
    Platform: Windows 2000 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    C:\WINNT\System32\DRIVERS\CDANTSRV.EXE
    C:\WINNT\System32\svchost.exe
    C:\PROGRA~1\Iomega\System32\AppServices.exe
    C:\WINNT\system32\regsvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINNT\system32\MSTask.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\System32\mspmspsv.exe
    C:\WINNT\System32\ZipToA.exe
    C:\Program Files\Iomega\AutoDisk\ADService.exe
    C:\WINNT\explorer.exe
    C:\Program Files\ahead\InCD\InCD.exe
    C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
    C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
    C:\Program Files\PopUp Killer\PopUpKiller.EXE
    C:\Program Files\3dfx Interactive\3dfx Tools\Apps\3dfxMan.exe
    C:\Program Files\12Ghosts\12popup.exe
    C:\Program Files\Lavasoft\Hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\System32\jfgifgf.dll/sp.html (obfuscated)
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\System32\jfgifgf.dll/sp.html (obfuscated)
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\System32\jfgifgf.dll/sp.html (obfuscated)
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINNT\System32\jfgifgf.dll/sp.html (obfuscated)
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINNT\System32\jfgifgf.dll/sp.html (obfuscated)
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINNT\System32\jfgifgf.dll/sp.html (obfuscated)
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
    O2 - BHO: (no name) - {40F60DAC-D1DB-451D-BE86-59CDF925858C} - C:\WINNT\System32\jfgifgf.dll
    O4 - HKLM\..\Run: [InCD] C:\Program Files\ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
    O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
    O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
    O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe
    O4 - HKLM\..\Run: [PopUpKiller] C:\Program Files\PopUp Killer\PopUpKiller.EXE
    O4 - HKLM\..\Run: [Decal] D:\Asheron's Call\Utils\Decal\Decal\DenAgent.exe
    O4 - HKLM\..\Run: [3dfx Task Manager] "C:\Program Files\3dfx Interactive\3dfx Tools\Apps\3dfxMan.exe"
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - Startup: 12Ghosts Popup-Killer.lnk = C:\Program Files\12Ghosts\12popup.exe
    O4 - Startup: MemTurbo.lnk = C:\Program Files\Silicon Prairie Software\MemTurbo\memturbo.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

    No effect. They are all back.

    Jarkeld
     
  9. Nok1

    Nok1

    Joined:
    Feb 15, 2004
    Messages:
    826
    Did you submit the file? I highly suggest you do.

    Okay, time to get rid of this file the old fashioned way (but please submit before you delete)

    Reboot to safe mode, enable viewing of hidden/system files and delete the file below:
    C:\WINNT\System32\jfgifgf.dll

    Reboot, and post another log (in normal mode)
     
  10. Jarkeld_ia

    Jarkeld_ia Thread Starter

    Joined:
    Nov 28, 2003
    Messages:
    91
    Nok1,
    Safe mode was the key. I had forgotten about that. Thanks for the advice and all I have to say is make sure you scan files from Kazaa before you use them.

    Jarkeld_ia
     
  11. Nok1

    Nok1

    Joined:
    Feb 15, 2004
    Messages:
    826
    Jarkeld, what we have done is just delete the file. This is a new version of the CWS hijack. We have submitted several files to ad-aware and merjin, and soon a "full fix" will come out, so keep ad-aware up to date.
     
  12. Jarkeld_ia

    Jarkeld_ia Thread Starter

    Joined:
    Nov 28, 2003
    Messages:
    91
    Yeah, I sent them the file before I deleted it. Thanks again for your help.

    Jarkeld
     
  13. Nok1

    Nok1

    Joined:
    Feb 15, 2004
    Messages:
    826
    No problem.
     
  14. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/218195

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice