Bullguard Antivirus Forum Download A Free Copy Of Bullguard Antivirus Software
Free Antivirus Forum - Learn about antivirus, firewalls and personal security Free Antivirus Forum - Learn about antivirus, firewalls and personal security
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
Jkhfc.exe help scan log from hijack this
   
BullGuard Antivirus Forum > Virus Removal > Removal Help > Jkhfc.exe help scan log from hijack this  
Forum Quick Jump
 
New Topic Post reply to : Jkhfc.exe help scan log from hijack this Printable version of : Jkhfc.exe help scan log from hijack this
[ << Previous Thread | Next Thread >> ]

epyonz
New Member


Date Joined Jan 2008
Total Posts : 3
  		   Posted 1-6-2008 4:15 (GMT +1)    Quote: Jkhfc.exe help scan log from hijack thisAlert an admin about: Jkhfc.exe help scan log from hijack this
This is the result I got from the Hijackthis scan. Could someone please help.
 
Logfile of HijackThis v1.99.1
Scan saved at 14:50:10, on 06/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\LTSMMSG.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\alternativ.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///C:/Program%20Files/TOSHIBA/Free%20Update%20Service/splash.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file:///C:\Program Files\TOSHIBA\Free Update Service\splash.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ultimate-guitar.com/
F3 - REG:win.ini: load=C:\WINDOWS\system32\jkhfc.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {26064804-61E7-4795-8F04-16592F36D62B} - C:\WINDOWS\system32\jkhfc.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {E1759A31-E627-4758-9562-6899DF36C9C2} - C:\WINDOWS\system32\awtqpmn.dll
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [PmProxy] C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=file:///C:\Program Files\TOSHIBA\Free Update Service\splash.html
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: awtqpmn - C:\WINDOWS\SYSTEM32\awtqpmn.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
 
 
 
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 16319
  		   Posted 1-7-2008 10:01 (GMT +1)    Quote: Jkhfc.exe help scan log from hijack thisAlert an admin about: Jkhfc.exe help scan log from hijack this
Hi epoynz smile


Please download Combofix:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
 
and save to the desktop.

Close all other browser windows.
 
 
Important-> Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".

 
 Go to start --> run and copy/paste in the following:

"%userprofile%\desktop\combofix.exe" /killall

 
 When finished, it will produce a logfile located at C:\ComboFix.txt.

Post the contents of that log in your next reply with a new hijackthis log.

Note:
Do not mouseclick combofix's window while it is running. That may cause your system to stall/hang.
 
 


Do NOT post your problem in someone elses thread.

Back to Top
 

epyonz
New Member


Date Joined Jan 2008
Total Posts : 3
  		   Posted 1-7-2008 11:57 (GMT +1)    Quote: Jkhfc.exe help scan log from hijack thisAlert an admin about: Jkhfc.exe help scan log from hijack this
This is the log from combofix:

ComboFix 08-01-04.1 - Lewis 2008-01-07 10:34:48.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.102 [GMT 0:00]
Running from: C:\Documents and Settings\Lewis\desktop\combofix.exe
Command switches used :: /killall
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Common Files\Yazzle1281OinUninstaller.exe
C:\WINDOWS\system32\awtqpmn.dll
C:\WINDOWS\system32\cfhkj.ini
C:\WINDOWS\system32\cfhkj.ini2
C:\WINDOWS\system32\jkhfc.dll
C:\WINDOWS\system32\jkhfc.exe
C:\WINDOWS\system32\pac.txt

.
((((((((((((((((((((((((( Files Created from 2007-12-07 to 2008-01-07 )))))))))))))))))))))))))))))))
.

2008-01-07 10:30 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-06 15:39 . 2008-01-06 15:39 <DIR> d-------- C:\Program Files\Lavasoft
2008-01-06 15:38 . 2008-01-06 15:38 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-06 15:37 . 2008-01-06 15:37 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-06 14:49 . 2008-01-06 14:50 <DIR> d-------- C:\HJT
2008-01-06 11:52 . 2008-01-06 11:52 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-06 11:52 . 2008-01-06 11:52 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-05 15:11 . 2008-01-05 15:12 <DIR> d-------- C:\WINDOWS\system32\ardCo01
2008-01-05 15:11 . 2008-01-05 15:11 <DIR> d-------- C:\Temp\cEeer12
2008-01-05 15:11 . 2008-01-05 15:11 <DIR> d-------- C:\Temp
2008-01-05 14:51 . 2008-01-05 14:51 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-01-04 14:16 . 2008-01-04 14:16 <DIR> d-------- C:\Documents and Settings\Lewis\Application Data\OnReally
2008-01-04 14:14 . 2008-01-04 14:14 <DIR> d-------- C:\Program Files\OnReally
2008-01-03 18:12 . 2008-01-03 18:12 <DIR> d-------- C:\Program Files\Microsoft SQL Server
2008-01-03 18:12 . 2008-01-03 18:15 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-01-03 17:53 . 2008-01-03 17:54 <DIR> d-------- C:\Program Files\MSXML 6.0
2008-01-02 18:17 . 2008-01-02 18:17 <DIR> d-------- C:\Program Files\FLVPlayer
2007-12-31 19:55 . 2007-12-31 19:55 <DIR> d-------- C:\Program Files\VSTplugins
2007-12-31 19:55 . 2007-12-31 19:55 <DIR> d-------- C:\Documents and Settings\Lewis\Application Data\Publish Providers
2007-12-31 19:39 . 2007-12-31 19:39 <DIR> d-------- C:\Documents and Settings\Lewis\Application Data\Sony
2007-12-31 19:21 . 2007-12-31 19:21 <DIR> d-------- C:\Program Files\Sony
2007-12-31 19:16 . 2007-12-31 19:16 <DIR> d-------- C:\Program Files\Sony Setup
2007-12-31 17:20 . 2007-12-31 17:20 <DIR> d--h----- C:\WINDOWS\PIF
2007-12-08 14:13 . 2007-12-31 17:26 713 --a------ C:\WINDOWS\cdplayer.ini

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-07 10:11 --------- d-----w C:\Documents and Settings\Lewis\Application Data\AVG7
2008-01-07 10:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7
2008-01-06 16:22 --------- d-----w C:\Program Files\Cliprex_WhenUSave_Installer
2008-01-06 11:59 --------- d-----w C:\Program Files\iTunes
2008-01-06 11:47 --------- d-----w C:\Program Files\QuickTime
2007-11-28 10:52 --------- d-----w C:\Program Files\Common Files\Apple
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-10 15:41 --------- d-----w C:\Program Files\PCFriendly
2007-11-10 12:28 --------- d-----w C:\Program Files\Frets on Fire
2007-11-10 12:28 --------- d-----w C:\Program Files\Eraser
2007-10-23 10:02 63,488 ----a-w C:\WINDOWS\xobglu16.dll
2007-10-23 10:02 23,552 ----a-w C:\WINDOWS\xobglu32.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"000StTHK"="000StTHK.exe" [2001-06-23 20:28 24576 C:\WINDOWS\system32\000StTHK.exe]
"LTSMMSG"="LTSMMSG.exe" [2003-04-18 09:06 32768 C:\WINDOWS\ltsmmsg.exe]
"TPSMain"="TPSMain.exe" [2003-10-02 11:12 266240 C:\WINDOWS\system32\TPSMain.exe]
"TFncKy"="TFncKy.exe" []
"TFNF5"="TFNF5.exe" [2001-08-03 17:08 73728 C:\WINDOWS\system32\TFNF5.exe]
"NDSTray.exe"="NDSTray.exe" []
"PmProxy"="C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe" [ ]
"WinPatrol"="C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe" [ ]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [ ]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-01-07 10:07 145920]

R0 TVALG;Toshiba Value Added Logical and General Purpose Device Driver;C:\WINDOWS\system32\DRIVERS\TVALG.SYS [2001-09-13 19:53]
R3 TOSHIBASoftModem;TOSHIBA Software Modem;C:\WINDOWS\system32\DRIVERS\LTSM.sys [2002-09-17 15:12]
R3 tsdhd;TOSHIBA SD Card Host Controller Driver;C:\WINDOWS\system32\DRIVERS\tsdhd.sys [2003-05-14 16:38]
S3 MPManF70;MPMan-F70;C:\WINDOWS\system32\Drivers\MPManF70.sys [2002-05-02 09:02]
S3 pciSd;pciSd;C:\WINDOWS\system32\DRIVERS\tossdpci.sys [2003-02-12 08:03]

.
Contents of the 'Scheduled Tasks' folder
"2007-12-28 22:16:13 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-07 10:50:02
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-07 10:52:45 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-07 10:52:28
.
2008-01-05 00:23:13 --- E O F ---



and this is the new log from hijack this:

Logfile of HijackThis v1.99.1
Scan saved at 10:56:03, on 07/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\LTSMMSG.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\HJT\alternativ.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///C:/Program%20Files/TOSHIBA/Free%20Update%20Service/splash.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file:///C:\Program Files\TOSHIBA\Free Update Service\splash.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ultimate-guitar.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [PmProxy] C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=file:///C:\Program Files\TOSHIBA\Free Update Service\splash.html
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

Thanks,

epyonz
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 16319
  		   Posted 1-7-2008 1:18 (GMT +1)    Quote: Jkhfc.exe help scan log from hijack thisAlert an admin about: Jkhfc.exe help scan log from hijack this
Seems to combofix get rid of -
 
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\jkhfc.dll
C:\WINDOWS\system32\jkhfc.exe
 
 
How are things running now ?

Do NOT post your problem in someone elses thread.

Back to Top
 

epyonz
New Member


Date Joined Jan 2008
Total Posts : 3
  		   Posted 1-7-2008 1:35 (GMT +1)    Quote: Jkhfc.exe help scan log from hijack thisAlert an admin about: Jkhfc.exe help scan log from hijack this
I think that seems to have done the job. Thank you very much.
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 16319
  		   Posted 1-7-2008 1:38 (GMT +1)    Quote: Jkhfc.exe help scan log from hijack thisAlert an admin about: Jkhfc.exe help scan log from hijack this
Sounds good smile
 
 
 
Please  read Tony Klein's excellent article  about how to prevent against  spyware/hijackers in the future
http://www.castlecops.com/t7736-So_how_did_I_get_infected_in_the_first_place.html

Do NOT post your problem in someone elses thread.

Back to Top
 
New Topic Post reply to : Jkhfc.exe help scan log from hijack this Printable version of : Jkhfc.exe help scan log from hijack this
 
Forum Information
Currently it is Saturday, November 21, 2009 10:33 AM (GMT +1)
There are a total of 73.028 posts in 17.116 threads.
In the last 3 days there were 14 new threads and 68 reply posts. View Active Threads
Who's Online
This forum has 30334 registered members. Please welcome our newest member, sushil.
39 Guest(s), 1 Registered Member(s) are currently online.  Details
DanLasko
5 Latest Threads
Michael Vick jerseys (0)21-11-2009 08:30:57 (donejerseys)
How to remove this Malware/Virus (0)21-11-2009 06:54:16 (bozzack)
Arizona Cardinals Jerseys (0)21-11-2009 06:15:59 (donejerseys)
Atlanta Falcons Jerseys (0)21-11-2009 06:15:26 (donejerseys)
Need help with virus that takes over admin powers (0)21-11-2009 05:38:23 (urbane)


Need Support? Write to: | Forum Help Manual

Download free trial version of Bullguard