8/9/2004 6:08:53 AM NT AUTHORITY\SYSTEM 1800 Sign of “Win32:Trojano-246 [Trj]” has been found in “C:\Program Files\WindUpdates\WinKA.exe” file.
8/13/2004 5:28:24 PM NT AUTHORITY\SYSTEM 1804 Sign of “Win32:Trojano-246 [Trj]” has been found in “C:\Program Files\WindUpdates\WinKA.exe” file.
8/13/2004 5:28:25 PM NT AUTHORITY\SYSTEM 1804 Sign of “Win32:Trojano-246 [Trj]” has been found in “C:\PROGRA~1\WINDUP~1\WinKA.exe” file.
8/13/2004 5:28:29 PM NT AUTHORITY\SYSTEM 1804 Sign of “Win32:Trojano-247 [Trj]” has been found in “C:\PROGRAM FILES\WINDUPDATES\COMM.DLL” file.
8/14/2004 5:09:34 AM NT AUTHORITY\SYSTEM 1800 Sign of “Win32:Trojano-246 [Trj]” has been found in “C:\Program Files\WindUpdates\WinKA.exe” file.
8/14/2004 5:09:38 AM NT AUTHORITY\SYSTEM 1800 Sign of “Win32:Trojano-247 [Trj]” has been found in “C:\PROGRAM FILES\WINDUPDATES\COMM.DLL” file.
8/14/2004 3:04:02 PM NT AUTHORITY\SYSTEM 1804 Sign of “Win32:Trojano-246 [Trj]” has been found in “C:\Program Files\WindUpdates\WinKA.exe” file.
8/15/2004 4:10:34 AM NT AUTHORITY\SYSTEM 1800 Sign of “Win32:Trojano-246 [Trj]” has been found in “C:\Program Files\WindUpdates\WinKA.exe” file.
8/15/2004 7:27:26 AM NT AUTHORITY\SYSTEM 1800 Sign of “Win32:Trojano-246 [Trj]” has been found in “C:\Program Files\WindUpdates\WinKA.exe” file.
8/15/2004 8:10:07 AM NT AUTHORITY\SYSTEM 1800 Sign of “Win32:Trojano-246 [Trj]” has been found in “C:\Program Files\WindUpdates\WinKA.exe” file.
8/15/2004 9:18:53 AM NT AUTHORITY\SYSTEM 1800 Sign of “Win32:Trojano-246 [Trj]” has been found in “C:\Program Files\WindUpdates\WinKA.exe” file.
8/15/2004 11:05:03 AM NT AUTHORITY\SYSTEM 1800 Sign of “Win32:Trojano-247 [Trj]” has been found in “C:\System Volume Information_restore{CBBCF61B-BBED-4BDC-B279-A0044CE04DCA}\RP89\A0015979.dll” file.
Any idea where these might be coming from and what type of viruses these are?
It is obviously spyware/trojan horse who has infiltrated in your windows registry… Try to remove it with a anti-spywarekiller or prevent it with “spywareblaster”
Ok…I just did a scan of C and moved five files to the chest, then Adaware found another which I deleted.
But here is the log from HijackThis:
Logfile of HijackThis v1.98.2
Scan saved at 4:06:21 PM, on 8/15/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)