Threat: Trojan.LowZones!reg....File: C:\temp\kans.reg

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by computer clueless, Jul 12, 2005.

  1. computer clueless

    computer clueless Private E-2

    I am receiving a symantec notification when I open my firefox browser. I read a thread about the same problem that noted that I should download hijackthis. I downloaded it, but do not know where to go from there. When I open hijackthis, winzip wizard opens. I have no clue what to do from there. Can someone please help me. How do I run WinZip? Below is the notification I receive:

    Thank you

    (the registry editor also comes up saying "cannot import kans.reg")

    SYMANTEC ANTIVIRUS NOTIFICATION:
    Scan type: Auto-Protect Scan
    Event: Threat Found!
    Threat: Trojan.LowZones!reg
    File: C:\temp\kans.reg
    Location: C:\temp
    Computer: MARGARET
    User: SYSTEM
    Action taken: Clean failed : Quarantine failed : Delete succeeded : Access denied
    Date found: Tuesday, July 12, 2005 12:03:34 PM
     
    computer clueless, Jul 12, 2005
    #1
  2. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    Please follow standard cleanup procedures as given below:

    - Run ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal

    Make sure you check version numbers and get all updates.

    - Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.


    After doing ALL of the above and you still have a problem, make sure you have booted to normal mode and run the steps below:



    http://www.majorgeeks.com/images/grenade.gif Download HijackThis 1.99.1

    http://www.majorgeeks.com/images/grenade.gif Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

    http://www.majorgeeks.com/images/grenade.gif Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the ZIP file as your backups will not be safely stored.

    http://www.majorgeeks.com/images/grenade.gifBefore running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

    http://www.majorgeeks.com/images/grenade.gifRun HijackThis and save your log file.

    http://www.majorgeeks.com/images/grenade.gif Post your log as an ATTACHMENT to your next post. (Do NOT copy/paste the log into your post as it will be removed).

    http://www.majorgeeks.com/images/grenade.gifNeed help with HJT? See this thread: NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting
     
    bjgarrick, Jul 12, 2005
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds