Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

whataboutadog


  • Please log in to reply

#1
pbr101

pbr101

    New Member

  • Member
  • Pip
  • 2 posts
How to begin? I was cleaning a friend's computer 10/01 and found Zlob JN. Easily removed, did some spyware, adware removals and was ready to return it. Ran Hijack This v2.0.0.2 on 10/01 and found no major problems. But when I ran HijackThis 10/02 I found the registry key "whataboutadog" and "doginhispen". I did a google search and came up with the original HijackThis forum message advising using AWF. It didn't work. Since then google searches are turning up a significant number of sites addressing this. I have been looking into this and it appears the "payload" date of this file was 10/02/07 at 8:30PM. Almost all execution files running from the registry's start seem to be affected. Mcafee was the first to report this but offers no fix. AVG, Adaware SE and Spybot S&D
(all updated daily) don't even detect this as of this post. I have also run V-com SystemSuite virus detector and CA's Pest Patrol with no detection. This appears to be polymorphic in nature. I'll attempt a couple of online scans but it appears a Windows re-install may be the only answer. Any input would be appreciated.
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP