hello
can anyone tell me what an application hijack is?I was looking at the security log from the firewall and i've had one said it was critical-severe.c:windows\system\setup_incred_3.exe what do i do about this anything?i had no alerts or anything with this.should i check and see if its in registry and delete it?or did the firewall block it?
thanks
rita

It depends on which firewall you are using, I presume you are using Sygate, an application hijack means that some other appilication is attempting to use that application to access the internet. As to whether it was blocked or not, it depends if access was granted or not.

Hi Rita,

Wait for a second opinion!
From an initial search, it seems like these MAY be part of a trojan downloader. It may also be a false positive though.
Here are two sites that refer to the setup_incred_3.exe.
Here (http://tech-arena.com/forums/showthread.php?t=2465) and here (http://www.xtremeresources.com/forums/showthread.php?p=413212#post413212)
One of the two sites referred to it as: C:\WINDOWS\system32\setup_incred_3.exe Infected Trojan.Downloader.KeenValue.A

I would update all security software and scan it with everything. Hopefully someone else will be able to come along and help. Don't Panic. :)

Edit: You may need to post or have this moved in the trojan forum.

Hello ritaann

Do you have Ad-Aware SE and have you updated and run it lately? It seems this Trojan is related to eUniverse possibly and Ad-Aware has some definitions for it. Please keep us posted.

-{ Quote: "Hi Rita,

Wait for a second opinion!
From an initial search, it seems like these MAY be part of a trojan downloader.

I would update all security software and scan it with everything. Hopefully someone else will be able to come along and help. Don't Panic. :)

Edit: You may need to post or have this moved in the trojan forum." }-
hey Devinco
I have scanned using adaware ,spybot. a two and norton antivirus,nothing found.i'll keep scanning and thanks for the links.I did download a screensaver this morning,hope i didnt pick something up
rita

Devinco and Qsection, Thanks for the save guys, I didn't even think of trojans, I was just answering the hijack question.

Hi Q section
thanks for replying.yes i've run adware spybot and a squared 2 and norton--nothing found
rita

ritaann
We cannot help asking but is your Ad-Aware the SE version and is it currently updated?

hi
i just run spybot again,this time it found as follows:eacceleration--16 enteries
keen value e universe.my free cursors-2 enteries
search for it-1 entry
shop at home-2 enteries
sybot deleted all but 5 and ask if it could run at startup and i clicked yes and shut down the computer and rebooted and it ran and said no immediate threats.does that mean it deleted the other 5?I'll run it again and post back.Yes, Q section i have adware se and its updated--it didnt find anything,i ran it again too ,thanks to all who replied
rita

Hi
i checked again and it still found 2 enteries and ask about running on startup--i clicked yes and also another strange thing happened.Scotty the watch dog of winpatrol give a message that a program i had not had before wanted access,it was spybot.I have always had spybot but i clicked allow access.i have had winpatrol for ages too and it never before ask about spybot.hope this post makes sense
rita

ritaann - the reason we mentioned Ad-Aware was that someone else had posted a log and it had the exact same signature as you had. We are surprised that AA did not notice your entry! Well it sounds as if you are clear for now!

Be seeing you. :)

hi Rita, if you want you can post a hjt log here:

http://spyblocker-software.com/IPB/index.php?showforum=20

I am sure one of the mods will help you get rid of it.

-{ Quote: "ritaann - the reason we mentioned Ad-Aware was that someone else had posted a log and it had the exact same signature as you had. We are surprised that AA did not notice your entry! Well it sounds as if
hi Qsection
i'm not sure i'm clean yet.i run spybot again soon as i got back online and it still found 2 threats and said it could be fixed with shutting down computer and it running on startup again so i shut down again and it ran-found nothing so now that i'm back online i'm running it still again as we speak--i'll post results when it finishes and will run adware again too
thanks

-{ Quote: "hi Rita, if you want you can post a hjt log here:

http://spyblocker-software.com/IPB/index.php?showforum=20

I am sure one of the mods will help you get rid of it." }-
Thanks Infinity
If i soon dont get rid of it i sure will.now i'm down to one entry of shop at home.I'm running adware now to see what it finds.Every time i shut down and let spybot run on startup it finds nothing and soon as i get back online and run it it finds shop at home and tells me it can be fixed on startup but it hasnt so far.It sure is agravating.thank you for link
rita

have you tried running in safe mode? you could also try stinger (http://vil.nai.com/vil/stinger/)
and this is from an old AMRX post
-{ Quote: "download and run this http://www.mwti.net/download/tools/mwav.exe good tool for cleaning trojans." }-

hi everyone
i finally got rid of it.I scanned with adware again and it found something Sahent- anyway i deleted it and run spybot again and it was clear.I dont think i'll ever download another screensaver because i know all this was found after doing so,anyway i even deleted the screensaver too ;D thank you every one for helping me.i so appreciate it
rita

-{ Quote: "have you tried running in safe mode? you could also try stinger (http://vil.nai.com/vil/stinger/)
and this is from an old AMRX post" }-
Hi IC
i thank you for the stinger link--i may need it sometime- but i think i finally got it all cleared up
rita

-{ Quote: "I dont think i'll ever download another screensaver because i know all this was found after doing so,anyway i even deleted the screensaver too" }-
Hi ritaann

Deja vu. About six months ago i downloaded a screensaver from tucows, installed it, luckily one of the first things i did after this was go to my favourites folder, and it was filled with pornlinks, i spent most of that day removing spyware from my computer, a very learning experience :o :P ;D. Anyway i hope your computer is clean now. :) 8)

Regards

-{ Quote: "Hi ritaann

Deja vu. About six months ago i downloaded a screensaver from tucows, installed it, luckily one of the first things i did after this was go to my favourites folder, and it was filled with pornlinks, i spent most of that day removing spyware from my computer, a very learning experience :o :P ;D. Anyway i hope your computer is clean now. :) 8)

Regards" }-
thank you don Pelotas for this post.I'm glad i'm not the only one to make the mistake of downloading something.It's hard to tell what to do sometimes isnt it?Do you have any tips on how to reconize what is ok and whats not?
thank you
rita