HJT/Anti-spyware/combofix logs

Status
Not open for further replies.
J

Jacal

Posts: 83   +0
The first computer had an issue that unfortunately i was unable to complete due to constant interuptions and my boss refusing to close down to service the machines (apparently customers over computers, which they use). The problems with it is it will randomly blackout as in the monitor would just go black right in the middle of doing something and i would be forced to restart the machine, also everytime i would open mozilla firefox it would freeze (just that window alone) then come back running like normal (it freezes whenever i go and google and i am about to type something. I only managed regular scans on it and put them up here and howard spotted a worm so he instructed me what to do but i was not allowed to do it (manager).
Only after the manager had the same problem happen to him several times did he agree to make me do it. Right now i am on a different computer while the at the closing steps of the removal process.
It being the main computer that controls all the others you sure that the manager would have done what i had requested along time ago :(

The logs will be attached once it is finish

Logs have been attached now.

Forgot to say that the result of the anti-rootkit is that it showed 2 hidden files in the My Music folder. One is a duplicate of the other.
 
Hi,

Very Important: Malware infections can possibly lead to identity theft, stolen bank funds, misuse of credit card information etc. Therefore I strongly encourage you to please read this thread HERE before deciding what course of action to take regarding your infection.

Let me know if you wish to format or clean.

Also, what are the names (full file name with extension) of the 2 files in your My Music folder?

Please provide the details in your next reply, and I'll give you further instructions for cleaning up your system.


Regards,
Your friendly momok =)

This thread is for the use of Jacal only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Well given my current situation (no other computer that is used to control other systems and manager not going to allow me to close down for a long time) i have no choice but to choose to try and clean the system.

The full file extensions are:
1. c:\Documents and Settings\Diverse Server\My Documents\My Music\Donnie McClurkin\Live in London and More..\Donnie McClurkin - Just for Me(1).mp3,Hidden File

2. c:\Documents and Settings\Diverse Server\My Documents\My Music\Donnie McClurkin\Live in London and More..\Donnie McClurkin - Just for Me.mp3,Hidden File

Thanks for the help ^_^
 
Momok you gonna help me clean this :( ? The Screen starting to black out again. Computer starting to freeze up every now and then also >.<

edit: my computer starting to hang up now :(
 
Hi,

Sorry for the delay in response.

Download the attached "CFScript.txt" (from my attachment) and save it to the same folder as Combofix.

Referring to the image below, drag the CFScript.txt that you downloaded earlier over on to Combofix.exe and release.

CFScript.gif


This will ask Combofix to execute the instructions within my file. Let Combofix run normally and do its job. Attach the resultant log in your reply.

Thereafter, please post fresh HJT and AVG Antispyware logs from normal mode and the ComboFix log from the instructions earlier as attachments into this thread.


Regards,
Your friendly momok =)

This thread is for the use of Jacal only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Well it is only showing signs of lagging or hang-ups on opening an application so i can say for now...its doing better :grinthumb

lol thing is though combofix kept deleting the .exe for the cafe program so i had to reinstall it back. its the explorer in the system 32 folder.
 
Hi,

Are these three programs legitimate ones that your company uses?
C:\WINDOWS\system32\Server.exe
C:\WINDOWS\system32\czpinger.exe
C:\WINDOWS\system32\czprnmon.exe

Meanwhile, may I suggest that you read this thread here on how to speed up your system.


Regards,
Your friendly momok =)

This thread is for the use of Jacal only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Yes momok those are the program extentions for the cafe program, the name of the program is cafezee. I will do that and thank you :grinthumb
 
Status
Not open for further replies.

Similar threads

E
I have been taken over by a software called Astanda using XML to Log everything and roaming to an SQL server.
Replies
0
Views
474
eriksnyman1
E
P
Starting problems
Replies
4
Views
284
captaincranky
captaincranky
midian182
Nvidia CEO Jensen Huang's message to kids: generative AI means you don't need to learn...
2
Replies
29
Views
595
Superconductor
Superconductor

Latest posts

Back