I have a Trojan-Zlob.X-a, I am using Firefox instead of IE, scanned with Panda rootkits and did not found anything, also scanned with AVG7.5 and and AVG antirootkit and did not found anything during the scan, when the antivirus was active it detected a trojan horse generic7.NGD, and also program TCPSVCS.exe that is trying to connect to a site in the web. Posting HJT logs. Please advice.
Infected with Trojan.Zlob.x-a
- Thread starter sal1000
- Start date
- Status
evilfantasy
Posts: 425 +0
You are running two antivirus which is unnecessary. Pick one and uninstall the other.
Open HijackThis and select Do a system scan only and place a check mare next to.
O2 - BHO: Popup-Blocker Class - {52706EF7-D7A2-49AD-A615-E903858CF284} - C:\Program Files\Juno\qsacc\X1IEBHO.dll (file missing)
O2 - BHO: Video DivX 3.12 - {7A23A1E8-B2AB-4C50-AD12-9E19B747E17C} - C:\WINDOWS\SYSTEM32\sysdivx.dll (file missing)
Close all windows except for HijackThis and click Fix checked.
TCPSVCS.exe is a legitimate Windows process.
Please download Combofix by sUBs from either here or here
Save Combofix.exe to your your Desktop.
1. Double click combofix.exe & follow the prompts. (from the keyboard select 1 and press enter)
2. When finished, it will produce a log for you.
3. Attach that log in your next reply.
Note:
Do not mouseclick combofix's window while it's running. That may cause your computer to stall
Open HijackThis and select Do a system scan only and place a check mare next to.
O2 - BHO: Popup-Blocker Class - {52706EF7-D7A2-49AD-A615-E903858CF284} - C:\Program Files\Juno\qsacc\X1IEBHO.dll (file missing)
O2 - BHO: Video DivX 3.12 - {7A23A1E8-B2AB-4C50-AD12-9E19B747E17C} - C:\WINDOWS\SYSTEM32\sysdivx.dll (file missing)
Close all windows except for HijackThis and click Fix checked.
TCPSVCS.exe is a legitimate Windows process.
Please download Combofix by sUBs from either here or here
Save Combofix.exe to your your Desktop.
1. Double click combofix.exe & follow the prompts. (from the keyboard select 1 and press enter)
2. When finished, it will produce a log for you.
3. Attach that log in your next reply.
Note:
Do not mouseclick combofix's window while it's running. That may cause your computer to stall
evilfantasy
Posts: 425 +0
The log looks fine.
Go to Start > Run and copy and paste next command in the field:
ComboFix /u
Make sure there's a space between Combofix and /
Then hit Enter.
This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again
You need to update to SP2 http://www.microsoft.com/windowsxp/sp2/default.mspx
Go to Start > Run and copy and paste next command in the field:
ComboFix /u
Make sure there's a space between Combofix and /
Then hit Enter.
This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again
You need to update to SP2 http://www.microsoft.com/windowsxp/sp2/default.mspx
evilfantasy
Posts: 425 +0
Some can be dormant. But it isn't there as far as I could see.
You are not safe at all until upgrading to SP2.
You are not safe at all until upgrading to SP2.
- Status
Similar threads
