HJT log

Status
Not open for further replies.
blackeyes

blackeyes

Posts: 8   +0
Hello, my first time posting. I did have a virus and several trojans on board but with the great tips and advice I found here at TechSpot I believe I've gotten them out. I'd still like to post my HJT and ComboFix logs. The AVG Antispyware log produced no reports available. I'm just now preforming another AVG scan in normal mode to see what comes up. I believe I got them all though.
 

Attachments

  • hijackthis.log
    6.9 KB · Views: 5
  • combofix log.txt
    15 KB · Views: 5
You need to have a read of this - If your system is infected. Read this before deciding whether to CLEAN or REFORMAT.

Then if you should wish to proceed with cleaning your system you need to go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

Post fresh HJT, Combofix, and AVG Antispyware logs as ATTACHMENTS into this thread, only after doing the above.


This thread is for the use of blackeyes only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Been there, done that. Know how to get rid of the above nasty? I don't have an option of formating my hard drive. I don't have a recovery disk or XP software. I've already called my bank and changed my password and don't plan to use the web for that anymore. Just too many script kiddies out there. Again I ask do you know how to remove the above virus?

Edited by Moderator: Removed quote. There`s no need to quote the post directly above your own, unless you`re only replying to a specific section, in which case you would only quote that section. ;)

AlbertLionheart said:
HTJ log Item O8 - Extra context menu item: &Search - ?p=ZNfox000 is a nasty - otherwise clean.
Click to expand...
Just wanted to mention to you that I did a visual scan of my HJT myself and I thought that was suspicious too. I did a Google search of it and no Processes website came up. Thanks for pointing that one out.

rik said:
Post fresh HJT, Combofix, and AVG Antispyware logs as ATTACHMENTS into this thread, only after doing the above.
Click to expand...
There was nothing of interest with AVG Antispyware.

I forgot about the fix button with HJT. I checked it and removed the culprit. I'll reboot and do another HJT scan and see if it pops back up.
 
Done.:wave: I understand HJT a little better now. It's not just for posting but removing as well. Cool.

Thanks guys. There are a few people at work that could use this boards services. I'll be passing it along.;)
 

Attachments

  • hijackthis.log
    6.3 KB · Views: 5
Hello and welcome to Techspot.

Your system is not yet clean.

1. Please download The Avenger by Swandog46 from HERE. Save it to your Desktop and extract it.

2. Download the attached avengerscript.txt and save it to your desktop

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

3. Now, start The Avenger program by double clicking on its icon on your desktop.

Under "Script file to execute" choose "Load script from file".
Now click on the folder icon which will open a new window titled "open Script File"
navigate to the file you have just downloaded, click on it and press open
Now click on the Green Light to begin execution of the script
Answer "Yes" twice when prompted.

4. The Avenger will automatically do the following:

It will Restart your computer. ( In cases where the code to execute contains "Drivers to Unload", The Avenger will actually restart your system twice.)
On reboot, it will briefly open a black command window on your desktop, this is normal.
After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.

5. Please attach the content of c:\avenger.txt into your reply, as well as a fresh Combofix log.

Regards Howard :wave: :wave:

This thread is for the use of blackeyes only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Everything is fine until I get to this part:

Under "Script file to execute" choose "Load script from file".
Now click on the folder icon which will open a new window titled "open Script File"
navigate to the file you have just downloaded, click on it and press open
Now click on the Green Light to begin execution of the script
Answer "Yes" twice when prompted.

What file? I'm assuming the file I downloaded to my desktop. When I do so I get a whole bunch of error messages when I click on the green light button. I hate that sound. In the Open Script File window I can navigate to the folder but there is nothing in it. Got any ideas?

Keep getting error code 1114.
 
Did you download the Attached File - avengerscript.txt as Howard instructed you?
Its at the bottom of his post.


This thread is for the use of blackeyes only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
My mistake, I thought avengerscrip.txt was in the folder I downloaded. Thought the attachment at the bottom of the post was an example. I'll try it again. Thanks.

Edited by Moderator: Removed quote. There`s no need to quote the post directly above your own, unless you`re only replying to a specific section, in which case you would only quote that section. ;)

Ok sorry for all the confusion. I'm an old guy. Here's the logs you requested.
 
Your logfiles are now clean.

Turn off system restore.(XP/ME only) See how HERE.

Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.


If you have any further virus/spyware problems, please post in this thread.

Regards Howard :)

This thread is for the use of blackeyes only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
 
Done! You guys are the greatest. I'll be passing this helpful site around to all my contacts. Even a few truck drivers at work could use your services for their laptops. Thanks.
 
Status
Not open for further replies.

Similar threads

Julio Franco
Who is overemployment really harming? Often, it's your colleagues
Replies
0
Views
163
Julio Franco
Julio Franco
Ivan Franco
Latest Cadence tools bring generative AI to chip and system design
Replies
1
Views
453
mbrowne5061
M
midian182
AMD Ryzen 7000X3D CPUs are burning out for no apparent reason
2
Replies
28
Views
1K
McMurdeR
M

Latest posts

Back