Home > Hjt Log > HJT Log For Virtumonde Virus

HJT Log For Virtumonde Virus

Post that & a fresh Hijackthis log in your next reply Note: Do not mouseclick combofix's window whilst it's running. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Balayage cach‚ autostart entries ... Can anyone tell me how to read the jackts Log? this contact form

Register now! C:\WINDOWS\system32\senekagipfulqb.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\tdssadw.dll (Trojan.Agent) -> Delete on reboot. I would really appreciate any help as I need my laptop up and running properly as I have uni work to complete!!!

I did run a quick scan and it flagged up 2 rootkits. Post that log in your next reply. --------------- Click here perform an online scan >> http://www.techsupportforum.com/f112...er-169242.html --------------- In your next post, please include fresh logs from: Fresh Hijackthis log taken just self protection module/ALWIL Software) ZwDeleteValueKey [0xF14E09B2]SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! C:\Documents and Settings\Harlequeen\Local Settings\Temp\.tt1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.

Please re-enable javascript to access full functionality. Temps d'accomplissement: 2008-05-02 22:57:10 - machine was rebooted ComboFix-quarantined-files.txt 2008-05-02 20:56:55 ComboFix2.txt 2008-05-02 16:04:00 ComboFix3.txt 2008-05-02 12:06:18 Pre-Run: 9,712,943,104 octets libres Post-Run: 9,709,035,520 octets libres 249 --- E O F --- Signaler Utilisateur anonyme - 2 mai 2008 à 19:37 Bonjour vous, Bin si tu l'as eu : Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! Completion time: 2007-10-03 18:42:26 - machine was rebooted C:\ComboFix-quarantined-files.txt ... 2007-10-03 18:41 . --- E O F --- _______________________________________________________________ HIJACKTHIS LOG Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 6:43:51

or read our Welcome Guide to learn how to use this site. now what should i do to completely remove the Virus ... Dernier Combofix log ComboFix 08-05-01.1 - Tim 2008-05-02 22:37:33.3 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.284 [GMT 2:00] Endroit: C:\Documents and Settings\Tim\Mes documents\Informatique\ComboFix.exe [color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS A+ Donnez votre avis Utile +0 Signaler ludsfa 1282Messages postés dimanche 3 février 2008Date d'inscription 5 janvier 2010 Dernière intervention 2 mai 2008 à 21:24 no soucis.

Cherish the pain, it means you're still alive Back to top #3 fenzodahl512 fenzodahl512 Members 6,738 posts OFFLINE Local time:08:20 AM Posted 18 February 2009 - 05:52 AM Due to View Answer Related Questions Os : AntiVirus Shows Virus In Pen Drive, Even If There Is No Virus Actually i'm using Avast antiVirus ... Yes, my password is: Forgot your password? True story - Barney Stinson Its gonna be legen..

Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2008-04-28 06:12:15 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2008-04-26 08:09:26 C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job" - C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe Thanks again for the really fast reply before and helping me with this.GMER - http://www.gmer.netRootkit scan 2009-02-13 16:45:35Windows 5.1.2600 Service Pack 3---- System - GMER 1.0.14 ----SSDT Lbd.sys (Boot Driver/Lavasoft I am posting my DSS main log (didn't get an extra log) and my Active Scan. Just choose one.

Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision weblink The registry was scanned ( '39' files ). File System Filter Driver for Windows XP/ALWIL Software)AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! Let ComboFix finishes its job.. 0 #8 mcsmellymel Posted 14 February 2009 - 04:27 PM mcsmellymel Member Topic Starter Member 12 posts Ran what you asked and here is a fresh

Registry Data Items Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. However, I think that some of what is left of the infections might be getting in the way.Download GMER by GMER from hereUnzip it to a folder on your desktopDouble click What are you listening to/watching... http://softsystechnologies.com/hjt-log/hjt-log-for-virtumonde.html That may cause it to stall.

It has a flashing cursor, but does nothing else, apparently. Add Thread to del.icio.us Bookmark in Technorati Tweet this thread » Recent Threads I Need Change. Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation -

Please, never rename Combofix unless instructed.If ComboFix asked you to install Recovery Console, please do so..

Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site. Once I get a browser open I can access pages quite quickly. Memory Modules Infected: C:\WINDOWS\system32\blphce8bj0er8p.scr (Trojan.FakeAlert) -> Delete on reboot. Please click here if you are not redirected within a few seconds.

C:\Documents and Settings\Harlequeen\Local Settings\Temp\.tt4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. Advertisements do not imply our endorsement of that product or service. self protection module/ALWIL Software) ZwQueryValueKey [0xF14E06CE]SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! his comment is here Thank you much! _______________________________________________________________ Deckard's System Scanner v20070905.67 Run by Owner on 2007-09-30 19:49:42 Computer is in Normal Mode. -------------------------------------------------------------------------------- Percentage of Memory in Use: 85% (more than 75%).

It is ONLY meant to be used under the direct supervision of a malware removal specialist. HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully. C:\WINDOWS\system32\phce8bj0er8p.bmp (Trojan.FakeAlert) -> Quarantined and deleted successfully. Scan termin‚ avec succŠs Les fichiers cach‚s: 129 ************************************************************************** . ------------------------ Other Running Processes ------------------------ .

The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txtPost back with the Malwarebytes' Anti-Malware log and a new HijackThis log.