Member Panel

Remember me ?

Forgot password?   

Sponsors and Ads

Noticeboard
PC Forum PC Help Forum » Security & Safety » [Fixed] Hijackthis! Logs » Background Problem

[Fixed] Hijackthis! Logs - Background Problem posted in the Security & Safety forums; Can you please have all other logs that are requested attached please? To attach a file to a new post, simply click the [Manage Attachments] button at the bottom of ...

JOIN US NOW to remove these Ads

Post New Thread  Reply
Page 2 of 5 < 1 2 3 4 5 >
  #8  
Old 07-19-2007
chiaz's Avatar
Senior Security Analyst
  
Join Date: Jun 2006
Location: Singapore
Posts: 2,739
PC Experience: PC Guru
chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page
Default
Can you please have all other logs that are requested attached please?
To attach a file to a new post, simply click the [Manage Attachments] button at the bottom of the post composition page, and locate the file that you want to attach from your local hard drive. After posting, the image attachments may display a thumbnail, depending on the forum settings. To view the contents of the attachment (if it is not already displayed) simply click the filename link that appears next to the attachment icon.


Please download VundoFix.exe
to your desktop.
  • Double-click VundoFix.exe to run it.
  • Click the Scan for Vundo button.
  • Once it's done scanning, click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will reboot your computer, click OK.
  • Please post the contents of C:\vundofix.txt and a new HiJackThis log.
Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above
instructions starting from "Click the Scan for Vundo button." when
VundoFix appears at reboot.
  #9  
Old 07-19-2007
Bronze Member
  
Join Date: Jul 2007
Posts: 27
kzm007 - See this Members User comments on their Profile page
Default
Internet Explorer cannot display the page.
  #10  
Old 07-20-2007
chiaz's Avatar
Senior Security Analyst
  
Join Date: Jun 2006
Location: Singapore
Posts: 2,739
PC Experience: PC Guru
chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page
Default
There are a number of different download links here:
|MG| Free Download - VundoFix 6.5.6
  #11  
Old 07-20-2007
Bronze Member
  
Join Date: Jul 2007
Posts: 27
kzm007 - See this Members User comments on their Profile page
Default Logs
VundoFix V6.5.6
Checking Java version...
Java version is 1.5.0.3
Old versions of java are exploitable and should be removed.
Java version is 1.5.0.11
Scan started at 2:38:17 AM 7/20/2007
Listing files found while scanning....
C:\windows\system32\ajrxfikl.dll
C:\windows\system32\bkxopxth.dll
C:\windows\system32\bskuxrjb.dll
C:\WINDOWS\system32\byxyxuv.dll
C:\windows\system32\ccgkjcnw.ini
C:\windows\system32\cclngwun.ini
C:\windows\system32\cclngwun.tmp
C:\windows\system32\cqfbghba.dll
C:\windows\system32\dhuoxmos.dll
C:\windows\system32\fgxumlml.dll
C:\windows\system32\ghjsirnj.dll
C:\windows\system32\gtljfmom.dll
C:\WINDOWS\system32\hofjxwgs.dll
C:\windows\system32\hsfpjbse.dll
C:\windows\system32\iitcsyla.dll
C:\windows\system32\ioffcala.dll
C:\windows\system32\isgjxral.dll
C:\windows\system32\iwltkikd.dll
C:\windows\system32\jnrisjhg.ini
C:\windows\system32\kqxykbwo.ini
C:\windows\system32\ktfralqi.dll
C:\windows\system32\kxhvdbni.dll
C:\windows\system32\lmlmuxgf.ini
C:\windows\system32\lxvkclbk.dll
C:\windows\system32\nuwgnlcc.dll
C:\windows\system32\owbkyxqk.dll
C:\windows\system32\oxxbplep.dll
C:\WINDOWS\system32\pmkhf.dll
C:\windows\system32\somxouhd.ini
C:\windows\system32\ssxknaur.dll
C:\WINDOWS\system32\undnagwr.dll
C:\windows\system32\viuqujtk.dll
C:\windows\system32\vjvifmwo.dll
C:\windows\system32\vogowhem.dll
C:\windows\system32\wncjkgcc.dll
C:\windows\system32\wpkyxbjx.ini
C:\windows\system32\xjbxykpw.dll
C:\windows\system32\yoffomlq.dll
C:\windows\system32\yqsawjbt.dll
Beginning removal...
Attempting to delete C:\windows\system32\ajrxfikl.dll
C:\windows\system32\ajrxfikl.dll Has been deleted!
Attempting to delete C:\windows\system32\bkxopxth.dll
C:\windows\system32\bkxopxth.dll Has been deleted!
Attempting to delete C:\windows\system32\bskuxrjb.dll
C:\windows\system32\bskuxrjb.dll Has been deleted!
Attempting to delete C:\windows\system32\ccgkjcnw.ini
C:\windows\system32\ccgkjcnw.ini Has been deleted!
Attempting to delete C:\windows\system32\cclngwun.ini
C:\windows\system32\cclngwun.ini Has been deleted!
Attempting to delete C:\windows\system32\cclngwun.tmp
C:\windows\system32\cclngwun.tmp Has been deleted!
Attempting to delete C:\windows\system32\cqfbghba.dll
C:\windows\system32\cqfbghba.dll Has been deleted!
Attempting to delete C:\windows\system32\dhuoxmos.dll
C:\windows\system32\dhuoxmos.dll Has been deleted!
Attempting to delete C:\windows\system32\fgxumlml.dll
C:\windows\system32\fgxumlml.dll Has been deleted!
Attempting to delete C:\windows\system32\ghjsirnj.dll
C:\windows\system32\ghjsirnj.dll Has been deleted!
Attempting to delete C:\windows\system32\gtljfmom.dll
C:\windows\system32\gtljfmom.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hofjxwgs.dll
C:\WINDOWS\system32\hofjxwgs.dll Has been deleted!
Attempting to delete C:\windows\system32\hsfpjbse.dll
C:\windows\system32\hsfpjbse.dll Has been deleted!
Attempting to delete C:\windows\system32\iitcsyla.dll
C:\windows\system32\iitcsyla.dll Has been deleted!
Attempting to delete C:\windows\system32\ioffcala.dll
C:\windows\system32\ioffcala.dll Has been deleted!
Attempting to delete C:\windows\system32\isgjxral.dll
C:\windows\system32\isgjxral.dll Has been deleted!
Attempting to delete C:\windows\system32\iwltkikd.dll
C:\windows\system32\iwltkikd.dll Has been deleted!
Attempting to delete C:\windows\system32\jnrisjhg.ini
C:\windows\system32\jnrisjhg.ini Has been deleted!
Attempting to delete C:\windows\system32\kqxykbwo.ini
C:\windows\system32\kqxykbwo.ini Has been deleted!
Attempting to delete C:\windows\system32\ktfralqi.dll
C:\windows\system32\ktfralqi.dll Has been deleted!
Attempting to delete C:\windows\system32\kxhvdbni.dll
C:\windows\system32\kxhvdbni.dll Has been deleted!
Attempting to delete C:\windows\system32\lmlmuxgf.ini
C:\windows\system32\lmlmuxgf.ini Has been deleted!
Attempting to delete C:\windows\system32\lxvkclbk.dll
C:\windows\system32\lxvkclbk.dll Has been deleted!
Attempting to delete C:\windows\system32\nuwgnlcc.dll
C:\windows\system32\nuwgnlcc.dll Has been deleted!
Attempting to delete C:\windows\system32\owbkyxqk.dll
C:\windows\system32\owbkyxqk.dll Has been deleted!
Attempting to delete C:\windows\system32\oxxbplep.dll
C:\windows\system32\oxxbplep.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\pmkhf.dll
C:\WINDOWS\system32\pmkhf.dll Has been deleted!
Attempting to delete C:\windows\system32\somxouhd.ini
C:\windows\system32\somxouhd.ini Has been deleted!
Attempting to delete C:\windows\system32\ssxknaur.dll
C:\windows\system32\ssxknaur.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\undnagwr.dll
C:\WINDOWS\system32\undnagwr.dll Has been deleted!
Attempting to delete C:\windows\system32\viuqujtk.dll
C:\windows\system32\viuqujtk.dll Has been deleted!
Attempting to delete C:\windows\system32\vjvifmwo.dll
C:\windows\system32\vjvifmwo.dll Has been deleted!
Attempting to delete C:\windows\system32\vogowhem.dll
C:\windows\system32\vogowhem.dll Has been deleted!
Attempting to delete C:\windows\system32\wncjkgcc.dll
C:\windows\system32\wncjkgcc.dll Has been deleted!
Attempting to delete C:\windows\system32\wpkyxbjx.ini
C:\windows\system32\wpkyxbjx.ini Has been deleted!
Attempting to delete C:\windows\system32\xjbxykpw.dll
C:\windows\system32\xjbxykpw.dll Has been deleted!
Attempting to delete C:\windows\system32\yoffomlq.dll
C:\windows\system32\yoffomlq.dll Has been deleted!
Attempting to delete C:\windows\system32\yqsawjbt.dll
C:\windows\system32\yqsawjbt.dll Has been deleted!
Performing Repairs to the registry.
Done!
-----------------------
Logfile of HijackThis v1.99.1
Scan saved at 3:11:40 AM, on 7/20/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Owner\Desktop\Rename.exe.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! SearchBar Home Page
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Yahoo!
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = InboxDollars - Earn CASH for E-Mail, Surveys, Games, and More!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Yahoo! SearchBar Home Page
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo!
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo!
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Yahoo!
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {32391EDE-D335-F892-1C10-898DCD5480B9} - C:\WINDOWS\system32\jzl.dll (file missing)
O2 - BHO: (no name) - {382675ED-8D64-4C83-9CCB-46E63001DDF9} - C:\WINDOWS\system32\pmkhf.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SC2] C:\WINDOWS\system32\scchk32.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [smgr] mgrs.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [gf1.0.0.2] C:\WINDOWS\system32\anArV8xa.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: Paid Survey | Get Paid to Take Surveys Online | Greenfield Online
O16 - DPF: ActiveGS.cab - http://www.virtualapple.org/activegs.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemp...ogin-devel.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2953BD78-28B7-4EE5-8365-44B6B7644B0E}: NameServer = 194.54.90.226
O17 - HKLM\System\CS1\Services\Tcpip\..\{2953BD78-28B7-4EE5-8365-44B6B7644B0E}: NameServer = 194.54.90.226
O17 - HKLM\System\CS2\Services\Tcpip\..\{2953BD78-28B7-4EE5-8365-44B6B7644B0E}: NameServer = 194.54.90.226
O20 - Winlogon Notify: byxyxuv - byxyxuv.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winrkp32 - winrkp32.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
  #12  
Old 07-20-2007
chiaz's Avatar
Senior Security Analyst
  
Join Date: Jun 2006
Location: Singapore
Posts: 2,739
PC Experience: PC Guru
chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page
Default
Please run HijackThis and place a checkmark by the following entries:
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {32391EDE-D335-F892-1C10-898DCD5480B9} - C:\WINDOWS\system32\jzl.dll (file missing)
O2 - BHO: (no name) - {382675ED-8D64-4C83-9CCB-46E63001DDF9} - C:\WINDOWS\system32\pmkhf.dll (file missing)
O4 - HKLM\..\Run: [SC2] C:\WINDOWS\system32\scchk32.exe
O4 - HKLM\..\Run: [smgr] mgrs.exe
O4 - HKCU\..\Run: [gf1.0.0.2] C:\WINDOWS\system32\anArV8xa.exe
O15 - Trusted Zone: Paid Survey | Get Paid to Take Surveys Online | Greenfield Online
O17 - HKLM\System\CCS\Services\Tcpip\..\{2953BD78-28B7-4EE5-8365-44B6B7644B0E}: NameServer = 194.54.90.226
O17 - HKLM\System\CS1\Services\Tcpip\..\{2953BD78-28B7-4EE5-8365-44B6B7644B0E}: NameServer = 194.54.90.226
O17 - HKLM\System\CS2\Services\Tcpip\..\{2953BD78-28B7-4EE5-8365-44B6B7644B0E}: NameServer = 194.54.90.226
O20 - Winlogon Notify: byxyxuv - byxyxuv.dll (file missing)
O20 - Winlogon Notify: winrkp32 - winrkp32.dll (file missing)

Close all other windows except HijackThis and press "Fix Checked". Then close HijackThis and restart the computer.



Next download The Avenger by Swandog46 to your Desktop.
  • Click on Avenger.zip to open the file
  • Extract avenger.exe to your desktop
2. Copy all the text contained in the code box below to your Clipboard by highlighting it and pressing (Ctrl+C):

Files to delete:
C:\WINDOWS\system32\scchk32.exe
C:\WINDOWS\system32\anArV8xa.exe

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

3. Now, start The Avenger program by clicking on its icon on your desktop.
  • Under "Script file to execute" choose "Input Script Manually".
  • Now click on the Magnifying Glass icon which will open a new window titled "View/edit script"
  • Paste the text copied to clipboard into this window by pressing (Ctrl+V).
  • Click Done
  • Now click on the Green Light to begin execution of the script
  • Answer "Yes" twice when prompted.
4. The Avenger will automatically do the following:
  • It will restart your computer.
  • On reboot, it will briefly open a black command window on your desktop, this is normal.
  • After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
  • The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.
5. Please attach c:\avenger.txt into your reply along with a fresh HJT log.
  #13  
Old 07-20-2007
Bronze Member
  
Join Date: Jul 2007
Posts: 27
kzm007 - See this Members User comments on their Profile page
Default Avenger Issue
It tells me that the selected files do not appear to be valid and I get three error messages.
  #14  
Old 07-21-2007
chiaz's Avatar
Senior Security Analyst
  
Join Date: Jun 2006
Location: Singapore
Posts: 2,739
PC Experience: PC Guru
chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page chiaz - See this Members User comments on their Profile page
Default
We'll deal with it.

Please attach c:\avenger.txt into your reply along with a fresh HJT log.

Reply
Satellite TV on your PC - over 3000 Channels! Click Here!
Page 2 of 5 < 1 2 3 4 5 >

Bookmarks

« hijack/this log file | [Fixed] AVG found Worm.VB.dw »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On

Contact Us - PC Help Forum - Site Map - Privacy Statement - Top
All times are GMT +1. The time now is 02:38 AM.
Powered by vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 RC7
All Graphics & Content Copyright © 2004-2008 - PC Help Forum.com


Back to Top