Member Panel

Remember me ?

Forgot password?   

Sponsors and Ads

Live Tag Cloud
PC Forum PC Help Forum » Security & Safety » [Pending] HJT Logs » Hijackthis Log

[Pending] HJT Logs - Hijackthis Log posted in the Security & Safety forums; got a vundo hiding in there.....surprised combofix didn't catch it. Please download VundoFix.exe to your desktop. Double-click VundoFix.exe to run it. Click the Scan for Vundo button. Once it's done ...

JOIN US NOW to remove these Ads

pc help forum number one in the search engines
Post New Thread  Reply
Page 2 of 4 < 1 2 3 4 >
  #7  
Old 04-16-2008
valis's Avatar
Senior Security Analyst
My PC
 
Join Date: Jan 2007
Location: texas, USA
Posts: 2,570
PC Experience: PC Illiterate
valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page
Default Re: Hijackthis Log
got a vundo hiding in there.....surprised combofix didn't catch it.

Please download VundoFix.exe
to your desktop.
  • Double-click VundoFix.exe to run it.
  • Click the Scan for Vundo button.
  • Once it's done scanning, click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will reboot your computer, click OK.
  • Please attach C:\vundofix.txt and a new HiJackThis log.
Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above
instructions starting from "Click the Scan for Vundo button." when
VundoFix appears at reboot.

Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above
instructions starting from "Click the Scan for Vundo button." when
VundoFix appears at reboot.

thanks,

v


Comments on this post
midge agrees: It was really helpful for me..
__________________

M.C.S.A.
M.C.P. - MS Server 2k3, Network Architecture

"Ask Bill why the string in function 9 is terminated by a dollar sign. Ask him, because he can't answer. Only I know that."
- Gary Kildall
  #8  
Old 04-16-2008
midge's Avatar
Bronze Member
  
Join Date: Apr 2008
Location: N.Ireland
Posts: 14
PC Experience: Some Experience
midge - See this Members User comments on their Profile page
Default Re: Hijackthis Log
Thanks Valis, will do......what is a vundo and is that bad??
  #9  
Old 04-16-2008
ih8bills's Avatar
Tech Team Leader
My PC
 
Join Date: Feb 2006
Location: coastal Rhode Island
Posts: 4,018
PC Experience: More Stubborn than any PC
ih8bills - See this Members User comments on their Profile page ih8bills - See this Members User comments on their Profile page ih8bills - See this Members User comments on their Profile page ih8bills - See this Members User comments on their Profile page ih8bills - See this Members User comments on their Profile page ih8bills - See this Members User comments on their Profile page ih8bills - See this Members User comments on their Profile page ih8bills - See this Members User comments on their Profile page ih8bills - See this Members User comments on their Profile page ih8bills - See this Members User comments on their Profile page ih8bills - See this Members User comments on their Profile page
Default Re: Hijackthis Log
It's a Trojan...
more annoying than dangerous.

Vundo - Wikipedia, the free encyclopedia


__________________


Without music, life would be a mistake
Friedrich Nietzsche
  #10  
Old 04-16-2008
valis's Avatar
Senior Security Analyst
My PC
 
Join Date: Jan 2007
Location: texas, USA
Posts: 2,570
PC Experience: PC Illiterate
valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page
Default Re: Hijackthis Log
yeah, what he said.....it just causes instability, which is never a good thing in a windows environment, as it's already, um, well, you get the idea.


__________________

M.C.S.A.
M.C.P. - MS Server 2k3, Network Architecture

"Ask Bill why the string in function 9 is terminated by a dollar sign. Ask him, because he can't answer. Only I know that."
- Gary Kildall
  #11  
Old 04-19-2008
midge's Avatar
Bronze Member
  
Join Date: Apr 2008
Location: N.Ireland
Posts: 14
PC Experience: Some Experience
midge - See this Members User comments on their Profile page
Default Re: Hijackthis Log
OK ran vundofix and the scan found nothing..........

What do I do now?

The closure box is still there.....
  #12  
Old 04-20-2008
valis's Avatar
Senior Security Analyst
My PC
 
Join Date: Jan 2007
Location: texas, USA
Posts: 2,570
PC Experience: PC Illiterate
valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page valis - See this Members User comments on their Profile page
Default Re: Hijackthis Log
Please copy this page to *Notepad* and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.
It's IMPORTANT to carry out the instructions in the sequence listed below.

1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Open *notepad* and copy/paste the text in the quotebox below into it:
KillAll::
File::
C:\\WINDOWS\\system32\\drqthhnp.exe
C:\\WINDOWS\\system32\\hejlnqli.exe
C:\\WINDOWS\\system32\\pnhtupfj.exe
C:\WINDOWS\system32\ttstv.ini2

Save this as CFScript.txt, in the same location as ComboFix.exe which is on the Desktop.






Refering to the picture above, drag CFScript.txt into ComboFix.exe
Restart your computer.
When finished, it shall produce a log for you at C:\ComboFix.txt
Please copy and paste the ComboFix.txt along with a fresh HijackThis log in your next reply please.

*Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall*


__________________

M.C.S.A.
M.C.P. - MS Server 2k3, Network Architecture

"Ask Bill why the string in function 9 is terminated by a dollar sign. Ask him, because he can't answer. Only I know that."
- Gary Kildall

Reply
New! Norton Internet Security 2008 – Download Now Click Here
Page 2 of 4 < 1 2 3 4 >

Bookmarks

« done with prework. here are the logs. | Hijack log »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
HijackThis Log wolf_in_oz [Pending] HJT Logs 13 04-24-2008 03:25 PM
hijackthis log ppp [Fixed] Hijackthis! Logs 1 12-21-2007 01:17 PM
HijackThis Log persiancat02146 [Fixed] Hijackthis! Logs 1 11-05-2007 06:58 AM
Hijackthis log computerjunkie [Fixed] Hijackthis! Logs 2 08-05-2007 03:20 PM
Please Follow These Instructions Before Posting Your HijackThis Log, AKA "PreWork" ladygreenwitch [New] Hijackthis! Logs 0 08-28-2005 05:02 PM

Contact Us - PC Help Forum - Site Map - Privacy Statement - Top

All times are GMT +1. The time now is 01:23 AM.
Powered by vBulletin
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.2.0 RC7
All Graphics & Content Copyright © 2004-2008 - PC Help Forum.com


Back to Top