Hijack-this Logfile

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Fion, Oct 28, 2005.

  1. Fion

    Fion Private E-2

    Heya folks, I've been having major problems with spyware lately. Normally I'm ontop of any spyware problems but the ones I've gotten recently have been especially hard to get rid of. The especially popular lsass.exe trojan that I was successful in removing thanks to this forum.

    Anyway everything is comming up clean now but I figured I should post my logfile JUST IN CASE ;)

    So here goes. If anyone finds anything I'll squash it right quick.
     

    Attached Files:

    Fion, Oct 28, 2005
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You have several problems! One of them is multiple Virtumundo infections.

    These steps must be run exactly as specfied.

    1) Download this Symantec Trojan.Vundo Removal Tool to a location where you can find it later
    2) Make sure you do not run anything but what is specified. DO NOT OPEN any browsers during this process below so print or save these unstructions locally so you know what to do while offline.
    3) Boot into safe mode and physically unplug your cable to the internet
    4) Run the fixvundo.exe tool downloaded above and save the log
    5) Immediately reboot in normal mode and run the fixvundo.exe tool again. Save the log.
    6) Immediately reboot again into normal mode and now reconnect your cable to the internet.
    7) Now run HJT and save a new log
    8) Open a browser and come back here and post your logs from running fixvundo and also the new HJT log. Also tell me how these steps went. Any problems?
     
    chaslang, Oct 29, 2005
    #2
  3. Fion

    Fion Private E-2

    Re: Hijack-this Logfile - updated. Vundo problems

    Heya sorry I haven't replied in a while, been out of town on business for about two weeks. At any rate I did what you said and it came up saying it didn't find anything. Then today Norton came up saying a file named awvts.dll was infected with Vundo but couldn't get rid of it. I did a google search and found a page recommending a program called Vundofix which is mostly a batch file that fixes the dll. I went into safemode, ran it and then ran HijackThis and saved a log file. Rebooted to normal winxp and NAV didn't come up so I assume it's fixed. However, just to be sure I figured I'd reply to this and post an updated HJT logfile.
     

    Attached Files:

    Fion, Nov 9, 2005
    #3
  4. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    Your Operating System and Internet Explorer versions are WAY out of date and represent a major security risk. After we fix your current problems, you must get updated. You need to install Service Pack 2 for security purposes.

    Since it's been so long please go back and run the READ ME again, afterwards attach a fresh HJT log from normal mode.
     
    bjgarrick, Nov 10, 2005
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds