We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Hijack this help
Comments
-
Has you mate been using a flash drive by chance - a usb pen drive??
I am seeing something else in the combo log which I will have to look at further tomorrow.0 -
I tried to load some of the programs onto her computer with my usb pen but it failed every time it tried to automatically install the software so I had to revert to burning the files onto a CD to move them back and forth!
They seem to have a drive 'E' partitioned on the hard disc.It's easier to get forgiveness than to ask permission
0 -
There looks to be something like a flash infection showing. I'm not sure at the moment. My eyes are knackered.
I will look again tomorrow.0 -
Reluctant_spender wrote: »There looks to be something like a flash infection showing. I'm not sure at the moment. My eyes are knackered.
I will look again tomorrow.
Thanks so much for your help. Much appreciated
It's easier to get forgiveness than to ask permission
0 -
Reluctant_spender wrote: »Has you mate been using a flash drive by chance - a usb pen drive??
I am seeing something else in the combo log which I will have to look at further tomorrow.
I have just spoken to him and he doesn't have a USB drive. His sister loaded some photos on his computer with hers about 12 months ago. Other than that he only uses the USB ports to load photos from his camera and stuff from his phone, neither of which have been connected anywhere else!It's easier to get forgiveness than to ask permission
0 -
Hi,
There are four files that would appear in your combofix log that when researched come back with nothing at all.
Rather than just delete them let's send then to be scanned by Jotti and or Virustotal;
Instructions below;
Please make sure that you can view all hidden files. Instructions on how to do this can be found here:
How to see hidden files in Windows
Please click this link-->Jotti
When the jotti page has finished loading, click the browse button and navigate to the files listed below in bold, then click Submit. You will only be able to have one file scanned at a time.
C:\Documents and Settings\All Users\Application Data\iniloxsb
C:\Program Files\xjdzuqd
C:\Documents and Settings\All Users\Application Data\udixcxof
C:\WINDOWS\SYSTEM32\dwzyzabo.exe
Please post back the results of the scan in your next post.
If Jotti is busy, try the same at Virustotal: http://www.virustotal.com
You will have to send one at a time, please post back the logs unless they are all clean.0 -
Reluctant_spender wrote: »Hi,
There are four files that would appear in your combofix log that when researched come back with nothing at all.
Rather than just delete them let's send then to be scanned by Jotti and or Virustotal;
Instructions below;
Please make sure that you can view all hidden files. Instructions on how to do this can be found here:
How to see hidden files in Windows
Please click this link-->Jotti
When the jotti page has finished loading, click the browse button and navigate to the files listed below in bold, then click Submit. You will only be able to have one file scanned at a time.
C:\Documents and Settings\All Users\Application Data\iniloxsb
C:\Program Files\xjdzuqd
C:\Documents and Settings\All Users\Application Data\udixcxof
C:\WINDOWS\SYSTEM32\dwzyzabo.exe
Please post back the results of the scan in your next post.
If Jotti is busy, try the same at Virustotal: [url]
http://www.virustotal.com[/url]
You will have to send one at a time, please post back the logs unless they are all clean.
Is there anything I can use that doesn't require the PC to be online as I have it here at the moment and can't connect it to the internet so have to transfer files manually by cd :rolleyes:It's easier to get forgiveness than to ask permission
0 -
Otherwise if it looks clean apart from them, I'll take it back tonight and scan online once I reconnect it for himIt's easier to get forgiveness than to ask permission
0
-
There is potential another entry that needs removing but I was waiting to see what the scanners brought back.0
-
Hello
the first enrty iniloxsb was an empty folder so nothing to scan
the second entry xjdzuqd was also an empty folder
The third item udixcxof returnd the following on the online scan
Scan taken on 16 Oct 2008 19:39:34 (GMT)
A-Squared Found nothing
AntiVir Found TR/Obfuscated.GX.2597
ArcaVir Found nothing
Avast Found Win32:PureMorph
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found Troj.W32.Obfuscated.gx
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found Trojan.Win32.Obfuscated.gx
G DATA Found Win32:PureMorph
Ikarus Found Trojan.Win32.Obfuscated.gx
Kaspersky Anti-Virus Found Trojan.Win32.Obfuscated.gx
NOD32 Found Win32/Agent.OHZ
Norman Virus Control Found W32/Busky.DUJA
Panda Antivirus Found nothing
Sophos Antivirus Found Mal/EncPk-DG
VirusBuster Found nothing
VBA32 Found Trojan.Win32.Obfuscated.gx
Last file scanned at least one scanner reported something about: 3A3B5E72DF3E03B7F8A584B54568865B.fil.0001 (MD5: 3a3b5e72df3e03b7f8a584b54568865b, size: 62984 bytes), detected by:
Scanner Malware name
A-Squared X
AntiVir TR/Downloader.Gen
ArcaVir X
Avast X
AVG Antivirus SHeur.BSMY
BitDefender Trojan.Downloader.JKKJ
ClamAV X
CPsecure X
Dr.Web Win32.HLLW.Autoruner.2765
F-Prot Antivirus W32/SelfStarterInternetTrojan!Maximus
F-Secure Anti-Virus Worm.Win32.AutoRun.ent
G DATA Trojan.Downloader.JKKJ
Ikarus Worm.Win32.AutoRun.ent
Kaspersky Anti-Virus Worm.Win32.AutoRun.ent
NOD32 Win32/TrojanDropper.Agent.NLV
Norman Virus Control W32/DLoader.HMJZ
Panda Antivirus X
Sophos Antivirus X
VirusBuster X
VBA32 Win32.TrojanDropper.Agent.NLV
Here is the log for the fourth item dwzyzabo
Scan taken on 16 Oct 2008 19:49:10 (GMT)
A-Squared Found nothing
AntiVir Found nothing
ArcaVir Found nothing
Avast Found Win32:PureMorph
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found Trojan.Win32.Obfuscated.gx
G DATA Found Win32:PureMorph
Ikarus Found nothing
Kaspersky Anti-Virus Found Trojan.Win32.Obfuscated.gx
NOD32 Found Win32/TrojanDownloader.FakeAlert.MQ
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Sophos Antivirus Found Mal/EncPk-DG
VirusBuster Found nothing
VBA32 Found nothing
Last file scanned at least one scanner reported something about: Ping_Boot.exe (MD5: 6dfd5eeba80323f5d70607f7ea749b5f, size: 639591 bytes), detected by:
Scanner Malware name
A-Squared X
AntiVir X
ArcaVir Trojan.Qhost.Lj
Avast Win32:Agent-AAJA
AVG Antivirus X
BitDefender Trojan.Downloader.JKMJ
ClamAV X
CPsecure Downloader.W32.Url2File.A
Dr.Web X
F-Prot Antivirus X
F-Secure Anti-Virus X
G DATA Win32:Agent-AAJA
Ikarus Backdoor.Win32.Ciadoor.13
Kaspersky Anti-Virus X
NOD32 X
Norman Virus Control X
Panda Antivirus X
Sophos Antivirus X
VirusBuster X
VBA32 Embedded.Trojan.BAT.Agent.j
Thank you :-)It's easier to get forgiveness than to ask permission
0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.2K Banking & Borrowing
- 253.6K Reduce Debt & Boost Income
- 454.3K Spending & Discounts
- 245.3K Work, Benefits & Business
- 601K Mortgages, Homes & Bills
- 177.5K Life & Family
- 259.1K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards