Search:

Yep, I think we are good. Some of the stuff was just closed ports and processes that needed to be restarted.

Thanks for the help. I owe you my first born.

Just for my education could you give...

You were correct about the snapshot section:

here is the comboFix file with the section removed:

ComboFix 07-11-02.3 - MIA-KITTY 2007-11-04 8:17:12.3 - NTFSx86
Microsoft Windows XP...

The comboFix file is very large 120,000 characters long. This posting program will only let me post upto 20,000 char how do I post? Or do I attach?

Mean while the HJT file is:


Logfile of...

looks like my VNC port has been closed as VNC does not appear to be working any more.

Mike

Is there anyway to find out what changes all of this has done to my computer? It looks like I have to go back and re-setup some things.

I notice that all of my secure ssh is no longer working....

What is the next step or have we finished?

Mike

Here is the new HJT log file. How am I doing?


***************************************

New HJT LOG:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:59:19 PM, on 11/2/2007...

Ok had a bit of a snag with this one. I forgot to disable script blocking in NAV. So on reboot while running ComboFix NAV sent me a warning and the system froze. I rebooted and got script blocking...

Ok I have rebooted after SuperAntiSpyware. The resulting scan log is:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/02/2007 at 05:49 PM

Application Version :...

Ok SuperAntiSpyWare has finished. It says I still have 5 items of Vundo as well as some downloaders I will continue as per the instructions but here is the Scan log file:


SUPERAntiSpyware Scan...

Thanks for the location of the VundoFix.txt file. It contains the following:


VundoFix V6.5.11

Checking Java version...

Java version is 1.5.0.7
Old versions of java are exploitable and...

Ok I ran VundoFix

It did not generat a text file as far as I can tell bu it did list some files in its window:

C:/windows/system32/exdramn.dll
C:/windows/system32/qomkjjg.dll

I clicked...

Ok here is the hijack this file:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:49:04 PM, on 11/2/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00...

Hi I believe I am having problems with with virtumonde and maybe others.

I have tried Norton Symantic, and MS One care, virus scanners both have reported differing viruses which I removed.

I...