Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

After I removed SpyAxe...


  • Please log in to reply

#16
crystyxn

crystyxn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
< H:\Documente\Files\gunz hacks.rar >
File/Folder H:\Documente\Files\gunz hacks.rar not found.
< H:\Documente\Files\Injec-TOR.exe >
File/Folder H:\Documente\Files\Injec-TOR.exe not found.
< H:\Documente\Files\Lg Aimbot.rar >
File/Folder H:\Documente\Files\Lg Aimbot.rar not found.
< H:\Documente\Files\LGGunZ Injector.exe >
File/Folder H:\Documente\Files\LGGunZ Injector.exe not found.
< H:\Documente\Files\LGGunZ Injector[UPDATED].rar >
File/Folder H:\Documente\Files\LGGunZ Injector[UPDATED].rar not found.
< H:\Documente\Files\OverCoders.MRS%20%5Bv1.0%5D%20Godmode%20%5Bv1.0%5D.rar >
File/Folder H:\Documente\Files\OverCoders.MRS%20%5Bv1.0%5D%20Godmode%20%5Bv1.0%5D.rar not found.
< H:\Documente\Other\Fileš\Morphine_v4.1.rar >
File/Folder H:\Documente\Other\Fileš\Morphine_v4.1.rar not found.
< H:\Documente\Other\Fileš\Injec-TOR.exe >
File/Folder H:\Documente\Other\Fileš\Injec-TOR.exe not found.
< H:\Documente\Other\gunz hax\GUNZ HAX >
File/Folder H:\Documente\Other\gunz hax\GUNZ HAX not found.
< H:\Documente\Torrented\Download Accelerator Plus 8.5.5.5 Premium Edition\Download Accelerator Plus 8.5.5.5 Premium Edition.rar >
File/Folder H:\Documente\Torrented\Download Accelerator Plus 8.5.5.5 Premium Edition\Download Accelerator Plus 8.5.5.5 Premium Edition.rar not found.
< H:\Documente\Torrented\Download Accelerator Plus 8.5.5.5 Premium Edition\Download_Accelerator_Crack >
File/Folder H:\Documente\Torrented\Download Accelerator Plus 8.5.5.5 Premium Edition\Download_Accelerator_Crack not found.
< H:\Documente\Torrented\ErrClean.v1.5.1.0-UNiQUE\SystemErrorRepairFull_en_2.exe >
File/Folder H:\Documente\Torrented\ErrClean.v1.5.1.0-UNiQUE\SystemErrorRepairFull_en_2.exe not found.
< H:\Documente\Vista Transformation Pack 6.0.exe >
File/Folder H:\Documente\Vista Transformation Pack 6.0.exe not found.
< H:\f67193df77b780fad907da6dbeabf3\IE7_Final_WGA_Crack >
Folder move failed. H:\f67193df77b780fad907da6dbeabf3\IE7_Final_WGA_Crack scheduled to be moved on reboot.
< H:\Random\SmitfraudFix >
File/Folder H:\Random\SmitfraudFix not found.

OTMoveIt2 v1.0.20 log created on 03012008_170531
  • 0

Advertisements


#17
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
PLease add these to the OT Move it list to move please and click on move it.
C:\Documents and Settings\cristi_b\Application Data\TuneUp Software\TuneUp Utilities\Backups\00000001.rcb
C:\kkmgpnx.exe
C:\nniq.exe
C:\Program Files\DAEMON Tools\SetupDTSB.exe
C:\wekqya.exe
H:\Documente\Bitlord\Downloads\Nero.Ultra.Edition.v8.0.3.0.Retail-ZWTiSO\nue8.0.3.0r.iso
H:\Documente\CrystyXN's Protection Pack\ErrClean.v1.5.1.0-UNiQUE\SystemErrorRepairFull_en_2.exe
H:\Documente\Files\Adbux_and_Bux.zip
H:\Documente\Files\AutoClickers.rar
H:\Documente\Files\Auto_Quest.rar
H:\Documente\Files\CheatNation.org- OverNightPlvl.rar
H:\Documente\Files\CRC32.rar
H:\Documente\Files\DarkX Full.rar


please post back with that log please.

Edited by kahdah, 01 March 2008 - 09:15 AM.

  • 0

#18
crystyxn

crystyxn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
File/Folder C:\Documents and Settings\cristi_b\Application Data\TuneUp Software\TuneUp Utilities\Backups\00000001.rcb not found.
File/Folder C:\kkmgpnx.exe not found.
File/Folder C:\nniq.exe not found.
File/Folder C:\Program Files\DAEMON Tools\SetupDTSB.exe not found.
File/Folder C:\wekqya.exe not found.
File/Folder H:\Documente\Bitlord\Downloads\Nero.Ultra.Edition.v8.0.3.0.Retail-ZWTiSO\nue8.0.3.0r.iso not found.
File/Folder H:\Documente\CrystyXN's Protection Pack\ErrClean.v1.5.1.0-UNiQUE\SystemErrorRepairFull_en_2.exe not found.
File/Folder H:\Documente\Files\Adbux_and_Bux.zip not found.
File/Folder H:\Documente\Files\AutoClickers.rar not found.
File/Folder H:\Documente\Files\Auto_Quest.rar not found.
File/Folder H:\Documente\Files\CheatNation.org- OverNightPlvl.rar not found.
File/Folder H:\Documente\Files\CRC32.rar not found.
File/Folder H:\Documente\Files\DarkX Full.rar not found.
[Custom Input]
< C:\Documents and Settings\cristi_b\Application Data\TuneUp Software\TuneUp Utilities\Backups\00000001.rcb >
File/Folder C:\Documents and Settings\cristi_b\Application Data\TuneUp Software\TuneUp Utilities\Backups\00000001.rcb not found.
< C:\kkmgpnx.exe >
File/Folder C:\kkmgpnx.exe not found.
< C:\nniq.exe >
File/Folder C:\nniq.exe not found.
< C:\Program Files\DAEMON Tools\SetupDTSB.exe >
File/Folder C:\Program Files\DAEMON Tools\SetupDTSB.exe not found.
< C:\wekqya.exe >
File/Folder C:\wekqya.exe not found.

you could just tell me to delete all the old hax that i forgot :)
  • 0

#19
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
That is fine can you please check to see if those files are missing or not.

It is strange that OT MOve it said that none of them were found.

Especially these files:
C:\kkmgpnx.exe
C:\nniq.exe
C:\wekqya.exe
C:\kkmgpnx.exe
C:\wekqya.exe
  • 0

#20
crystyxn

crystyxn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
ohhhhh im sorry i did 3 moves i thought the log would popup like in hjt :)

they were indeed moved

:)

:)
  • 0

#21
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Okay the explains it :)
==================
Please re-open Hijackthis and click on "Do a system scan only"
Then place a check mark next to these entries below:(If present)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - HKCU\..\Run: [Amen Win] C:\DOCUME~1\cristi_b\APPLIC~1\FOURST~1\locks load.exe



Now click on Fix Checked and then close Hijackthis.
==================================
Time for some housekeeping
  • Click START then RUN
  • Now type Combofix /u in the runbox and click OK


    • Posted Image

    The above procedure will:
  • Delete the following:
    • ComboFix and its associated files and folders.
    • VundoFix backups, if present
    • The C:\Deckard folder, if present
    • The C:_OtMoveIt folder, if present
  • Reset the clock settings.
  • Hide file extensions, if required.
  • Hide System/Hidden files, if required.
  • Clean System Restore points.

Also delete anything that we used that is left over.
===================================
By the way I would stay away from crack sites and torrents as these are a sure way to get infected.

After that Your log is clean. :)

To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein ->Here
  • 0

#22
crystyxn

crystyxn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
Posted Image

lol should everything u gave me be on desktop?

xD
  • 0

#23
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Yes is combofix there?
  • 0

#24
crystyxn

crystyxn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
ok i deleted dss and other stuff
i put now combofix.exe on desktop (redownloaded)

and can i DELETE (sorry lol) the moved files from C:\_OT...?

Edited by crystyxn, 01 March 2008 - 09:57 AM.

  • 0

#25
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Okay with Combofix on the desktop you can now do this:
]
  • Click START then RUN
  • Now type Combofix /u in the runbox and click OK


    • Posted Image

    The above procedure will:
  • Delete the following:
    • ComboFix and its associated files and folders.
    • VundoFix backups, if present
    • The C:\Deckard folder, if present
    • The C:_OtMoveIt folder, if present
  • Reset the clock settings.
  • Hide file extensions, if required.
  • Hide System/Hidden files, if required.
  • Clean System Restore points.

Also delete anything that we used that is left over.
================================
Uninstalling Combofix will delete what is left over such as the Ot move it folder.
  • 0

Advertisements


#26
crystyxn

crystyxn

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts
???

i arleady did that

:)
  • 0

#27
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
If you have already uninstalled combofix and it said Combofix is now uninstalled then you are good to go.

If there is anything left that we used you can delete it.

AFter that we are done :)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP