Author Topic: hjt log (Read 5040 times)

kit23 · « **Reply #40 on:** February 07, 2005, 06:06:36 PM »

ok.

the 2 keys were not found initially in the current control set
all were gone after i used registrar lite (though i had to delete the subfolder first).

here's another log

Volume in drive C has no label.
Volume Serial Number is 78E6-2519

Directory of C:\WINDOWS\SYSTEM32

~REMOVED LOG~

guestolo · « **Reply #41 on:** February 07, 2005, 06:11:03 PM »

Good work Kit, thanks for all the help

Are you saying you had to remove
LEGACY_VDMT16\0000 <<as an example, beforehand?

kit23 · « **Reply #42 on:** February 07, 2005, 06:39:39 PM »

exactly. had to delete the 0000 first and then the legacy vdmt16. wouldn't allow it the other way around. even with registrar lite and taking ownership, etc.

thanks for your tireless efforts
by the way, besides backdoor/haxdoor what were the names of the other viruses?

guestolo · « **Reply #43 on:** February 07, 2005, 06:45:16 PM »

You should be able to go back on your posts that included
the scans by eScan and track them down

Newer Haxdoor infection was the most difficult, stubborn bugger.......

But you also showed remnants of Troj/PPdoor-A trojan among others

It looks like you got it all

http://images.thetechguide.com/forum/public/style_emoticons/<#EMO_DIR#>/biggrin.gif\' class=\'bbc_emoticon\' alt=\'

\' />

I'm going to leave this topic open for a few days
If I don't hear back from you about any problems
I'll lock it up

Stay safe Kit, and again Thanks for everything

TheTechGuide Forum

News:

Author Topic: hjt log (Read 5040 times)

kit23

hjt log

guestolo

hjt log

kit23

hjt log

guestolo

hjt log