Home > General > A.doginhispen.com


Presence of the following file:%Temp%\abc123.pid Backdoor:Win32/Zonebac.gen!F is a family of backdoors that allow unauthorized access and control of an affected machine. N/A. Terms of Use Privacy Policy Licensing Advertise International Editions: US / UK India Javascript is disabled in your web browserFor full functionality of this site it is necessary to enable JavaScript. Regards, KsB Jan 16, 2008 #19 momok TS Rookie Posts: 2,265 Hi, It appears that the ComboFix log is an old log. http://addictech.net/general/a-doginhispen.html

Instead, open a new thread in our Security and The Web forum. When scanning is finished, click on the “Show Results” 8. Advertisement rebel256 Thread Starter Joined: Feb 12, 2008 Messages: 29 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:35:36 PM, on 2/12/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet If you're not already familiar with forums, watch our Welcome Guide to get started. http://www.bleepingcomputer.com/forums/t/131025/adoginhispencom/

A.doginhispen is again here... KsB Jan 18, 2008 #23 kingsbishop TS Rookie Topic Starter Posts: 24 Seems I've spoken a little bit too early... That was because you did not post your logs earlier and allow me to fix the root of the problem.

Regards, momok =) This thread is for the use of kingsbishop only. Please don't post your own virus/spyware problems in this thread. SUBMIT A SAMPLE Suspect a file or URL was wrongly detected? If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

If you would like to keep your saved passwords, please click No at the prompt.Click Exit on the Main menu to close the program.Note: On Vista, "Windows Temp" is disabled. Run FindAWF again. Join our site today to ask your question. http://www.techspot.com/community/topics/a-doginhispen-com-and-his-brothers.96387/ I ran the program in the previous post and they did not appear for about 5 hours.

If you continue to use this site we will assume that you are happy with it.Ok Business Home About Us Purchase United States - English América Latina - Español Australia - I will leave the last two, but is there a problem with having all those on the computer. Once files.txt is saved, FindAWF does the following: -It attempts to terminate the process represented by each filename on the list, if running -Deletes the rogue file from the parent folder, cwwozniak replied Jan 23, 2017 at 2:56 PM Spell checker download?

urlQuery Alerts No alerts detected Settings UserAgent Referer Pool Access Level Intrusion Detection Systems Blacklists Files Captured Recent reports on same IP/ASN/Domain JavaScript Executed Scripts (0) Executed Evals (0) Executed Writes Make sure that all detected threats are marked, click on Remove Selected. 9. Top Threat behavior Backdoor:Win32/Zonebac.gen!F is a family of backdoors that allow unauthorized access and control of an affected machine.   Backdoor:Win32/Zonebac.gen variants are generally packed using the common packer UPX, and install as The web site also poses high security risks that may unknowingly infect visitors computer even if it is protected by an anti-virus application.

Please remember to attach this report file in your reply along with all other required logs (ComboFix from before?). Log in with Facebook Log in with Twitter Log in with Google Your name or email address: Do you already have an account? A text file named files.txt will open: Copy and paste the following text from the quote box below into the text file. How do I remove the ones not listed in the Add/Remove programs.

Delete all files in AVG Antispyware Quarantine folder. (located in C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Quarantine) Turn off system restore (XP/ME only). Online Virus Scan Quick online identification and removal for wide range of threats including virus and malware. Yes, my password is: Forgot your password? C:\WINDOWS\bak\CameraFixer.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\bak\CAPONN.EXE C:\WINDOWS\system32\dla\bak\tfswctrl.exe C:\WINDOWS\system32\bak\ctfmon.exe C:\WINDOWS\bak\vsnpstd3.exe C:\WINDOWS\bak\tsnpstd3.exe C:\WINDOWS\bak\CameraFixer.exe C:\Programmi\Toshiba\Windows Utilities\bak\Hotkey.exe C:\Programmi\Toshiba\Touch and Launch\bak\PadExe.exe C:\Programmi\Toshiba\TOSHIBA Zooming Utility\bak\SmoothView.exe C:\Programmi\Toshiba\TOSCDSPD\bak\toscdspd.exe C:\Programmi\Synaptics\SynTP\bak\SynTPLpr.exe C:\Programmi\Synaptics\SynTP\bak\SynTPEnh.exe C:\Programmi\QuickTime\bak\qttask.exe C:\Programmi\Nero\Nero8\Nero BackItUp\bak\NBKeyScan.exe C:\Programmi\Lexmark X1100 Series\bak\lxbkbmgr.exe C:\Programmi\Kaspersky Lab\Kaspersky Anti-Virus Personal\bak\kav.exe C:\Programmi\iTunes\bak\iTunesHelper.exe C:\Programmi\Google\GoogleToolbarNotifier\bak\GoogleToolbarNotifier.exe C:\Programmi\File

Open notepad and copy/paste the text in the quote box below into it (all except the word QUOTE): File:: C:\WINDOWS\CameraFixer.exe C:\WINDOWS\vsnpstd3.exe C:\WINDOWS\tsnpstd3.exe C:\WINDOWS\system32\drivers\sptd8365.sys C:\WINDOWS\GPInstall.exe C:\WINDOWS\bak\vsnpstd3.exe C:\WINDOWS\bak\tsnpstd3.exe C:\WINDOWS\bak\CameraFixer.exe Folder:: C:\WINDOWS\bakClick to expand... Please update. 6. If you accept cookies from this site, you will only be shown this dialog once!You can press escape or click on the X to close this box.

Join over 733,556 other people just like you!

The TrojanHunter program was a 30-day trial so I will have to remove it. Note: Do not mouseclick combofix's window while it is running. Top Follow:I want to...Get helpRemove difficult malwareAvoid tech support phone scamsSee and search the latest threatsFind answers to other problemsFix my softwareFix updates and solve other problemsSee common error codesDownload and Removal Trojan Technical Details Agent.DXH is installed on the system when the file is executed with "INSTALL" as the parameter.When this malware is installed on the system it will traverse the

Regards, momok Jan 16, 2008 #18 kingsbishop TS Rookie Topic Starter Posts: 24 Hello Momok, here are the files. Please run AVG again properly by setting all actions to quarantine; read through the instructions carefully and follow them exactly. Jan 11, 2008 #6 kingsbishop TS Rookie Topic Starter Posts: 24 Hello Momok, I’ve another problem. Please attach this new FindAWF log in your reply.

Our experts here will tend to your queries thereafter. You may wish to copy and paste these instructions on notepad for easier reference later. Since I have run many virus, spyware scans, etc. Thereafter, please post fresh HijackThis, AVG Antispyware and Combofix logs as attachments into this thread.

Instead, open a new thread in our Security and The Web forum. Press 2 then Enter. Hope this can help you, thanks a lot for your patience! Find AWF report by noahdfear 2006 Version 1.40 The current date is: Wed 02/13/2008 The current time is: 18:32:54.24 bak folders found ~~~~~~~~~~~ Directory of C:\PROGRA~1\AIM6\BAK 04/27/2007 03:17 PM 50,736 aim6.exe

Payload Backdoor Functionality Backdoor:Win32/Zonebac.gen!F executes 'iexplore.exe' in order to send information to the following remote sites:   When connected, it may then attempt to perform the following actions: Upload Thank you so very much - I was at a loss and had struggled with this for over a week.