Combofix fixed it all?

By nyaa
Nov 7, 2008
  1. i'm using windows xp media center sp3 and avg anti virus.

    some days ago avg detected two viruses and moved the files to the virus vault and forced a restart.
    the virus vault now:
    Resident Shield detection
    Infection;"Object";"Result";"Detection time";"Object Type";"Process"
    Trojan horse BackDoor.Generic10.TDZ;"C:\i386\wupdmgr.exe";"Moved to Virus Vault";"24.10.2008, 12:20:01";"file";"C:\WINDOWS\system32\winlogon.exe"
    Virus identified Win32/Patched.S;"C:\windows\system32\sens.dll";"Moved to Virus Vault";"31.10.2008, 13:20:38";"file";"C:\WINDOWS\System32\svchost.exe"
    Virus identified EICAR_Test;"C:\DOKUME~1\kristin\LOKALE~1\Temp\Av-test.txt";"Moved to Virus Vault";"31.10.2008, 14:24:18";"file";"C:\WINDOWS\system32\CF9318.exe"

    the current user by that time checked out some forums but didn't ask for help. he came across combofix and just downloaded it to some folder and ran it without having read the 'how to' instructions

    it seemed like everything worked out well but now i'm unsure whether this was enough. plus my computer is running slower than ever and the avg automatic update won't work.

    could someone have a look at this? please tell me if i need to do more or if the other guy may have accidently uninstalled important stuff. i attached the combofix log as well.
  2. momok

    momok TS Rookie Posts: 2,265

    These fiolders on your system are highly suspicious and should be deleted.


    Whos computer is this exactly? You should never run Combofix without trained supervision.
    I can't tell if anything important is deleted; AVG automatic updates is a little buggy.
  3. nyaa

    nyaa TS Rookie Topic Starter

    thanks a lot!
    it's my computer, but my brother was using it for a while. when he told me about combofix, i didn't know it before, but wherever i read about it, it always looked complicated and risky, so i was afraid, he might have caused me trouble.

    is there anything else to do after deleting the folders? i don't know what stuff is in them. when i googled i found a forum where people were saying those files are needed to uninstall windows updates. but i guess that's nothing i plan to do, so i'll delete them? will i have to check my registry afterwards? the files in the folders are dll's: updspapi.dll, wudfcustom.dll, updspapi.dll and wpdinstallutil.dll.

    thank you for helping!
  4. momok

    momok TS Rookie Posts: 2,265

    Hm, I don't see why you would want to uninstall windows updates, so yea delete the two folders anyway.

    You don't need to check your registry; combofix has scanned it and recorded important start up areas in its log. The log shows its fine.
  5. nyaa

    nyaa TS Rookie Topic Starter

    thank you very much for your help. what a relief now :D
    and thanks especially for the quick answers. i'll keep a better eye on my computer from now on.
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...