chris1088c
Posts: 12 +0
Hello, my computer currently has the Command Service Virus. I read the thread containing the preliminary instructions and have attached my logfile.
Your help is appreciated,
Chris
Your help is appreciated,
Chris
Command Service Virus Help Needed (Attchment Included).
- Thread starter chris1088c
- Start date
- Status
howard_hopkinso
Posts: 21,238 +17
Hello and welcome to Techspot.
Your system is infected with a variety of malware, not just the Command Service Virus.
Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.
If after reading the above, you wish to clean your system, do the following.
Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.
Post fresh HJT, AVG Antispyware and Combofix logs as Attachments into this thread, only after doing the above.
Also, let me know the results of the Panda Antirootkit scan.
Regards Howard :wave: :wave:
This thread is for the use of chris1088c only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Your system is infected with a variety of malware, not just the Command Service Virus.
Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.
If after reading the above, you wish to clean your system, do the following.
Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.
Post fresh HJT, AVG Antispyware and Combofix logs as Attachments into this thread, only after doing the above.
Also, let me know the results of the Panda Antirootkit scan.
Regards Howard :wave: :wave:
This thread is for the use of chris1088c only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
chris1088c
Posts: 12 +0
Hi Howard,
I'm having a problem running combofix on my PC. When I first open it, a blue command box opens that says it's paused and please wait, however, nothing happens. I typed in the functions 'start' and 'combofix' and it begins to run but then I get an error message saying my version of combofix is out of date and it automatically deletes the file from my PC. I looked around for an up-to-date version but I can't seem to find anything. Any suggestions?
Thank you for your help,
Chris
I'm having a problem running combofix on my PC. When I first open it, a blue command box opens that says it's paused and please wait, however, nothing happens. I typed in the functions 'start' and 'combofix' and it begins to run but then I get an error message saying my version of combofix is out of date and it automatically deletes the file from my PC. I looked around for an up-to-date version but I can't seem to find anything. Any suggestions?
Thank you for your help,
Chris
Did you download the latest version from the instructions you were given?
[EDIT] I just downloaded it from the instructions myself and it worked perfectly.
This thread is for the use of chris1088c only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
[EDIT] I just downloaded it from the instructions myself and it worked perfectly.
This thread is for the use of chris1088c only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
chris1088c
Posts: 12 +0
Yes, I downloaded the version from the instructions Howard gave me.
Download it once more, just incase there was a problem with the server. If it wont run, post all the requested logs that you can.
This thread is for the use of chris1088c only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
This thread is for the use of chris1088c only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
chris1088c
Posts: 12 +0
I'm actually at work right now and the problem occured last night so it very well could have been the server. I will try it again as soon as I get home. I'm also having a problem with Spybot, after I run a check, I try to delete the spyware and spybot crashes during the process. Should I try to run Spybot at start up or should I try installing it again?
Try installing it again. Your pc is having so many problems because of the ammount of infections it has on it i suspect. Unfortunately, that's what happens when surfing without adequate protection. There is no evidence of a firewall in your log for example.
This thread is for the use of chris1088c only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
This thread is for the use of chris1088c only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
chris1088c
Posts: 12 +0
Ok, still having problems with Combofix.
I saved it to my desktop, when I first open it I get a blue box that says
-----------------
ComboFix - pause
-----------------
Please wait
Along with a windows error message telling me that combofix.exe has encoutered an error and needs to close. I can post the error report as well if that helps.
If I hit start, I get a black box up with the command
C:\ComboFix>
If I type combofix in and hit enter it says
Please wait.
Combofix is preparing to run.
Then I get a windows error message
-----------------------------------
ABORT - 07.10.30.5
-----------------------------------
Current date is 2007-10-30. This copy of Combofix has expired.
Please download an updated copy.
When you hit ok, another windows box pops up saying combofix has been uninstalled.
I saved it to my desktop, when I first open it I get a blue box that says
-----------------
ComboFix - pause
-----------------
Please wait
Along with a windows error message telling me that combofix.exe has encoutered an error and needs to close. I can post the error report as well if that helps.
If I hit start, I get a black box up with the command
C:\ComboFix>
If I type combofix in and hit enter it says
Please wait.
Combofix is preparing to run.
Then I get a windows error message
-----------------------------------
ABORT - 07.10.30.5
-----------------------------------
Current date is 2007-10-30. This copy of Combofix has expired.
Please download an updated copy.
When you hit ok, another windows box pops up saying combofix has been uninstalled.
chris1088c
Posts: 12 +0
Ok, my logs are attached minus the combofix.
Also, my PandaAntiRootKit scan came back clean.
Thanks for your help.
Also, my PandaAntiRootKit scan came back clean.
Thanks for your help.
Your avg antispyware scan says no action taken. All those threats need to be deleted. Once done, we can look at fixing everything else.
This thread is for the use of chris1088c only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
This thread is for the use of chris1088c only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
chris1088c
Posts: 12 +0
That's weird, I have my default action set to Quarantine and I chose to perform the action. Sorry, I will do another scan.
chris1088c
Posts: 12 +0
Hey Rik,
I have attached the updated logs.
I have attached the updated logs.
howard_hopkinso
Posts: 21,238 +17
Sorry for the delay in getting back to you, but I`ve had some serious computer problems to sort out of my own.
Your system is absolutely riddled with malware.
Please do the following.
Delete all files in AVG Antispyware quarantine.
Go to add remove programmes in your control panel and uninstall anything to do with(if there).
SecCenter
Qucmdllm
lobknajg
Close control panel.
Click start/run and type services.msc into the run box and press the enter key.
When the window appears, maximise it. Double click on the following services(if there) and select stop if they are running. Set the startup type to disabled. Click apply/ok for each service you disable.
DomainService
Close the services window.
1. Please download The Avenger by Swandog46 from HERE. Save it to your Desktop and extract it.
2. Download the attached avengerscript.txt and save it to your desktop
Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.
3. Now, start The Avenger program by double clicking on its icon on your desktop.
Under "Script file to execute" choose "Load script from file".
Now click on the folder icon which will open a new window titled "open Script File"
navigate to the file you have just downloaded, click on it and press open
Now click on the Green Light to begin execution of the script
Answer "Yes" twice when prompted.
4. The Avenger will automatically do the following:
It will Restart your computer. ( In cases where the code to execute contains "Drivers to Unload", The Avenger will actually restart your system twice.)
On reboot, it will briefly open a black command window on your desktop, this is normal.
After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.
5. Please attach the content of c:\avenger.txt into your reply, as well as a fresh HJT and Combofix log.
Regards Howard
This thread is for the use of chris1088c only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Your system is absolutely riddled with malware.
Please do the following.
Delete all files in AVG Antispyware quarantine.
Go to add remove programmes in your control panel and uninstall anything to do with(if there).
SecCenter
Qucmdllm
lobknajg
Close control panel.
Click start/run and type services.msc into the run box and press the enter key.
When the window appears, maximise it. Double click on the following services(if there) and select stop if they are running. Set the startup type to disabled. Click apply/ok for each service you disable.
DomainService
Close the services window.
1. Please download The Avenger by Swandog46 from HERE. Save it to your Desktop and extract it.
2. Download the attached avengerscript.txt and save it to your desktop
Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.
3. Now, start The Avenger program by double clicking on its icon on your desktop.
Under "Script file to execute" choose "Load script from file".
Now click on the folder icon which will open a new window titled "open Script File"
navigate to the file you have just downloaded, click on it and press open
Now click on the Green Light to begin execution of the script
Answer "Yes" twice when prompted.
4. The Avenger will automatically do the following:
It will Restart your computer. ( In cases where the code to execute contains "Drivers to Unload", The Avenger will actually restart your system twice.)
On reboot, it will briefly open a black command window on your desktop, this is normal.
After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.
5. Please attach the content of c:\avenger.txt into your reply, as well as a fresh HJT and Combofix log.
Regards Howard
This thread is for the use of chris1088c only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
chris1088c
Posts: 12 +0
Hi Howard,
The logs are attached.
The logs are attached.
howard_hopkinso
Posts: 21,238 +17
You`ve attached the Avenger script, rather than the Avenger log. Also, you haven`t attach a Combofix log as requested.
Unless you follow the instructions properly, we can`t help you.
Regards Howard
This thread is for the use of chris1088c only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Unless you follow the instructions properly, we can`t help you.
Regards Howard
This thread is for the use of chris1088c only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
chris1088c
Posts: 12 +0
Oops, I attached the proper avenger log.
And i'm still unable to run combofix on my computer, I get an error message saying combofix.exe has encoutered an error and needs to close. Any suggestions? (I've downloaded mutiple times and have the same result)
And i'm still unable to run combofix on my computer, I get an error message saying combofix.exe has encoutered an error and needs to close. Any suggestions? (I've downloaded mutiple times and have the same result)
howard_hopkinso
Posts: 21,238 +17
It`s a real shame that you can`t run Combofix. I have a feeling, the malware on your system is what`s preventing Combofix from running.
Your HJT log is still badly infected and the Avenger has failed to kill most the files I asked it to delete.
I am of the opinion, that you should seriously consider doing a format and reinstall.
I can continue to try and clean your system, but I have my doubts whether, I can do that successfully.
Even if I did clean it, ther may be so much damage done by the malware, that you`d end up formatting anyway.
Regards Howard
This thread is for the use of chris1088c only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
Your HJT log is still badly infected and the Avenger has failed to kill most the files I asked it to delete.
I am of the opinion, that you should seriously consider doing a format and reinstall.
I can continue to try and clean your system, but I have my doubts whether, I can do that successfully.
Even if I did clean it, ther may be so much damage done by the malware, that you`d end up formatting anyway.
Regards Howard
This thread is for the use of chris1088c only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
- Status
Similar threads
Latest posts
-
New Affordable AMD B650 Motherboard Roundup- Steve replied
-
Microsoft VASA tech can create realistic deepfakes using a single photo and one audio track- Squid Surprise replied
