TechSpot

Help with combofix log

By tw0rld
Dec 3, 2009
  1. I would like some help with this combo fix log. I am in the process of cleaning up a system for a fiend of mine. I am now in the final stage, and would like some help interpreting this log.
    I have read the post here http://www.techspot.com/vb/topic138086.html, but hoping that this is ok as I am not asking for much help. Hope to hear from someone.
    Thank You.
     

    Attached Files:

    • log.txt
      File size:
      24.1 KB
      Views:
      10
  2. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

    Well my personal thoughts would be to remove McAfee, obviously it hasn't helped the User :rolleyes:

    Preferably try Free Avira Antivirus (fully updated) and full scan completed
    But if you don't do this then you will have to do an online scan (Kaspersky will do for that) Edit: Oh Kaspersky online scanner is temporarily unavailable

    Oh and P2P doesn't help (and its the likely cause anyway)
    Consider uninstalling BearShare and any others installed

    Also do all Windows Security Updates

    You know the log really reports a mess :(
     
  3. tw0rld

    tw0rld TS Maniac Topic Starter Posts: 572   +6

    yeah I know. I have been working on his system for 3 days now. It has gotten a lot better. I ran Malwarebytes, spybot, SAS, Avira, ccleaner, Vundofix, Combofix and Eset fron Nod32. Almost a thousand instances of infections were found. At this point I know that I should be considering reformatting, but there are prorams on he system that the user uses, but do not have any source for reinstallation. I know that I should update software and OS, but I am only in what I think is the final process of Malware removal process.
     
  4. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

    >> Malwarebytes has just updated to a new version and database in the last day
    Please update it, and run a quick scan (whilst in Normal Mode, on the infected computer)
     
  5. tw0rld

    tw0rld TS Maniac Topic Starter Posts: 572   +6

    I did get that update, as I have done Multiple updates and rescans. The newer version found nothing. The combo fix log is what I am concerned about, as shows that there are still some suspicious files on the system.
     
  6. kritius

    kritius TS Guru Posts: 2,084

    In the future don't run things on peoples machines that you cannot interperet.

    1. Close any open browsers.

    2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    3. Open notepad and copy/paste the text in the quotebox below into it:

    Save this as CFScript.txt, in the same location as ComboFix.exe


    [​IMG]

    Refering to the picture above, drag CFScript into ComboFix.exe

    When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
     
  7. tw0rld

    tw0rld TS Maniac Topic Starter Posts: 572   +6

    Combofix log

    Thank You for the help kritius. The requested log is attached.
     

    Attached Files:

  8. kritius

    kritius TS Guru Posts: 2,084

    • Make sure to use Internet Explorer for this
    • Please go to VirSCAN.org FREE on-line scan service
    • Copy and paste the following file path into the "Suspicious files to scan" box on the top of the page:
      • c:\windows\system32\qmgr.dll
    • Click on the Upload button
    • If a pop-up appears saying the file has been scanned already, please select the ReScan button.
    • Once the Scan is completed, click on the "Copy to Clipboard" button. This will copy the link of the report into the Clipboard.
    • Paste the contents of the Clipboard in your next reply.

    1. Close any open browsers.

    2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    3. Open notepad and copy/paste the text in the quotebox below into it:

    Save this as CFScript.txt, in the same location as ComboFix.exe


    [​IMG]

    Refering to the picture above, drag CFScript into ComboFix.exe

    When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...