How To Repair Need HELP Deciphering A Combofix Log (Solved)

Home > Need Help > Need HELP Deciphering A Combofix Log

Need HELP Deciphering A Combofix Log

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-09-28 08:20 Windows 5.1.2600 Service Pack 3 NTFS . or read our Welcome Guide to learn how to use this site. REGEDIT4 [-HKEY_CURRENT_USER\Software\Kazaa] [-HKEY_LOCAL_MACHINE\SOFTWARE\knight] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "HideLegacyLogonScripts"=- "HideLogoffScripts"=- "RunLogonScriptSync"=- "RunStartupScriptSync"=- "HideStartupScripts"=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "HideLegacyLogonScripts"=- "HideLogoffScripts"=- "RunLogonScriptSync"=- "RunStartupScriptSync"=- "HideStartupScripts"=-Click to expand... Your organs are of no use to you when your gone. his comment is here

Thanks, Mel ComboFix 08-08-04.09 - Owner 2008-08-06 18:41:15.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.347 [GMT -4:00] Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\Owner\Desktop\WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe Edit You can delete the C:\MGtools folder and the C:\MGtools.exe file. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now. And yes I actually did read your post. http://www.bleepingcomputer.com/forums/t/363196/need-help-deciphering-a-combofix-log/

Again the difficulty is in giving you self help information that doesn't violate the wishes of the malware tool author/s. Need HELP deciphering a combofix log Started by mttransfer , Nov 26 2010 04:10 PM This topic is locked 2 replies to this topic #1 mttransfer mttransfer Members 2 posts OFFLINE Anyone familiar with deciphering the logs on this?

In addition a ComboFix log by itself is not going to tell you if you have malware problems as ComboFix is not a comprehensive malware scanning tool. A case like this could easily cost hundreds of thousands of dollars. He's asked me to run Combofix on all the computers to see if there is any malware and then report to him the results. If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread.

chaslang, Aug 7, 2008 #4 melm Private First Class Thank you for the information and attempt to clean things up, but I'm afraid it went downhill shortly after my last post. Don't think you want me posting a dozen logs, you've got more important things to do. Any input is appreciated. useful reference Pre-Run: 138,295,234,560 bytes free Post-Run: 138,598,985,728 bytes free .

You may get a better answer to your question by starting a new discussion. Using the site is easy and fun. Unfortunately it's not a simple answer due to the complexities of having trained people give you honest quantified answers with forum provided information by both parties. Register now!

So i was wondering if anyone could check my log? useful source If you have a very good understanding of the Windows Operating System, you would understand most of it already. Everyone else please begin a New Topic Proud member - Unified Network of Instructors and Trained Eliminators I do not accept personal donations for assistance provided. Unfortunately have limited PC / Programming knowledge so wanted to find out if someone could review it and alert me to any possible hacking and/or malware or any other items that

scanning hidden autostart entries ... . this content The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.Andrew Brown (1938-1994)Don't let BleepingComputer be silenced. What do I do?Please read this for more complete information: How do I get help? When a trained expert is assisting someone, they will know how to deal with such a scenario.Combofix was never meant to be used as a general purpose malware scanner like SuperAntispyware

Back to top BC AdBot (Login to Remove) BleepingComputer.com Register to remove ads #2 B-boy/StyLe/ B-boy/StyLe/ Bleepin' Freestyler Malware Response Team 7,981 posts OFFLINE Gender:Male Location:Bulgaria Local time:08:59 PM Today I used combofix for the first time because I heard it was better/ more secure than hijackthis, but as I look through the info provided it it is all Greek What do I do?" forum can answer? weblink Join Now I just ran combofix on a computer that we are having some strange issues with.

Edited by Budapest, 16 November 2010 - 05:23 PM. Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account? Information on A/V control HEREWe also need a new log from the GMER anti-rootkit scanner.

CONTRIBUTE TO OUR LEGAL DEFENSE All unused funds will be donated to the Electronic Frontier Foundation (EFF).

If you do not get a reply within 72 hours then you may bump the post. The "parrot has been nailed to the perch". Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account? If not please perform the following steps below so we can have a look at the current condition of your machine.

Melm. Those are just some of the reasons we advise not to use ComboFix unless instructed to do so by a trained expert. ..Microsoft MVP Consumer Security 2007-2015 Microsoft MVP Reconnect 2016Windows By continuing to use this site, you are agreeing to our use of cookies. check over here Hello, and thanks in advance!

scanning hidden autostart entries ... After doing the above, you should work thru the below link: How to Protect yourself from malware! Sign In Sign In Remember me Not recommended on shared computers Sign in anonymously Sign In Forgot your password? scanning hidden files ...

The laptop got reborn and now I want to throw it out the window, but there is a black bear prowling around my bird feeders and he might not like having If you are not having any other malware problems, it is time to do our final steps: You can uninstall SUPERAntiSpyware now. Please re-enable javascript to access full functionality. S0 cerc6;cerc6; [x] S2 tvnserver;TightVNC Server;c:\program files\TightVNC\tvnserver.exe [8/3/2011 6:23 AM 828944] .

Your first post was not phrased that way and that is why you got the reply you did. View this "Best Answer" in the replies below » 7 Replies Jalapeno OP JasonTCSIW Sep 28, 2012 at 5:29 UTC Combofix is usually pretty good at simply fixing c:\documents and settings\All Users\Start Menu\Programs\Startup\ Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128] . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= Please read all of the following instructions found here: NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help After reading all of the instructions found above post the required

Just a friendly warning. 0 Sonora OP StephenJE Sep 28, 2012 at 8:20 UTC Thank you, yes i ran it from my flash drive. Don't do that." Douglas Adams (1952-2001)"Imagination is more important than knowledge.