Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: Combofix Scan, possible computer infection.  (Read 3026 times)

0 Members and 1 Guest are viewing this topic.

Kerjifire

  • Guest
Combofix Scan, possible computer infection.
« on: August 29, 2010, 05:00:51 AM »
Hey can you check out this combofix log and see if i needa check if i'm still infected.

Regards, Kerjifire.

Here is also MBAM Log:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4172

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7/06/2010 8:34:12 PM
mbam-log-2010-06-07 (20-34-12).txt

Scan type: Quick scan
Objects scanned: 512
Time elapsed: 15 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


[recovering disk space - old attachment deleted by admin]
« Last Edit: August 29, 2010, 05:12:48 AM by Kerjifire »

Crush

  • Malware Removal Specialist


  • Beginner

    Thanked: 8
    Re: Combofix Scan, possible computer infection.
    « Reply #1 on: September 05, 2010, 11:36:54 AM »
    Hello, and welcome to Computer Hope Forums!

    I'm Crush but, you can call me Chris too :) and I will be helping you with your Malware issues

    Please note the following information about the malware forum:

    • Only members of the Malware Removal Specialist user group are allowed to give advice on removing malware from your computer. Do not follow the advice of anyone without that user title.
    • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by the staff I noted above.
    • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
    • If you have already asked for help somewhere, please post the link to the topic you were helped.
    • We try our best to reply quickly, but for any reason we do not reply in two days, do this:


    Reply to this topic with the word BUMP.

    • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

    Now that we have that out of the way:

    ComboFix should not be run without the guidance of a helper!
     
    It is a powerful tool and is intended by its creator to be "used under the guidance and supervision of an expert", NOT for private or regular use.

    See ComboFix's Disclaimer
     
    Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

     Please refer to this thread for more information on why you shouldn't use ComboFix without supervision of a trained expert: http://www.bleepingcomputer.com/forums/topic273628.html

    ============

    Download OTL  to your Desktop

    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Under the Custom Scan box paste this in
    Code: [Select]
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %SYSTEMDRIVE%\*.exe
    %systemroot%\*. /mp /s
    c:\$recycle.bin\*.* /s
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    nvstor32.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    explorer.exe
    svchost.exe
    userinit.exe
    qmgr.dll
    ws2_32.dll
    proquota.exe
    imm32.dll
    kernel32.dll
    ndis.sys
    autochk.exe
    spoolsv.exe
    xmlprov.dll
    ntmssvc.dll
    mswsock.dll
    Beep.SYS
    ntfs.sys
    termsrv.dll
    sfcfiles.dll
    st3shark.sys
    ahcix86.sys
    srsvc.dll
    nvrd32.sys
    /md5stop
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles

      • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
        • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
        • Please copy (Edit>Select All, Edit>Copy) the contents of these files, one at a time
      "I am in fact, quite cool. My graphing calculator confirms this"