(Solved) Please Help Me Interpret These 2 ComboFix Logs Tutorial

Home > Please Help > Please Help Me Interpret These 2 ComboFix Logs

Please Help Me Interpret These 2 ComboFix Logs

We apologize for the delay in responding to your request for help. angel14 22.08.2010 16:45 hi richb, herez the new combofix log. richbuff 7.09.2010 12:30 Attach a Combofix log, please review these instructions carefully before downloading Combofix, and follow these instructions carefully after downloading Combofix.Before downloading and Saving combofix to Desktop, please rename You could also try running the virus removal tool in safe mode as well. http://computersciencehomeworkhelp.net/please-help/please-help-with-combofix-log.html

Save it to your desktop.DDS.scr DDS.pifDouble click on the DDS icon, allow it to run. a) when i goto google/hotmail,etc it redirects me to some fake google site in which headings are with virus names like MYDOOM VIRUS, NETSKY VIRUS, HYBRID VIRUS, ETC ETC these virus Alerts Alert Preferences Show All... Without them, all of the antivirus programs in the world can not secure your computer.

Attached Files ComboFix Log 1.txt 23.91KB 0 downloads ComboFix Log 2.txt 23.11KB 0 downloads Edited by Blade Zephon, 14 April 2011 - 03:28 PM. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" Using the site is easy and fun. How to Repair Vista: http://www.vistax64.com/tutorials/88236-re...tall-vista.html angel14 23.08.2010 13:10 hi richb,link : xxxxxxxxWhat i feel is that this virus is mutating and slowly infecting otherfiles.

If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this c:\winnt\system32\mspmsnsv.dll . View this "Best Answer" in the replies below » 7 Replies Jalapeno OP JasonTCSIW Sep 28, 2012 at 5:29 UTC Combofix is usually pretty good at simply fixing please advise asap thanks!Please help me pinpoint the virus/trojan/etc and why it keeps coming back!!

It may take a while to complete scanning and this is normal.You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is Regards,hi nevadabob... my imp data is in my pc...and formatting is my last option which i dont intend to do!MY SYSTEMINFO LOG LINK:http://www.getsysteminfo.com/read.php?file...56380fc98bf2ab5 YOUR HELP WILL BE GREATLY APPRECIATEDTHANKS!! thanks.edit: del quote.

Usually located in c:\combofix.txt, please attach it to your next post. If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available. Please include the C:\ComboFix.txt in your next reply.Notes:1.Do not mouse-click Combofix's window while it is running. It is extremely critical that Service Pack 1 and 2 are installed.

No input is needed, the scan is running. https://www.technibble.com/forums/threads/learning-to-read-combofix-logs.5708/ Regards, angel14 8.09.2010 17:48 QUOTE(Nevada Bob @ 8.09.2010 03:00) Just a suggestion from not an expert. i ran your script.2. Please follow the instructions in the below link and attach the requested logs when you finish these instructions.

c) most of the time MSN>ALK messenger dont work i cannot sign-in (yahoo msnger works though)... http://computersciencehomeworkhelp.net/please-help/please-help-me-analysing-my-combofix-log.html LunchBox Expand Collapse New Member Likes Received: 0 Location: Orange County, California, USA I can read HijackThis logs. richbuff 27.07.2010 03:41 Please leave this items alone, for now. richbuff 24.08.2010 06:17 You're welcome.

  • Please try the request again.
  • or virus??
  • Please do not post any logs inline.

To tell me this, please click on http://www.bleepingcomputer.com/logreply/411330 and follow the instructions there. but still IT IS HAPPENING AGAIN... They may otherwise interfere with our tools. http://computersciencehomeworkhelp.net/please-help/please-help-combofix-problem.html Pre-Run: 138,295,234,560 bytes free Post-Run: 138,598,985,728 bytes free .

scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(184) c:\winnt\system32\Ati2evxx.dll c:\winnt\system32\wzcdlg.dll c:\winnt\system32\WZCSAPI.DLL . Otherwise, I'd say it and Roguefix knock down probably 90-95% of the infections I'm seeing nowadays. #3 iladelf, Apr 2, 2009 (You must log in or sign up to post angel14 3.08.2010 08:11 i know u hate CAPS but this is just for you...

richbuff 25.07.2010 03:28 Run this script, instructions: http://forum.kaspersky.com/index.php?showt...mp;#entry678328 PC will reboot:CODEbeginSetAVZGuardStatus(True);SearchRootkit(true, true); QuarantineFile('c:\progra~1\mywebs~1\bar\1.bin\mwssvc.exe',''); StopService('MyWebSearchService'); DeleteService('MyWebSearchService');DeleteFile('c:\progra~1\mywebs~1\bar\1.bin\mwssvc.exe');BC_ImportDeletedList;ExecuteSysClean;BC_Activate;RebootWindows(true);end.After run script, attach a Combofix log, please review these instructions carefully before downloading Combofix, and follow

Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.Thank you for your patience, and again sorry Lastly, uninstall Combofix by: pause Kaspersky > Start > run > type combofix /uninstall > ok. richbuff 28.07.2010 03:44 Your log looks clean. Safe mode is the key so that the hijack doesn't load before you run the scan.

my internet speed comes down to 2kb/sec and it is very very difficult to update kaspersky in normal mode.i have updated it in safemode with networking MODE. 5. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if Register a free account to unlock additional features at BleepingComputer.com Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. http://computersciencehomeworkhelp.net/please-help/please-help-combofix-log-attached.html though the intensity is much less...

Not a member? thanks.in the AVZ logs i had seen there was a file called KLIF.SYS which was highly suspect... richbuff 23.07.2010 04:18 Hi, Please take off caps lock, and then install all Windows Vista Service Packs and Windows updates. Scan with Malwarebytes' Anti-Malware: http://www.malwarebytes.org/mbam.php Update it first, scan and attach its log, but Please Don't remove anything yet, until the log is reviewed.

i did that... must be posted in Notepad. This message contains very important information, so please read through all of it before doing anything. Thank you for the link.

Restart Kaspersky. GSI shows no Vista Service Packs installed. angel14 21.08.2010 22:13 QUOTE(richbuff @ 5.08.2010 02:54) The log looks clean. Update it before running the program.A suggestion worth trying.

Is this correct? GETSYSTEMINFO link after updation : http://www.getsysteminfo.com/read.php?file...5fa9a57f3e5455c3. Jump to content Existing user? Please note that your topic was not intentionally overlooked.

R2 UltraMonUtility;UltraMon Utility Driver;c:\program files\Common Files\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys [11/14/2008 2:11 AM 17184] R3 usbhub20;USB 2.0 Root Hub Support;c:\winnt\system32\drivers\usbhub20.sys [5/26/2009 9:39 AM 49776] R3 yukonw2k;NDIS5 Miniport Driver for Marvell Yukon Ethernet Controller;c:\winnt\system32\drivers\yk50x86.sys [5/6/2005 Join the community Back I agree Log in or Sign up MajorGeeks.Com Support Forums Home Forums > ----------= PC, Desktop and Laptop Support =------ > Malware Help - MG (A Specialist