Home > Combofix Log > Combofix Log I Need Checked Out.

Combofix Log I Need Checked Out.

delphinium Norton Fighter25 Reg: 21-Nov-2008 Posts: 9,821 Solutions: 187 Kudos: 3,007 Kudos0 Re: Virus Rootkit Combofix Posted: 26-Oct-2011 | 7:48PM • Permalink This is not a malware removal forum.  In a ago and one sector was in error and it deleted it. GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2015-08-30 15:31:49 Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000LPVX-08V0TT5 rev.05.01A05 465.76GB Running: h3tr31b6.exe; Driver: C:\Users\Patrick\AppData\Local\Temp\pwdiyfob.sys ---- System - GMER 2.1 ---- SSDT \SystemRoot\system32\drivers\aswSnx.sys Register now! his comment is here

I know that sometimes someone can generate a script that helps, and I hope someone can do so from checking out this log.Here it is:ComboFix 12-02-03.01 - Robert 03/02/2012 4:46.2.1 - Other members who need assistance please start your own topic in a new thread. This applies only to the originator of this thread. Do keep us posted, when you get the chance!

ago and one sector was in error and it deleted it. Or continue as a guest and ask any question you would like to ask us! i'm done with howard's giude. babymage View Member Profile 5.06.2008 13:25 Post #3 Member Group: Members Posts: 37 Joined: 13.04.2008 From: Malaysia Just wanted to know if my system is clean from viruses or spyware or

Google will tell you a lot about a filename. "Reg Loading Points" is a list of registry entries that load and run programs. and i wanna check if my computer is infected. Please re-enable javascript to access full functionality. To see if this issue is universal, you do not have it installed so could not be any add on....

Most of them handle tricky Windows problems as well. Username Forum Password I've forgotten my password Remember me This is not recommended for shared computers Sign in anonymously Don't add me to the active users list Privacy Policy

self protection module/AVAST Software) ZwCreateSection [0x91815C16] SSDT \SystemRoot\system32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSemaphore [0x911038D4] SSDT \SystemRoot\system32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSymbolicLinkObject [0x911067AC] SSDT \SystemRoot\system32\drivers\aswSP.sys (avast! https://forum.kaspersky.com/index.php?showtopic=71364 If you have any further virus/spyware problems, please post in this thread.

Share this post Link to post Share on other sites Maurice Naggar    Staff Moderators 16,648 posts Location: USA Interests: Security, Windows, Windows Update, malware prevention ID: 3   Posted February The WindowsInstructed Forums Staff Sign In Sign Up Sign in to follow this Followers 2 solved [Solved] Now let's check my Combofix log Started by PatL, August 29, 2015 Reply to I suspect this accounts for the generalized disdain for them here, as the folks who help out here tend to be more sophisticated users (as you would likely hope!) As to It may take a while to get a response because the HJT Team members are very busy working logs posted before yours.

Navigate to www.virustotal.com. https://forum.windowsinstructed.com/topic/252-solved-now-lets-check-my-combofix-log/ The log file indicates what was done, and lists some other stuff worth looking at. "Other Deletions" is a list of files that Combofix has already blown away for you. Didn't you tell me not to ask members for basic system specs and location info? Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((( Files Created from 2012-01-03 to 2012-02-03 )))))))))))))))))))))))))))))))..2012-02-03 11:52 . 2012-02-03 11:52 -------- d-----w- c:\users\Default\AppData\Local\temp2012-02-03 11:13 . 2012-02-03 11:27 -------- d-----w- c:\program files (x86)\VS Revo

Already have an account? this content Virtualization Driver/AVAST Software) .text ntdll.dll!NtAlpcSendWaitReceivePort 77A25500 3 Bytes [FF, 25, 1E] .text ntdll.dll!NtAlpcSendWaitReceivePort + 4 77A25504 2 Bytes [74, 71] {JZ 0x73} .text ntdll.dll!NtClose 77A255B0 3 Bytes [FF, 25, 1E] .text Login now. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged

Stuff ComboFix identifies as virus gets moved into Qoobox. You should see a reference to ComboFix-quarantined-files.txt for example. HPZip...is an HP printer driver. weblink But ComboFix did kill off a deeply buried and very aggravating root kit that nothing else found.

Can you post a link? This particular software is in the "Ready, Fire, Aim" category of exploit/Malware removals. Please try the request again.

Quote Share this post Link to post Share on other sites PatL 23 Advanced Member Members 23 202 posts Posted August 30, 2015 · Report post Also tried Opera same

Terms of Use Privacy Policy Licensing Advertise International Editions: US / UK India Jump to content Resolved Malware Removal Logs Existing user? The system returned: (22) Invalid argument The remote host or network may be down. Click here to Register a free account now! You are welcome.

When a virus shows up, it's likely to be living in a newly created file. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. http://copyprotecteddvd.net/combofix-log/combofix-log-please-help.html Virtualization Driver/AVAST Software) ZwNotifyChangeKey [0x9104DFE8] SSDT \SystemRoot\system32\drivers\aswSnx.sys (avast!

You may also... In my case, there were 3-4 false detections; files that had a .vir extension appended to the original file during the quarantine process. Sign In Sign In Remember me Not recommended on shared computers Sign in anonymously Sign In Forgot your password? This seems to be the repository for stuff ComboFix did to your machine.

I shall post the Combofix log that it generated and see if anyone can help. Help us defend our right of Free Speech! I do know something about the mainfram pgms and PC ops.  Thanks in advance for anyone's help and guidence.  jelliott DistEd2 Guru Mobile Master Norton Fighter25 Reg: 11-Aug-2011 Posts: 1,976 Solutions: http://www.bleepingcomputer.com/ http://www.geekstogo.com/forum/ http://www.cybertechhelp.com/forums/ http://forums.whatthetech.com/ http://support.emsisoft.com/forum/6-help-my-pc-is-infected/ Just sign up for one of their free accounts--where required--and go to the forums; don't click on any of the ads!

Copy and paste the following into the text box in the middle of the page and then press the Send File button: C:\Windows\System32\RegisterExe.exe Please post the results here. Running processes that you recognize are OK. Virii have to live on disk somewhere. Virtualization Driver/AVAST Software) ZwSuspendThread [0x9104A6CE] SSDT \SystemRoot\system32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSystemDebugControl [0x91104BCC] SSDT \??\C:\Windows\System32\drivers\zamguard32.sys (ZAM/Zemana Ltd.) ZwTerminateProcess [0x911DA444] SSDT \SystemRoot\system32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateThread [0x91104302] SSDT \SystemRoot\system32\drivers\aswSP.sys

If you do want to use combo-fix, I recommend you get familiar with system restore points and create one prior to running combo-fix. I run Avast on my Windows 7 64 bit system.