Home > Combofix Log > Combofix Log Open Ports

Combofix Log Open Ports

Blue screen =D trolomaybe its a mask of something maybe not idk help if u know to resolve this problemThe firewall programs like commodo i tried and zonealarm with kaspersky internet HJ is OK Jun 10, 2009 #13 Husky44 TS Rookie Topic Starter Posts: 28 Bobbye: Thanks for all your help. Comcast users, new safer DNS from Comcast so,I got my new LT,win 7,whats good ? You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes http://copyprotecteddvd.net/combofix-log/combofix-log-please-help.html

Need Win7 - 64 bit firewall Microsoft Security Release ISO Image June 2009 virus AV-Comparatives November Proactive tests HJT log on new Windows 7 Premium 64 bit machine... Preventing users from uploading a file Hotmail hacked? Back door Open Ports - Freak88,freak2k Possible errors WPA2 PSK (Windows 7) :( Newb needs help with being undetectable on WPA2 Static IP VPN Finding out which port a phone based or change to another ip or something else ... 2nd problem is e.g. http://www.bleepingcomputer.com/forums/t/305182/combofix-log-open-ports/

This one I found, a highly reputable site, nothing was done to close them during the cleaning of the machine.http://aumha.net/viewtopic.php?t=32058&start=0&postdays=0&postorder=asc&highlight=I shared your thoughts also, to it being part of the infection. All Rights Reserved. Cable modem activity solid My PC is slow to open programs, Really slow. hosts is just uses as a mean to resolve names to ips (basically if you enter name, then go to the ip there) .

If Symantec isn't easy/user-friendly, would you recommend a firewall and AV that is? How to close or disable Printer Port 515/TCP in SMC7008ABR Agnitum acquires antivirus technology from VirusBuster Repeated password thefts and DOS attacks packet tracer site to site VPN Cookies, cookies, and If Your I.P Traced To The Middle Of The South Australian Desert Would You Be Worried? Ask a Question See Latest Posts TechSpot Forums are dedicated to computer enthusiasts and power users.

If you can't do that, uninstall then reinstall the security suite. If i started blocking all port range from 1 to 65535 ... Ask a question and give support. https://forum.avast.com/index.php?topic=33784.0 Greg Jun 14, 2009 #14 Bobbye Helper on the Fringe Posts: 16,335 +36 Greg, this might help.

free 12.3.2280/ Outpost Firewall Pro9.3/ Firefox 50.1.0, uBlock Origin, RequestPolicy/ MailWasher Pro7.8.0/ DropMyRights/ MalwareBytes AntiMalware Premium 2.2.0/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! I spent over an hour last night looking for why these ports would be open. WARNING: Combofix will disconnect your machine from the Internet as soon as it startsPlease do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.If there Meet me back here with results of attempts to remove contents of Recycler.

You can reboot normally.Back in normal windows. NOTE: do this offline. Run this scriptCODEbeginSetAVZPMStatus(True);SetAVZGuardStatus(True);SearchRootkit(true, true); QuarantineFile('C:\Windows\AutoKMS.exe',''); StopService('vtany'); DeleteService('vtany'); QuarantineFile('C:\Windows\vtany.sys',''); QuarantineFile('C:\Users\PANKHA~1\AppData\Local\Temp05979F.tmp',''); DeleteFile('C:\Users\PANKHA~1\AppData\Local\Temp05979F.tmp'); DeleteFile('C:\Windows\vtany.sys'); DeleteFile('C:\Windows\AutoKMS.exe'); DeleteFile('C:\Windows\Tasks\AutoKMS.job');ExecuteSysClean;BC_Activate;RebootWindows(true);end.instructions: http://forum.kaspersky.com/index.php?showt...st&p=678328-----------------afterwards post a combofix log:Download it here: http://download.bleepingcomputer.com/sUBs/ComboFix.exe . mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-11-17 89624]R2 ASFIPmon;Broadcom ASF IP Monitor;c:\program files\broadcom\asfipmon\AsfIpMon.exe [2005-10-18 61440]R2 ASTRA32;ASTRA32 Kernel Driver;c:\program files\astra32\astra32.sys [2004-11-23 30864]R2 DLSDB;Dell Printer Status Database;c:\program files\dell printers\additional color laser software\status monitor\dlsdbnt.exe [2011-7-13 140184]R2 FAD;FAD;c:\program files\broadcom\bacs\FADXP32.sys

I've asked to see if you can close the ports using the CFFix for the Combofix entries. this content Same instruction as given for desktop. I'd like to say a friendly hi to all of you Here's the problem I have : I've been working on this cpu for around 20hours, doing everything thats possible and Thanks for the help!

Ask a question and give support. maxturk Private E-2 Hi guys, First of all im new to this forum. Firefox Pug-In: Any Thoughts Comcast Hacked 2 Wireless router hackings... http://copyprotecteddvd.net/combofix-log/combofix-log-can-someone-please-take-a-look.html You may get an error preventing you from deleting the files- I usually do- it refers tot he folder being in use.

He was kind enough to do it. MOS...this bug's for you Re: Win32-Pakes-AKM [trj] need help to remove (combofix+hijackthis attached) « Reply #7 on: March 10, 2008, 12:41:17 AM » It was in the combofix log in the If you are not this user, do NOT follow these directions as they could damage the workings of your system.[/b]2.

Open the text file and copy/paste the log here.[/list] shag: followed your instructions on jotti's and got this message:File is empty (0 bytes)!there was nothing new in the address bar to

Check Add/Remove Programs for Wild Tangent. Logged oldman Avast Evangelist Massive Poster Posts: 4165 Some days..... The Recycler folder is used only on NTFS partitions. Site Changelog Community Forum Software by IP.Board Sign In Use Facebook Use Twitter Need an account?

Please re-enable javascript to access full functionality. Ensure you have the latest version of JRE (JAVA Runtime Environment) because older versions can be vulnerable to malware. Do not install it yet. check over here Immunize your system with SpywareBlaster or Windows Advanced Care.8.

No, create an account now. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the PC Games \ System Tools \ Macintosh \ Demonews.Com \ Top Downloads MajorGeeks.Com \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics) Social: My HJT Log Generic Host Process for Win32 error and win32/sality.y virus "Personal", non-router hardware firewall?

HKLM\Software\Microsoft\Windows\CurrentVersion\Run DLCXCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\DLCXtime.dll,[email protected]??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? Clean your temporary files.3. I know all my local network.I using too virtul machines maybe it cloud from there come to my pc. Using your mouse left button, drag the new file CFscript.txt and drop it on the ComboFix.exe icon as shown at the bottom of this post.QuoteFile::C:\WINDOWS\system32\drivers\qlsduxqj.datRegistry::[-HKEY_LOCAL_MACHINE\system\ControlSet001\Services\nepsqzaq][-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DE6EA56B-BA31-42D3-ACCE-ADE27BB3F52C}]This will start ComboFix again.Close

When I open Symantec firewall, I don't see the ports specifically listed anywhere, nor do I find anything that says "close ports". The same is true for ports in the 5000 range I find that strange too that they would specifically be opened.http://www.grc.com/port_5000.htmQuote from: GRC.comThe Universal Plug N' Play (UPnP) system operates over mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2007-11-15 40552]S3 SSLDrv;SSL-VPN NetExtender Adapter;c:\windows\system32\drivers\SSLDrv.sys [2007-10-23 19376]S3 vsdatant;vsdatant;\??\c:\windows\system32\vsdatant.sys --> c:\windows\system32\vsdatant.sys [?]S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys --> c:\windows\system32\drivers\wdcsam.sys [?]S4 aawservice;Lavasoft Ad-Aware Service;"c:\program files\lavasoft\ad-aware\aawservice.exe" --> c:\program files\lavasoft\ad-aware\aawservice.exe [?]S4 LMIRfsClientNP;LMIRfsClientNP; [x].=============== Created I am really desperate to get help, I bought Simcity so my wife would be able to play with me and it hasnt worked since day 1.

Join the community here, it only takes a minute. I'm willing to get a little drastic, (but would prefer not to do a complete reformat if there's another viable option). start recieve packets from pentaxlayout.org and smartFTP starts sending packets to adress pentaxlayout.org which is maked like RUS malware adress but its works if i connect to any each other ip Reinstall the suite.

mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-11-17 59288]R3 mfefirek;McAfee Inc.