Solved

Can anyone check this Comofix Log?  Might need a script

Posted on 2010-11-23
8
449 Views
Last Modified: 2013-11-22
Hi All,

We have a Windows XP Pro SP3 machine that seems to have a bad infection.  It gets constant pop-ups and fake AV messages.  Combofix ran and didn't seem to remove it.  Hitmanpro hasn't done much good either.  Working on an MBAM log to post next.  

Would appreciate it if anyone can help review and perhaps get a custom CF script written if needed.

Thanks!
ComboFix.txt
0
Comment
Question by:Jsmply
  • 4
  • 4
8 Comments
 
LVL 29

Expert Comment

by:Sudeep Sharma
ID: 34200970
0
 
LVL 29

Expert Comment

by:Sudeep Sharma
ID: 34200979
Also try renaming combofix.exe to something else like cf.com and run it then if that makes any difference.

Sudeep
0
 

Author Comment

by:Jsmply
ID: 34200995
Hi Sudeep, Combofix is able to run but it just doesn't seem to fix the problem.  Can try with a rename anyway.
0
 
LVL 29

Expert Comment

by:Sudeep Sharma
ID: 34201055
Also try the TDSSKiller as suggested earlier.

Sudeep
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Author Comment

by:Jsmply
ID: 34201061
Thanks, already running now.  Will post back soon.
0
 

Author Comment

by:Jsmply
ID: 34201125
TDSSKiller says no infection found.  Definitely still there though, getting constant pop-ups from fake AV's, etc.
0
 
LVL 29

Accepted Solution

by:
Sudeep Sharma earned 500 total points
ID: 34201171
are you able to update the MBAM? If you do them log into safe mode and do the full system scan

Sudeep
0
 

Author Closing Comment

by:Jsmply
ID: 34206715
Well it took multiple passes in MBAM and SAS, along with Combofix and CCleaner, but the machine is now giving a clean result in all scans.  Thx!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Checkpoint Endpoint Managment 3 65
How to remove audio ad 4 62
Antivirus - Webroot vs Symantec? 6 106
Sudden performance loss on a Vista system. 14 145
Operating system developers such as Microsoft (https://www.microsoft.com) and Apple have made incredible strides in virus protection over the past decade. Operating systems come packaged with built in defensive tools such as virus protection and a f…
Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now