Help
This topic is locked
Can you tell me specifically what Endpoint is deleting? Most AVs have a log you can access - I'd like the full file path to whatever it is detecting, please.
Forum Guidelines
Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help
Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient. DO NOT RUN ComboFix unless requested to. Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log. When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc. Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
Trojan.Agent/Gen-FakeAlert[Local] and Possible Rootkit Infection Need help making sure machine is clean & protected.
#16
- Bleeping *^#@%~
-
- Group: Malware Response Team
- Posts: 2,397
- Joined: 16-May 10
- Gender:Male
Posted 08 February 2012 - 09:54 PM
Threads are closed after 5 days of inactivity.
ASAP & UNITE Member
The help you receive here is free. If you wish to show your appreciation, then you may
ASAP & UNITE Member
The help you receive here is free. If you wish to show your appreciation, then you may
Back to top
#17
- Member
-
- Group: Members
- Posts: 39
- Joined: 14-December 10
Posted 12 February 2012 - 02:48 AM
this is all i can find in the log
Combo Fix.exe Trojan.ADH.2 Cleaned by deletion File C:\Users\Drew\Desktop\
the attachments might help more
let me know if there is anywhere i should look
Combo Fix.exe Trojan.ADH.2 Cleaned by deletion File C:\Users\Drew\Desktop\
the attachments might help more
let me know if there is anywhere i should look
Attached File(s)
-
adh log.png (90.89K)
Number of downloads: 3 -
adh 2.png (88.07K)
Number of downloads: 3 -
adh log.png (90.89K)
Number of downloads: 2
#18
- Bleeping *^#@%~
-
- Group: Malware Response Team
- Posts: 2,397
- Joined: 16-May 10
- Gender:Male
Posted 12 February 2012 - 09:24 AM
That was helpful, thanks. Those were all false positives. Is the ComboFix icon gone from your desktop now? Please do this for me:
Open notepad and copy/paste the text in the quotebox below into it:
Save this as peek.bat Choose to "Save type as - All Files"
It should look like this:
Double click on peek.bat & allow it to run. A notepad file will open. Copy that information into your next reply, please.
Open notepad and copy/paste the text in the quotebox below into it:
Quote
@echo off
dir /a /s "C:\combofix" > log.txt
notepad log.txt
del log.txt
dir /a /s "C:\combofix" > log.txt
notepad log.txt
del log.txt
Save this as peek.bat Choose to "Save type as - All Files"
It should look like this:
Double click on peek.bat & allow it to run. A notepad file will open. Copy that information into your next reply, please.
Threads are closed after 5 days of inactivity.
ASAP & UNITE Member
The help you receive here is free. If you wish to show your appreciation, then you may
ASAP & UNITE Member
The help you receive here is free. If you wish to show your appreciation, then you may
#19
- Member
-
- Group: Members
- Posts: 39
- Joined: 14-December 10
Posted 12 February 2012 - 03:21 PM
The CFuninstall icon is still there, but the combofix icon is not.
here is what was in the log:
Volume in drive C has no label.
Volume Serial Number is 9287-437C
here is what was in the log:
Volume in drive C has no label.
Volume Serial Number is 9287-437C
#20
- Bleeping *^#@%~
-
- Group: Malware Response Team
- Posts: 2,397
- Joined: 16-May 10
- Gender:Male
Posted 12 February 2012 - 03:33 PM
Thanks, that all indicates a successful uninstall. You may delete the stand-alone uninstaller from your desktop now. Take care.
Threads are closed after 5 days of inactivity.
ASAP & UNITE Member
The help you receive here is free. If you wish to show your appreciation, then you may
ASAP & UNITE Member
The help you receive here is free. If you wish to show your appreciation, then you may
#21
- Member
-
- Group: Members
- Posts: 39
- Joined: 14-December 10
Posted 12 February 2012 - 04:39 PM
Is my computer all clean?
If so, thanks so much for your help!
If so, thanks so much for your help!
#22
- Bleeping *^#@%~
-
- Group: Malware Response Team
- Posts: 2,397
- Joined: 16-May 10
- Gender:Male
Posted 12 February 2012 - 04:58 PM
It was my pleasure. Your logs appear to be clean! Take care.
Threads are closed after 5 days of inactivity.
ASAP & UNITE Member
The help you receive here is free. If you wish to show your appreciation, then you may
ASAP & UNITE Member
The help you receive here is free. If you wish to show your appreciation, then you may
#23
- Bleeping *^#@%~
-
- Group: Malware Response Team
- Posts: 2,397
- Joined: 16-May 10
- Gender:Male
Posted 13 February 2012 - 11:12 PM
It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Threads are closed after 5 days of inactivity.
ASAP & UNITE Member
The help you receive here is free. If you wish to show your appreciation, then you may
ASAP & UNITE Member
The help you receive here is free. If you wish to show your appreciation, then you may
