Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How do I tell?


  • Please log in to reply
6 replies to this topic

#1 bernie50

bernie50

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:25 AM

Posted 17 November 2010 - 12:53 PM

Hi all. Got a question about reading the Combofix log. Basically my boss thinks that there are some computers in the building where we work that have bugs (viruses or just plain malware/spyware) in them affecting their performance. We have computers with Windows XP/SP3 and McAfee VirusScan. He's asked me to run Combofix on all the computers to see if there is any malware and then report to him the results. My question mainly is "How do I tell?" He's used Combofix before and says basically that if I see anything in the log file that shows "Other Deletions" that it was infected. Being a newbie to using Combofix, I thought I'd ask ya'll and see if you can provide any pointers (what should I look for). Many thanks in advance for ANY help or tips you can offer.

BC AdBot (Login to Remove)

 


#2 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 35,552 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:03:25 AM

Posted 17 November 2010 - 01:02 PM

FTR: Original post referring member to AII forum is located, here.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:25 AM

Posted 17 November 2010 - 06:34 PM

bernie50 I think you may have misunderstood. This forum is the place to ask as you put it "about a bugged computer (or even a computer that MIGHT be bugged".

You did not ask any questions about a possible malware infection. Instead you repeated the same questions from the previous thread asking about ComboFix and we have already addressed those questions.

What specific issues are you having with the computer you suspect is infected? We can assist you that.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 bernie50

bernie50
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:25 AM

Posted 19 November 2010 - 09:33 AM

As I stated earlier, not having any "specific" issues. Just doing what my boss asked me to do, run the ComboFix scan on our computers and report to him how many had bugs. Since you can't seem to give me any hints, pointers or other help on what the log from ComboFix might actually mean (i.e. what indicator in the log says that something was found and fixed or deleted), I guess there's very little you can do in this case. Don't know why this seems to be such a "hush hush" kind of thing. I'm not looking to learn the inner workings of the program. Just would like to be able to look at the log and say "yes, there was something it fixed" or "no, it was a clean system". That's all. Didn't think it would be that big of a deal.

And I moved this over to this forum when the site administrator said that it was where I should put it.

Edited by bernie50, 19 November 2010 - 09:34 AM.


#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:25 AM

Posted 19 November 2010 - 10:38 AM

Just would like to be able to look at the log and say "yes, there was something it fixed" or "no, it was a clean system"


That can be done but not here. Again, please read the pinned topic ComboFix usage, Questions, Help? - Look here.

:step2: ComboFix logs, where should I post them?

ComboFix logs are not permitted outside the Virus, Trojan, Spyware, and Malware Removal Logsl forum and then only when requested by a Malware Response Team member. However, if you ran ComboFix on your own due to malware infection, please be aware that a ComboFix log is only one part of the disinfection process. Therefore we ask that you please read the pinned topic titled "Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help". When you have done that, post the required logs to include your ComboFix log in that forum, NOT here, for assistance by the Malware Response Team Experts.


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 bernie50

bernie50
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:25 AM

Posted 19 November 2010 - 11:49 AM

Well thanks anyway guys. I've read that pinned topic, more than once. Honestly, I don't really need ComboFix, I've got other tools I've used that are as effective and yes.. I always take responsibility for my work. I wouldn't have stayed in the IT field for over 20 years if I didn't have a modicum of intelligence and ability. Having been a programmer for 10 years before I moved over to simple IT Support (yes, I said simple), I'm more than aware of what malware and malware removal tools can (and will) do. I had not planned on posting any of the logs - figured you guys had enough to handle. So I guess the best thing to do is just drop the issue and handle it myself as always.

Ya'll have a nice day.

#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:25 AM

Posted 19 November 2010 - 12:13 PM

I had not planned on posting any of the logs - figured you guys had enough to handle.

Yes we do have a backlog and folks have to wait but eventually we get to all of them in a few days or so. I'm sorry we could not be of more help but in order to answer your questions we would need to see and analyze the log's output. To do otherwise, we would only be guessing.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users