Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Newbie Needs Help Reading COMBOFIX Log from Browser Redirect Malware Fix


  • This topic is locked This topic is locked
2 replies to this topic

#1 walk_the_walk

walk_the_walk

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:57 PM

Posted 23 September 2011 - 09:22 PM

I posted on the "Search Engine Redirect Virus" topic in the "AM I INFECTED WHAT DO I DO" Forum. Should have posted here I guess...

To reiterate from that prior posting, my daughter's XP PRO SP3 PC was recently infected with some kind of Search Engine Redirect malware, and based on info posted on the Mozilla forum about the effectiveness of COMBOFIX, I used it to clean her system, after first updating and running CCleaner and getting rid of many Megs of CRAP, and updating and attempting to scan the PC with Malwarebytes (which usually fixes the problem but did not this time).

Malwarebytes found nothing in Quick Scan, but this is what many folks had posted on the MOZILLA forum, so I aborted the Malwarebytes Full Scan (due to its lengthyness) and installed COMBOFIX and ran it instead.


COMBOFIX seems to have found AND REMOVED something, so I am posting the log here for those who know how to interpret the results.

My questions are simple:

1. WHAT WAS THE MALWARE VILLAIN IN THIS INSTANCE and HOW CAN WE AVOID IT IN THE FUTURE? I WOULD LOVE TO KNOW MORE ABOUT IT.

2. IS THE MALWARE GONE FOR GOOD NOW? (I sure hope so.)

3. ARE THERE ANY OTHER STEPS I NEED TO TAKE POST-COMBOFIX-CLEANUP? (I DO NOT PLAN ON UNINSTALLING COMBOFIX, BUT PREFER TO LEAVE IT IN CASE I EVER NEED IT AGAIN.)


If it is fixed for good, my hat is off to the programmer who wrote COMBOFIX. As a Programmer myself, I was impressed with the layers of detail in the program and all the steps it went through as it functioned. Amazing.

See attached COMBOFIX log file (attached).

Thanks in advance for the assistance.

*************************Attached File  ComboFix.txt   19.98KB   0 downloads

BC AdBot (Login to Remove)

 


#2 walk_the_walk

walk_the_walk
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:57 PM

Posted 26 September 2011 - 10:37 AM

I never got a reply. I did get my original posting moved to another forum, (my original post was in the wrong spot), and I got scolded for using COMBOFIX without waiting for the "Simon Says Use Combofix" first, which I am sure I am not the first to do.

Even so, after posting here in the right spot and posting a ComboFix log file, NO ONE offered to help. I got ZERO assistance. Thanks.

LUCKILY, I was able to resolve the problem myself with COMBOFIX and other malware scanning tools. I learned it was the TRACUR TROJAN.

It has not come back thankfully.

I hope other users get better assistance than I did, because otherwise posting here and uploading logs is just wasting my time, their time and yours.

Edited by walk_the_walk, 26 September 2011 - 10:38 AM.


#3 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:57 AM

Posted 26 September 2011 - 05:59 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users