I'm an IT Professional and I'd like to at first thank you all for the tons of help I've received through the years by reading posts from this forum.
This time I would be more than grateful if you could lend a hand.
A colleague (IT Pro also) has used ComboFix while trying to fix a pc from a virus/malware infection (I am sorry, I was not actually briefed so I do not know more on the topic).
It seems that CF has removed/disabled registry entries that create numerous problems to this pc (services do not start, VMWare cannot start also, no internet connection, windows fail to connect to the event log service WSAStartup fails, etc).
At this point this PC landed on my hands and I was requested to see if the damage can be undone.
I see that some services such as DHCP Client, System Event Notification Service and TCP/IP NetBIOS helper are stuck in "starting" status. They cannot be stopped or restarted.
I checked the Quarantine folder and there were some registry backups and 2-3 files.
I created the following script and opened it with a combofix.exe that was on the desktop (drag'n drop). I thought that most probably that was the combofix.exe used.
My problem is that the problems remain (absolutely no difference) and that there is no dequarantine log anywhere, even though I can find the script as used in the Qoobox folder.
Combofix seems to run as always trying to scan and clean the pc.
I have attached the combofix log.
I am sorry that I do not have any more info to help you on this.
I thought to ask here before I try to manually fix this pc.
Thank you very much for your time,
Edited by Caalor, 22 May 2013 - 04:51 AM.