Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Understanding computer scan results


  • Please log in to reply
9 replies to this topic

#1 Marharg

Marharg

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:30 PM

Posted 13 August 2013 - 03:03 PM

Hi, this is my first post.

 

I found the thread about Windows 7 with a black screen and movable cursor on boot. Master Surgeon General did a thorough and methodical job in tracking down and removing the infection for Glascow, I am trying to follow the procedure. The first issue I have encountered is the "reading" (understanding) of the logs generated by the scans, MSG has shortened the log file from the farbar scan to a file list to remove. Does he or anyone have an explanation of how this list was decided on, I have seen some decidedly suspicious entries (WOW) but what about the other stuff?

 

G

 

Mod Edit: Moved topic from Windows 7 to a more appropriate forum. ~bloopie


Edited by bloopie, 13 August 2013 - 04:54 PM.


BC AdBot (Login to Remove)

 


#2 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 34,746 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:12:30 PM

Posted 13 August 2013 - 05:48 PM

A link to the topic or topics would be quite helpful. As it stands I have no idea who or what you are referencing for scans and content of those scans.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#3 Marharg

Marharg
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:30 PM

Posted 13 August 2013 - 05:55 PM

Ooops, schoolboy error.

 

http://www.bleepingcomputer.com/forums/t/487382/windows-7-frozen-black-screen-with-white-blinking-cursor/

 

 

G



#4 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 34,746 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:12:30 PM

Posted 13 August 2013 - 06:15 PM

Thank You. I'll have one of the Malware Removal Team look into this for you.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#5 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:03:30 PM

Posted 13 August 2013 - 10:33 PM

Hello Marharg, and welcome to Bleeping Computer!

Your link shows another persons problem, and the steps taken to remove the infection from another persons machine. Not all machines with the same infections require the same fixes! This is important to mention....

==========

Let me first say that malware removal is a constantly changing, and a very "research oriented" practice. What you think might work for your machine, may not even remotely work for someone else's.

Moreso...is that "understanding a log" from any tool takes time, experience, and an acute knowledge of the tool in question (as well as the Operating System the tool is run from)...not to mention the "proper ways" to use those tools with proper execution. Any improper use of those tools could leave your system inoperable!

==========

Here at Bleeping Computer we have a Malware Removal Training Program that you can join, and learn the malware removal arts. See here: http://www.bleepingcomputer.com/forums/t/86678/malware-removal-training-program/

Learning the use of one tool does not guarantee promotion, nor acceptance into the program!

==========

If you'd like any help with the fixes, or have any questions about the above, please let me know!

bloopie

Edited by bloopie, 13 August 2013 - 10:33 PM.


#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,122 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:30 PM

Posted 14 August 2013 - 07:00 AM

Learning the techniques of malware removal and developing investigative skills to read/analyze logs created by tools such as DDS, OLT, RSIT, FSS, FRST, ComboFix and others can take many months. There is just too much information to provide in a general topic discussion and answer the voluminous number of questions which would follow. Since this is the case, it is recommended that those desiring to learn about malware removal techniques, specialized tools and understanding logs generated by them, enroll in one of the various Unite Schools which offers such training in private areas of the forums not viewable to the general public. bloopie provided the link to our school here at BC.

Another reason for not engaging in such discussions is to safeguard and protect the integrity of our tools from malware writers. They read public forum topics looking for clues (knowledge) on how to circumvent our tools and removal techniques. We don't want to provide any information they can use against us so we deliberately do not provide specific information on the specific inner workings of our tools and how we use them in areas where attackers can see that information. As such, our discussion in public areas is limited and sometimes may appear vague or not fully address a specific question.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 Marharg

Marharg
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:30 PM

Posted 14 August 2013 - 07:28 PM

Thanks Moderators.

 

I understand what you say about a learning process and the need for some wariness about explaining exactly what is being done.

 

I found this forum through a link to a possible solution to the problem that my friend was experiencing on her machine, given what you have said above, perhaps my best course of action, initially at least, is to simply request your help in fixing her problem and hopefully learn a little along the Way

 I am not really sure how to describe my experience level with PCs, in my circle of friends I am probably the most experienced and generally I am fairly competent with a little help from my mate google :), it is only when I encounter sites like this that i realise how superficial that knowledge is.

 

So, can I request help with a windows 7 machine that..?

 

Boots through the bios and windows pulsating logo screen to a black screen with a cursor (pointer), it does this in normal and safe mode.

I have used my Win 7 recovery disc to attempt a boot repair, this failed, memory tests pass OK.

System restore fails on all of the available restore points.

 

Graham



#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,122 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:30 PM

Posted 14 August 2013 - 07:42 PM

Have your friend register as a member and start a new topic in the Am I infected? What do I do? forum.

You can assist your friend with explaining the problem in more detail. This way your friend can learn something too.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 Marharg

Marharg
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:30 PM

Posted 15 August 2013 - 02:41 AM

OK, I will post my details in the "Am I infected...." forum.

 

 

G



#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,122 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:30 PM

Posted 15 August 2013 - 07:32 AM

Good luck.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users