Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Potential Probably with ComboFix!?


  • Please log in to reply
3 replies to this topic

#1 react290690

react290690

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:55 PM

Posted 01 December 2015 - 07:01 PM

I first used combofix to get rid of suspected malware on my desktop computer. I scanned once on 11/28/15 and another 12/1/15, yet when I'm looking through the log report I'm seeing duplicate orphans removed from my previous scan. Everything highlighted in red are duplicates. I haven't downloaded anything new and am curious why ComboFix would tell me "these orphans have been removed" two separate times. Could this program be a scam? Can anyone explain to me what's going on? 

 

Report on 11/28/15

 

- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-{3E0F3CE1-82A2-4983-9DCB-CF49389FD991} - c:\users\Andrew\AppData\Local\TNT2\Profiles\10263\passport64.dll
AddRemove-Flash Player Pro_is1 - c:\program files (x86)\Flash Player Pro\unins000.exe
AddRemove-OneTab - c:\users\Andrew\AppData\Roaming\OneTab\uninstall.exe
AddRemove-sl-cb - c:\program files (x86)\OApps\sl-cb_uninstall.exe
AddRemove-sl-dlc - c:\program files (x86)\OApps\sl-dlc_uninstall.exe
AddRemove-VLC Media Player Bundle by SweetPacks - c:\program files (x86)\sweetpacks bundle uninstaller\uninstaller.exe
AddRemove-{1B9604EE-B104-45C8-8551-5F63BA631E23} - c:\programdata\{FA77A43D-F6ED-4924-87B5-517C061388C6}\WeatherBugSetup.exe
 
Report on 12/1/15
 
ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
AddRemove-Flash Player Pro_is1 - c:\program files (x86)\Flash Player Pro\unins000.exe
AddRemove-OneTab - c:\users\Andrew\AppData\Roaming\OneTab\uninstall.exe
AddRemove-sl-cb - c:\program files (x86)\OApps\sl-cb_uninstall.exe
AddRemove-sl-dlc - c:\program files (x86)\OApps\sl-dlc_uninstall.exe
AddRemove-VLC Media Player Bundle by SweetPacks - c:\program files (x86)\sweetpacks bundle uninstaller\uninstaller.exe
AddRemove-{1B9604EE-B104-45C8-8551-5F63BA631E23} - c:\programdata\{FA77A43D-F6ED-4924-87B5-517C061388C6}\WeatherBugSetup.exe
 
 
 
 

 



BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,957 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:55 PM

Posted 01 December 2015 - 07:18 PM

As a general policy, Bleeping Computer does not offer advice on how to run ComboFix unless we asked someone to run it or if there is a problem with the computer caused by running the tool. We recommend that people should not be using ComboFix without being advised to do so by a trained expert (see here) who is assisting them deal with a malware problem.

While our policy is not to offer advice on running ComboFix unless we asked someone to run it, we are willing to assist with resolving problems caused after using it and we are certainly willing to help with malware disinfection. If that assistance requires running ComboFix, you will be advised what to do in order to get the tool to run properly or investigate any error messages.

Since you already ran ComboFix, its log should be thoroughly reviewed by trained experts. A log should have been created and saved to the root directory (%SystemDrive%), usually C:\ComboFix.txt. Reviewing that log would be helpful in resolving your issue but ComboFix logs are not permitted in this forum so we cannot continue here.

Please follow the instructions in the Preparation Guide For Requesting Help starting at Step 6.
  • If you cannot complete a step, then skip it and continue with the next.
  • In Step 6 there are instructions for downloading and running running running FRST which will create two logs.
When you have done that, post your logs to include your ComboFix log in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team Experts.
-- If no log was created by ComboFix or you cannot post its log, then ignore this part and just post the other requested log(s) as follows.

Start a new topic, give it a relevant title and post your log(s) along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. If you cannot produce any of the required logs...start the new topic anyway. Explain that you followed the Prep. Guide, were unable to create the logs, and describe what happened when you tried to create them. A member of the Malware Removal Team will walk you through, step by step, on how to clean your computer.

After doing this, please reply back in this thread with a link to the new topic so we can close this one.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 react290690

react290690
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:55 PM

Posted 02 December 2015 - 12:07 AM

Sorry I'm a new member. I'll look into that immediately. Thank you for your help. 



#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,957 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:55 PM

Posted 02 December 2015 - 06:38 AM

Not a problem and welcome to BC.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users