Author Topic: OTL Analysis for consrv.dll  (Read 11695 times)

0 Members and 1 Guest are viewing this topic.

Offline essexboy

  • Malware removal instructor
  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 40590
  • Dragons by Sasha
    • Malware fixes
Re: OTL Analysis for consrv.dll
« Reply #30 on: February 15, 2012, 08:29:30 PM »
We need to do another run to remove the service now as it doesn't really get the hint the first time that it should go

DumpHive.3xe is a part of combofixes inner workings

1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Open notepad and copy/paste the text in the quotebox below into it:
Quote
File::
C:\Windows\SysNative\Dell1100_FUService.dll

NetSvc::
sqlagent$soshome22

Driver::
sqlagent$soshome22


Save this as CFScript.txt, in the same location as ComboFix.exe


Refering to the picture above, drag CFScript into ComboFix.exeWhen finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Clad_fisher

  • Guest
Re: OTL Analysis for consrv.dll
« Reply #31 on: February 16, 2012, 06:54:25 PM »
Hello everyone,

I don't know if I should post there, it seems relevant because I have the exact same problem as Phobophile89, I had google redirectory, ads and slow internet.

Avast detected some threats (consrv.dll in system32 and desktop.ini, I don't know if the two threats were related.).

Avast quarantined the threats and I encountered the blue screen of death. I did a restore and followed the steps I found in this article (http://blog.crosbydrive.com/?p=245) .

It was tricky because it included manual modifications in 2 registry keys.

Anyway, after that, few more scans with avast, malwarebites, combofix, roguekiller, tdsskiller ... (yes I was very upset).

In the end, the registry keys is back to normal, BUT, I still have a little problem, sometimes (like 10/20 times a day) avast tells me that a threat was detected and quarantined (consrv.dll) but when I do a scan with avast or something else, it tells me that everything is clean.

Do you advise to do as in the last post (by essexboy) ?

Thanks,

Clad_fisher

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37146
  • Not a avast user
Re: OTL Analysis for consrv.dll
« Reply #32 on: February 16, 2012, 07:01:10 PM »
Quote
Do you advise to do as in the last post (by essexboy) ?
do not run any fix from this topic....

you should start your own topic and attach the logs there
http://forum.avast.com/index.php?topic=53253.0

Then Essexboy will help you when he arrive in a few hours...