Jump to content


 

Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Combofix Wont Run

Started by DEVESH , Mar 02 2008 08:12 AM

  • Please log in to reply
23 replies to this topic

#1 DEVESH

DEVESH

    Member

  • Members
  • PipPip
  • 16 posts

Posted 02 March 2008 - 08:12 AM

Hey guys i tried installing combofix which was placed on my desktop and it comes to the point where it says "attempting to create system restore point " but combofix just hangs there and doesnt go further>i think i am infected by the "do not show hidden files" virus and many others as well wat do i do and inputs wud be appreciated


I am using windows xp sp2 i am using avast antivirus professional ver 4.7 up to date vps and spyware doctor ver 5.5 with all updates adaware 2007 ver 7.0.1.3 upto date

now wat i cant do is see my hiddenfiles i have various .com files on my hdd which seem to be infections


my antivirus doesnt detect these viruses neither do my spyware tools

Edited by DEVESH, 02 March 2008 - 08:30 AM.

 

  • BC Ads
  • BleepingComputer.com

#2 ruby1

ruby1

    a forum member

  • Members
  • PipPipPipPipPipPip
  • 2,375 posts

Posted 02 March 2008 - 08:20 AM

Hi and welcom :flowers:

I am wondering why or who suggested you try to use combo fix

see this http://www.bleepingcomputer.com/forums/ind...amp;hl=combofix

and orange blossom's comment

Combofix is a powerful tool intended by its creator to be used under the direction of an expert. It is NOT for private use. You should NOT use Combofix unless a Malware Removal Expert has told you to. Improper use of this tool can seriously damage your operating system and may even prevent it from starting again. Please read Combofix's Disclaimer.


you may wish to tell us your windows version and what protection you do have no board, when you last fully updated and ran it, and what makes you think you are possibly infected? :thumbsup:

#3 DEVESH

DEVESH

    Member

  • Members
  • PipPip
  • 16 posts

Posted 02 March 2008 - 08:35 AM

i cant update my windows sp2 since i am not using an original copy ....i decided to use combofix cause none of my security software are able to detect the virus and i read"show hidden files" virus can be removed by combofix

i cant update my windows sp2 since i am not using an original copy ....i decided to use combofix cause none of my security software are able to detect the virus and i read"show hidden files" virus can be removed by combofix

#4 ruby1

ruby1

    a forum member

  • Members
  • PipPipPipPipPipPip
  • 2,375 posts

Posted 02 March 2008 - 08:41 AM

before we can even consider proceeding we need to know please if the XP version you have on that computer is from an original CD with a licence key?

PS; if your 'version' of windows is NOT legit you will experience 'updating ' problems too as the MS site as you may have found out requires you to validate' your windows version AS legit before it will allow any updating to be done

assuming you ARE running an illegal version OF windows you are most probably infected from more than one sourse :thumbsup:

Edited by ruby1, 02 March 2008 - 08:52 AM.

#5 DEVESH

DEVESH

    Member

  • Members
  • PipPip
  • 16 posts

Posted 02 March 2008 - 09:00 AM

so now wat can i do i am sure i am using an illegal version of windows i dun think i will be able to update

#6 ruby1

ruby1

    a forum member

  • Members
  • PipPipPipPipPipPip
  • 2,375 posts

Posted 02 March 2008 - 09:03 AM

from where/whom did you obtain the computer ? and did it come with an original cd and licence key?

and if it is found to be an illegal copy then we can no longer help you until you do have a legit version of windows on there

Edited by ruby1, 02 March 2008 - 09:06 AM.

#7 DEVESH

DEVESH

    Member

  • Members
  • PipPip
  • 16 posts

Posted 02 March 2008 - 09:09 AM

i jus spoke to my enginneer frm whom i purchased the pc he said tht the windows installed on my pc has a valid cd key and tht he updated it 3 days bak

#8 ruby1

ruby1

    a forum member

  • Members
  • PipPipPipPipPipPip
  • 2,375 posts

Posted 02 March 2008 - 09:16 AM

i jus spoke to my enginneer frm whom i purchased the pc he said tht the windows installed on my pc has a valid cd key and tht he updated it 3 days bak


may one ask why the computer has been with the engineer? what has apparently been wrong with it?

I must admit I am NOT convinced that you do have a legit version of windows on there

if you go TO the MS site for updates what does the computer 'do'?

#9 DEVESH

DEVESH

    Member

  • Members
  • PipPip
  • 16 posts

Posted 02 March 2008 - 09:27 AM

the computer is infected with viruses so i had given it to the engineer but he hasnt ben able to solve the problem.....i jus cheked when i goto the microsoft site it scans the pc with a bar indicating progress and then says then says the following updates are available for download

#10 DEVESH

DEVESH

    Member

  • Members
  • PipPip
  • 16 posts

Posted 02 March 2008 - 09:59 AM

my enginner says tht my version of windows is valid for 20000 licences

#11 ruby1

ruby1

    a forum member

  • Members
  • PipPipPipPipPipPip
  • 2,375 posts

Posted 02 March 2008 - 11:16 AM

cant update my windows sp2 since i am not using an original copy


windows SP2 is an addition per se that does not 'update' ( maybe if/when SP3 comes out then you can grab that )



the computer is infected with viruses so i had given it to the engineer but he hasnt ben able to solve the problem.....i jus cheked when i goto the microsoft site it scans the pc with a bar indicating progress and then says then says the following updates are available for download




my version of windows is valid for 20000 licences



I would like further info from your engineer on that point please; on how many machines has your 'engineer ' installed the XP version you have ? and how has he done this ?

one is concerned that it is NOT a legitimate installation and is there fore wide open to be infected

a' crack' installation of any windows version makes easy picking for infections and is illegal

from where did your 'engineer' obtain the XP cd he is apparently using to install the XP and let alone the licence key?

does your engineer work IN computering or is just a friend who happens to dabble in computers?

sorry, but I for one am NOT convinced you have a legitimate and legal version of windows on there

#12 DEVESH

DEVESH

    Member

  • Members
  • PipPip
  • 16 posts

Posted 02 March 2008 - 11:45 AM

my engineer works in a company called tcs he says its a corporate license for 20000 pc's ....

Edited by DEVESH, 02 March 2008 - 11:47 AM.

#13 DEVESH

DEVESH

    Member

  • Members
  • PipPip
  • 16 posts

Posted 02 March 2008 - 12:55 PM

I cant thank anyone here cause nonone was ready to help but i managed to solve the problem i had p9.exe cfvp0h.com ek.com thumbs.db and gqsk.bat on my hdd's i jus ran combofix it removed autorun.inf and then i made a cfscript with the following data
FILE::
K:\filename
D:\filename
.....
....
...
and transferred the text file to combofix ...it ran and deletd the files
problem solved
now i can view hidden files too

#14 ruby1

ruby1

    a forum member

  • Members
  • PipPipPipPipPipPip
  • 2,375 posts

Posted 02 March 2008 - 04:31 PM

I am glad you seem to be 'sorted' but find it a wee bit unfair of you to say that

nonone was ready to help


if no one HAD been prepared TO help , why then, have you received replies TO you request for help even if those replies were NOT quite what you were expecting to hear?

#15 Starbuck

Starbuck

    'r Brudiwr

  • Malware Response Team
  • PipPipPipPipPipPip
  • 3,187 posts
  • Gender:Male
  • Location:South Wales, UK

Posted 02 March 2008 - 07:22 PM

The easiest way to find out if you are running a legit copy of 'Windows' is to:
Download this tool from Microsoft.

1. Double click on MGADiag.exe to run it.
2. Click Continue.
3. The program will run. It takes a while to finish the diagnosis, please be patient.

If you look through the results , you'll soon know.
Posted Image Posted Image
Back to Am I infected? What do I do?


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Security
  3. Am I infected? What do I do?
  4. Privacy Policy
  5. Rules ·