Posted 18 February 2011 - 06:23 AM
I'm running Windows XP (SP3) and began to suspect a malware issue. I came to ComboFix via MajorGeeks' Windows XP Malware Removal/Cleaning Procedure page, which linked to you for a download of ComboFix to my desktop. Following their instructions I first ran SUPERAntiSpyware, then Malwarebytes Anti-Malware before proceeding to run ComboFix according to your instructions (and taking note of all your caveats).
My problem is this: the AutoScan window has stayed with the following message for over 90 minutes:
'Scanning for infected files...
This typically doesn't take more than 10 minutes
However, scan times for badly infected machines may easily double'
The cursor line is blinking below that; and the time on the clock in the XP bar has been altered to - and stuck at - 09:45. But apart from that, the whole thing seems to have frozen.
Is there any happy solution to this - any way, for instance, to abort ComboFix?
Please let me know if you need further information; and thank you in advance for your help.
BC AdBot (Login to Remove)
Posted 18 February 2011 - 06:25 AM
Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.
If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.
Once you have created the new topic, please reply back here with a link to the new topic.
Posted 18 February 2011 - 06:56 AM
Posted 18 February 2011 - 07:20 AM
First ask I, why did you run Combofix without help from a Hijackthis Expert\Helper?
Than can I saying, I think on the HD. Volume.
When the Volume is bad, than get you troubles with programs, just like Mbam, Spybots & Destroy also Combofix.
My suggestion for you is: Run chkdsk /p after that, chkdsk /r via C:\> prompted.
When you don't have a repair partition, than can you run this via the CMD-box in Windows.
Posted 18 February 2011 - 08:13 AM
Further, using ComboFix is only one part of the disinfection process. Preliminary scans from other tools like DDS, RSIT and GMER should be used first because they provide comprehensive logs with specific details about files, folders and registry keys which may have been modified by malware infection. Analysis of those logs allows planning an strategy for effective disinfection and a determination if using ComboFix is necessary. ComboFix was never meant to be used as a general purpose malware scanner like SuperAntispyware or Malwarebytes' Anti-Malware which scan individual drives or different folders on a computer for viruses. Please read the pinned topic ComboFix usage, Questions, Help? - Look here.
With that said, there are circumstances ComboFix will hang, crash or stall at various stages due to malware interference, failure to disable other real-time protection tools or the presence of CD Emulators (Daemon Tools, Alchohol 120%, Astroburn, AnyDVD) so that it does not complete successfully. Also, depending on how badly a system is infected, ComboFix may take longer to complete its routine than it normally does or fail to run properly. While that is not normal behavior, it is not unusual. In such cases, it is helpful to know at what stage CF stalled and to provide that information to the Helper who is assisting you so they can investigate. This is just another reason why you should only use ComboFix under supervision. If you don't know and it still appears to be struck, frozen or failed to reboot, then try this:
Open Task Manager and look for the following ComboFix related processes (some have a .cfxxe extension):
If doing that did not free ComboFix and allow it to continue, then you will need to reboot the computer manually.
Afterwards, please follow cryptodan's instructions.
Edited by quietman7, 18 February 2011 - 08:16 AM.
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
Posted 18 February 2011 - 12:45 PM
Posted 18 February 2011 - 02:33 PM
Yes, of course, but the Hijackthis Experts do know what they must to do, when a program just Combo Fix do something what it must not to do and an user get by this, big troubles with his\her machine, than do know the Hijackthis Experts how must they fix the problem.
In an earlier message told I, that I do know how Hijackthis does working and I do know how I can fix that when I have a problem, but I can tell everyone: Dear people, when I have a Trojan or other vulnerable and I must using a Hijackthis Tool, than I asking for help.
Why doing I this? I do this because, I have a little education enjoined with that, but the education what I did got is not enough for help other people.
Last year was I testing the Hijackthis Tools and I got a big problem.
It was not so worse, when I had not a Muck Buck Virus.
Alright, I had testing out Combo Fix, Otm and Rootkit program, everything will been fine, yes, I took a look in my system and I didn't seen unregulated.
Okay yes, I removed a good backup and after a while, I had troubles you know.
I lost my Cd\Dvd-drivers and repairing was not possible.
The Muck Buck is a very nasty Virus, you know.
For this Virus, there is no Virus scan, belief me.
For people they don't know what a Muck Buck Virus is: The Muck Buck is inside the human; you doing something without thinking.
I must saying, people when you haven't a Hijackthis education, than you must be smart and don't use a Hijackthis Tool without help from a Hijackthis Expert or Helper.
Now can you thinking, Radio Northsea, this will not be happening with me, no.? Are your sure? I can tell you, we are all humans and we are not perfect, but it is true that someone that got an education with one or other job, is better than the person without an education.
Posted 20 February 2011 - 07:33 AM
From this point on the Malware Response Team should be the only members that you take advice from, until they have verified your log as clean.
Please be patient. It may take a while to get a response because the Malware Response Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have posted your log and are waiting, please DO NOT "bump" your post or make another reply until it has been responded to by a member of the Malware Response Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another Malware Response Team member is already assisting you and not open the thread to respond.
To avoid confusion, I am closing this topic until you are cleared by the Malware Response Team. If you still need assistance after your log has been reviewed and you have been cleared, please PM me or another moderator and we will re-open this topic.
Good luck with your log.
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users