Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Combofix Log File Help !


  • Please log in to reply
4 replies to this topic

#1 djm1k0

djm1k0

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 19 September 2008 - 09:00 AM

I need some help. Firstly i'm running Windows XP Home SP3. The other day i started with some virus. It came up in Trend micro as Cryp_Morphine. I was able to get rid of that all i'm prety sure. However at the same time i was having an issue with my Windows Auto Update was turned off and it will not let me start it. So after some research i came across the same issue with Windows update from other users and it was suggested to try combo fix. I ran this program last night and after it was complete i re-booted then i was able to get windows update to work again so i ran one more trend micro scan and a mention of a Vundo virus came up. It was quarentined and then i deleted it. well all was good and then today i woke up and checked my comp and the Windows update is disabled again and having the same issue. so i'm under the impression that the virus is still around. Please let me know if i should post the combofix log.

Edited by djm1k0, 19 September 2008 - 09:06 AM.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,482 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:36 AM

Posted 19 September 2008 - 09:42 AM

Please note the message text in blue at the top of this forum.

You should not be using Combofix unless instructed to do so by a Malware Removal Expert who can interpret the logs. It is a powerful tool intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. Please read Combofix's Disclaimer.

Further, ComboFix logs are not permitted outside the HijackThis forums and then only when requested by a HJT Team member.

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself.
  • Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes, they may alert you after scanning with MBAM. Please permit the program to allow the changes.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 djm1k0

djm1k0
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 19 September 2008 - 11:16 AM

my apologies w/ the use of combofix, i researched other peoples problems, and combofix seemed to fix their issues. i also followed the combofix proper use guide. and am pretty comfortable around the PC. So i figured i was saving you folks some time. Anyways i will perform the above steps next and will report back with the log. does anyone want to see the combofix log in the mean time ? thanks for the response.

Edited by djm1k0, 19 September 2008 - 11:18 AM.


#4 DaChew

DaChew

    Visiting Alien


  • Members
  • 10,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:millenium falcon and rockytop
  • Local time:12:36 AM

Posted 19 September 2008 - 11:21 AM

Combofix by sUBs was never intended to be used in the way that that software such as SuperAntispyware or Malwarebytes Antimalware is done. There are several excellent reasons for this Disclaimer shown when you start the program:
Some that I have observed:

About 1 in 100 times the computer will not longer be able to boot after running Combofix. This requires experienced hands to restore the system to bootability.

There are several malware infections that "target" Combofix. Experienced Helpers are aware of these infections, and take steps to remove them prior to the use of Combofix. If you do not, various things can happen depending on the infection -- from Combofix being unable to run, to the deletion of the folder C:\Windows\System32, requiring a clean install to repair.

Combofix makes some rather significant changes to the internals of XP and Vista in order to work. It has to be removed with special instructions to fully and safely revert these changes. Experienced Helpers are aware of how to accomplish the uninstallation of Combofix.

The real power of Combofix comes not as a general purposed malware remover. It is rather modest in that capacity. Combofix is powerful because it provides to the experienced Helper a convenient and powerful front-end to Scripts. It is because of its scripting strengths, and its unique reporting capabilities, that you see Combofix often recommended. But not because of its abilities as a general malware scanner.

Many malware removal experts will not respond to a request for help if they see that Combofix was run by the end-user without supervision. You might find after running Combofix that your system problems are worse, and nobody is willing to help you.

There are several general purpose anti-malware utilities where the Author(s) intended the application for general use by end-users without Supervision. Combofix is not one of them, and you would be advised to honor that position taken by its Author.

Best regards,
Bill Castner
--
============
MS-MVP 2004 - -2008, ASAP Member


http://www.dslreports.com/forum/r20950947-

Any posts containing CF Logs will be ignored.


top of this page

please follow QM7's directions
Chewy

No. Try not. Do... or do not. There is no try.

#5 djm1k0

djm1k0
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:11:36 PM

Posted 19 September 2008 - 11:26 AM

Understood. i will follow QM7's directions and report back.




Combofix by sUBs was never intended to be used in the way that that software such as SuperAntispyware or Malwarebytes Antimalware is done. There are several excellent reasons for this Disclaimer shown when you start the program:
Some that I have observed:

About 1 in 100 times the computer will not longer be able to boot after running Combofix. This requires experienced hands to restore the system to bootability.

There are several malware infections that "target" Combofix. Experienced Helpers are aware of these infections, and take steps to remove them prior to the use of Combofix. If you do not, various things can happen depending on the infection -- from Combofix being unable to run, to the deletion of the folder C:\Windows\System32, requiring a clean install to repair.

Combofix makes some rather significant changes to the internals of XP and Vista in order to work. It has to be removed with special instructions to fully and safely revert these changes. Experienced Helpers are aware of how to accomplish the uninstallation of Combofix.

The real power of Combofix comes not as a general purposed malware remover. It is rather modest in that capacity. Combofix is powerful because it provides to the experienced Helper a convenient and powerful front-end to Scripts. It is because of its scripting strengths, and its unique reporting capabilities, that you see Combofix often recommended. But not because of its abilities as a general malware scanner.

Many malware removal experts will not respond to a request for help if they see that Combofix was run by the end-user without supervision. You might find after running Combofix that your system problems are worse, and nobody is willing to help you.

There are several general purpose anti-malware utilities where the Author(s) intended the application for general use by end-users without Supervision. Combofix is not one of them, and you would be advised to honor that position taken by its Author.

Best regards,
Bill Castner
--
============
MS-MVP 2004 - -2008, ASAP Member


http://www.dslreports.com/forum/r20950947-

Any posts containing CF Logs will be ignored.


top of this page

please follow QM7's directions






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users