Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Would you like my COMBOFIX log?


  • Please log in to reply
No replies to this topic

#1 Jazzper

Jazzper

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:48 AM

Posted 21 December 2008 - 11:28 PM

My niece's PC was recently infected with the go.google DNS redirection problem. I was not able to access the MalwareBytes or update.microsoft.com websites. If I tried to ping them in a DOS Box, they resolved to the localhost address. After wasting LOTS of time looking for the problem, I happened upon your site and its ComboFix program --- thanks...thanks...thanks!!!

Its step-by-step instructions said I should upload the log file since everything may not have been fixed but since it says here not to do so w/o it being requested, I thought I'd ask first. I ran it - after renaming it to get it to kick off - but I was still not able to access the MS update site. Since I think that I may not have disabled all the appropriate McAffee Security Center services, I tried running it again. I recall some sort of error message about not being able to create TEMP01 but am not positive as I was distracted at the time. Before the second running, I made sure that I killed all processes that began with "mc" and it seems to have completed thru Stages_50 w/o a problem but I just got the error message again: "FINDSTR: Cannot open temp01" when it was creating the logfile.

Still no luck though so I tried using MSCONFIG to not have McAffee in the startup and tried running it for the 3rd time. NOTE: msconfig gave me an Access Denied message saying I needed to run it as an admin but my account does have full admin rights. But when the PC restarted, McAffee did not load this time. So I kicked off ComboFix for the 3rd time -- it said it found a rootkit like the other 2 times -- and it again looked like it finished up OK.

3rd time was a charm-:thumbsup: I Can now get to the MS update site and MalwareBYtes.

do you want the latest log file?

thanks again for your great tool!!

Edited by Orange Blossom, 22 December 2008 - 11:05 PM.
Move from HiJack This forum to Am I Infected as there are no logs. ~ OB


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users