Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ComboFix


  • Please log in to reply
5 replies to this topic

#1 TRock80

TRock80

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:51 PM

Posted 18 June 2009 - 09:30 PM

Hi, so now I have a ComboFix log, and nowhere on the site I'm supposed to post it. I was given instructions by the Kaspersky support chat person to run CFix, and that's what I did. The computer still works the same, internet is very slow, sites don't load completely or at all, Kaspersky updates just timeout and ultimately won't load. comcast software run to repair the connection still says that the network card is incorrectly configured to a fixed network address when it should be able to receive a new address automatically. I was unable to correct this. The diagnostics at start-up indicate that there is nothing wrong with the network card. The Kaspersky warning that kept popping up before all heck broke loose was HEUR: Trojan.Script.Iframer. I have XP Home. Any thoughts?

BC AdBot (Login to Remove)

 


m

#2 Guest_superbird_*

Guest_superbird_*

  • Guests
  • OFFLINE
  •  

Posted 19 June 2009 - 10:30 AM

Hi,

Strange they advise you to use ComboFix, because using ComboFix without supervision of a HJT Team Member is dangerous (it can harm your system).

Let's try this:

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2
  • Make sure you are connected to the Internet.
  • Double-click on Download_mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
    • Make sure the "Perform Quick Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

#3 TRock80

TRock80
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  

Posted 19 June 2009 - 12:31 PM

Thanks for the info; I have to note that the Kaspersky rep did refer me to the tutorial posted on bleepingcomputer as part of his request to run it.

I am unable to use the internet for downloading anything on that computer. I am writing to you from a friend's laptop. Is it possible to download Malwarebytes to a flash drive, including updates, and then move it to the infected? I have been leaving the internet disconnected on the infected computer, except to try to test it after the CFix ran.

#4 Guest_superbird_*

Guest_superbird_*

  • Guests
  • OFFLINE
  •  

Posted 19 June 2009 - 12:54 PM

Hi,

Yes, you can use a flash device, but don't use that flashdrive for other purposes. :thumbsup:

Well, the usage of ComboFix is only for under supervision of our helpers. That tutorial is only handy for the helper to give to the person in question.

Edited by superbird, 19 June 2009 - 12:54 PM.


#5 TRock80

TRock80
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:51 PM

Posted 19 June 2009 - 02:22 PM

Thanks, I dragged the mb setup icon to my flash, but can you tell me what files/folders to copy to bring the updates I made on this laptop in the Malwarebytes program folder? When I load the program on my computer, can I just drag these files/folders to the corresponding folder on my computer, or will it not allow me to do that? Thanks.

#6 Guest_superbird_*

Guest_superbird_*

  • Guests
  • OFFLINE
  •  

Posted 19 June 2009 - 02:25 PM

Hi,

Just put the installer on your flash drive, and install and use the program by following the steps I gave you above. :thumbsup:
For the update, this is in those steps also:
  • If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
So delete that file also, and install it, after you've installed MBAM on the infected machine.

Edited by superbird, 19 June 2009 - 02:25 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users