Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Hijack - Forgot to Uninstall ComboFix before Rebooting


  • Please log in to reply
2 replies to this topic

#1 kdl

kdl

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:27 AM

Posted 05 October 2009 - 08:11 PM

My PC was infected with the same malware problem as outlined by MLinau (Google Gala Hijack - http://www.bleepingcomputer.com/forums/topic259577.html). I followed the steps recommended to her ... all except for the last one, which turns out to be a pretty important step. I did not click Start >> Run and type in ComboFix /u. After ensuring the malware was gone, I rebooted and the PC came up with the Windows User Account screen which I have never used before. It asked me for the password to login under the user account for my last name but since I didn't know the password (doesn't exist to my knowledge), I logged in as guest. It proceeded to tell me there were several files missing and brought up a half-baked version of Windows. I tried to run the ComboFix /u command but it tells me I don't have access.

Any ideas on how I can undo the ComboFix now? I appreciate it. Your help was huge until I shot myself in the foot.

Edited by kdl, 05 October 2009 - 08:23 PM.


BC AdBot (Login to Remove)

 


#2 garmanma

garmanma

    Computer Masochist


  • Staff Emeritus
  • 27,809 posts
  • OFFLINE
  •  
  • Location:Cleveland, Ohio
  • Local time:03:27 AM

Posted 06 October 2009 - 10:22 AM

Unfortunately the author of the tool does not want information on how Combofix works on public forums.
Please read Combofix's Disclaimer. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.

The only public information that is available can be found at this guide:

How to use ComboFix

You might try this:

Download and Run OTCleanIt
This program will remove the tools you have used.
  • Download OTCleanIt by OldTimer to your desktop.
  • Double click OTCleanIt.exe to start the program.
  • Click the big CleanUp! button.
  • When asked if you want to proceed with the cleanup process, click Yes. Restart your computer when prompted.
Delete the file after use, if it did not delete itself.

Edited by garmanma, 06 October 2009 - 10:26 AM.

Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#3 kdl

kdl
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:27 AM

Posted 06 October 2009 - 08:54 PM

Ya, I definitely knew I was wading into sketchy territory with the Combo Fix and I tried every thing I could before reaching "desperation". Even spent $50 on some programs I hoped would take care of it. Combo Fix definitely fixed the issue ... and then I tripped over a pebble when crossing the finish line. Sigh ...

I was able to execute OTCleanIt per your instructions, but no dice. Still brings up the user login screen after rebooting. Any other ideas that I might attempt? If I try to hack through the login screen with some tool, do you think I might make it worse for myself?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users