Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Combofix paused?


  • Please log in to reply
4 replies to this topic

#1 MDowney

MDowney

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 30 November 2010 - 11:15 AM

My work IT guy told me to run ComboFix as i may have a corrupt MBR. i ran ComboFix, and it did find just that. it then did a "dump" and went to the BSOD. i turned the comptuer off/on, ComboFix continued on it's merry way. ran thru all the stuff it says it's supposed to, but now it's stuck at the Error Log "Don't open any programs until ComboFix is finished" part. Been like that for over 12 hours. . .



EDIT: Moved from XP to AntiVirus, Firewall and Privacy Products and Protection Methods

Edited by boopme, 30 November 2010 - 11:25 AM.


BC AdBot (Login to Remove)

 


#2 sunbleach

sunbleach

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 30 November 2010 - 12:05 PM

I have the same problem........allthough I dont have the patients to wait 12 hours.. Ive been recommended 4 scanning tools prior to combofix one took up to 3 hours.....Sorry MDowney im not much help..all I can offer is a reminder about disabling antivirus etc etc...

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,047 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:04 AM

Posted 30 November 2010 - 02:14 PM

No one should be using ComboFix unless specifically instructed to do so by a Malware Removal Expert who can interpret the logs. It is a powerful tool intended by its creator to be "used under the guidance and supervision of an expert. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. When issues arise due to complex malware infections, possible false detections, problems running ComboFix or with other security tools causing conflicts, experts are usually aware of them and can advise what should or should not be done while providing individual assistance. Those attempting to use ComboFix on their own do not have such information and are at risk when running the tool in an unsupervised environment.

Combofix was never meant to be used as a general purpose malware scanner like SuperAntispyware or Malwarebytes' Anti-Malware which scan individual drives or different folders on a computer for viruses. And it certainly was never intended for use in a corporate/business environment. Please read the pinned topic ComboFix usage, Questions, Help? - Look here.

With that said, there are circumstances ComboFix will hang or stall at various stages due to malware interference, failure to disable any other real-time protection tools and CD Emulators (Daemon Tools, Alchohol 120%, Astroburn, AnyDVD) so that it does not complete successfully. While that is not normal behavior, it is not unusual. In such cases, it is helpful to know at what stage CF stalled and to provide that information to the Helper who is assisting you so they can investigate. That's just another reason you should only use ComboFix under supervision. If you don't know and it still appears to be struck, frozen or failed to reboot, then try this:

Open Task Manager and look for the following ComboFix related processes (some have a .cfxxe extension):
  • PEV.exe
  • NirCmd.cfxxe
  • PEV.cfxxe
One at a time, right-click and select End Process. If doing that did not free ComboFix and allow it to continue, then you will need to reboot the computer manually.

Afterwards, please do NOT run ComboFix again unless asked to by a member of the Malware Removal Team.

If you need further assistance with your malware infection, please read the pinned topic titled "Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help". If you cannot complete a step, then skip it and continue with the next. In Step 7 there are instructions for downloading and running DDS which will create a Pseudo HJT Report as part of its log. When you have done that, post your log in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team Experts.

Edited by quietman7, 30 November 2010 - 02:20 PM.

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 MDowney

MDowney
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:04 AM

Posted 30 November 2010 - 02:41 PM

@ Quietman: Thank you for reviewing my issue and for the suggestions. i apologize for not following proper protocol - i guess stuff like that is what got me into my mess in the first place. One quick clarification - I'm not using the ComboFix on a corporate computer, it's on my personal desktop. i'll go home at lunch and follow all your suggestions so that i'm following proper protocol and then will post the proper information to the forum you have suggested. Thank you again for your help. :-)

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,047 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:04 AM

Posted 30 November 2010 - 02:56 PM

You're welcome and good luck.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users