Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

combofix nearly brought my computer to its knees


  • Please log in to reply
4 replies to this topic

#1 sherwulff

sherwulff

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:05 PM

Posted 12 February 2011 - 02:52 AM

as soon as i clicked on Combofix, a message box popped onto my screen (blue background). it said something about windows must shut down immediately - i couldn't read it because it was only on the screen for about a second. then my computer turned off and restarted (it took a long while to reboot). once the computer finally came back on, i got a message saying that windows had recoverd from a serious error.

i ran combofix on another computer, and it got rid of the google redirect. i really need to do it on this computer, but i don't want to fry it. i had disabled Avira, my only active antimalware defense, before attempting to run Combofix.

does anybody have any idea what may have happened, or any idea how i can get combofix to run on my computer?

PS
i fixed the redirect problem from reading the previous post and using the TDSSkiller.

my curiosity is nevertheless picqued as to what band of cyber marauders may have forced their hand when i tried to run Combofix (for future's sake), but see here - sherwulff don't want to ruffle anybody's feathers for posting about combofix in this forum (alas, i neglected to espy the caveat at the top of the page until it was too late, and the die had been cast). Also, if a moderator wants to remove the defogger/dds/etc. logs i posted over the last few days (in the correct section, i might add), then go for it - despite having followed the directions to the letter (took me about two hours), crossed all the t's and dotted all the i's so to speak, no one ever did condescend to give me one friggin' word of advice through this stresful fiasco.

Edited by sherwulff, 12 February 2011 - 03:41 AM.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,762 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:05 PM

Posted 12 February 2011 - 09:18 AM

No one should be using ComboFix unless specifically instructed to do so by a Malware Removal Expert who can interpret the logs. It is a powerful tool intended by its creator to be "used under the guidance and supervision of an expert. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. When issues arise due to complex malware infections, possible false detections, problems running ComboFix or with other security tools causing conflicts, experts are usually aware of them and can advise what should or should not be done while providing individual assistance. When false detections are identified, experts have access to the developer and can report them so he can investigate, confirm and make corrections. Those attempting to use ComboFix on their own do not have such information and are at risk when running the tool in an unsupervised environment. Please read the pinned topic ComboFix usage, Questions, Help? - Look here.

With that said, there are circumstances ComboFix will hang, crash or stall at various stages due to malware interference, failure to disable other real-time protection tools or the presence of CD Emulators (Daemon Tools, Alchohol 120%, Astroburn, AnyDVD) so that it does not complete successfully. Also, depending on how badly a system is infected, ComboFix may take longer to complete its routine than it normally does or fail to run properly. While that is not normal behavior, it is not unusual.

Since you resoved the issue with TDSSkiller which I would have recommended, I will close the topic where you posted your DDS log.

While we understand your frustration at having to wait, please note that Bleeping Computer deals with several hundred requests for assistance such as yours on a daily basis. As a result, requests for help are not always answered in a timely manner. Although our staff work on hundreds of requests each day, they are all volunteers who contribute to helping members as time permits. No one is paid by Bleeping Computer for their assistance to our members.

New and more devious malware infections are released almost daily. It then takes time to investigate, analyze and test removal techniques before we can help members like yourself. Doing that means that we sacrifice speed of response for a quality response that will help remove the malware more effectively.

Further, our First Responder staff is comprised of team members with various levels of skill and expertise to deal with thousands of malware variants, some more complex than others. Not all staff members have access to or are familiar with every type of operating system version...some may only have Windows XP as they cannot afford to upgrade while others may only have Vista or Windows 7.

Although your topic looked lost in the queue of many pages where others have posted for help since you did, it would have been answered.

Edited by quietman7, 12 February 2011 - 09:30 AM.

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,762 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:05 PM

Posted 12 February 2011 - 09:31 AM

One other thing. If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Posted Image > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Posted Image > Run... and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista and Windows 7 users can refer to these links:
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 sherwulff

sherwulff
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:12:05 PM

Posted 12 February 2011 - 03:24 PM

it's all good. i've been thinking about joining the team, maybe i could help you guys answer some questions after receiving training. please let me know if i could potentially be help to bleepingcomputer.

sherwulff

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,762 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:05 PM

Posted 12 February 2011 - 03:58 PM

Check your inbox..
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users