Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Combofix preventing repair install

  • Please log in to reply
2 replies to this topic

#1 polarbee


  • Members
  • 3 posts
  • Local time:12:58 PM

Posted 21 June 2011 - 01:27 PM

I freely admit I shouldn't have run Combofix without instruction. I've run it successfully in the past without a problem and felt cocky.
That being said, I now have a computer that is completely failing to boot. I ran Combofix and it said it found a rootkit and needed to restart. I allowed it to do so without touching the computer at which point it started a boot loop. I attempted to boot into both Safe Mode and Safe Mode with Networking and it would get as far as Mup.sys (which came immediately after combofix.sys) and would then restart.
At this point I started the Recovery Console and initiated a chkdsk /r which did find some faulty sectors and repaired them but didn't fix the problem, nor had I really expected it to.
Giving up, I decided to try a repair install with the XP disk but this will run for a little while and part way through the Installing Devices, the Combofix window pops up, runs for a few seconds, and then the whole system restarts and begins the repair install again.

Should I just toss my hands up and reinstall the whole OS at this point or is my mistake salvageable. :)


Well, my going in with a ERD and adding ".OLD" to all instances of Combofix, I got the repair install to run without restarting. But now the computer restarted and looked like it was going to boot but has been sitting at a black screen with a Windows XP logo and the words "Please wait..." for about an hour.
I'm going to leave it for awhile and see what happens.

Edit: Moved topic from XP to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)


#2 hamluis



  • Moderator
  • 56,300 posts
  • Gender:Male
  • Location:Killeen, TX
  • Local time:03:58 PM

Posted 21 June 2011 - 02:36 PM

Do you have a ComboFix log?

I'm glad that you are so certain that ComboFix is at the root of your problems...I'm not :). Faulty sectors on a hard drive don't necessarily mean the kiss of death...but it's certainly indicative of something which may be unrelated to ComboFix or malware.

If it were my system...I would run the appropriate hard drive manufacturer's diagnostic, before I expended any energy on anything else.

But since it's your system and you seem convinced that all is due to malware and running ComboFix...I suggest that post your CF log (if you have one) at BC Malware Removal Logs Forum, after reading the following: ComboFix usage, Questions, Help - Look here - http://www.bleepingcomputer.com/forums/topic273628.html .

If you don't have a CF log that you can submit, then I suggest that you follow the suggestions at Preparation Guide, Before Using Malware Removal Tools and Requesting Help - http://www.bleepingcomputer.com/forums/topic34773.html , taking care to note the correct forum for posting the requested logs.

FWIW, current backlog for malware log topics approximates 7 days. If you are seeking a quick solution/resolution...then you may want to run the hard drive diagnostic before making your decision as to what your next step should be. There is little point in attempting to reinstall Windows, IMO, on a hard drive which may have problems.

Note: A repair install effort...is never guaranteed to resolve system problems...it is merely an effort. It cannot overcome malware or hardware issues and is not guaranteed to overcome every system issue (e.g., partition issues). It is not equivalent to a format/clean install which wipes the board clean and makes it easier to try to pinpoint any issues which subsequently arise/appear.


#3 polarbee

  • Topic Starter

  • Members
  • 3 posts
  • Local time:12:58 PM

Posted 21 June 2011 - 05:05 PM

I was able to finally get it loading back into Windows but it's pretty much back where I started as far as the virus goes. It just keeps redirecting all the browsers through its own proxy. Manually setting a Chrome proxy seems to be allowing that one to work. I don't have any logs and I doubt this virus is the only problem this computer is having. It's actually my husband's work computer and it is seven years old.

The positive side to this however is that his boss decided to buy him a new one after this so I don't really even need to worry about it. It's limping along JUST enough that he can keep working until his new computer arrives. Which should be in about a week so no need to post.
Of course, if that computer falls through, I'll be back. :)

Thanks for your help. If needed, I'll follow your instructions on posting the problem to the appropriate forum.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users