Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Question about ComboFix


  • Please log in to reply
3 replies to this topic

#1 promailer

promailer

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:48 PM

Posted 26 August 2011 - 06:22 AM

Hello all. I have a question. I have been using ComboFix to repair heavy infections on some machines. But i have found something really problematic. Why on Windows Vista or Windows 7 ComboFix is somehow damaging the OS. I mean after running ComboFix on those OSes the Start Menu is damaged. Many of the Start Menu programs are missing and there are only few of them. Sometimes ComboFix is damaging and the option for changing the wallpaper. Why is this happening and how to prevent it? Can someone please give me some information. Not a single of those problem happen under XP.
P.S. Sorry if I'm posting in the wrong section :) .

Edited by promailer, 26 August 2011 - 06:22 AM.


BC AdBot (Login to Remove)

 


#2 Ried

Ried

  • Malware Response Team
  • 1,009 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:48 AM

Posted 26 August 2011 - 04:04 PM

Hello promailer,

I have run ComboFix on all of my own Win7 and Vista machines, as well as cleaned hundreds of Vista/Win7 machines in the forums, and I will say that this is the first I've heard of this sort of trouble being caused by ComboFix. There is a rogue that has been going around for a couple of months now that will hide Start Menu programs, perhaps that's what you've been running into on these machines.

Regarding the wallpapwer option being changed - can you provide more detail about that? Are you saying you can no longer change wallpaper, or are you saying wallpaper was gone and had to be reset after running ComboFix?

Do you have any ComboFix logs from these machines you are referring to, that you can show me?

Do you have a screenshot of this wallpaper issue?

Edited by Ried, 26 August 2011 - 04:11 PM.

Microsoft MVP - Consumer Security 2010, 2011, 2012

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."


#3 promailer

promailer
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:48 PM

Posted 27 August 2011 - 02:14 AM

Hello promailer,

I have run ComboFix on all of my own Win7 and Vista machines, as well as cleaned hundreds of Vista/Win7 machines in the forums, and I will say that this is the first I've heard of this sort of trouble being caused by ComboFix. There is a rogue that has been going around for a couple of months now that will hide Start Menu programs, perhaps that's what you've been running into on these machines.

Regarding the wallpapwer option being changed - can you provide more detail about that? Are you saying you can no longer change wallpaper, or are you saying wallpaper was gone and had to be reset after running ComboFix?

Do you have any ComboFix logs from these machines you are referring to, that you can show me?

Do you have a screenshot of this wallpaper issue?

Hi, friend. I haven't saved any logs or screen from the infected machines. I know this is very important but like you know people are always in a hurry. But next time i will do. The interesting thing is that this bug happen on machines who had Bulgarian language installed and selected. Hmm is it possible because of that? About the wallpaper thing its like this. When you select the picture for your new wallpaper and click OK, nothing happend. Still the old wallpaper is on the desktop :) .

#4 Ried

Ried

  • Malware Response Team
  • 1,009 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:48 AM

Posted 29 August 2011 - 12:14 AM

I have checked with some of my Bulgarian colleagues and they have not run across any issues such as you've mentioned. The best I can recommend is that you take the time to save logs and post the issue while you're working on the machine.

Microsoft MVP - Consumer Security 2010, 2011, 2012

"It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users