Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Maybe in a catch-22, how to proceed?


  • Please log in to reply
3 replies to this topic

#1 Larry_R_B

Larry_R_B

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Indiana
  • Local time:07:59 PM

Posted 08 October 2011 - 10:25 PM

My apologies in advance if I've jumped the gun...

I was searching for info on anti-malware remediation and came across ComboFix.exe, which I have downloaded, installed and currently have running on an infected WinXP Pro SP2 machine. This machine had an issue that wasn't allowing programs to run... AntiMalwareBytes did find a trojan.dropper which it successfully removed, but after that, the scans get up to around 300+ items and terminates with no message. I've run it safe mode, real mode, reinstalled it a bunch of times.. same behavior. I've tried all the rkill variants.. they all do some screen flashing but never give any kind of status.

But, before I continue further... after reading your instructions I see that I wasn't supposed to run a combofix.. but alas, its currently running on the infected PC and hasn't displayed any of its stages. The last line on the display, which I've been watching for over 3.5 hours how is "However, scan times for badly infected machines may easily double", followed by the cursor blinking on the next line of the blue screen titled "Autoscan". I really don't think I'll see any results pop up on the screen...

Nothing else is running on the computer's taskbar.

So, in order to provide the initial logs and and follow the directions to procure the info you kind folks would like, what do I do???? Alt-F4 the combofix (if that will even work?), cntl-alt-del? start, shutdown, restart?

Thanks in advance for your reply!

BC AdBot (Login to Remove)

 


#2 Larry_R_B

Larry_R_B
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Indiana
  • Local time:07:59 PM

Posted 09 October 2011 - 12:47 AM

It's over 5+ hours now and ComboFix is still at the same place in my original post and has yet to burp out any Stages... I gotta think it's crashed or stuck...

Can anybody give me some direction on this??? Can I kill it? Reboot? End Task?

What's the proper path to take?

Thanks!!!

#3 Larry_R_B

Larry_R_B
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Indiana
  • Local time:07:59 PM

Posted 09 October 2011 - 10:29 AM

Well, I let it run overnight, and I'm checking on it while I being my daily caffeination routine.

I see ComboFix still sitting at exactly the same place after 15+ hours... no stages reported... The last message on screen is "However, scan times for badly infected machines may easily double" followed by the blinking cursor on the next line of hte AutoScan screen.

Anyone experienced with the proper way to terminate a hung-up ComboFix AutoScan so I can begin to follow your recommended steps in troubleshooting this beast?

#4 Larry_R_B

Larry_R_B
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Indiana
  • Local time:07:59 PM

Posted 11 October 2011 - 06:57 PM

This part of the issue is solved, so I imagine you guys can close this thread.

I basically reset the computer and it came back up... I wasn't sure if that would be the case since this is the first time I've worked with combofix.exe




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users