Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Combofix Hung Up


  • Please log in to reply
7 replies to this topic

#1 emily_i

emily_i

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:28 PM

Posted 30 March 2012 - 01:37 PM

Hi,

I was asked to run combofix by Kaspersky because I am having trouble removing a virus. I downloaded the program from Bleeping Computer, followed the instructions and told it to run. While it was running, a window popped up saying that I have a rootkit virus but I didn't catch the name of it before that window disappeared. Then a second window popped up saying that combofix needed to reboot my computer because of the rootkit virus and that I should not shut it down manually. I clicked on the Ok button and the computer has been shutting down ever since. This has been over 12 hours ago and the computer still says it is shutting down. I do not know what I should do next. I have Windows XP Professional. Please help!

Thank you,
Emily

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:28 AM

Posted 30 March 2012 - 01:50 PM

First:

No one should be using ComboFix unless specifically instructed to do so by a Malware Removal Expert who can interpret the logs. It is a powerful tool intended by its creator to be "used under the guidance and supervision of an expert. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. When issues arise with new malware infections or other security tools conflicting with ComboFix, experts are aware of them and can advise users what should or should not be done while providing assistance. Those attempting to use ComboFix on their own do not have such information and are at risk when running the tool in an unsupervised environment. Please read the pinned topic ComboFix usage, Questions, Help? - Look here.

What specific issues are you having that requires using ComboFix?

Compliments of QuietMan7

Second:

Please follow the instructions in ==>Malware Removal and Log Section Preparation Guide<==.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Once you have created the new topic, please reply back here with a link to the new topic.

Most importantly please be patient till you get a reply to your topic. If you receive a reply from the HelpBot, then please follow the instructions outlined in the helpbot's post.

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:28 AM

Posted 03 April 2012 - 12:33 PM

Did you finally have to shut it down manually and reboot?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 emily_i

emily_i
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:28 PM

Posted 04 April 2012 - 11:56 AM

Hi,

Thanks for asking. Yes, I did manually shut down the computer and then turned it back on. After it restarted, Combofix automatically started up again and then ran through all of the stages, restarted the computer and created the log. I am still working with Kaspersky to clear all of the infections. However, after running Combofix, I am no longer able to connect to the internet. I tried repairing it according to the instructions on the Combofix tutorial but that unfortunately hasn't worked. After getting the computer clean, I plan to try the next step suggested in the Combofix tutorial. But I'm open to any suggestions you may have for me.

Thank you,
Emily

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:28 AM

Posted 04 April 2012 - 12:12 PM

Most likely it was the infection responsible for the loss of Internet connection by targeting related services. Your Helper at Kaspersky should be able to assist with that.

If not, then follow cryptodan's instructions and post your ComboFix log in that new topic.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 emily_i

emily_i
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:28 PM

Posted 04 April 2012 - 12:16 PM

Okay, thank you.

#7 emily_i

emily_i
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:28 PM

Posted 04 April 2012 - 12:20 PM

Actually, one more question. If I do end up needing to post the log on this site to get help, should I re-run Combofix first? I have been running scripts from Kaspersky on my computer to solve the virus situation so I'm assuming there would be changes since the initial time that I ran it.

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:28 AM

Posted 04 April 2012 - 12:38 PM

No, the Helper would want to see the first log so it could be compared with any subsequent run of ComboFix. Also, if you do this, you will need to advise the Kaspersky Helper that you are going elsewhere to continue with assistance and to close that topic. No sense in leaving it open when their Helper could be assisting others.

After that you should not seek help anywhere else or make further changes as doing that may hamper the disinfection process here and cause confusion. That's why I am not providing more instructions as I don't want to hamper and cause confusion for your Kaspersky Helper. You should, however, provide a link to where you previously received assistance so we can see what has or has not been done.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users