Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Something bad happened while using combofix... :(


  • This topic is locked This topic is locked
7 replies to this topic

#1 FUNKYgroovy

FUNKYgroovy

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:26 PM

Posted 28 August 2012 - 07:19 PM

So today I looked for a program to fix malware problems with my sister's laptop and I went with Combofix. I downloaded it and started it up, thinking that I could just X out of the program after seeing a bit of how it worked. I tried clicking the X button but it kept going. My antivirus was on. I should've turned it off. I tried to ctrl + alt + del out of it. Couldn't find the process. It starts working and I x out of it. I Try to run Nexus Mod Manager, it brings up "A device attached to the system is not functioning." commence facepalm. How do I fix this? Can't I just do a restore?

BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:26 AM

Posted 28 August 2012 - 07:50 PM

First read the disclaimer and all details related to ComboFix program if you ever wish to use it -

It is not like Malwarebytes Anti-Malware program, plus it is constantly updated and the program is changed every few days.
First instruction is not to mouse-click or press any keys while using the program, as it may stall and may render your computer unbootable.

Combofix is not for use, unless you have seen output from logs that show it is needed
There may be other links left as to why you should NEVER use this by yourself and all the directions have been fully read -

If the computer will not boot, you can try a Hard Shutdown (No Guarantee of the result) and restart again.
If the computer will restart post a topic in the Malware Removal area of the forum, and only follow the directions given.

State your problems and post the required logs for an expert to review, and do no more with the computer, if it will reboot, untill you are given further instructions.
Please follow the instructions in ==>This Guide<==


Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.



#3 FUNKYgroovy

FUNKYgroovy
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:26 PM

Posted 28 August 2012 - 08:21 PM

.....so then i can't just do a restore?

#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:26 AM

Posted 29 August 2012 - 12:06 AM

Restore to what ?? Your sisters laptop is still infected and you have taken the wrong steps to repair it. A system restore will not repair it -

I have offered you the option of full free infection removal via the Malware Removal section of the forum to try and undo anything that was caused by your incorrect use of a Malware removal tool, and this is what is needed -

It is your choice to use this option, but the computer will remain infected, or you can take it to a repair shop and pay $150 for the same service -
From here I have no idea of the depth or type of infection, but I hope you decide to take the correct action

Thank You -
EDIT - ComboFix usage, Questions, Help? - Look here Please read this, and follow the instructions posted above -

Edited by noknojon, 29 August 2012 - 12:18 AM.


#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,055 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:26 PM

Posted 29 August 2012 - 07:24 AM

FUNKYgroovy, if you are dealing with a malware infection, please be aware that using ComboFix is only one part of the disinfection process. Preliminary scans from other tools like DDS, RSIT and GMER should be used first because they provide comprehensive logs with specific details about files, folders and registry keys which may have been modified by malware infection. Analysis of those logs allows planning a strategy for effective disinfection.

Since you already ran ComboFix, you can include the log (ComboFix.txt) along with the others in your new topic per the instructions provided by noknojon. It should have been saved to your root directory, usually C:\.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 FUNKYgroovy

FUNKYgroovy
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:26 PM

Posted 29 August 2012 - 09:07 PM

Genius. I will get working on that, thanks guys. I will post back with results when possible.

#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,055 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:26 PM

Posted 29 August 2012 - 10:35 PM

DDS and ComboFix logs are not permitted in this forum and should not be posted here. Instead please start a new topic in the Virus, Trojan, Spyware, and Malware Removal Logs forum and post them there.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 hamluis

hamluis

    Moderator


  • Moderator
  • 56,551 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:05:26 PM

Posted 30 August 2012 - 07:19 AM

Reference: http://www.bleepingcomputer.com/forums/topic466926.html/page__p__2823784#entry2823784 .

Now that you have properly posted a malware log topic, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on, the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic.

Louis




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users