Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't find this startup item in Google anywhere...(Win XP)


  • Please log in to reply
3 replies to this topic

#1 ripvanwallace

ripvanwallace

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:07:54 PM

Posted 10 August 2014 - 08:53 PM

Startup Item is just the capital letter "C"

 

Command:

 

"C:\comfix\CF5725.cfxxe /c "C:\comfix\C.bat"

 

Google tries to change it to combofix, but when you search only for just "comfix" nothing shows up as a result.

 

Anyone know what this is?


Edited by ripvanwallace, 10 August 2014 - 08:54 PM.


BC AdBot (Login to Remove)

 


#2 saw101

saw101

  • Members
  • 415 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Great Pacific Northwest
  • Local time:04:54 PM

Posted 10 August 2014 - 10:09 PM

I found this: http://www.exterminate-it.com/malpedia/file/comfix.bat

 

Perhaps a malware specialist will advise.


I never make the same mistake twice....I always make it 5 or 6 times just to be sure!


#3 Quads

Quads

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:CHCH New Zealand
  • Local time:11:54 AM

Posted 11 August 2014 - 12:19 AM

I would have said the registry key is part of combofix left behind, or combofix got stuck

 

At times I have known files and folders for combofix to change to try and get around malware that has for instance blocked the name "combofix" from running in the past.

 

The registry key 

 

"C:\comfix\CF5725.cfxxe /c "C:\comfix\C.bat"   = file location and file to run the batch file in location .......

 

 

From approx 2009 days,  TDL2, 2+ days which had a block list 

 

Quads



#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,131 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:54 PM

Posted 11 August 2014 - 07:21 PM

I found this: http://www.exterminate-it.com/malpedia/file/comfix.bat
 
Perhaps a malware specialist will advise.

When searching for suspicious files, new malware or malware removal assistance (and removal guides) on the Internet, it is not unusual to find numerous hits from untrustworthy and scam sites which mis-classify detections or provide misleading information. This is deliberately done more as a scam to entice folks into buying an advertised fix or removal tool. In some cases if the fix is a free download, users may be enticed to download a malicious file or be redirected to a malicious web site. In other cases you are referred to contact the site's Tech Support for assistance which is only provided for a fee.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users