Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Combofix will not run fully due to administrator privilages not being recognised


  • This topic is locked This topic is locked
4 replies to this topic

#1 rowlando

rowlando

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brisbane
  • Local time:12:31 AM

Posted 17 September 2014 - 07:32 PM

Hi this is my first post, I am delighted with the value given from these forums, and the great help I have read about.

 

I am getting help from an mbam expert, however we have hit a problem, I have reached the stage where I need to run combofix under his instructions, basically I get a reply each day and follow his instructions and wait, its been a few days now with no reply to this lastest issue.

 

My sons pc which is infected is a windows 7 operating system, it has one user as the administrator and is not able to get on the internet, except as some limited wireless access and it only allows a fake or highjacked webpage in google chrome.

 

When I try to run combofix the program runs and then says i do not have administrator privilages, so I have run the combofix by right clicking it and run as administrator. I get the same results it stops.

 

My issue is only to get combofix to run and once done I will continue with william rowland from mbam, I ask only to break throught this issue only concerning combofix.

 

cheers Rowlando



BC AdBot (Login to Remove)

 


#2 JohnC_21

JohnC_21

  • Members
  • 22,941 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:31 AM

Posted 17 September 2014 - 08:09 PM

Hello and Welcome

 

It may be possible to get combofix to run in the hidden Adminstrator Account which is like a super user. In the admin account open a command prompt. Type CMD in the search box and then Right click > Run as Administrator

 

type:

net user administrator /active:yes

Log out of the admin account. You should see a new account called Administrator. Run combofix in this account.

 

After you get the malware problem fixed disable the Adminstrator account using this command

net user administrator /active:no


#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,128 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:31 AM

Posted 17 September 2014 - 08:15 PM

Please ignore the above instructions.

As a general policy, Bleeping Computer does not offer advice on how to run ComboFix unless we asked someone to run it or if there is a problem with the computer caused by running the tool. We recommend that people should not be using ComboFix without being advised to do so by a trained expert (see here) who is assisting them deal with a malware problem. When issues arise due to complex malware infections, problems running ComboFix (i.e. stalling, hanging, crashing) or with other security tools causing conflicts, experts are usually aware of them and can advise what should or should not be done while providing individual assistance. When false detections are identified, experts have access to the developer and can report them so he can investigate, confirm and make corrections. Those attempting to use ComboFix on their own do not have such information and are at risk when running the tool in an unsupervised environment.

Also be aware that using ComboFix is only one part of the disinfection process. Preliminary scans from other tools like DDS, OTL, RSIT and GMER should be used first because they provide comprehensive logs with specific details about files, folders and registry keys which may have been modified by malware infection. Analysis of those logs allows planning a strategy for effective disinfection and a determination if using ComboFix is necessary.

While our policy is not to offer advice on running ComboFix unless we asked someone to run it, we are willing to assist with resolving problems caused after using it and we are certainly willing to help with malware disinfection. If that assistance requires running ComboFix, you will be advised what to do in order to get the tool to run properly or investigate any error messages.

If you need individual assistance with a malware infection, please follow the instructions in the Preparation Guide For Requesting Help starting at Step 6.
  • If you cannot complete a step, then skip it and continue with the next.
  • In Step 6 there are instructions for downloading and running DDS which will create two logs. (Note: Windows 8.1 Users will not be able run DDS and create a log)
When you have done that, post your logs in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team Experts.

After doing this, please reply back in this thread with a link to the new topic so we can closed this one.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 rowlando

rowlando
  • Topic Starter

  • Members
  • 75 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Brisbane
  • Local time:12:31 AM

Posted 17 September 2014 - 09:24 PM

Hi JohnC_1 and thank you very much for your quick reply, I followed your instructions and alas I did get another operator as administrator but combofix still did not run fully, it says I am not an administrator.

 

Hi Quietman7 I am not sure if you read my post fully, but I am under professional advice for using combofix, many other programs have been run and reports sent, we just hit one issue with my pc not allowing me to run the combofix program as the administrator.I am trying to remove my current help, rather extending it for this issues alone nothing more. I am sorry if this request has broken any rules or laws of the forum.

 

I guess I will just have to wait and some time next week, I will come back here if I can not resolve the issue with mbam forums.

 

Thank you for your support. Rowlando



#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,128 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:31 AM

Posted 18 September 2014 - 05:31 AM

If you are following advice from a trained Helper/expert at under forum to run ComboFix, then you need to contact that person for assistance when an issue prevents you from following their instructions. That Helper should be able to address any problems you encounter when downloading or running the tool as they should have the knowledge and resources to do so. Your Helper should also have access to private discussion threads related to issues when running ComboFix and access to the developer if need be. Further, following advice from others outside of a topic (or support ticket) where you are already receiving assistance may cause confusion and could complicate the malware removal process or make things worst which would extend the time it takes to clean your computer.

To avoid confusion, I am closing this topic. If you have any questions in regards to this please PM me or another Moderator.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users