Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't download combofix!


  • Please log in to reply
5 replies to this topic

#1 Arrby

Arrby

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Toronto, Canada
  • Local time:08:13 AM

Posted 11 February 2015 - 11:23 PM

When I do the same thing over and over and one day find the behavior different, I usually stop whatever I'm doing and, at a minimum, clean the system (Ccleaner) and if I'm suspicious that I've picked up something unwanted, I'll download and install the latest combofix. I used to use this and that, but over the years programs seemed to lose their integrity. Spybot for example would start installing multiple times. Adaware, of course, became crap when the company was sold. I found combofix just from reading around. I don't like that the geeks who make it can't offer a minimal plain English explanation of what they've found, but it's easy to use, gets down to business and seems to have a good rep. I know that it can cause problems, because that's the warning that comes with it. But I don't have the good fortune to have tech savvy buddies in my contact list to zip over and oversee my use of the malware scanner or anything. So I use combofix.

 

Except that, for the first time, the download didn't go as planned. I usually just get a msg saying program exists, and a question about replacing it, which I just answer with yes. This time I was told that the file was read only and needed to be re-named. That was at download.com. So I decided to go to the author's site. Bleeping Computer seems to be where the author set up his portal. But now when I click on download, I get no response! I'll try again after posting here, since I can't see what else I can do other than register here.

 

And I should mention that this all started when I attempted to download and install Nero's old wave editor. The irony is that I was fishing around on Nero's website looking for the suite which had it, prepared to buy it. Instead, I found a link (yesterday, on my Acer laptop but not today on my Toshiba laptop!) to the wave editor, offered as a free download, which took me to Softonic. I'm not so net illiterate that I just download what I want without looking. I knew this was tricky soon as I saw all the extras. Of course, I declined everything. Then the last extra appeared. That was Open Candy and the program seemed to be saying that I could not install it without this unwanted software. Of course, you read the softonic statement and they promise to be nice and not force anything on you. I took a chance, but my AVG said it didn't like the malsign that hitched a ride with OpenCandy. I decided to kill the intallation, which didn't want to go away. That sent me here. I also didn't like the way my hard drive went into overdrive while I was trying, without luck, to deal with it by running combofix. I've never had a problem with combofix before. Not even being able to download it though-?

 

Any thoughts would be appreciated. Thanks

 

Toshiba Satellite, windows 7 professional, 64 bit, Firefox



BC AdBot (Login to Remove)

 


m

#2 ChiefTech

ChiefTech

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oregon
  • Local time:04:13 AM

Posted 12 February 2015 - 12:36 AM

Sounds to me like you've got yourself an infection.
Try switching web browsers or resetting the options in your browser to defaults. Also disable or remove bad extensions and add ons from within your browsers. Try to download again...there is a download here at bleeping computer and another valid one on cnet. You can also try rkill to kill some bad applications first.
However it is always reccomended that you only run these when suggested by a tech who is prepared to assist you in the virus removal process.

#3 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:01:13 PM

Posted 12 February 2015 - 01:08 AM

Hello there,

Try to download again...there is a download here at bleeping computer and another valid one on cnet.

Bleeping Computer is the only official mirror of ComboFix.

From here...

No one should be using ComboFix unless specifically instructed to do so by a Malware Removal Expert who can interpret the logs. It is a powerful tool intended by its creator to be "used under the guidance and supervision of an expert", NOT for general public or personal use. ComboFix was never meant to be used as a general purpose malware scanner like SuperAntispyware or Malwarebytes' Anti-Malware which scan individual drives or different folders on a computer for malware...nor was it designed to be a remote support tool. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. When issues arise due to complex malware infections, possible false detections, problems running ComboFix or with other security tools causing conflicts, experts are usually aware of them and can advise what should or should not be done while providing individual assistance. Those attempting to use ComboFix on their own do not have such information and are at risk when running the tool in an unsupervised environment.

If you need help with removing malware, please post a new topic in here.

Regards,
Alex

Edited by Alexstrasza, 12 February 2015 - 01:09 AM.


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,606 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:13 AM

Posted 12 February 2015 - 07:15 AM

There are a number of unofficial sites which host various versions of ComboFix (many are outdated) and some may even charge a fee. ComboFix.org and ComboFixdownload.com offer unauthorized versions of Combofix and the download links are seldom current. Neither of these sites are affiliated with ComboFix by sUBs.

You may want to read the following in regards to downloading hosting sites.

 

BTW...OpenCandy is an advertising application distributed by the OpenCandy Software Network which displays ads in other programs. The use of advertisement is a way to promote software packages and recover development costs. The OpenCandy FAQs answers many questions users may have about this product.

OpenCandy is technically not installed on a computer, does not collect personally identifiable information and in most cases allows the user to choose whether or not to install advertised software recommended by the vendor. Although no personal information is collected, the software does collect anonymous statistics about events and other data during installation. See What information does OpenCandy collect?

This is what OpenCandy has to say about their product.

OpenCandy provides a plug-in that developers include in their software to earn money by showing recommendations for other software in their installers. Developers use this money to keep their software free and invest in further software development. The installer uses the OpenCandy plug-in to present a software recommendation...during installation. You have complete control to accept the software recommendation by selecting either the “Install” or “Do not install” options on the software recommendation screen.

What is OpenCandy?

The OpenCanday network has partnered with various popular and trusted software developers who bundle their product as part of the program's software installation package. A list of such developers can be found here. Some vendors will clearly advise the use of OpenCandy before downloading their software, while others may provide confusing or no information at all. Examples would be SIW (System Information for Windows) and SingularLabs which both clearly indicates on their website the use of OpenCandy.

OpenCandy is an advertising application.

OpenCandy is similar to Google AdSense, except it displays advertisements in installation program instead of websites. These advertisements promote another software packages. The advertisements are selected by providers of software being installed. When user installing a software (SIW) chooses to install promoted package, revenue is generated and shared between OpenCandy and software providers (SIW developers).

SIW Home Edition is bundled with OpenCandy

SingularLabs partners with OpenCandy to deliver app recommendation to our users. This is the full list of software the we have permitted Open Candy to recommend to our users. Additional products may be added to over time, in which case this list will be updated to reflect those changes.

SingularLabs List of ‘Recommended Apps

OpenCandy is not a virus or malware. However, since it is responsible for displaying advertisements, it may be detected (and sometimes removed) by various anti-virus and other security scanning tools as a Potentially Unwanted Program (PUP) (or adware), a classification that broadly defines the term as any software package which automatically displays advertisements in any form in order to generate revenue. For example, the Microsoft Malware Protection Center (MMPC) detects the program as Adware:Win32/OpenCandy, an adware program that might be bundled with other installers.

To learn more about PUPs and how you get them, please read: About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs)

In response to these detections, OpenCandy has provided the following information:

How do I uninstall OpenCandy?

Since OpenCandy does not permanently install anything on your computer, there is nothing to uninstall. Our technology was selected by a developer and runs temporarily in their downloads which you may have selected and run. The plug-in shows an app recommendation and is designed to self-delete from your computer when it has finished operating. If you are concerned that something extraordinary resulted in any remnant traces being left on your computer, you may download and run our small clean-up utility to ensure all OpenCandy traces which are regularly self-deleted, are in fact gone.

Note: The file name for the OpenCandy cleanup utility is OCCleanupTool.zip

IMO, removal of OpenCandy detections is an optional choice. I have provided the information so you can make an informed decision as whether to remove it or not.
 


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 Arrby

Arrby
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Toronto, Canada
  • Local time:08:13 AM

Posted 12 February 2015 - 09:04 AM

Thanks everyone. The weird thing with the download failure in regard to combofix was that about five minutes after trying to grab it from this site, it popped up! I clicked on the download button, twice (because nothing happened the first time), 'before' posting the long post at the top. I then quit the forum and went off to do some searching and finally ended up on Major Geeks, which I trust. They've been around forever. I was just reading in there about this when the dialog box popped up and it was Bleeping Computer's! So I grabbed combofix. And, wisely or unwisely, I ran it. I have no idea what it may have found.

 

I removed the free Nero that came bundled with Softonic which in turn gave me OpenCandy. I obtained my Nero wave editor through other means.

 

I'll only take chances when I want something and have no easy way to get it. I'm actually quite willing to pay for stuff, within limits, and am not averse to donating to vendors who give me free stuff when the app is something I really need and has looked after me. Other than that, I keep things simple. I don't download everything under the sun just because it's recommended or interesting or free. That's looking for trouble.

 

Thanks again. Later...



#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,606 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:13 AM

Posted 12 February 2015 - 12:28 PM

You're welcome on behalf of the Bleeping Computer community.


... So I grabbed combofix. And, wisely or unwisely, I ran it. I have no idea what it may have found.

ComboFix, like other advanced security tools, is not immune from removing something it shouldn't. Monitor things for a few days and if you start encountering any issues, the log may need to be reviewed. We can assist you with that but not in this forum.

If that is the case, you will need to follow the instructions in the Malware Removal and Log Section Preparation Guide starting at Step 6...then post your logs in the Virus, Trojan, Spyware, and Malware Removal Logs forum, for assistance by the Malware Response Team.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users