Over 1 million tech questions and answers.

Ran Combofix, Now Registry Error

Q: Ran Combofix, Now Registry Error

I ran combofix after it was complete it said something like, let combofix reboot your PC. It stayed like that for a while so finally i just hit the power button.

Now I get an error at boot up:

STOP: c0000218 {Registry File Failure}
The registry cannot load the hive (file):
\SystemRoot\System32\Config\Default or its log or alternate.
It is corrupt, absent, or not writable.

Beginning dump of physical memory.....................

I tried "last known good configuration" , same problem. Safe mode doesnt work either.

Any ideas?

RELEVANCY SCORE 200
Preferred Solution: Ran Combofix, Now Registry Error

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Ran Combofix, Now Registry Error

I booted off the windows xp cd into recovery console and ran this command copy c:\windows\repair\default c:\windows\system32\config\default

It also seems like the virus is gone

Read other 2 answers
RELEVANCY SCORE 47.6

I want to run combofix cause i went to a website and possible clicked on something i should not i beleive i may have a back door trojan

The error i am getting is

Windows cannot find "NircmdB.exe". make sure you typed the name correctly, and then try again.

I tried renaming to cf.exe no luck i even try using SDFix in safemode no luck when i click on runthis bat file cmd start then close so i dont know what is going on..

In the past i had vista and abale to run combofix and get rid of any virus i had . Now with window 7 i am getting this error above

Any help to run combofix would really appreciate. All i want ot do is run combofix on window 7

thanks

A:Combofix will not run on window 7 full retail version, combofix will not run error

Please note the message text in blue at the top of this forum. You should not be using Combofix unless instructed to do so by a Malware Removal Expert who can interpret the logs. It is a powerful tool intended by its creator to be "used under the guidance and supervision of an expert", NOT for private use. Combofix was never meant to be used as a general purpose malware scanner like SuperAntispyware or Malwarebytes' Anti-Malware. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. Please read Combofix's Disclaimer. That's the decision by the creator and we will abide by that decision.Further ComboFix does not officially support Windows 7 and SDFix only works on Windows XP.Please download Malwarebytes Anti-Malware (v1.40) and save it to your desktop.alternate download link 1alternate download link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-Malware... Read more

Read other 3 answers
RELEVANCY SCORE 47.2

Hi,

I hope this is the right place to post this. I ran combofix on my computer and now I am unable to open any programs on the computer. I receive the error message: Illegal operation attempted on a registry key that has been marked for deletion.

I am able to open my documents and pictures folders just not any programs. I am running windows vista. Any help would be greatly appreciated. Thank you.

Grace

A:Combofix Registry Key Problem

Hello.First, a warning for both you and others who may read this thread.ComboFix (CF for short) is intended by its creator to be "used under the guidance and supervision of an expert", NOT for personal, unsupervised use. Please read Combofix's Disclaimer. When CF is run without trained assistance, it can no longer be considered a "safe" tool. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.You may find this topic to be informative - ComboFix usage, Questions, Help? - Look here***************************************************Now. . . in regards to your issue. The problem should resolve itself if you reboot the computer again~Blade

Read other 1 answers
RELEVANCY SCORE 46.8

Begging for help! This is also my first blog/topic of any kind, ever. I found a link to combofix, with instructions to only use it from your site. Very responsible of them, but the link bypassed all your warnings not to do it alone. Combofix did its thing, then I managed to restore my internet connection. The connection itself is there, and my icons are there, but I cant get online or do anything else. Nearly ALL my program icons say "Illegal operation attempted on a registry key that has been marked for deletion."

The past week or so I had the redirect/ad coupon drop virus. I downloaded the 2013 AVG free protection to start, then my Google didn't work. I tried to uninstall AVG, but it didn't fix it, and then I couldn't turn Windows Defender back on. I tried a few malware scans recommended on your site, but they didn't find anything. I finally restored the whole thing back a week or so, then it worked fine.

Till last night when it suddenly kept saying Internet Explorer has stopped working, repeatedly popping that tab up as soon as I would try to close it. It wouldn't even let me Ctl-alt-del to get out of it. Today it would work for a few minutes on Yahoo, then start acting up again (virus-like, not wifi problems.) So I got out my old laptop and found a blog with links to you. I had a moment on the ill computer when it actually let me on, so I went right to the Combofix link and downloaded. Now nothing works, and I have seen ... Read more

A:Combofix, Registry key marked for deletion

Have you read thru this http://www.bleepingcomputer.com/forums/topic273628.html

Read other 4 answers
RELEVANCY SCORE 46.8

Ok on my nephews system I go to run Combofix and it backs up the registry hive using eRunt than stops and no other activity blue command prompt screen still showing nothing but Combofix is preparing the run.. than all activity stops.. no HDD activity at all. Any idea what could be wrong? I have used Combofix on hundreds of systems (yes hundreds I worked for Dell YTT for 18 months now in Dell Workstation and Federal support so no longer doing malware removal). This is the first time I have never been able to get Combofix to run at all though.

A:Combofix will not get past registry backup

ComboFix usage, Questions, Help? - Look here

Read other 1 answers
RELEVANCY SCORE 46.8

I was thinking, the general user should just not use either one, but which would be the "better" to just pick up and start using? (Not like I'm going to do so, but just out of curiosity.) I'm thinking Registry Cleaners.
 

A:Solved: ComboFix vs. Registry Cleaners

Read other 14 answers
RELEVANCY SCORE 46.8

I apologize if this is not the forum this would go in but I was told to run ComboFix by someone in order to fix a malware problem and I did and all seems well but after I turned on my McAfee virus protection again after I was done with ComboFix it kept popping up Registry Change warnings because of ComboFix and asking me whether to allow them or block them. I blocked all of them and I just wanted to know if this was the wrong move to make or whether it will screw anything up. McAfee also quarantined and removed the ComboFix file before I could properly uninstall it, so I just deleted the Qoobox folder that was left. I hope that's enough to finish uninstalling it and that it won't cause computer problems later on (there are no problems so far, thankfully).

A:ComboFix made registry changes? [Moved]

As no logs have been posted, I am shifting this topic from the specialized HiJack This forum to the Am I Infected forum.==>PLEASE DO NOT NOW POST LOGS<== unless a log is specifically requested.

Read other 2 answers
RELEVANCY SCORE 46

I have a serious problem on a work laptop. I have some sort of malware.I believe I got it from downloading pdf files but I'm not sure.The symptoms are I am getting a lot of disk type errors. Also, my desktopicons are mostly gone. Also there were a bunch of windows popping up.My Desktop walpaper is now black rather than the default. Now, after running ComboFix, everything I try to run says Illegal Operationattempted on a registry key that has been marked for deletion!!HELP!! I have KeePass on this box with a lot of passwords that I really need to recover!!!Ray

A:Ran ComboFix, Now All Registry Keys Marked For Deletion?

I have a serious problem on a work laptop. I have some sort of malware.I believe I got it from downloading pdf files but I'm not sure.The symptoms are I am getting a lot of disk type errors. Also, my desktopicons are mostly gone. Also there were a bunch of windows popping up.My Desktop walpaper is now black rather than the default. Now, after running ComboFix, everything I try to run says Illegal Operationattempted on a registry key that has been marked for deletion!!HELP!! I have KeePass on this box with a lot of passwords that I really need to recover!!!RayHmmm, a re-boot seems to have fixed the problem!! Phewww.Sorry for the wasted bandwidth..Ray

Read other 2 answers
RELEVANCY SCORE 46

In order not to lose all your files, I recommend taking the hard drive out and temporarily add it to another machine and copy the files you wish to retain. Make sure this second machine has up to date, legitimate antivirus protection. Please run a virus scan on these files to be sure you do not infect the secondary machine. I would also recommend you install an antispyware application on this secondary machine as well. I personally use spy sweeper. It is $-ware but you can get a 30-day trial from the manufacturers website. This will ensure you do not infect the other machine.Once that is said and done you should break out the good ole' windows disc and get to rebuilding (provided a fix for the problems caused by combofix does not surface in the VERY near future. about 10 minutes for me!!! lol)There is a half-ass written guide that explains a little about combofix here: http://www.bleepingcomputer.com/combofix/how-to-use-combofixThe author mentions the need of having access to the recovery console, yet makes no mention of what to do with it when combofix kills your computer. In the future I recommend against running combofix, as the results of running the application seem worse than the virii that infected the machine initially. Hopefully there are other ways of cleaning these virii/spy/mal-ware off the system.Good Luck,Paul

A:Help restoring registry backups after running ComboFix.

Laska,You have not lost your data. I will see if I can get someone to help you repair the problem you are having. Please be patient while I find someone to walk you through the steps.Paul,Welcome to the site. Though, I do not normally comment on posts like these, I felt it was necessary in order to educate certain people who make "half-assed" remarks.The so-called "half-ass" guide was written by me and was made purposely vague. If you read the "half-assed" guide you will see that it specifically states the following:Due to the power of this tool it is strongly advised that you do not attempt to act upon any of the information displayed by ComboFix without supervision from someone who has been properly trained. If you do so, it may lead to problems with the normal functionality of your computer. Instead you should use this guide to download and run ComboFix and then post the resulting log in a forum that contains helpers who understand how to diagnose them. These helpers will then help you clean your computer of infections so that it is running properly again.Please take note of the underlined text above. As you can see from reading the above text, the program is not meant to be run by anyone who is not being supervised by a trained helper. Anyone working with CF logs here at BC has been trained on its proper usage and how to recover a computer in the case, rare as it is, that a problem occurs after running CF. Furthermore the guide states:W... Read more

Read other 13 answers
RELEVANCY SCORE 46

Hi guys,
Computer was randomly rebooting. Tried to install Malwarebytes but it said access was denied -- it couldn't write the file in the temp directory.  Went to your forum and you advised another person with same issue to run Combofix.  I ran it and it rebooted the computer, but all the programs I try to open now say "Illegal Operation Attempted on a Registry Key that has been marked for deletion."  I can't even open the File Manager to get a copy of the log.  I remember the Vid-Saver program was deleted by combofix.
I'm writing from the kids computer since mine doesn't work, please help.
Running Windows 7 Pro on a Thinkpad
Best,
grahamby

A:Ran Combofix -- Now All Programs "Registry Key Marked for Deletion" Help?

Held my breath, crossed my fingers and rebooted -- voila back in ship-shape.
Will now try mbamclean

Read other 2 answers
RELEVANCY SCORE 46

Hi,

I just ran Combofix on my computer and it seems to have deleted registry keys and everything i try to open on my computer comes back with the registry key is marked for deletion.

How do i restore them?

A:How to restore Combofix - deleted registry files

Hello defyet.First, a warning for both you and others who may read this thread.ComboFix (CF for short) is intended by its creator to be "used under the guidance and supervision of an expert", NOT for personal, unsupervised use. Please read Combofix's Disclaimer. When CF is run without trained assistance, it can no longer be considered a "safe" tool. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.You may find this topic to be informative - ComboFix usage, Questions, Help? - Look here***************************************************Now. . . in regards to your issue. The problem should resolve itself if you reboot the computer again~Blade

Read other 2 answers
RELEVANCY SCORE 46

My computer has been slowing down considerably and keeps losing its internet connection. Then I started getting the error ' the account specified for this service is different from the account specified for other services running the same process.'

I have CA a/v and had 117 threats removed. Was able to run all the windows updates, then tried to find more help on the internet because then I started receiving the error ' the settings saved on this computer for the network do not match the requirements of the network.'

Viperware found tons of problems, listed under MyWebSearch, which it did not clean, so I used MBytes to fix them. When that was complete, I started combofix. When Combofix rebooted, I couldn't even log on to Windows because it said my Windows Activation had expired and I had to call Acer, which I still may do, but I want to get all of my files off before they say to do a restore (which I am assuming will happen). The only way I was able to boot into Safe mode is to reset the bios to 2004. Then Combofix resumed it final steps, creating a log, etc. I assume M-Bytes got rid of the problems, because it looks like Combofix didn't find anything that I can see.

However, NOW I cannot open anything, or move anything because I get the error "Illegal operation attempted on a registry key that has been marked for deletion." This error comes up for all files, not registry keys. (UPDATE: I rebooted - what did I have to lose? - back int... Read more

Read other answers
RELEVANCY SCORE 46

Hello! I recently downloaded the Hiren's Boot CD and it contains Combofix amongst many other fine programs. Question: Can Combofix scan/fix a registry problem? I already ran Kaspersky Boot CD and it removed the doggone PLAYSUSHI.EXE file that has rendered the PC unbootable. Still, it won't boot into windows. Methinks this is a registry issue. Will running Combofix repair what I suspect is a skunked registry? And by the way, I am 100% certain that there is NO other malware besides this darned playsushi game. Thanks.Edit: Moved topic from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum. ~ Animal

A:Can Combofix scan registry in Boot environment?

No one should be using ComboFix unless specifically instructed to do so by a Malware Removal Expert who can interpret the logs. It is a powerful tool intended by its creator to be "used under the guidance and supervision of an expert. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. When issues arise with new malware infections or other security tools conflicting with ComboFix, experts are aware of them and can advise users what should or should not be done while providing assistance. Those attempting to use ComboFix on their own do not have such information and are at risk when running the tool in an unsupervised environment. Please read the pinned topic ComboFix usage, Questions, Help? - Look here. What specific issues are you having that requires using ComboFix?Compliments of QuietMan7

Read other 8 answers
RELEVANCY SCORE 45.6

I ran combofix to get rid of a trojan virus.  I now see a pop-up stating that it was unable to create a backup of the current registry.  Then it asks if it should go ahead and continue with the restore anyway.  I'm inclined to click "no".  If anyone can offer advice on this, I'd appreciate it.
 
Thanks

A:Combofix unable to create a backup of the current registry

Combofix should only be run when supervised by a Virus Removal Expert as things can go bad. If you suspect a Trojan I would post in the Virus Removal Section and provide the logs requested in the Pinned topics. 

Read other answers
RELEVANCY SCORE 45.6

Hi, I was wondering what causes the registry backup to fail when running combofix in safe mode on win7 operating systems? As soon as it fails combofix just disappears of the screen. I've also had combofix be wiped from the desktop and/or memory stick completely, never to be seen again! Cheers!

A:Registry backup failing in safe mode using combofix.

Hi PC Hombre ComboFix shouldn't be used by people that haven't gone throught an intensive malware removal class. There's good reasons why we don't recommend people to use ComboFix on their own, without being under the supervision of a professional. ComboFix is a very powerful tool that can totally break down a Windows installation, forcing you to reinstall it completely, if used wrongly/poorly. If you need to use ComboFix to remove a malware on a system, then you'll have to start a thread in the malware removal section asking for help. If you're looking for more information about ComboFix, quietman wrote a detailled thread about it, linked below.http://www.bleepingcomputer.com/forums/t/273628/combofix-usage-questions-help-look-here/

Read other 2 answers
RELEVANCY SCORE 45.6

Ok, so I'm working on a computer who's owner ran a program called ComboFix. Now, whenever you try to launch a program (say, Chrome, word, etc.) we're getting a popup that says something like "Illegal Operation Attempted on registry key marked for deletion."

I was thinking I'd have him restart the computer but "marked for deletion" makes me think this thing will not be able to reboot.

Let's troubleshoot this!

A:After ComboFix: Illegal Operation, Registry Key Marked for Deletion

Just had client run "sfc /scannow". System returned: "Windows Resource Protection did not find any integrity violations."

Read other 5 answers
RELEVANCY SCORE 45.6

As the topic says I have some sort of virus (I assume), the main symptoms are that my search browsers (I have been using firefox, google chrome and IE) often dont work. They will not load new pages and then I end up just switching between the three trying to get one that works. This has become very frustrating so I decided to try and do something about it. I ran combofix but it deleted all my registry keys, I can run all my programs as administrator and everything works fine. Then I turn off or reset my computer and it fixes the issue with the keys but my computer is back to having some sort of virus. My understanding is that it restores my computer to back before I ran combofix.

So my issue is how do I get my computer working? I have run my anti virus program (Malwarebytes anti-malware) which did not find anything and combofix isnt sorting out my issue. I have tried running both in normal and safe mode but get the same result. At this time I do not have any pop ups but one time I did get redirected to some site telling me to download an anti virus program (which I dont remember the name of). I dont know what it is as the main issue I am having is that my search browsers are not working well and occasionally my computer runs slow.

Hopefully someone can make sense of this and give me some advice and how to manage this as I need my computer for university studies. Any help is much appreciated.

A:Issue with computer and Combofix deleting registry keys

Hi,ComboFix is an extremely powerful tool which should only be used when instructed to do so by someone who has been properly trained.It is intended by its creator to be used under the guidance and supervision of a Malware Removal Expert, not for private use.Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.Please do not run Combofix on your ownThis being said, the issue about keys marked for deletion with ComboFix is fixed by an additional reboot, there's no need to reset your PC to fix it.regards myrti

Read other 5 answers
RELEVANCY SCORE 45.2

I ran Rkill on a lenovo x220, then ran Combofix.  I failed to see that the Lenovo Toolbox was open, which may have interfered somehow with Combofix.  After Combofix finished, I then attempted to run the Malwarebytes Anti Malware, and received an error message stating "Illegal operation attempted on registry key that has been marked for deletion".
 
I cannot launch any programs, including a system restore.  Any suggestions?

A:After Combofix, launching a program advises registry key marked for deletion

The "Illegal operation attempted on a registry key that has been marked for deletion" message is not a ComboFix or Malwarebytes specific problem. It happens from time to time on Vista and Windows 7 computers when a security tool deletes files and registry entries that require a forced reboot. Another reboot should take care of the issue.

Read other 1 answers
RELEVANCY SCORE 45.2

Hello,

I just ran ComboFix and when it was finished clicking on programs and even the control panel causes an alert that says
"Illegal operation attempted on a registry key that has been marked for deletion". What do I do?

Damon

Spoke too soon. Restarting solved the issue. Good thing!

A:ComboFix caused illegal operation key registry deletion problem

You shouldn't be running Combofix unsupervised.

Read other 1 answers
RELEVANCY SCORE 45.2

Hello,

Win XP SP3 Pro ENG (With Dutch interface pack).

There were some small 'utilities' installed. Nothing fancy, but I couldn't apply a background image any-more (also see: http://answers.yahoo.com/question/index?qid=20111103095823AAstxSt - Unable to Change Desktop Background After Virus Attack?).

No traces of virii are left any-more, even the background works just fine again. Verified with: Panda Cloud antivirus, Free PC Tools Spyware Doctor, Malware Byte's Anti-Malware, Kaspersky IS 2012, Superantispyware and the logfile of The Avenger Version 2.0 all say the system is clean too!

BUT throughout troubleshooting, Combofix always reacted in the same way on this computer: it will not show any more new messages after the notice that it will start scanning, and that this might take 10 minutes or more.

Hard disk becomes silent, no action there. The XP system will become either very sluggish OR seems to react just fine. BUT starting programs, ending programs, starting task manager - it ALWAYS fails once combofix enters the scanning state... :s

Also, when I start Combofix, it kills explorer with a send error report dialogue.

There are no logs created, but I do have a C:\Combofix (which redirects to My Computer).

Any suggestions for what it is I can do next?

Thank you :)

Peace!

Devvie


~~~ [email protected] ~~~

Cuisvis hominis est errare, nullius nisi insipientis in errore persevare
——
All spelling mistakes are my own and... Read more

A:Combofix just 'hangs' after registry backup when it starts the malware scan

Aaahhh...we have a Latin scholar , I knew that studying it would pay off some day .Sorry, but ComboFix is a malware tool...as such, it is not a point of discussion or use in this forum, which is oriented for XP system issues.ComboFix usage, Questions, Help - Look here - http://www.bleepingcomputer.com/forums/topic273628.html I will move this to a forum where someone may be able to attempt to assist you.I will add a note about programs like System Mechanic:Bleeping Computer DOES NOT recommend the use of registry cleaners/optimizers for several reasons: Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.

The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed expl... Read more

Read other 9 answers
RELEVANCY SCORE 44.8

Hi guys,I recently ran ComboFix at the behest of an expert (nothing was found), however I've ran into a little problem since then. I am an avid user of the notepad replacement Programmers Notepad 2 (http://code.google.com/p/pnotepad/) and use a neat little trick with the "Image File Execution Options" registry key to launch Programmers Notepad 2 in the place of regular notepad, without doing any dodgy replacement of system files. The creator of PN2, Simon Steel, details this method on his blog (http://untidy.net/blog/2009/11/03/replacing-notepad-with-pn-via-image-file-execution-options/) but the gist of it is I make the following addition:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\notepad.exe]
"Debugger"="F:\\Programs\\x86\\pn\\pn.exe --allowmulti -z"
This no longer seems to work. Regular notepad starts up, no matter what I do. I'm using 64bit windows, so the above change is correct - but I've tried regular SOFTWARE\Microsoft\Windows NT\etc.. to be sureEdit:Well, not one but two restarts later and everything is happy again. Not exactly sure why two restarts were required, but I'm not going to complain! Can a moderator please lock/delete/archive this thread or whatever you folks tend to do on Bleeping Computer. Thanks <3

A:Registry "Image File Execution Options" problems after running ComboFix

Generally changes in the registry require a reboot in order for them to take place. I'm surprised the expert who was helping did not advise you to do that. Working with the registry can be tricky, dangerous and at times even quirky so the two restarts does not surprise me as the first one most likely did not result in the change to take affect.

Anyway, I'm glad you were able to sort it out.

Read other 1 answers
RELEVANCY SCORE 44.4

an easy fix hopefully...
the error is short and annoying.

( registry editor )
registry editing has been disabled by your administrator
How do I reactivate these kinds of features from the control panel?

don't worry, I have administrative rights, Im in the proccess of removing malware and what not, and this must have been turned off at some point.
I have a number of programs already installed and it might be them.
I think I removed a registration cleaner, but I could be wrong I'll try and clean that out for sure.
thats about all know about the situation still trying to resolve other issues but they dont pertain right now, i'll probably post them in another part of the forums.

but obviously if Ive overlooked something important, please let me know and I'll do what ever is needed.
I'm new to this stuff and these forums.
thank you.
 

A:Solved: registry editor error: registry editing has been disabled by your administrat

Welcome to TSG!

Go here and download #275 on the right side to your desktop. Double click to run the script.

HTH

Jerry
 

Read other 2 answers
RELEVANCY SCORE 44.4

Hi all, I was reading these 2 threads about people who have been having trouble deleting stubborn registry keys:

"Error while deleting key" Registry
Can't delete a registry key and can't change its permissions.

Unfortunately they were locked so I couldn?t post a reply.

I have tried everything previously, including all this permission stuff from over here: How do I remove a "Locked" Registry key? - Mischel Internet Security Forum just wasted a lot of time.

Also tried regdelnull RegDelNull also tried RegASSASSIN: Malwarebytes

Nothing worked.

So guys, after reading from over here Malwarebytes Forum > RegAssassin didn't work ?

Try these steps:

Step 1. Download this: http://www.burtonsys.com/Reset_subinacl.zip (if a bit wary, follow these instructions to do the same yourself manually: Solving setup errors by using the SubInACL tool to repair file and registry permissions - Aaron Stebner's WebLog - Site Home - MSDN Blogs )

Step 2. Then run the reset.cmd within it, allow it to complete may take around an hour or so.

NB: If you do not have below file of spupdsvc.exe then just do a normal restart and skip to step 5.

Step 3. Reboot your computer into Safe Mode (tap F8 at BIOS screen) then after it's loaded navigate to C:\Windows\System32\spupdsvc.exe

Step 4. Find the file spupdsvc.exe and replace the extension from .exe to .old, after doing the this file should look as: C:\Windows\System32\sp... Read more

A:Solution to delete problematic registry keys (error deleting registry key)

The subinacl download is available directly from Microsoft at Download details: SubInACL (SubInACL.exe)

Read other 2 answers
RELEVANCY SCORE 43.6

I have a problem similar to this issue..... none of the personal information, just commonlities when I downloaded and ran ComboFix....... Please help, I need my computer asap, I'm an online student....Thanks so much
"I ran ComboFix because my computer had some serious virus. I found ComboFix through another site and did not see the disclaimer about using it under the instruction of professionals.

The virus i had before showed up on AVG as Trojan Horse Crypt.EML. However, AVG couldn't get rid of it. The site i found just told me just to run ComboFix and it would work.

Anyways, ComboFix ran fine and generated a log report.

However, now all my programs won't work and instead say "Illegal operation attempted on a registry key that has been marked for deletion."

I have the log report and all other files generated by ComboFix if anybody needs them.

I am running Windows Vista Home Premium.

Can somebody please help me fix this???"

A:Downloaded combofix now get message "Illegal operation attempted on a registry key that has been marked for deletion...eeeek

Hi Dame1220Firstly, for the benefit of both you and others reading this thread, please take note of the following:ComboFix (CF for short) is intended by its creator to be "used under the guidance and supervision of an expert", NOT for personal, unsupervised use. Please read Combofix's Disclaimer. When CF is run without trained assistance, it can no longer be considered a "safe" tool. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.You may find this topic to be informative - ComboFix usage, Questions, Help? - Look hereSecondly, in regards to your issue. Reboot the computer again. That should set everything straight.~Blade

Read other 1 answers
RELEVANCY SCORE 40

Hi,I am wondering whether combofix.net and combofix.org are GENUINE sites to download ComboFix.There's no Impressum and the whois-info is private registered.Just wanted to know.Edit: Moved topic from Am I infected? What do I do? to the more appropriate forum. ~ Animal

A:Is combofix.net and combofix.org GENUINE Site to download ComboFix?

Please Take a look here: ComboFix usage, Questions, Help? - Look hereSpecifically the link to the combofix disclaimer image. AlsoThere are only two sites that are authorized for combofix, which are shown in red in the last quote box.

Read other 3 answers
RELEVANCY SCORE 38.8

Hi,

I've been having Kernal data inpage error which I assume is from a faulty harddrive (or maybe the RAM?!). I occasionally get a disk check during bootup, which didn't seem to help. I was saving up to buy a hybrid SSD/HDD drive before replacing it, but now it seems a bit too late.

Yesterday after a windows update, I rebooted my computer and the desktop was running very slow, nothing would open, explorer.exe would crash, I would be stuck in desktop until I force shutdown by holding the power switch (Shutdown didnt work), after doing this once or twice, I now get a BSOD again with a registry error right after the desktop loads for 1-2 seconds. X051 error code I think.

What step should I take now to diagnose the problem?
Thanks!
 

Read other answers
RELEVANCY SCORE 38.8

Hello, 
 
One day not too long ago, one laptop started up on me. On bootup, I got an error message that says " 
 
error accessing the system registry", followed by another error, " unexpected error; quitting". I went to 
 
your website, downloaded several virus removal tools, and cleaned the infection, but the error still 
 
happens. Today, I noticed that my desktop does the same thing. I ran RKill and Emsisoft's program, and it 
 
is still running. So far, I have 2 objects detected:
 
*Trace.File.Application.AppInstall(A)*, located in Users\<username>\AppData\Local\<filename>
 
and
 
*Trace.Registry.Application.AdReg(A)*, located in the registry as HKEY_LOCAL_MACHINES\SOFTWARE\CLASSES
 
\WOW6432NODE\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
 
I am sure that I can clean the virus, but how do I get these annoying errors to stop? Can I get registry access back up on bootup for both computers? Please let me know. 

A:Bootup error: Error accessing the system registry due to virus

Welcome aboard   Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeList Restore PointsClick Go and post the result. Please download Malwarebytes Anti-Malware to your desktop.NOTE. If you already have MBAM 2.0 installed scroll down.Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
At the end, be sure a checkma... Read more

Read other 13 answers
RELEVANCY SCORE 38

I recently was infected by a virus so I ran Malware Bytes which usually takes care of any viruses pretty well. After it scanned there was one that it said it could not be removed so I assumed it was one that would be cleaned upon reboot. I scanned again anyway after reboot several times but it comes back with nothing but my browsers keep redirecting to random sites. Previously to fix this, i've used ComboFix which has successfuly fixed that. I still had the Combofix file on my computer so I ran Rkill first (which only killed a Google Updater) then CombFix. My ZA firewall put up connection alerts several times for IE and Firefox, and either accepting or declining them, I get an error message from ComboFix that says "error - win32 only" in English and several other languages and it never starts. I have XP pro on my machine, i've downloaded the most recent one (combofix) available from here at BC and even tried to run it in safe mode. What is the problem? Can anyone help? Anyone experience this?

A:Combofix error

ComboFix is a tool that should only be run under the supervision of someone who has been trained in its use. Using it on your own can cause problems with your computerYou shouldn't be running ComboFix without supervision by staff here at BC.

Read other 3 answers
RELEVANCY SCORE 38

Okay, I'm just looking to pick up a couple ideas from the kind and wonderful people here.

I use combofix fairly regularly with my job, I'm lead tech for a small district of a large corp. and I was introduced to combofix a couple years ago and found that it simplifies the cleanup and removal of certain malware to where I can take care of them in mere moments.

And so I had a customer with sysguard on it, sysguard is not a new bug, nor is it exceptionly bad, just annoying. Program wise its actually very similar to smitfraud, and can be removed using some of the same tactics. But combofix can kill it in one fell swoop, unfortunately when I ran it this last time I received the error Not Admin when it started scanning. I went though everything I could think of to find where this permission error was coming from, but its WinXP MCE sp3, there are not a lot of choices inside the Administrator Account in SafeMode.

I went and manually removed the hoaxware, much more time consuming. I decided to try combofix again just to see if the bugger was what was stopping it from running, but I get the same error. Everything else I have runs fine, even the batch and com tools that I have.

So, anyone with information would be good. I unfortunately will not be able to post any logs as I do not have access to the computer anymore. I'm mostly looking for ideas that i can try in case I run into this again.

Read other answers
RELEVANCY SCORE 38

trying to run combofix and it starts up fine but before it does any "Completed stages" it says "\Microlab\Searchengin\ was unexpected at this time." and just has a flashing cursor.

Any ideas!?
 

A:combofix error

Read other 16 answers
RELEVANCY SCORE 38

Hey guys:I ran combofix and got this error right after the log window:Could Not Find C:\WINDOWS\system32\drivers\Combo-Fix.sysI don't know if the program is finished running or not because that screen just sits there.I'm not sure if I should close the window or not? ThanksEdit: Moved topic from XP to the more appropriate forum. ~ Animal

A:ComboFix error

This is why we have warnings posted and recommend that you do not run it on your own.
I will see if I can find an answer for you

Read other 6 answers
RELEVANCY SCORE 38

Hi,

I ran combofix in my laptop (OS Win 7). After that I am getting error whenever trying to open files... Err!: "Illegal Operation attempted on a registry key that has been marked for deletion. Help me!!!

Urgent Please

A:error after combofix

Hi Team,

I would like to remove this as the issue is been resolved. I have reinstalled the IE and issue resolved completely... Hope you can recommend this for others also...

Read other 2 answers
RELEVANCY SCORE 38

I downloaded the newest version of Combofix on 7/8/10. When it is run it detects a Rootkit. I say OK to reboot. XP hangs during shutdown. After 4 hours it still has not shut down and rebooted. If I do a cold boot Combofix then runs but finds no problems and deletes nothing upon completion. If I reboot and run ComboFix again the same thing happens (finds a Rootkit but hangs during reboot). I put a different hard drive with XP that I know if be malware free. When Combofix is run it has the same exact issue.

A:Combofix Error

Please note the message text in blue at the top of the Am I infected? What do I do? forum. No one should be using ComboFix unless specifically instructed to do so by a Malware Removal Expert who can interpret the logs. It is a powerful tool intended by its creator to be "used under the guidance and supervision of an expert. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. Please read the pinned topic ComboFix usage, Questions, Help? - Look here. With that said, there are circumstances ComboFix will hang or stall at various stages due to malware interference, failure to disable any other real-time protection tools and CD Emulators (Daemon Tools, Alchohol 120%, Astroburn, AnyDVD) so that it does not complete successfully. While that is not normal behaviour, it is not unusual. In such cases, it is helpful to know at what stage CF stalled and to provide that information to the Helper who is assisting you so they can investigate.If you need assistance with your malware infection, please read the pinned topic titled "Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help". If you cannot complete a step, then skip it and continue with the next. In Step 7 there are instructions for downloading and running DDS which will create a Pseudo HJT Report as part of its log.When you have done that, post your log in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT h... Read more

Read other 1 answers
RELEVANCY SCORE 38

Hi all, i am getting a error message using combofix.exe the error message reads ""0x7c9111e0 referenced memory at 0x006c0079 could not be read""i have no clue what this means maybe someone can give me a hand. Before running the combo fix i ran ad-aware se, and super anti spyware then i ran a avg antivirus scan and then the combofix and then hijackthis, at the end (all was done in safe mode).i will post a logged file of the combofix to see if someone can help me out. Thanks."CraZy LoC" - 2007-07-15 19:57:40 - ComboFix 07-07-16 - Service Pack 2 NTFS [SAFE MODE]((((((((((((((((((((((((( Files Created from 2007-06-15 to 2007-07-15 )))))))))))))))))))))))))))))))2007-07-15 16:00 <DIR> d-------- C:\Program Files\SUPERAntiSpyware2007-07-15 16:00 <DIR> d-------- C:\DOCUME~1\CRAZYL~1\APPLIC~1\SUPERAntiSpyware.com2007-07-15 16:00 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com2007-07-15 15:58 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard2007-07-15 15:46 <DIR> d-------- C:\Program Files\Trend Micro2007-07-15 13:36 <DIR> d-------- C:\DOCUME~1\CRAZYL~1\APPLIC~1\Uniblue2007-07-15 13:08 51,200 --a------ C:\WINDOWS\nircmd.exe(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))2007-07-11 21:51:13 -------- d-----w C:&#... Read more

A:Error Using Combofix.exe

Post a Hijack This log in the Hijack This Forum by following the directions in the link below. DO NOT post the log in this forum.http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

Read other 3 answers
RELEVANCY SCORE 38

Ok so we are getting the following error on 20+ pc's on a domain based network. We get this error on basically every PC we log into and run combofix on. We have tried MANY rootkit removal utilities with no luck. (ie malwarebytes, combofix, sdfix, rootkit revealer, Trend rootkit, mcafee rootkit, superantispyware, etc...) The server has also been scanned... We've deleted the users profiles on the server and on the local PC's, we've even completely reloaded a PC and added it back to the domain and the message came back immediately after running combofix on a clean profile. After the error pops up it prompts us to reboot the computer and then it runs combofix again and finds nothing. If we wait a little while after that it comes back up again... If anyone has seen this or has any input it would be greatly appreciated!

A:Combofix error

Hello and welcome to BleepingComputer.I take it this is about a corporate network? If so, you really should consider a reformat or having the IT department taking this down. We cannot possibly work on 20 computers at a time in this forum. Besides, while cleaning one computer, malware would spread through the network and reinfected it, and so undo all our work.To have a chance to successfully clean all machines, you will need to isolate all of them, make sure all of them are completely clean as well as any removable storage and only after that reconnect the computers.

Read other 2 answers
RELEVANCY SCORE 38

hi guys,
 
every times i can try to start combofix i receive this error:
 
error writing c:\32788R22FWJFW\023.dat
 
how can i solve it??
 
thanks in advance

A:error of combofix.exe

Hello and welcome to BC,
 
Please read this topic about Combofix: ComboFix usage, Questions, Help? - Look here
 
You can get an expert opinion by asking for help in the Virus, Trojan, Spyware, and Malware Removal Logs forum. You will need to follow instructions in the Preparation Guide. 
Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help
 
 
Let me know if you need any help with that. 

Read other 4 answers
RELEVANCY SCORE 38

After Running AVG Business edition and Malware-Bytes, was unable to remove a virus threat entitled "Tojan virus Agent_r.AHR". Have used and performed ComboFix several times at the advice on users on the forum and knew that after the failed attempts to remove the virus using previous scanners, ComboFix was the next step. Error Log follows below:ComboFix 11-07-05.02 - Register 6 07/05/2011 14:27:56.1.1 - x86Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2012.1578 [GMT -5:00]Running from: c:\documents and settings\Register 6\My Documents\Downloads\ComboFix.exe..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\windows\system32\kernel.dll..((((((((((((((((((((((((( Files Created from 2011-06-05 to 2011-07-05 )))))))))))))))))))))))))))))))..2011-07-05 17:37 . 2011-07-05 17:37 -------- d-----w- c:\documents and settings\Register 6\Application Data\Malwarebytes2011-07-05 17:37 . 2010-11-29 22:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys2011-07-05 17:37 . 2011-07-05 17:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes2011-07-05 17:37 . 2011-07-05 17:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2011-07-05 17:37 . 2010-11-29 22:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys2011-07-... Read more

A:ComboFix Error Log

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Please take note:If you have since resolved the original problem you were having, we would appreciate you letting us know. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available.If you are unable to perform the steps we have recommended please try one more time and if unsuccessful alert us of such and we will design an alternate means of obtaining the necessary information.If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply'... Read more

Read other 2 answers
RELEVANCY SCORE 38

I was advised to run ComboFix as a possible solution to the problem that I'm having accessing some files (Access is Denied) and activating command lines such as chkdsk, where I am told that I do not have sufficient privileges.

I am the administrator on a private pc.

Unfortunately I did not read the instructions regarding preparation so I do not have a helper. The DDS does not download, but I have attached the log report.

Can anyone pls advise what I should do? There is no change in the problem of file access and privilege level.

A:ComboFix error

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/461730 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

Read other 2 answers
RELEVANCY SCORE 38

Hi all, i am getting a error message using combofix.exe the error message reads ""0x7c9111e0 referenced memory at 0x006c0079 could not be read""i have no clue what this means maybe someone can give me a hand. Before running the combo fix i ran atf cleaner,ad-aware se, and super anti spyware then i ran a avg antivirus scan and then the combofix and then hijackthis, at the end (all was done in safe mode).i will post a logged file of the combofix to see if someone can help me out. Thanks."CraZy LoC" - 2007-07-16 17:36:43 - ComboFix 07-07-16.4 - Service Pack 2 NTFS [SAFE MODE]((((((((((((((((((((((((( Files Created from 2007-06-16 to 2007-07-16 )))))))))))))))))))))))))))))))2007-07-16 16:59 <DIR> d-------- C:\WINDOWS\LastGood2007-07-15 22:57 51,200 --a------ C:\WINDOWS\nircmd.exe2007-07-15 22:00 <DIR> d-------- C:\WINDOWS\pss2007-07-15 20:39 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com2007-07-15 20:38 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard2007-07-15 16:00 <DIR> d-------- C:\Program Files\SUPERAntiSpyware2007-07-15 16:00 <DIR> d-------- C:\DOCUME~1\CRAZYL~1\APPLIC~1\SUPERAntiSpyware.com2007-07-15 15:46 <DIR> d-------- C:\Program Files\Trend Micro2007-07-15 13:36 <DIR> d-------- C:\DOCUME~1\CRAZYL~1\APPLIC~1\Uniblue((((((((... Read more

Read other answers
RELEVANCY SCORE 38

Below is a log from my combofix scan - I have infections in .ddl files - how do I get them 'resolved'?

ComboFix 09-11-29.02 - Administrator 11/29/2009 18:08.1.1 - x86
Microsoft Windows 2000 Professional 5.0.2195.0.1252.1.1033.18.255.154 [GMT -5:00]
Running from: c:\windows\TEMP\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\ac3_0010.exe
C:\mte3ndi6odoxng.exe
c:\progra~1\COMMON~1\{28301~1

c:\progra~1\COMMON~1\{38301~1

c:\program files\deskbar

c:\program files\deskbar\inst.bat

c:\program files\internet optimizer

C:\rdfx4.exe

c:\windows\Fonts\acrsecB.fon

c:\windows\Fonts\acrsecI.fon

c:\windows\nem220.dll

c:\windows\smdat32a.sys

c:\windows\smdat32m.sys

c:\windows\start.exe

c:\windows\system32\clrviddc.dll

c:\windows\uninst2.htm

c:\windows\unist1.htm

c:\windows\Web\default.htt



c:\windows\system32\qmgr.dll . . . is infected!!



c:\windows\system32\comres.dll . . . is infected!!



.

((((((((((((((((((((((((( Files Created from 2009-10-28 to 2009-11-29 )))))))))))))))))))))))))))))))

.



2009-11-21 20:28 . 2009-11-21 20:28 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Identities

2009-11-08 23... Read more

Read other answers
RELEVANCY SCORE 38

I've read a bunch of old topics and tried following the same instructions and I'm still having problems.  
 
Malwarebytes freezes half way through the run.  I tried in safemode I get the same thing.  I tried combofix and I keep getting run errors/extract errors.  I read a lot of topics where people were having similar problems.  The only addition to mine is my hard drive is constantly saying low disk space.  Its no where near low, If I delete one or two things totally a few gigs within 20 minutes my disk space is back to 0 kb again.  
 
Please help! Much appreciated! .
 
Moderator Edit: Moved from Windows 7 forum to a more appropriate forum since Combofix did not run
Roger

A:Combofix Error + Malwarebytes Error

Hello -
Only because this is program specific, please post it to the Malwarebytes General Forum area linked below
 
https://forums.malwarebytes.org/index.php?s=9e6d8926279a7354514504570a27a007&showforum=41
 
They would be the better people to deal with this at the moment -
 
Thank You -

Read other 5 answers
RELEVANCY SCORE 37.6

Hi,
I ran combofix on my laptop and when it completed it gave me a error log report and I have no idea what it means. Can someone please help me with it? I have attached the report. I don't know what I need to do next, any help would be appreciated. Thank you

A:Combofix Error log report

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Please take note:If you have since resolved the original problem you were having, we would appreciate you letting us know. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available.If you are unable to perform the steps we have recommended please try one more time and if unsuccessful alert us of such and we will design an alternate means of obtaining the necessary information.If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply'... Read more

Read other 2 answers
RELEVANCY SCORE 37.6

My daughter has managed to acquire some type of malware which behaves much like Vundo... however, since I'm a bit rusty on my skillz, I can't be exactly sure.

Description of symptoms:

Will not connect to the home network any longer, either wireless or wired. When LiveMessenger fails to connect, troubleshooting shows an invalid IP address...when I run IPCONFIG, it states there's an internal error.

AVG Anti-Virus modules will not run.

Spybot S&D will not run

Downloaded Malware Antibytes but the program will not install. The process is in Task Manager, but is "hung" and will not initiate.

Downloaded Combofix from a link in this forum. When executed, it drops to the DOS box, then comes up with Date Error. The date presented is the current, correct date, yet it states to Check Your Settings.

Ran The Comedian which gave me a valid ERUNT, but would not set a restore point.

And, last but not least, HJT will not install.

Um.. help?

A:Combofix Date Error?

Ok.. found the rename trick for MBAM... had to even go ren the exe in Program Files/Malware Antibytes folder but its currently running... we'll see.. If it works, someone may want to make a sticky out of that lil trick..

Read other 52 answers
RELEVANCY SCORE 37.6

My Laptop appears to have been infected with a Ransom/Highjack Virus. I cannot access the Internet with any of four browsers. I managed to rid the system of popups (using Stopzilla) but still cannot access the Web. When I try to download Combofix from a thumbdrive form another computer, I get an Error Message that my XP system is incompatible with the Combofix download, although I think I am using the correct Combofix XP link.

I'd appreciate receiving a Combofix link that is definitely compatible with XP....and a solution for downloading it to my machine. I suspect that the virus may be creating this obstacle to downloading in addition to the other problems, but I am not sure.

Thanks for your help!

A:Combofix Incompatible Error

Hi Stephen,Welcome to BleepingComputer. Do you have a 64-bit Operating System?Additionally please be aware of the following:IMPORTANT!: No one should be using ComboFix unless specifically instructed to do so by a Malware Removal Expert who can interpret the logs. It is a powerful tool intended by its creator to be "used under the guidance and supervision of an expert. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. When issues arise due to complex malware infections, possible false detections, problems running ComboFix or with other security tools causing conflicts, experts are usually aware of them and can advise what should or should not be done while providing individual assistance. Those attempting to use ComboFix on their own do not have such information and are at risk when running the tool in an unsupervised environment. With that said, please read the pinned topic ComboFix usage, Questions, Help? - Look here. ComboFix logs, where should I post them?ComboFix logs are not permitted outside the Virus, Trojan, Spyware, and Malware Removal Logsl forum and then only when requested by a Malware Response Team member. However, if you ran ComboFix on your own due to malware infection, please be aware that a ComboFix log is only one part of the disinfection process. Therefore we ask that you please read the pinned topic titled "Preparation Guide For Use Before Usi... Read more

Read other 2 answers
RELEVANCY SCORE 37.6

So I've been getting an error 132 when I play WoW. I was told to run combofix, but I don't know how to read the log. I was wondering if there is anything that needs to be removed. Thanks in advance.

Here's the log that I received:

ComboFix 11-04-01.01 - jon 01/04/2011 20:24:33.1.4 - x64
Microsoft� Windows Vista� Home Premium 6.0.6002.2.1252.2.1033.18.8190.6439 [GMT -7:00]
Running from: c:\users\jon\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-03-02 to 2011-04-02 )))))))))))))))))))))))))))))))
.
.
2011-04-02 03:30 . 2011-04-02 03:30 -------- d-----w- c:\users\jon\AppData\Local\temp
2011-04-02 03:30 . 2011-04-02 03:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-02 02:50 . 2011-04-02 02:50 -------- dc-h--w- c:\programdata\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2011-04-02 02:50 . 2011-04-02 02:50 -------- d-----w- c:\program files (x86)\Uniblue
2011-04-02 02:50 . 2011-04-02 02:50 -------- d-----w- c:\users\jon\AppData\Local\PackageAware
2011-04-02 00:38 . 2011-04-02 00:38 431104 ----a-w- c:\windows\system32 ... Read more

A:Error 132 in WoW - Combofix log included

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

Read other 2 answers
RELEVANCY SCORE 37.6

Hi,

Could you please help me fix the Google redirect virus on my laptop?

Thanks in advance

A:ComboFix Log Error Report

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Please take note:If you have since resolved the original problem you were having, we would appreciate you letting us know. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
If you are unsure about any of these characteristics just post what you can and we will guide you.Please tell us if you have your original Windows CD/DVD available.If you are unable to perform the steps we have recommended please try one more time and if unsuccessful alert us of such and we will design an alternate means of obtaining the necessary information.If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply'... Read more

Read other 2 answers