Jump to content

ComboFix Fails "find trojan several times. hope some expert can help with Hijackthis log"

Recommended Posts

My last topic was closed just today. It was "find trojan several times. hope some expert can help with Hijackthis log". Larry Tate helped me and I downloaded and ran ComboFix to find and disinfect TDL4 bootkit. However, the problem has come back.

Just now, when I was on a public website, I was asked to supply username and password for one of the articles I tried to access. I closed firefox and start ComboFix immediately. ComboFix found rootkit again and asked to reboot. After reboot, ComboFix went to the stage with the standard notice: it typically takes around 10 minutes, but may easily double for badly infected computers. It stays on this notice for several minutes. Then the screen went black. I moved the mouse to return the screen to life and found the computer is in normal booting session. I reran the ComboFix immediately. But I encountered the same problem:it doesn't finish scan.

So I turned off the computer by pressing the power button, waited a few minutes, start the computer again. I ran ComboFix. It found rootkit and reboot the computer. It went on to the notice I quoted above and the blue window stayed. Then I found my taskbar came into view (It should hide.). I start task manager and found no more than 4% activity occationally. ComboFix wasn't scanning.

Please help. Thank you.


Link to post
Share on other sites

Larry, please help.

I need add some information.

After the ComboFix's first success yesterday, I ran Kaspersky over night. Kaspersky found a virus EICAR-test-file and deleted it. Kaspersky also found severl "legal software that can be used by criminals to damage your computer...". One of them is "...handle.cfxe" and the rest are all in combofix.

Thank you. If Larry is busy, will somebody else help? Appreciate.


Link to post
Share on other sites


Logs will be closed if you haven't replied within 3 days

Please don't attach the scans / logs from these scans, use "copy/paste".

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

You might want to print these instructions out.

Note: Close all browsers before running ATF Cleaner: IE, FireFox, etc.

Please download ATF Cleaner by Atribune.

Download - ATF Cleaner

Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.