|
|
Post by Phantom~*DS*~ on Jan 25, 2006 23:13:27 GMT -8
After some investigation, I have determined that my computer is infected with the combo.exe virus. Google it for specific information. I can't get rid of it with any anti-virus or anti-spyware program, nor have I been able to delete it manually. I'm pretty certain that it is the source of at least some of the issues my computer's been having lately (such as Internet Explorer crashing unexplicably, horrible ping, etc.) It will show up in the Task Manager every few seconds for a fraction of a second, then disappear. It will stay in the Manager if you open the "Run..." window. Screenshot:  Above and to the left of the "Create New Task" window. I want to try to fix it before Surge reformats this POS so I can see if it's really the reason things are being so crappy. Ask as many questions as you need to -- it's late so I'm not being very detailed. Any help would be appreciated. |
|
|
|
Post by SpawnoChaos on Jan 26, 2006 3:40:23 GMT -8
Why can't you delete it manually? Can you not find it or does it tell you that another program is using it and it cannot be deleted? If it tells you that another program is using it then just enter windows in safe mode and kill it there...while it sleeps  |
|
|
|
Post by HAMMERHEAD~*DS*~ on Jan 26, 2006 7:22:36 GMT -8
You sound like you are on the right track and have the Trojan.Chimo.C virus. It is using your computer to as an email relay; hence, the ping times flipping out. Just to make sure , see if you have "combo.exe" = "combo.exe" in registry entry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run This would be how it starts up every time windows cranks up. It's a tricky bastard too, because it deletes itself from the Task Manager so you can't see it running. I'd like to rip the idiot who invented this a new one. Anyway, I'd disable system restore, go into safe mode and delete the file %System%\combo.exe, and then go into regedit and delete the value "combo.exe" = "combo.exe" from the registry key I mentioned before. It should do the trick. If you can't open the editor (it may be blended with another virus), go to this link and download this tool to help you. securityresponse.symantec.com/avcenter/venc/data/tool.to.reset.shellopencommand.registry.keys.html- HH |
|
|
|
Post by Phantom~*DS*~ on Jan 26, 2006 8:10:14 GMT -8
Ahhhh, now it makes sense. Yeah, I was going into regedit and going to the exact entry you mentioned (I had done some research on it), but I forgot to do it in Safe Mode or to disable System Restore. I'll update in a bit.
|
|
|
|
Post by Phantom~*DS*~ on Jan 26, 2006 8:29:14 GMT -8
Alright, it looks like I've found and destroyed it. Restarted in Safe Mode, deleted it from SYSTEM32, everything else. I'll check on it again after school.
|
|
|
|
Post by HAMMERHEAD~*DS*~ on Jan 26, 2006 10:13:54 GMT -8
Roger Dodger! Do you run an anti-virus? I found Norton AV to be pretty good if you keep it updated. They also have extensive research and information at their website. Good virus hunting!
- HH
|
|
|
|
Post by X S U R G E X DS X on Jan 27, 2006 19:00:15 GMT -8
Hammer since when did you become a computer geek and a story writer?
|
|
|
|
Post by pschokiller on Jan 27, 2006 19:09:31 GMT -8
LMAO!
Also, when did you become a teacher, making fun of simple grammar mistakes?
jk Hammer, jk
|
|
|
|
Post by HAMMERHEAD~*DS*~ on Jan 31, 2006 6:45:52 GMT -8
Well...I've always been a story teller and writer, so that should come as no surprise to any of you highly observant characters.
As for computers... I may not know a whole hell of a lot about some areas of computers, but I like to get down in the weeds and mud on my boots when it comes to people screwing with my computer. So, in the interest of keeping my computer healthy, I study up on them, so I am prepared to deal with the situation if it arises. It is also a little hobby of mine.
- HH
|
|
