PDA

View Full Version : ComboFix.exe time adjustment



PiKapp504
2008-03-06, 20:41
Ok, so I've been searching and reading up on the forums to remove some severe spyware that infected my computer. So far I think I've gotten it ALL! I have 2 questions though:

a) According to the ComboFix.exe program, the time is supposed to adjust itself back to how it was before it ran. Well, it's still stuck in military time and I'd like it back to how I used to have it. How do I go about doing this?

and lastly

b) Every time on boot up now, I receive a rundll error message stating it can't find the following file: "C:\WINDOWS\System32\chuwfehd.dll". Is this a needed file, or more spyware/malware that's trying to "fix itself"? Thanks in advance!

ken545
2008-03-07, 16:21
Hello PiKapp504

Welcome to Safer Networking.

Please read Before YouPost (http://forums.spybot.info/showthread.php?t=288)
That said, All advice given by anyone volunteering here, is taken at own risk.
While best efforts are made to assist in removing infections safely, unexpected stuff can happen.

Download Trendmicros Hijackthis (http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe) to your desktop.

Double click it to install
Follow the prompts and by default it will install in C:\Program Files\Trendmicro\Hijackthis\Highjackthis.exe
Open HJT Scan and Save a Log File, it will open in Notepad
Go to Format and make sure Wordwrap is Unchecked
Go to Edit> Select All/Edit > Copy and Paste the new log into this thread
DO NOT have HijackThis fix anything yet. Most of what it finds will be harmless or even required.


Time for some housekeeping



Click START then RUN
Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there.


http://i189.photobucket.com/albums/z176/EPL47/CF_Cleanup.png


When shown the disclaimer, Select "2"

The above procedure will:

Delete the following:
ComboFix and its associated files and folders.
VundoFix backups, if present
The C:\Deckard folder, if present
The C:_OtMoveIt folder, if present

Reset the clock settings.
Hide file extensions, if required.
Hide System/Hidden files, if required.
Reset System Restore.




If your still getting that error than your system is not fully clean. Post the Hijackthis log