Date: Sep 30, 2012
Combofix stuck on "scanning for infected files..." - Google/Browser redirect - Rootkit:
Your Windows machine is infected with a Virus/Spyware/Rootkit. Windows might be crashing at startup, pops-up appearing, Web links redirect and your Antivirus is useless.
You run Combofix and it gets hung on "Scanning for infected files..." and won't start scanning.
I have been through this several times. Tried Adware, Malwarebytes, Symantec, other cleanup tools and none worked! Combofix that worked with me 99% of the time and cleaned up viruses and Rootkits, just gets stuck!
In these cases, it turned out that Windows was infected with really bad Rootkit and the only way it really worked for me was doing the following:
Boot to Safe Mode with Networking not Safe Mode (so you can run updates), Download and run the Kaspersky TDSSKiller - Rootkit Killer If TDSSKiller won't run/open, download and install Kaspersky free trial antivirus, update it and run a scan. That will remove the Rootkit.
After the Rootkit is cleaned, download and run Combofix for final clean-up!!! That is very important!
If you find this article helpful, please send us a note to Mike@bostonIT.com so I can keep on adding more hands-on knowledgebase articles.