Help
This topic is locked
The right clicking trick worked! I attached the logit file with the post; did you want me to try to find the log "dequarantine.txt" and paste it too?
Forum Guidelines
Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help
Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient. DO NOT RUN ComboFix unless requested to. Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log. When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc. Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
Really Slow/Not responding often Don't know what's wrong...
Back to top
#32
- bleepin' _temp_
-
- Group: Malware Response Instructor
- Posts: 27,518
- Joined: 25-January 08
- Gender:Female
- Location:At home
Posted 29 January 2010 - 07:00 PM
Hi,
it seems the attachment got lost, I do not see it. Could you please try to attach it again. Make sure you press "upload" after selecting the file you want to attach.
Yes please also look for the dequarantine.txt.
regards myrti
it seems the attachment got lost, I do not see it. Could you please try to attach it again. Make sure you press "upload" after selecting the file you want to attach.
Yes please also look for the dequarantine.txt.
regards myrti
If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM!
Please don't send help request via PM, unless I am already helping you. Use the forums!
I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones. ~ Albert Einstein
Heroism on command, senseless violence, and all the loathsome nonsense that goes by the name of patriotism -- how passionately I hate them! ~ Albert Einstein
Please don't send help request via PM, unless I am already helping you. Use the forums!
I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones. ~ Albert Einstein
Heroism on command, senseless violence, and all the loathsome nonsense that goes by the name of patriotism -- how passionately I hate them! ~ Albert Einstein
#33
- Member
-
- Group: Members
- Posts: 49
- Joined: 08-November 08
Posted 30 January 2010 - 05:18 PM
I found both of the files, but I don't know how to get them to you.. They are far too large to be posted or even attached in broken up smaller files. I found out that's why last time nothing was attached. Any suggestions?
#34
- Member
-
- Group: Members
- Posts: 49
- Joined: 08-November 08
Posted 31 January 2010 - 02:17 PM
Sorry to be so hard to work with, I just want to make sure I'm doing the right thing. I zipped the Logit and Dequarantine.txt files and attached them, hopefully that will work?
Zac
Zac
Attached File(s)
-
dequarantine.zip (163.84K)
Number of downloads: 7 -
Logit.zip (221.29K)
Number of downloads: 11
#35
- Member
-
- Group: Members
- Posts: 49
- Joined: 08-November 08
Posted 08 February 2010 - 11:37 AM
Thanks as usual; here is the link with my Dequarantine.txt file: http://www.mediafire.com/?dxkk1jn3dog
#36
- bleepin' _temp_
-
- Group: Malware Response Instructor
- Posts: 27,518
- Joined: 25-January 08
- Gender:Female
- Location:At home
Posted 12 February 2010 - 09:33 PM
Hi,
please run the following batch:
Open Notepad and copy/paste the code box below into a new text file.
Let me know if this restores your start menu to the way you're used to.
regards myrti
please run the following batch:
Open Notepad and copy/paste the code box below into a new text file.
CODE
DEL /A/S/F "C:\Qoobox\Quarantine\C\ProgramData\desktop.ini" "C:\Qoobox\Quarantine\C\ProgramData\desktop.ini.vir"
PEV -tf "C:\Qoobox\Quarantine\C\ProgramData\*.vir" >VirFiles.txt
FOR /F "TOKENS=*" %%G IN ( VirFiles.txt ) DO @REN "%%G" "%%~NG"
DEL /A VirFiles.txt
XCOPY /e/c/i/f/h/r/k/y "C:\Qoobox\Quarantine\C\ProgramData\*" "C:\ProgramData" >log.txt
log.txt
PEV -tf "C:\Qoobox\Quarantine\C\ProgramData\*.vir" >VirFiles.txt
FOR /F "TOKENS=*" %%G IN ( VirFiles.txt ) DO @REN "%%G" "%%~NG"
DEL /A VirFiles.txt
XCOPY /e/c/i/f/h/r/k/y "C:\Qoobox\Quarantine\C\ProgramData\*" "C:\ProgramData" >log.txt
log.txt
- Save the file as restore.bat by choosing save as *All Files, and save it to your Desktop.
- Locate "restore.bat", right click it and select "run as administrator". (It is important that you run the script from the drive where your operating system is installed).
- It will open a text file, please copy the content in your next reply.
Let me know if this restores your start menu to the way you're used to.
regards myrti
If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM!
Please don't send help request via PM, unless I am already helping you. Use the forums!
I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones. ~ Albert Einstein
Heroism on command, senseless violence, and all the loathsome nonsense that goes by the name of patriotism -- how passionately I hate them! ~ Albert Einstein
Please don't send help request via PM, unless I am already helping you. Use the forums!
I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones. ~ Albert Einstein
Heroism on command, senseless violence, and all the loathsome nonsense that goes by the name of patriotism -- how passionately I hate them! ~ Albert Einstein
#37
- Member
-
- Group: Members
- Posts: 49
- Joined: 08-November 08
Posted 12 February 2010 - 10:45 PM
The log was too big to paste or attach, so I uploaded it to: http://www.mediafire.com/?mzwz1yzjjou
#38
- bleepin' _temp_
-
- Group: Malware Response Instructor
- Posts: 27,518
- Joined: 25-January 08
- Gender:Female
- Location:At home
Posted 13 February 2010 - 08:57 AM
Hi,
how is your start menu doing?
regards myrti
how is your start menu doing?
regards myrti
If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM!
Please don't send help request via PM, unless I am already helping you. Use the forums!
I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones. ~ Albert Einstein
Heroism on command, senseless violence, and all the loathsome nonsense that goes by the name of patriotism -- how passionately I hate them! ~ Albert Einstein
Please don't send help request via PM, unless I am already helping you. Use the forums!
I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones. ~ Albert Einstein
Heroism on command, senseless violence, and all the loathsome nonsense that goes by the name of patriotism -- how passionately I hate them! ~ Albert Einstein
#39
- Member
-
- Group: Members
- Posts: 49
- Joined: 08-November 08
Posted 14 February 2010 - 01:46 AM
Oh yes, I forgot to say that IT WORKED!!!! Thank you so much, all of my programs are back now!! 
It's soooo great to have everything back at the click of a button.
It's soooo great to have everything back at the click of a button.
#40
- bleepin' _temp_
-
- Group: Malware Response Instructor
- Posts: 27,518
- Joined: 25-January 08
- Gender:Female
- Location:At home
Posted 15 February 2010 - 07:48 AM
Hi,
happy to hear that!
PLease make sure everything is alright before proceeding with the following steps, as this will remove all the backups we currently still have of the data deleted by ComboFix. Do NOT proceed if you find that anything is still missing.
Uninstall ComboFix.exe And all Backups of the files it deleted
This should leave the PC as it was before you ran ComboFix.
regards myrti
happy to hear that!
PLease make sure everything is alright before proceeding with the following steps, as this will remove all the backups we currently still have of the data deleted by ComboFix. Do NOT proceed if you find that anything is still missing.
Uninstall ComboFix.exe And all Backups of the files it deleted
- Click START then RUN
- Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
This should leave the PC as it was before you ran ComboFix.
regards myrti
If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM!
Please don't send help request via PM, unless I am already helping you. Use the forums!
I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones. ~ Albert Einstein
Heroism on command, senseless violence, and all the loathsome nonsense that goes by the name of patriotism -- how passionately I hate them! ~ Albert Einstein
Please don't send help request via PM, unless I am already helping you. Use the forums!
I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones. ~ Albert Einstein
Heroism on command, senseless violence, and all the loathsome nonsense that goes by the name of patriotism -- how passionately I hate them! ~ Albert Einstein
#41
- Member
-
- Group: Members
- Posts: 49
- Joined: 08-November 08
Posted 15 February 2010 - 06:53 PM
I tried putting exactly what you said in the run program, and a popup message came up saying: "Windows cannot find 'Combofix'. Make sure you typed the name correctly, and then try again."
#42
- bleepin' _temp_
-
- Group: Malware Response Instructor
- Posts: 27,518
- Joined: 25-January 08
- Gender:Female
- Location:At home
Posted 16 February 2010 - 04:06 PM
Hi,
please download a new copy of ComboFix and save it onto your desktop. Do not run it. Just run the command I gave you earlier: combofix /uninstall.
regards myrti
please download a new copy of ComboFix and save it onto your desktop. Do not run it. Just run the command I gave you earlier: combofix /uninstall.
regards myrti
If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM!
Please don't send help request via PM, unless I am already helping you. Use the forums!
I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones. ~ Albert Einstein
Heroism on command, senseless violence, and all the loathsome nonsense that goes by the name of patriotism -- how passionately I hate them! ~ Albert Einstein
Please don't send help request via PM, unless I am already helping you. Use the forums!
I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones. ~ Albert Einstein
Heroism on command, senseless violence, and all the loathsome nonsense that goes by the name of patriotism -- how passionately I hate them! ~ Albert Einstein
#43
- Member
-
- Group: Members
- Posts: 49
- Joined: 08-November 08
Posted 16 February 2010 - 08:29 PM
That worked, combfix said it was uninstalled.
#44
- bleepin' _temp_
-
- Group: Malware Response Instructor
- Posts: 27,518
- Joined: 25-January 08
- Gender:Female
- Location:At home
Posted 17 February 2010 - 05:10 AM
Hi,
happy to hear that. You can now delete all the other tools we used as well.
Read those last few lines, in order to keep your pc safe and clean:
Please read these advices, in order to prevent reinfecting your PC:
myrti
happy to hear that.
You can now delete all the other tools we used as well.Read those last few lines, in order to keep your pc safe and clean:
Please read these advices, in order to prevent reinfecting your PC:
- Install and update the following programs regularly:
- an outbound firewall
A comprehensive tutorial and a list of possible firewalls can be found here. - an AntiVirus Software
It is imperative that you update your AntiVirus Software on regular basis.If you do not update your AntiVirus Software then it will not be able to catch the latest threats. - an Anti-Spyware program
Malware Byte's Anti Malware is an excellent Anti-Spyware scanner. It's scan times are usually under ten minutes, and has excellent detection and removal rates.
SUPERAntiSpyware is another good scanner with high detection and removal rates.
Both programs are free for non commercial home use but provide a resident and do not nag if you purchase the paid versions. - Spyware Blaster
A tutorial for Spywareblaster can be found here. If you wish, the commercial version provides automatic updating. - MVPs hosts file
A tutorial for MVPs hosts file can be found here. If you would like automatic updates you might want to take a look at HostMan host file manager. For more information on thehosts file, and what it can do for you,please consult the Tutorial on the Hosts file
- an outbound firewall
- Keep Windows (and your other Microsoft software) up to date!
I cannot stress how important this is enough. Often holes are found in Internet Explorer or Windows itself that require patching. Sometimes these holeswill allow an attacker unrestricted access to your computer.
Therefore, please, visit the Microsoft Update Website and follow the on screen instructions to setup Microsoft Update. Also follow the instructions to update your system. Please REBOOT and repeat this process until there are no more updates to install!! - Keep your other software up to date as well
Software does not need to be made by Microsoft to be insecure. You can use the Secunia Online Software occasionally to help you check for out of date software on yourmachine. - Stay up to date!
The MOST IMPORTANT part of any security setup is keeping the software up to date. Malware writers release new variantsevery single day. If your software updates don't keep up, then the malware will always be one step ahead. Not a good thing
.
- Miekies' prevention suggestions
- So How did I get infected?
- Microsoft - 'Securityat home'
- Calendar of Updates: See which updates have been released.
- How to backup your Data with Cobian Backup:because you never know, when your harddisk might fail
- Commonly UsedFreeware Replacements: a nice list of freeware programs in all categories, that are regarded as useful by the users of this forum.
- osalt: Find (free) open source alternatives to known commercial software.
myrti
If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM!
Please don't send help request via PM, unless I am already helping you. Use the forums!
I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones. ~ Albert Einstein
Heroism on command, senseless violence, and all the loathsome nonsense that goes by the name of patriotism -- how passionately I hate them! ~ Albert Einstein
Please don't send help request via PM, unless I am already helping you. Use the forums!
I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones. ~ Albert Einstein
Heroism on command, senseless violence, and all the loathsome nonsense that goes by the name of patriotism -- how passionately I hate them! ~ Albert Einstein
#45
- Member
-
- Group: Members
- Posts: 49
- Joined: 08-November 08
Posted 17 February 2010 - 11:52 PM
Thank you so much for all of your help. I take it that everything looked good with the logs? Words cannot describe how appreciative I am for you gracious help. Please keep up to good work; the world needs more people like yourself.
Zac
Zac
