Help
This topic is locked
Well, I just ran ComboFix again, and it did the same thing again with the same message (pev.cfxxe has stopped working". I'm a little apprehensive of doing the "check online for a solution" since I don't have any antivirus protection installed on the computer. What should I do?
Forum Guidelines
Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help
Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient. DO NOT RUN ComboFix unless requested to. Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log. When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc. Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
Windows Vista Repair & TDSS Infection (RKill won't work) Tried uninstall guide, all versions of RKill won't work
Back to top
#17
- New Member
-
- Group: Members
- Posts: 14
- Joined: 20-June 11
Posted 28 June 2011 - 03:15 PM
Since combofix isn't working, should I go ahead and reformat my laptop? I guess the questions I have regarding reformatting, would be the following (and I don't know if you can answer them or not):
1. Since this particular backdoor virus has the capability of infecting files/folders/pictures - what do I do about backing up my data? Can I trust it?
2. For the data that I've backed up in the past(to an external hard-drive), do I now have to question that data as unsafe? Is there anything that can be done to clean up infected data or to know for sure if it's infected?
3. Since this is a Dell laptop, and it didn't come with install dvd's (it has a recovery drive on D:, which we never made a backup of when we got it) - do you have any suggestions for a clean restore/install?
1. Since this particular backdoor virus has the capability of infecting files/folders/pictures - what do I do about backing up my data? Can I trust it?
2. For the data that I've backed up in the past(to an external hard-drive), do I now have to question that data as unsafe? Is there anything that can be done to clean up infected data or to know for sure if it's infected?
3. Since this is a Dell laptop, and it didn't come with install dvd's (it has a recovery drive on D:, which we never made a backup of when we got it) - do you have any suggestions for a clean restore/install?
#18
- Agent ST
-
- Group: Malware Response Team
- Posts: 12,662
- Joined: 15-March 09
- Gender:Male
- Location:Antarctica
Posted 28 June 2011 - 06:06 PM
Hi!
Okay.
A reformat and re-install maybe the best option to take with your computer.
This is usually what I tell users who wish to reformat and re-install.
Reformatting a hard disk deletes all data. You can back up all your important documents, personal data files, photos to a CD or DVD drive, not a flash drive or external hard drive as they may become compromised in the process. The safest practice is not to backup any executable files (.exe), screensavers (.scr), autorun (.ini) or script files (.php, .asp, and .html) files because they may be infected by malware. Avoid backing up compressed files (.zip, .cab, .rar) that have executable files inside them as some types of malware can penetrate and infect .exe files within compressed files too. Other types of malware may even disguise itself by adding and hiding its extension to the existing extension of file(s) so be sure you look closely at the full file name. After reformatting, scan the backed up data with your anti-virus prior to to copying it back to your hard drive.
It really depends. Some infections can be cleaned up and some can't. I tend to personally think that if it's infected, it should be removed. You can always scan your external hard drive with your anti-virus program as well as an online virus scanner like ESET.
I believe Dell computers include a hidden recovery partition on them, so that you can boot into a special environmnt and reformat it that way.
Quote
Well, I just ran ComboFix again, and it did the same thing again with the same message (pev.cfxxe has stopped working". I'm a little apprehensive of doing the "check online for a solution" since I don't have any antivirus protection installed on the computer. What should I do?
A reformat and re-install maybe the best option to take with your computer.
Quote
1. Since this particular backdoor virus has the capability of infecting files/folders/pictures - what do I do about backing up my data? Can I trust it?
This is usually what I tell users who wish to reformat and re-install.
Reformatting a hard disk deletes all data. You can back up all your important documents, personal data files, photos to a CD or DVD drive, not a flash drive or external hard drive as they may become compromised in the process. The safest practice is not to backup any executable files (.exe), screensavers (.scr), autorun (.ini) or script files (.php, .asp, and .html) files because they may be infected by malware. Avoid backing up compressed files (.zip, .cab, .rar) that have executable files inside them as some types of malware can penetrate and infect .exe files within compressed files too. Other types of malware may even disguise itself by adding and hiding its extension to the existing extension of file(s) so be sure you look closely at the full file name. After reformatting, scan the backed up data with your anti-virus prior to to copying it back to your hard drive.
Quote
2. For the data that I've backed up in the past(to an external hard-drive), do I now have to question that data as unsafe? Is there anything that can be done to clean up infected data or to know for sure if it's infected?
Quote
3. Since this is a Dell laptop, and it didn't come with install dvd's (it has a recovery drive on D:, which we never made a backup of when we got it) - do you have any suggestions for a clean restore/install?
Have I helped you? If you'd like to assist in the fight against malware, click here 
The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.
The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.
#19
- New Member
-
- Group: Members
- Posts: 14
- Joined: 20-June 11
Posted 30 June 2011 - 12:17 PM
I just want to thank you ST for all of your help. Before closing my topic, can I ask a couple more questions?
1. Besides malware-bytes, which AV software would you recommend the most? I don't think I'll ever use McAfee ever again.
2. Some of these tools y'all have us use (TDSSKiller, etc), would they be beneficial for me to use in the future and which ones? For example - to scan my external hard drive & flash drives for infected files before I use those files again (outside of my AV software). I know not to use Combofix on my own.
Thank you again!
1. Besides malware-bytes, which AV software would you recommend the most? I don't think I'll ever use McAfee ever again.
2. Some of these tools y'all have us use (TDSSKiller, etc), would they be beneficial for me to use in the future and which ones? For example - to scan my external hard drive & flash drives for infected files before I use those files again (outside of my AV software). I know not to use Combofix on my own.
Thank you again!
#20
- Agent ST
-
- Group: Malware Response Team
- Posts: 12,662
- Joined: 15-March 09
- Gender:Male
- Location:Antarctica
Posted 30 June 2011 - 12:49 PM
Quote
can I ask a couple more questions?
Quote
1. Besides malware-bytes, which AV software would you recommend the most? I don't think I'll ever use McAfee ever again.
I'd recommend Microsoft Security Essentials or Avast. Both are free anti-virus programs.
Quote
2. Some of these tools y'all have us use (TDSSKiller, etc), would they be beneficial for me to use in the future and which ones? For example - to scan my external hard drive & flash drives for infected files before I use those files again (outside of my AV software). I know not to use Combofix on my own.
Have I helped you? If you'd like to assist in the fight against malware, click here
The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.
The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.
#21
- New Member
-
- Group: Members
- Posts: 14
- Joined: 20-June 11
Posted 30 June 2011 - 01:39 PM
Quote
TDSSKiller is a tool that is used to scan for a specific type of rootkit infection. You can always run an online scanner on your external hard drive and flash drive to ensure that they are clean.
Forgive me...but what is considered an "online scanner"?
#22
- Agent ST
-
- Group: Malware Response Team
- Posts: 12,662
- Joined: 15-March 09
- Gender:Male
- Location:Antarctica
Posted 30 June 2011 - 08:09 PM
An online scanner would be ESET Online Scanner.
Have I helped you? If you'd like to assist in the fight against malware, click here
The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.
The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.
#23
- New Member
-
- Group: Members
- Posts: 14
- Joined: 20-June 11
Posted 30 June 2011 - 08:33 PM
Okay, thanks again for all help!! 
#24
- Agent ST
-
- Group: Malware Response Team
- Posts: 12,662
- Joined: 15-March 09
- Gender:Male
- Location:Antarctica
Posted 30 June 2011 - 09:10 PM
You're more than welcome! I'm glad that we were able to work together to solve the issues you were experiencing with your computer.
Please take care!
Kindest Regards,
SweetTech.
____________________________________________________
Since it appears that the issues you were experiencing with your computer have been resolved, I am going to close this thread. If you should need the thread re-opened please send me a Private Message (PM) with a request to re-open the thread, as well as the link to the thread in question, and I'd be happy to re-open the thread.
Please take care!
Kindest Regards,
SweetTech.
____________________________________________________
Since it appears that the issues you were experiencing with your computer have been resolved, I am going to close this thread. If you should need the thread re-opened please send me a Private Message (PM) with a request to re-open the thread, as well as the link to the thread in question, and I'd be happy to re-open the thread.
Have I helped you? If you'd like to assist in the fight against malware, click here
The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.
The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.
