we'll restore everything removed by ComboFix, let me know if that resolves the issue, then I can report back to the developer, it has since been updated, so there may have been a bug in the version you ran
(I'll restore the files that are likely infected too,then I'll have you download a new version, see if the same files are targeted or not)
Please do the following:
to restore the registry Items, it is a little more complicated, but please do this
Open Windows explorer and navigate to this folder
In the right hand panel, locate these files
you will need to delete the extra extension so the file ends in .reg
just like the first file on the list.
remove the .dat
so you have this remaining
To do that right click on the files, select rename
- remove only the .dat from the end of the filename
- left click near the file name to ensure the rename is correct
- Do the same for each file listed
- Next double click the renamed files to ALLOW them to merge into the registry
Copy/paste the text inside the Codebox below into notepad:
- Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below.
- They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Here's how to do that:
Click Start > Run
This will open an empty notepad file:Copy
all the text inside of the code box
- Press Ctrl+C
(or right click on the highlighted section and choose 'copy')
the copied text into the open notepad - press CTRL+V
(or right click and choose 'paste')
Save this file to your desktop, Save this as "CFScript"
Here's how to do that:
2.Click Save As
... Change the directory to your desktop
3.Change the Save as type
to "All Files";
4.Type in the file name: CFScript
5.Click Save ...
CAUTION: Do not
- Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
- ComboFix may request an update; please allow it.
- ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
- When finished, it shall produce a log for you.
- Copy and paste the contents of the log in your next reply.
mouse-click ComboFix's window while it is running. That may cause it to stall.**Note**
When CF finishes running, the ComboFix log will open along with a message box--do not be alarmed. With the above script, ComboFix will capture files to submit for analysis.
- Ensure you are connected to the internet and click OK on the message box.