Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ComboFix quarantine all folders in C


  • This topic is locked This topic is locked
6 replies to this topic

#1 branch

branch

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:43 AM

Posted 06 September 2012 - 07:06 PM

ComboFix ran longer than expected...over 1 hr. I noticed it was scanning everything in my C drive that was not the usual process. I did not try to stop the process by turning off the computer. I let the program run it's course. I figured data would be lost and more harm than good. Anyway, all files are missing after Combofix deleted and quarantined files. This includes items from Startup, Documents,etc. I feared the worst, but noticed that data is not gone, but transferred to Qoobox quarantined folder. Before I try anything, I need assistance on retreiving data. There is a lot of files of downloaded programs, music, pictures,etc. Do I have to rename and move these folders back to it's previous locations individually and re-install programs. I'm hoping you can give input and undo the ComboFix action without doing the other option. If there is a quick fix action...please advise.

I performed the ComboFix due to a blackhole exploit kit blocked by AVG. I was being redirected to other sites on my browser, therefore I wanted to do a system restore point. The result was the quarantine of all folders in Qoobox by ComboFIx.


My computer runs on Windows XP (service pack 3) and 32 bit system. Any log files can be sent upon request, since you discourage members from sending information firsthand.

Sincerely,

Branch

BC AdBot (Login to Remove)

 


#2 branch

branch
  • Topic Starter

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:43 AM

Posted 06 September 2012 - 07:39 PM

Concerning my previous reply, I've recently heard news about Java being exposed to the blackhole exploit kit. Is this the reason my ComboFix quarantined all files in Qoobox? I realize having Windows XP (service pack 3) is more vulnerable to such programs, but I need to know the best course of action. AVG blocked the blackhole, but still does not explain what happened to my folders being by ComboFix.

Branch

#3 branch

branch
  • Topic Starter

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:43 AM

Posted 06 September 2012 - 08:59 PM

Can I uninstall ComboFix and re-install? Please help. I hope this can restore defaults and return files to their proper locations.

Branch

#4 branch

branch
  • Topic Starter

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:43 AM

Posted 07 September 2012 - 02:15 AM

I should not run ComboFix before advised. I was reminded when logging back on this forum. I need to undo this quarantine. Please help. I've learned from this mistake.

#5 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:06:43 AM

Posted 08 September 2012 - 01:08 PM

Hello branch, and welcome to the forums! :thumbsup:

My name is bloopie and I'll be helping you with your problems as best I can! :thumbup2:

Please try not to post multiple times, it makes the topic very hard to follow.
Also, please be patient as all of us helpers have normal lives outside of this website. :thumbup2:

==========

Please navigate to this text file: C:\Qoobox\Add-Remove Programs.txt
Then copy and paste the contents of that file in your next reply.

==========

Now I need to gather a bit more information before attempting the restore of Combofix.

  • DO NOT uninstall and reinstall Combofix as this will completely remove everything it backed up as well as clear out your restore points! If you do that, then your data is gone!
  • Do you have your original Windows CD/DVD?
  • When you boot your computer, do you see the following screen with the Recovery Console option flash briefly?: http://www.bleepstatic.com/tutorials/rc/startup.gif

If you can see the recovery console, then you're in luck! Please let me know about the above!

bloopie

#6 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:06:43 AM

Posted 11 September 2012 - 08:47 AM

Hello again,

Are you still with me? :)

This is a 3-Day Bump! If you still wish to receive help please follow the instructions in my last post.

If you do not respond in another 48 hours, I will be forced to close this topic!

bloopie

#7 bloopie

bloopie

    Bleepin' Sith Turner


  • Malware Response Team
  • 7,927 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New York
  • Local time:06:43 AM

Posted 13 September 2012 - 01:32 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users