Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Farbar automatic fixlist.txt Attenion output


  • Please log in to reply
14 replies to this topic

#1 silumor

silumor

  • Members
  • 39 posts
  • ONLINE
  •  
  • Local time:03:42 PM

Posted 30 January 2015 - 04:51 PM

if you add these lines to a batch file they should output and generate a fixlist text file
that farbar can use to fix things it deems bad for your computer.
currently doesnt work for windows 8 i dont know why i havnt gotten that far yet
 
 
C:
cd %homepath%
findstr /c:"ATTENTION" %userprofile%\Downloads\Addition.txt >%userprofile%\Downloads\2Addition.txt
findstr /c:"ATTENTION" %userprofile%\Downloads\Shortcut.txt >%userprofile%\Downloads\2Shortcut.txt
findstr /c:"ATTENTION" %userprofile%\Downloads\FRST.txt >%userprofile%\Downloads\2RST.txt

cd %userprofile%\downloads
copy 2*.txt fixlist.txt
 
if anyone can improve on this be my guess. I made it becuase i hate searching and pasting i wanted a faster way
to make the fixlist file
 
 
also feel free to move this to the correct subject if you feel it should be moved

Edit: Topic moved from General Chat to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:42 PM

Posted 30 January 2015 - 05:21 PM

You realize that not every lines with "ATTENTION" in FRST are malicious, so you'll have to review them anyway?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,469 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:42 PM

Posted 30 January 2015 - 05:47 PM

FRST was created as a tool for and intended to be used under the guidance of malware removal experts assisting folks with disinfecting their machines. Although there are public tutorials, most discussions about FRST...how it works, the routines it performs, what it can or cannot do, what the log results mean, future plans, development, etc, are only available in private discussion areas not intended for the general public to read. I am not aware of Fabar engaging in any detailed discussions outside those areas. However, Farbar does read topics in this forum so he may read your posting but there is no guarantee he is going to make any comments.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 silumor

silumor
  • Topic Starter

  • Members
  • 39 posts
  • ONLINE
  •  
  • Local time:03:42 PM

Posted 30 January 2015 - 05:54 PM

yeah i would open that fix list and look at the items found in it first. i just made thi file to put them all together quickly



#5 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:42 PM

Posted 30 January 2015 - 05:57 PM

Well, you know that a lot of lines that needs to be removed in FRST don't have the tag "ATTENTION" all the time? To be honest, we can't really use that method to create complete and accurate fix-list fast. FRST logs requires you to go through the whole log, line by line. There's no shortcut to that.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#6 silumor

silumor
  • Topic Starter

  • Members
  • 39 posts
  • ONLINE
  •  
  • Local time:03:42 PM

Posted 30 January 2015 - 06:09 PM

I understand. If the moderators feel this is a useless file or method please remove this post as it wouldnt be any use.



#7 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:42 PM

Posted 30 January 2015 - 06:11 PM

Well there's no reason to remove the thread, I'm just explaining the flaws of this method. I can understand the concept, but when it comes to diagnostic and reporting tools to output a log to be analyzed, you cannot really create fix-list based on a single parameter that can be legitimate in the end, and that might not be present on entries that needs to be removed. If it was that easy, every helpers here could go through FRST (and other tools) logs in the matter of seconds :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#8 silumor

silumor
  • Topic Starter

  • Members
  • 39 posts
  • ONLINE
  •  
  • Local time:03:42 PM

Posted 30 January 2015 - 06:20 PM

I understand. I understood what you had explained and in my opionion you are correct this would be a quick fix fast method and that should not be the cause. That would leave room for error and after that I didnt see a good use for it. That is all. I do value input and opinions. Maybe it needs refined to find things that the use knows are bad also. Say I find somthing new not included and add it to a list that would be looked for. Course then that should be reported to the nice peeps that creat and maintain FarBar. :tophat:


Edited by silumor, 30 January 2015 - 06:22 PM.


#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,469 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:42 PM

Posted 30 January 2015 - 06:24 PM

I understand. If the moderators feel this is a useless file or method please remove this post as it wouldnt be any use.

All members are allowed to make suggestions and express opinions.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#10 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:42 PM

Posted 30 January 2015 - 06:24 PM

All good :) I guess this technique could be applied for other tools, but maybe not the tools which are in the same category as FRST, OTL, etc. For example (and I'll take a real thread from 2 days ago) I have someone who uninstalled Ad-Aware from Lavasoft, but still have Ad-Aware components installed on his system. I make him list all his programs using MiniToolBox, then I use your command to find the "Lavasoft" string (since it'll be the publisher) and store all the lines found in a file for a quick finding of these programs. It all depends of which log you use it too. Find string is used a lot on CBS logs.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,469 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:42 PM

Posted 30 January 2015 - 06:25 PM

Say I find somthing new not included and add it to a list that would be looked for. Course then that should be reported to the nice peeps that creat and maintain FarBar.

And we have a way to get such information to the developer.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#12 silumor

silumor
  • Topic Starter

  • Members
  • 39 posts
  • ONLINE
  •  
  • Local time:03:42 PM

Posted 30 January 2015 - 06:25 PM

I have a CBS.log version that out puts the errors in a sfc scan. Well gotta go just found poweliks and cryptowall 3.0 on somthing I'm working on

thanks for the input


Edited by silumor, 30 January 2015 - 06:27 PM.


#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,469 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:42 PM

Posted 30 January 2015 - 06:46 PM

You're welcome on behalf of the Bleeping Computer community.

Well gotta go just found poweliks and cryptowall 3.0 on somthing I'm working on

Good luck...there is a lot of that malware going around.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#14 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,660 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:42 PM

Posted 30 January 2015 - 06:48 PM

I have a CBS.log version that out puts the errors in a sfc scan. Well gotta go just found poweliks and cryptowall 3.0 on somthing I'm working on
thanks for the input


No problem, my pleasure :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#15 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,469 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:42 PM

Posted 31 January 2015 - 10:23 AM

Tip...the command: findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >"%userprofile%\Desktop\sfcdetails.txt"

will place a sfcdetails.txt file directly on your desktop.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users