Hit by Combo fix bug...

There is a simple fix, I just don't have it. But the good news is, TimW does, and he will log in at some point tomorrow. Thanks for your patience. Don't try and do anything on your own to rectify the problem, just hang in there a little longer.

 

Hello, JD13x

This problem with ComboFix was last seem several months ago. How/where did you get the version from that you used?

Please attach the C:\QooBox\ComboFix-quarantined-files.txt so we can attempt to work up a fix to restore everything. We will need to use ComboFix to restore everything so we will have to restore it to since this bug has deleted ComboFix.exe from the Desktop too (or from where ever it was).

* Do not attempt to restore anything on your own. Make no more changes to your PC. Just get us the De-Quarantine file so we can make a fix. Also get the ComboFix.exe file out of the Quarantine and back onto your Desktop. If you don't know how to get this file back on to your Desktop, just tell us.

dr.m

 

You did not attach the Combo quarantine folder. What you attached was a second Add/Remove programs list. Please attach:
C:\COmboFix.txt
C:\Qoobox folder --- zipped

 

That shows all the files that were removed. You need to go through them all with this form:

* Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
If it is not on your Desktop, the below will not work.
* Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
* If ComboFix tells you it needs to update to a new version, make sure you allow it to update.
* Open Notepad and copy/paste the text in the below code box into it (make sure you scroll all the way down in the code box to get all lines selected ):

Code:

KILLALL::

DEQUARANTINE::
C:\Qoobox\Quarantine\C\Documents and Settings\OopsUserProfile [COLOR=DarkRed]<-- folder[/COLOR]
C:\Qoobox\Quarantine\C\Windows\wpa.dbl.vir [COLOR=DarkRed]<-- virfile[/COLOR]

Quit::

* Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
* At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
* You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
If it asks you to overide the previous file with the same name, click YES.
* Now use your mouse to drag CFscript.txt on top of ComboFix.exe
http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif
* Follow the prompts.
* When it finishes, a log will be produced named c:\combofix.txt
* I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.

You will have to add all of them manually to the above script.

 

Please see the instructions in this thread:
http://forums.majorgeeks.com/showpost.php?p=1445328&postcount=4

Sorry, it took me a while to find this thread.

 

You will just have to go through them all and remove the .vir extension. What other issues are you having, if any?