Jump to content


Photo
- - - - -

tmpassthru ?


  • This topic is locked This topic is locked
18 replies to this topic

#1 hounddogg

hounddogg

    Member

  • Members
  • PipPip
  • 10 posts
  • OS:Windows XP
  • AV:microsoft security essentials
  • HIPS:windows
  • Other:mbam, super anti spyware spybot,

Posted 16 March 2012 - 02:22 AM

HI I have the eek log otl txt & extras txt. in my documents but am not sure how to paste them.I apologize for my lack of knowlege.[attachment=10537:a2scan_120309-180337.txt][attachment=10538:hijackthis.log][attachment=10539:OTL.Txt][attachment=10540:Extras.Txt]
hope this is correct.

#2 Kevin Zoll

Kevin Zoll

    Malware Removal Support

  • Emsisoft Employee
  • 12626 posts
  • LocationDepauville, NY, USA
  • OS:Windows Vista
  • AV:Emsisoft Anti-Malware
  • HIPS:Online Armor
  • Other:WinPatrol Plus

Posted 16 March 2012 - 03:10 AM

The Sygate Personal Firewall (SPF) is no longer in development and is nolonger support by Symantec. I highly recommend that you replace SPF with another firewall ASAP. Online Armor Personal is a very good firewall and is free.

Do not run any of the files we ask you to download from their zip archives. Always extract the files to the location we specified in the instructions and then run them.

Posted Image Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. NOT supported for use in 9x or ME

Upgrading Java:
  • Download the latest version of JRE 7 Update 3.
  • Click the "Download JRE" button to the right.
  • Accept the license agreement.
  • Click on the download link for your system and save it to your desktop.
    Windows x86 Offline (jre-7u3-windows-i586.exe)
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the download to install the newest version.(Vista/7 users, right click on the JRE download and select "Run as an Administrator.")
Using Add or Remove Programs in the Control Panel; uninstall the following:
Java(TM) 6 Update 31
Java(TM) 6 Update 7

Run OTL.exe
  • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
    :OTL
    IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found
    IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
    [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [1 C:\Documents and Settings\Owner\*.tmp files -> C:\Documents and Settings\Owner\*.tmp -> ]
    
    :Commands
    [Purity]
    [EmptyTemp]
    [EmptyFlash]
    [EmptyJava]
    [ResetHosts]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done.

Download ComboFix from one of these locations:

Save as Combo-Fix.exe during the download. ComboFix must be renamed before you download to your Desktop

Link 1
Link 2

* IMPORTANT !!! Save Combo-Fix to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
    See HERE for help
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: (This applies to Windows XP systems only) If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, ComboFix will produce a log.

Note:
1. Do not mouseclick combofix's window while it's running. That may cause it to stall!
2. Remember to re-enable your anti-virus and anti-spyware before reconnecting to the Internet.

Attach logs for: (USE THE "MORE REPLY OPTIONS" BUTTON TO BE ABLE TO DO THIS)
  • ComboFix (C:\combofix.txt)
  • OTL (C:\_OTL)
Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now!
Kevin Zoll [Malware Removal Support]
Emsisoft Team - www.emsisoft.com

I am online Monday - Friday each week from 1900-2100 Central European Time/1300-1500 Eastern Time (US).
 
If you are seeking Malware Removal support keep it in the forums.  It is not permissible to contact support staff by Private Message (PM), IM (Skype, MSN, AOL, Yahoo, etc.) or Email.

Purchase Emsisoft Anti-Malware and Online Armor Firewall

#3 hounddogg

hounddogg

    Member

  • Members
  • PipPip
  • 10 posts
  • OS:Windows XP
  • AV:microsoft security essentials
  • HIPS:windows
  • Other:mbam, super anti spyware spybot,

Posted 17 March 2012 - 01:07 AM

I cannot stop microsoft security essentials.right clicking the icon in the system tray only gives an option to open so I tried to uninstall with add and remove programs and received error code 0x80070656 uninstaller can't continue, I then tried revo and got the same message.
Sorry disregard I didn't see the help link for disabling anti virus I now have real time protection disabled.

#4 Kevin Zoll

Kevin Zoll

    Malware Removal Support

  • Emsisoft Employee
  • 12626 posts
  • LocationDepauville, NY, USA
  • OS:Windows Vista
  • AV:Emsisoft Anti-Malware
  • HIPS:Online Armor
  • Other:WinPatrol Plus

Posted 17 March 2012 - 01:12 AM

Just run ComboFix anyway.
Kevin Zoll [Malware Removal Support]
Emsisoft Team - www.emsisoft.com

I am online Monday - Friday each week from 1900-2100 Central European Time/1300-1500 Eastern Time (US).
 
If you are seeking Malware Removal support keep it in the forums.  It is not permissible to contact support staff by Private Message (PM), IM (Skype, MSN, AOL, Yahoo, etc.) or Email.

Purchase Emsisoft Anti-Malware and Online Armor Firewall

#5 hounddogg

hounddogg

    Member

  • Members
  • PipPip
  • 10 posts
  • OS:Windows XP
  • AV:microsoft security essentials
  • HIPS:windows
  • Other:mbam, super anti spyware spybot,

Posted 17 March 2012 - 02:07 AM

ran combo fix and it found rootkit zero access inserted itself in tcp/ip stack. once fineshed scanning and after reboot
I now have no internet access.ran combo fix again as per it's instructions if I can't connect and still no internet.
Windows utility says it cannot renew my ip adress.

#6 Kevin Zoll

Kevin Zoll

    Malware Removal Support

  • Emsisoft Employee
  • 12626 posts
  • LocationDepauville, NY, USA
  • OS:Windows Vista
  • AV:Emsisoft Anti-Malware
  • HIPS:Online Armor
  • Other:WinPatrol Plus

Posted 17 March 2012 - 02:27 AM

Close all windows

Do the following:
Start -> Run
type cmd
Click "OK"

The Command Console will open

Enter the following commands, at the Command Prompt. Commands must be entered exactly as shown.

Press the Enter Key after each command. Wait for each command to finish before proceeding to the next command.
netsh int ip reset reset.log
netsh winsock reset catalog
ipconfig /flushdns
exit
Re-boot your PC.

Did that fix the Internet access?
Kevin Zoll [Malware Removal Support]
Emsisoft Team - www.emsisoft.com

I am online Monday - Friday each week from 1900-2100 Central European Time/1300-1500 Eastern Time (US).
 
If you are seeking Malware Removal support keep it in the forums.  It is not permissible to contact support staff by Private Message (PM), IM (Skype, MSN, AOL, Yahoo, etc.) or Email.

Purchase Emsisoft Anti-Malware and Online Armor Firewall

#7 hounddogg

hounddogg

    Member

  • Members
  • PipPip
  • 10 posts
  • OS:Windows XP
  • AV:microsoft security essentials
  • HIPS:windows
  • Other:mbam, super anti spyware spybot,

Posted 17 March 2012 - 03:16 AM

worked like a charm! I really appreciate you sticking with me on this .

#8 Kevin Zoll

Kevin Zoll

    Malware Removal Support

  • Emsisoft Employee
  • 12626 posts
  • LocationDepauville, NY, USA
  • OS:Windows Vista
  • AV:Emsisoft Anti-Malware
  • HIPS:Online Armor
  • Other:WinPatrol Plus

Posted 17 March 2012 - 03:18 AM

Read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Double-click on TDSSKiller.exe to run the application.

    Posted Image
  • Click Change parameters

    Posted Image
  • Check the boxes next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK

    Posted Image
  • Click on the Start Scan button to begin the scan and wait for it to finish.
    NOTE: Do not use the computer during the scan!
  • During the scan it will look similar to the image below:
    Posted Image
  • When it finishes, you will either see a report that no threats were found like below:
    Posted Image

    If no threats are found at this point, just click the Report selection on the top right of the form to generate a log. A log file report will pop which you can just close since the report file is already saved.
  • If any infection or suspected items are found, you will see a window similar to below:
    Posted Image
    • If you have files that are shown to fail signature check do not take any action on these. Make sure you select Skip. I will tell you what to do with these later. They may not be issues at all.
    • If Suspicious objects are detected, the default action will be Skip. Leave the default set to Skip.
    • If Malicious objects are detected, they will show in the Scan results. TDSSKiller automatically selects an action (Cure or Delete) for malicious objects
      Make sure that Cure is selected. Important! - If Cure is not available, please choose Skip instead. Do not choose Delete unless instructed to do so.
  • Click Continue to apply selected actions.
  • A reboot may be required to complete disinfection. A window like the below will appear:
    Posted Image
    Reboot immediately if TDSSKiller states that one is needed.
  • Whether an infection is found or not, a log file should have already been created on your C: drive (or whatever drive you boot from) in the root folder named something like TDSSKiller.2.1.1_27.12.2009_14.17.04_log.txt which is based on the program version # and date and time run.
  • Attach this log to your next reply.

Kevin Zoll [Malware Removal Support]
Emsisoft Team - www.emsisoft.com

I am online Monday - Friday each week from 1900-2100 Central European Time/1300-1500 Eastern Time (US).
 
If you are seeking Malware Removal support keep it in the forums.  It is not permissible to contact support staff by Private Message (PM), IM (Skype, MSN, AOL, Yahoo, etc.) or Email.

Purchase Emsisoft Anti-Malware and Online Armor Firewall

#9 hounddogg

hounddogg

    Member

  • Members
  • PipPip
  • 10 posts
  • OS:Windows XP
  • AV:microsoft security essentials
  • HIPS:windows
  • Other:mbam, super anti spyware spybot,

Posted 17 March 2012 - 03:26 AM

[attachment=10558:OTL.Txt][attachment=10559:Extras.Txt][attachment=10560:ComboFix.txt]

#10 hounddogg

hounddogg

    Member

  • Members
  • PipPip
  • 10 posts
  • OS:Windows XP
  • AV:microsoft security essentials
  • HIPS:windows
  • Other:mbam, super anti spyware spybot,

Posted 17 March 2012 - 03:36 AM

Did not state reboot was required.

#11 Kevin Zoll

Kevin Zoll

    Malware Removal Support

  • Emsisoft Employee
  • 12626 posts
  • LocationDepauville, NY, USA
  • OS:Windows Vista
  • AV:Emsisoft Anti-Malware
  • HIPS:Online Armor
  • Other:WinPatrol Plus

Posted 17 March 2012 - 04:05 AM

You did not follow any of of the instructions for outdated software, in post #2 of this thread. Using SPF is not doing you any good as it is outdated and End-of-life by Symatec nearly 5 years now. Replace your firewall.

The version of Java installed on your computer is not compatable with Firefox 5 and up. You must use JRE 7 with Firefox 5 and up. Old versions of java must be removed or your system will be vulnerable to attack.

Run OTL.exe
  • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
    :OTL
    DRV - (TMPassthruMP) -- C:\WINDOWS\system32\drivers\TMPassthru.sys (Trend Micro Inc.)
    DRV - (TMPassthru) -- C:\WINDOWS\system32\drivers\TMPassthru.sys (Trend Micro Inc.)
    IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found
    IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
    IE - HKCU\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
    [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
    [1 C:\Documents and Settings\Owner\*.tmp files -> C:\Documents and Settings\Owner\*.tmp -> ]
    
    :Commands
    [Purity]
    [EmptyTemp]
    [EmptyFlash]
    [EmptyJava]
    [ResetHosts]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • Attach the new log produced by OTL (C:\_OTL). (USE THE "MORE REPLY OPTIONS" BUTTON TO BE ABLE TO DO THIS)
Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now!
Kevin Zoll [Malware Removal Support]
Emsisoft Team - www.emsisoft.com

I am online Monday - Friday each week from 1900-2100 Central European Time/1300-1500 Eastern Time (US).
 
If you are seeking Malware Removal support keep it in the forums.  It is not permissible to contact support staff by Private Message (PM), IM (Skype, MSN, AOL, Yahoo, etc.) or Email.

Purchase Emsisoft Anti-Malware and Online Armor Firewall

#12 hounddogg

hounddogg

    Member

  • Members
  • PipPip
  • 10 posts
  • OS:Windows XP
  • AV:microsoft security essentials
  • HIPS:windows
  • Other:mbam, super anti spyware spybot,

Posted 17 March 2012 - 04:34 AM

I have followed the link you provided for Java in post #2 it downloads Java 7 update 3 as well as Java FX 2.0.3 as it did the first time I tried.Am I doing something wrong here?
My pc seems to be running fine although now when I reboot I see a black screen with several options very briefly just before windows starts ,which I did not see before.

#13 Kevin Zoll

Kevin Zoll

    Malware Removal Support

  • Emsisoft Employee
  • 12626 posts
  • LocationDepauville, NY, USA
  • OS:Windows Vista
  • AV:Emsisoft Anti-Malware
  • HIPS:Online Armor
  • Other:WinPatrol Plus

Posted 17 March 2012 - 04:09 PM

I have followed the link you provided for Java in post #2 it downloads Java 7 update 3 as well as Java FX 2.0.3 as it did the first time I tried.Am I doing something wrong here?

Don't worry about that for now, we'll address that before we finish.

My pc seems to be running fine although now when I reboot I see a black screen with several options very briefly just before windows starts ,which I did not see before.

That is normal, as ComboFix added SafeBoot to the startup options.

Switching tools.

Download:
- ISeeYouXP by ShadowPuterDude

Double-click ISeeYouXP.exe, ISeeYouXp will be extracted to C:\ISeeYouXP; and a shortcut to ISeeYouXP.bat will be placed on the Desktop.

Double-click the ISeeYouXP shortcut to run ISeeYouXP.

Possible Error Messages
  • If your ISeeYouXP.txt log appears to be empty or semi-empty or you get an error message similar to the below when running ISeeYouXP.bat and you are running Windows XP or Windows 2000, follow the steps further down that relate to your OS

    C:\WINDOWS\SYSTEM32\AUTOEXEC.NT. The system file is not suitable for running MS-DOS and Microsoft Window applications.


    To fix the above error message, choose the download below which is appropriate for your system
    • For Windows XP Pro: download and run: XPproFix
    • For Windows XP Home: download and run: XPHomeFix
    • For Windows 2000: download and run: W2KFix
    Then run ISeeYouXP.bat again and attach the log.
  • A possible second type of error message may occur as shown in the quote box below! If you get either of these two messages, perform the Resolution steps given in this: Virtual Device Driver Error Message in 16-Bit MS-DOS Subsystem

16 bit MS-DOS Subsystem
drive:\program path
XXXX. An installable Virtual Device Driver failed DLL initialization. Choose 'Close' to terminate the application.


-or-

16 bit MS-DOS Subsystem
drive:\program path
SYSTEM\CurrentControlSet\Control\VirtualDeviceDrivers. VDD. Virtual Device Driver format in the registry is invalid. Choose 'Close' to terminate the application.


After attempting to fix the above errors, run ISeeYouXP.bat and attach the log.

IMPORTANT NOTE:

Vista Users

UAC must be turned off to run this script.

Turning Off/On UAC in Vista
1. Open the Control Panel.
2. Under User Account and Family settings click on the "Add or remove user account".
3. Click on your user account.
4. Under the user account click on the "Go to the main User Account page" link.
5. Under "Make changes to your user account" click on the "Change security settings" link.
6. In the "Turn on User Account Control (UAC) to make your computer more secure" click to unselect the "Use User Account Control (UAC) to help protect your computer". Click on the Ok button.
7. You will be prompted to reboot your computer. Do so.

In order to re-enable UAC just select the above checkbox and reboot.

To Run ISeeYouXP right-click on the batch file and select "Run as Administrator"
Kevin Zoll [Malware Removal Support]
Emsisoft Team - www.emsisoft.com

I am online Monday - Friday each week from 1900-2100 Central European Time/1300-1500 Eastern Time (US).
 
If you are seeking Malware Removal support keep it in the forums.  It is not permissible to contact support staff by Private Message (PM), IM (Skype, MSN, AOL, Yahoo, etc.) or Email.

Purchase Emsisoft Anti-Malware and Online Armor Firewall

#14 hounddogg

hounddogg

    Member

  • Members
  • PipPip
  • 10 posts
  • OS:Windows XP
  • AV:microsoft security essentials
  • HIPS:windows
  • Other:mbam, super anti spyware spybot,

Posted 17 March 2012 - 05:31 PM

I ran iseeyoux.p with no errors here is the log.[attachment=10590:change.log]

#15 hounddogg

hounddogg

    Member

  • Members
  • PipPip
  • 10 posts
  • OS:Windows XP
  • AV:microsoft security essentials
  • HIPS:windows
  • Other:mbam, super anti spyware spybot,

Posted 17 March 2012 - 06:10 PM

also found this on my desktop,not sure which one you need or both?[attachment=10593:ISeeYouXP.txt]

#16 Kevin Zoll

Kevin Zoll

    Malware Removal Support

  • Emsisoft Employee
  • 12626 posts
  • LocationDepauville, NY, USA
  • OS:Windows Vista
  • AV:Emsisoft Anti-Malware
  • HIPS:Online Armor
  • Other:WinPatrol Plus

Posted 17 March 2012 - 08:34 PM

OK, JRE 7 is installed. Your logs look fine.

Unless you are having problems, it is time to do the final steps.

Now to remove most of the tools that we have used in fixing your machine:
  • Download OTC to your desktop and run it
  • A list of tool components used in the cleanup of malware will be downloaded.
  • If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so.
  • Click Yes to begin the cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the cleanup process. If you are asked to reboot the machine choose Yes.
Delete everything in C:\!KillBox (If I didn't have you use KillBox, then this won't be present)

Delete the following from your Desktop (If they exist)
ISeeYouXP.exe
ISeeYouXP.lnk
ISeeYouXP.txt
TDSSKiller.exe
Anything else I had you use

Delete the following files: (If they exist)
C:\ComboFix.txt

Delete the following folders: (If they exist)
C:\ComboFix
C:\Qoobox

Empty the Recycle Bin

Download to your Desktop:
- CCleaner Portable
  • UnZip CCleaner Portable to a folder on your Desktop named CCleaner
Run CCleaner
  • Open the CCleaner Folder on your Desktop and double click CCleaner.exe (32-bit) or CCleaner64.exe (64-bit)
  • The following should be selected by default, if not, please select:
    Posted Image
  • Click Posted Image and choose Posted Image
  • Uncheck Posted Image
  • Then go back to Posted Image and click Posted Image to run it.
  • Exit CCleaner.

Turn off System restore to flush all your restore points then turn system restore back on. See How To Enable and Disable System Restore.

Inside the ISeeYouXP folder, locate and double-click HideIT.bat (C:\ISeeYouXP\HideIT.bat). This will return viewing of Hidden and System Files and Folders to the default settings.

Delete C:\ISeeYouXP

You can delete and uninstall any programs I had you download, that you do not wish to keep on the system.

Run Windows Update and update your Windows Operating System.

Run the Secunia Online Software Inspector, this will inspect your system for software that is out-of-date and in need of updating. Update anything program/application detected as being out-dated.

Articles to read:
How to Protect Your Computer From Malware
How to keep you and your Windows PC happy
Web, email, chat, password and kids safety
10 Sources of Malware Infections

That should take care of everything.

Safe Surfing!
Kevin Zoll [Malware Removal Support]
Emsisoft Team - www.emsisoft.com

I am online Monday - Friday each week from 1900-2100 Central European Time/1300-1500 Eastern Time (US).
 
If you are seeking Malware Removal support keep it in the forums.  It is not permissible to contact support staff by Private Message (PM), IM (Skype, MSN, AOL, Yahoo, etc.) or Email.

Purchase Emsisoft Anti-Malware and Online Armor Firewall

#17 hounddogg

hounddogg

    Member

  • Members
  • PipPip
  • 10 posts
  • OS:Windows XP
  • AV:microsoft security essentials
  • HIPS:windows
  • Other:mbam, super anti spyware spybot,

Posted 17 March 2012 - 10:05 PM

I am not able to delete c:/ qoobox . access is not permitted make sure the disk is not full or write protected and that the file is currently not in use.

#18 Kevin Zoll

Kevin Zoll

    Malware Removal Support

  • Emsisoft Employee
  • 12626 posts
  • LocationDepauville, NY, USA
  • OS:Windows Vista
  • AV:Emsisoft Anti-Malware
  • HIPS:Online Armor
  • Other:WinPatrol Plus

Posted 17 March 2012 - 10:39 PM

You will need to take ownership of the folder.

Windows XP Home Edition
Boot to Safe ModeWindows XP Professional
  • Disable Simple File Sharing
  • Click Start, and then click My Computer.
  • On the Tools menu, click Folder Options.
  • Click the View tab.
  • In the Advanced Settings section, click to clear the Use simple file sharing (Recommended) check box.
  • Click OK.
To take ownership of a file or a folder

How to take ownership of a file
You must have ownership of a protected file in order to access it. If another user has restricted access and you are the computer administrator, you can access the file by taking ownership.

To take ownership of a file, follow these steps:
  • Right-click the file that you want to take ownership of, and then click Properties.
  • Click the Security tab, and then click OK on the Security message (if one appears).
  • Click Advanced, and then click the Owner tab.
  • In the Name list, click Administrator, or click the Administrators group, and then click OK.

    The administrator or the administrators group now owns the file.
To change the permissions on the file that you now own, follow these steps:
  • Click Add.
  • In the Enter the object names to select (examples) list, type the user or group account that you want to have access to the file. For example, type Administrator.
  • Click OK.
  • In the Group or user names list, click the account that you want, and then select the check boxes of the permissions that you want to assign that user.
  • When you are finished assigning permissions, click OK.
  • You can now access the file.
How to take ownership of a folder
You must have ownership of a protected folder in order to access it. If another user has restricted access and you are the computer administrator, you can access the folder by taking ownership.

To take ownership of a folder, follow these steps:
  • Right-click the folder that you want to take ownership of, and then click Properties.
  • Click the Security tab, and then click OK on the Security message (if one appears).
  • Click Advanced, and then click the Owner tab.
  • In the Name list, click your user name, or click Administrator if you are logged in as Administrator, or click the Administrators group. If you want to take ownership of the contents of the folder, select the Replace owner on subcontainers and objects check box.
  • Click OK, and then click Yes when you receive the following message:

    You do not have permission to read the contents of directory folder name. Do you want to replace the directory permissions with permissions granting you Full Control?

    All permissions will be replaced if you click Yes.

    Note folder name is the name of the folder that you want to take ownership of.
  • Click OK, and then reapply the permissions and security settings that you want for the folder and its contents.
You should now be able to delete C:\qoobox
Kevin Zoll [Malware Removal Support]
Emsisoft Team - www.emsisoft.com

I am online Monday - Friday each week from 1900-2100 Central European Time/1300-1500 Eastern Time (US).
 
If you are seeking Malware Removal support keep it in the forums.  It is not permissible to contact support staff by Private Message (PM), IM (Skype, MSN, AOL, Yahoo, etc.) or Email.

Purchase Emsisoft Anti-Malware and Online Armor Firewall

#19 Kevin Zoll

Kevin Zoll

    Malware Removal Support

  • Emsisoft Employee
  • 12626 posts
  • LocationDepauville, NY, USA
  • OS:Windows Vista
  • AV:Emsisoft Anti-Malware
  • HIPS:Online Armor
  • Other:WinPatrol Plus

Posted 20 March 2012 - 03:42 AM

Thread Closed

Reason:
Resolved

The procedures contained in this thread are for this user and this user only. Attempting to use the instructions in this thread on your system could result in damaging the Operating System beyond repair. Do Not use any of the tools mentioned in this thread without the supervision of a Malware Removal Specialist.

All posters requesting Malware Removal assistance are required to follow all procedures in the thread titled START HERE, if you don't we are just going to send you back to this thread.
Kevin Zoll [Malware Removal Support]
Emsisoft Team - www.emsisoft.com

I am online Monday - Friday each week from 1900-2100 Central European Time/1300-1500 Eastern Time (US).
 
If you are seeking Malware Removal support keep it in the forums.  It is not permissible to contact support staff by Private Message (PM), IM (Skype, MSN, AOL, Yahoo, etc.) or Email.

Purchase Emsisoft Anti-Malware and Online Armor Firewall




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users