ComboFix Kills Saleslogix Sync

ComboFix, a third party malware utility, will alter the Operating system
so .qts and .que files will no longer process and complete the sync
cycle. To check for ComboFix look for the following dir “C:QooBox”.
Once it is determined ComboFix was run on this workstation here are the
steps you will need to take.

1. Backup the registry.

2. Open Registry Editor.

3. Find
HKEY_LOCAL_MACHINESystemControlSet001ControlFileSystem and in the
right hand pane right click Win95TruncatedExtensions and click Modify.

4.
Change the Edit DWORD Value window, in the Value data field, type 1

5.
Repeat this procedure on keys
HKEY_LOCAL_MACHINESystemControlSet002ControlFileSystemWin95TruncatedExtensions
and
HKEY_LOCAL_MACHINESystemCurrentControlSetControlFileSystemWin95TruncatedExtensions

6. Restart the computer.
After restarting the system the C:Documents and SettingsAll
UsersApplicatiopn DataSalesLogixSyncQUEUEFiles directory should be
empty.

Please post any comments if you have this issue and need
further explanation.

-Mark

Submit a Comment

Your email address will not be published. Required fields are marked *

Subscribe To Our Newsletter

Join our mailing list to receive the latest Infor CRM (Saleslogix) and Creatio (bpm'online) news and product updates!

You have Successfully Subscribed!