Jump to content

Welcome to Geeks to Go
Geeks to Go Welcome
Create Account Login to Account
Photo

FRST Tutorial Comment

* * * * * 1 votes FRST farbar tutorial

  • Please log in to reply
184 replies to this topic

#46
Clade

Clade

    Member

  • Member
  • PipPip
  • 10 posts

Hi Emeraldnzl!

 

I appreciate your feedback. . .

 

Perhaps you can expand on what you mean.

 

Mean that the expertise in the IT field, or not, in short the minimum knowledge required to be able to analyze log and apply the necessary corrections, since only analyze log is not enough.Finally, the profile required to be an excellent log analyst.


If it is your own computer and you have some experience then you can follow the tutorial but at your own risk. As mentioned in the tutorial it is strongly advised that you seek help from an expert if you are unsure about anything. If you were seeking help at Geekstogo you would open a topic in the Virus,Spyware,Malware removal forum here.

 

I am self-taught, sigoi some forums, especially in the area malware. . . I think it is interesting knowledge in this segment, not only to apply other cleaning software, but really know how the OS is after infection.
 
I already signed up on three sites (UNITE), one in Portuguese and two in English. In Portuguese nor response received, unless sign up every 30 days if not called. The English, as had explained my little knowledge in English (improved Google translator), I was kindly accepted and not the other, nothing reported.

 

I think I can help people with infected equipment, but probably in English, no.

 

Thanks to this site, as well as others whom I follow because it is through you that I will advance in the area.

 


  • 0

Advertisements


#47
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

 

I was kindly accepted

 

Good luck with your studies. :thumbsup:


  • 0

#48
Clade

Clade

    Member

  • Member
  • PipPip
  • 10 posts
Sorry, but I was not clear. . .
 
Gently I was not accepted. . 

  • 0

#49
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Oh, I am sorry I misinterpreted that. Maybe you will have better luck in the future. :)


  • 0

#50
Clade

Clade

    Member

  • Member
  • PipPip
  • 10 posts
Yep. . . So I'm watching probably it will happen. . . lol.
 
But I would still like to hear your response about what I requested anteiormente - knowledge and profile needed. . I wonder whether I am close or far these needs.
 
Who knows previous suggestion materials to study. . .
 
grateful

  • 0

#51
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Each school has it's own requirements, you need to ask them. :)


  • 0

#52
Black Diamond

Black Diamond

    New Member

  • Member
  • Pip
  • 6 posts

I have couple of questions about FRST so i hope someone will answer.

 

1) When i make fixlist is order important for example CloseProcesses,EmptyTemp etc. Does that matter ?

2) When i want to delete directory i know have to use command for it for single file,but how about multiple directories/files ?

 

Thanks


  • 0

#53
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

As far as CloseProcesses is concerned I always use it at the beginning but Farbar may add to that.

For the others please read the tutorial:
 

When EmptyTemp: directive is used the system will be rebooted after the fix. No need to use Reboot: directive.
Also no matter if EmptyTemp: is added at the start, middle, or end of the fixlist it will be executed after all other fixlist lines are processed.


RemoveDirectory:

To remove (not move) directories with limited perms and invalid paths or names. This directive should be used for directories that resist the usual move operation. If it is used in Safe Mode it should be very powerful and in RE it should be most powerful.

The script will be:

  

RemoveDirectory: path

 


For files see the section et al:
 

One Month Created Files and Folders and One Month Modified Files and Folders

 

 


  • 0

#54
RubiksHQ

RubiksHQ

    Member

  • Member
  • PipPipPip
  • 678 posts

Are the start and end commands necessary for fixlists? I've noticed some helpers have them, while others don't.

I apologize in advance if this was already answered already.


  • 0

#55
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

See here in this thread.


  • 0

Advertisements


#56
RubiksHQ

RubiksHQ

    Member

  • Member
  • PipPipPip
  • 678 posts

See here in this thread.

Wow, I missed that post...

Thanks emeraldnzl :thumbsup:


  • 0

#57
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

:thumbsup:


  • 0

#58
tekir06

tekir06

    Visiting Consultant

  • Visiting Consultant
  • 4 posts

Hello,

 

Quote FRST Tutorial - How to use Farbar Recovery Scan Tool topic:

 

When EmptyTemp: directive is used the system will be rebooted after the fix. No need to use Reboot: directive.

 

In the past, when I use this command, at the end of the fixlist "The system needed a reboot" had a sentence. But lately, I do not see this sentence. Is there something about changing the command? does it reboot as before?

 

I hope it's not something I missed. :blush:

 

Regards.

 

 

 
  • 0

#59
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Hello tekir06,

 

When I run it on my Win 10 machine I get this:

 

 

fixlist content:
*****************
EmptyTemp:
*****************

EmptyTemp: => 543.8 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 07:48:14 ====

 

Seems to be working okay.

 

Just a thought, EmptyTemp: doesn't work in Recovery Mode... was it being used in RC mode?


  • 0

#60
picasso

picasso

    Trusted Helper

  • Malware Removal
  • 205 posts
  • MVP
In the past, when I use this command, at the end of the fixlist "The system needed a reboot" had a sentence. But lately, I do not see this sentence. Is there something about changing the command? does it reboot as before?

 

No changes to EmptyTemp:. But under some circumstances a reboot might be not executed (eg. other running process preventing it). I've seen this behaviour few times.


  • 0





Also tagged with one or more of these keywords: FRST, farbar, tutorial

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

featured
Malware Removal How to Guides Windows 7 System Building Download Files Register welcome

Never used a forum? Learn how.