Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Mlaware removal

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Mlaware removal

Unread postby Katana » April 26th, 2008, 5:54 pm

Couple of questions for you ...

did ComboFix reboot the machine ?
did you allow CF to continue after installing Recovery Console.
does Recovery Console boot menu appeared during boot-up
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester
Advertisement
Register to Remove

Re: Mlaware removal

Unread postby Killiney » April 26th, 2008, 6:07 pm

No, CF didn't reboot the machine, it had installed the recovery drive and then proceded to scan the machine and finished with a log, then when the log came up on the screen, the entire start bar and the blue bar at the bottom of the screen with the sys tray in disappeared completely. I allowed CF to continue after installing the recovery console. and the recovery console came up as a menu in the reboot screen.
Killiney
Regular Member
 
Posts: 30
Joined: April 17th, 2008, 9:35 am

Re: Mlaware removal

Unread postby Katana » April 27th, 2008, 10:09 am

Please try this

1. Restart your computer
2. Before Windows loads, you will be prompted to choose which Operating System to start
3. Use the up and down arrow key to select Microsoft Windows Recovery Console
4. You must enter which Windows installation to log onto. Type 1 and press enter.
5. At the C:\Windows prompt, type the following bolded text, and press Enter:

cd erdnt\subs

6. At the next prompt, type the following bolded text, and press Enter:

batch erdnt.con

7. The erunt backups will begin copying.
8. At the next prompt, type the following bolded text, and press Enter:

exit

Windows will now begin loading.
Please let me know if this works
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Mlaware removal

Unread postby Killiney » April 27th, 2008, 10:17 am

:oops: :oops: um... I kind of um er restored it to its original settings :oops: :oops: :oops:
Killiney
Regular Member
 
Posts: 30
Joined: April 17th, 2008, 9:35 am

Re: Mlaware removal

Unread postby Katana » April 27th, 2008, 3:11 pm

:) No problem, how are things running now ?
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Mlaware removal

Unread postby Killiney » April 27th, 2008, 3:31 pm

katana wrote::) No problem, how are things running now ?

:shock: Seriously? That's not a problem? I think things seem ok, but I'll have to take a look tomorrow when I have more time, right now, I should be doing an overdue assignment for college, so I'll have to take a look at things tomorrow.
Killiney
Regular Member
 
Posts: 30
Joined: April 17th, 2008, 9:35 am

Re: Mlaware removal

Unread postby Katana » April 27th, 2008, 5:35 pm

It's not a problem from my point of view, it means that it is very unlikely that there is any malware left :)

I should warn you though, after discussing what happened to your machine with a couple of colleagues we feel that your hard drive may be on its way out.
I would suggest that you back up any important data that you want to keep.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Mlaware removal

Unread postby Killiney » April 27th, 2008, 5:44 pm

katana wrote:It's not a problem from my point of view, it means that it is very unlikely that there is any malware left :)

I should warn you though, after discussing what happened to your machine with a couple of colleagues we feel that your hard drive may be on its way out.
I would suggest that you back up any important data that you want to keep.


That doesn't sound good. When you say back up any important data, can that be done with the use of removeable storage devices?
Killiney
Regular Member
 
Posts: 30
Joined: April 17th, 2008, 9:35 am

Re: Mlaware removal

Unread postby Katana » April 27th, 2008, 5:55 pm

You can do it any way you like, CD, DVD external hard drive, USB/Flash drive.

As long as it is not on the drive inside the computer, anywhere else is fine.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Mlaware removal

Unread postby Killiney » April 27th, 2008, 5:59 pm

Hmmm. I've been thinking, would it be easier to get a new laptop? I don't like the one I've got and its not capable of running all the programs for college and stuff, and it gives me an excuse to save up lol
Killiney
Regular Member
 
Posts: 30
Joined: April 17th, 2008, 9:35 am

Re: Mlaware removal

Unread postby Katana » April 28th, 2008, 4:30 am

In some respects, a new machine is always worthwhile.
It depends on when you would be able to get it, I would suggest copying your important files in the next week or so to be on the safe side.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Mlaware removal

Unread postby Killiney » April 28th, 2008, 2:07 pm

That I can do.

Is there any way of checking to see if there's anything still on the machine?
Killiney
Regular Member
 
Posts: 30
Joined: April 17th, 2008, 9:35 am

Re: Mlaware removal

Unread postby Katana » April 28th, 2008, 2:44 pm

Give this scan a run

Active Scan
Your Antivirus and/or Antispyware may give a warning during the scan. This is perfectly normal
Please go to this site Link >> ActiveScan << LINK
  • Cclick the Scan Now button
  • Follow the prompts to install the Active X if necessary
  • Go and make a cup of tea/coffee/beverage of your choice and watch some TV :)
  • When the scan is finished, a report will be generated
  • Next to Scan Details click the small Save button and save the report to your desktop.
  • Please post the report in your reply.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Mlaware removal

Unread postby Killiney » April 28th, 2008, 2:57 pm

many thanks
Killiney
Regular Member
 
Posts: 30
Joined: April 17th, 2008, 9:35 am

Re: Mlaware removal

Unread postby Killiney » April 28th, 2008, 4:57 pm

ActiveScan log

;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-04-29 21:56:38
PROTECTIONS: 1
MALWARE: 20
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
AVG Anti-Virus Free 8.0 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00046186 W32/Alcan.A.worm Virus/Worm No 0 Yes No C:\Documents and Settings\Nathan\My Documents\LimeWire\Saved\Windows Media Player 11.zip[Setup.exe]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Nathan\Cookies\nathan@casalemedia[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Nathan\Cookies\nathan@atdmt[1].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Nathan\Cookies\nathan@tradedoubler[2].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Nathan\Cookies\nathan@fastclick[1].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Nathan\Cookies\nathan@tribalfusion[1].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Nathan\Cookies\nathan@mediaplex[1].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Nathan\Cookies\nathan@com[1].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Nathan\Cookies\nathan@statcounter[1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Nathan\Cookies\nathan@ad.yieldmanager[2].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Nathan\Cookies\nathan@apmebf[1].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Nathan\Cookies\nathan@serving-sys[1].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Nathan\Cookies\nathan@bs.serving-sys[1].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\Nathan\Cookies\nathan@adtech[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Nathan\Cookies\nathan@advertising[1].txt
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Nathan\Cookies\nathan@media.adrevolver[1].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Nathan\Cookies\nathan@ads.pointroll[1].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Nathan\Cookies\nathan@questionmarket[1].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Nathan\Cookies\nathan@zedo[2].txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Nathan\Cookies\nathan@adrevolver[2].txt
;===================================================================================================================================================================================
SUSPECTS
Sent Location
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description
;===================================================================================================================================================================================
182048 HIGH MS07-069
176382 HIGH MS07-057
170907 HIGH MS07-046
170906 HIGH MS07-045
170904 HIGH MS07-043
164913 HIGH MS07-033
160623 HIGH MS07-027
150253 HIGH MS07-016
;===================================================================================================================================================================================
Killiney
Regular Member
 
Posts: 30
Joined: April 17th, 2008, 9:35 am
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 89 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware