Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Is there a system restore disk for sheep then?

This is the place for general discussions - we are a family site - no bad language, no flames.
A Moderators word is final.

Is there a system restore disk for sheep then?

Unread postby fleamailman » February 28th, 2006, 8:10 pm

No my friends are not sheep(wool only between ears) but it gives you some idea of what I am dealing with. Dream, mend friends machine, give restore disk by program recommended here and put my feet up. Reality, "high long time no see, btw my daughter's computer...., her homework, end of the world, etc.," system restore, stand alone, all too dificult, just press start, it copies without options, put in laptop, it restores. The simple life then.
User avatar
fleamailman
Banned Member
 
Posts: 171
Joined: October 28th, 2005, 6:32 pm
Location: geneva
Advertisement
Register to Remove

Unread postby Joffers » March 1st, 2006, 4:34 am

Can you not post a HJT log in the Malware Removal forum from that computer, get it analysed by an expert. Then download and run Ewido or A²?
User avatar
Joffers
Banned Member
 
Posts: 126
Joined: February 23rd, 2006, 3:03 pm

Unread postby fleamailman » March 1st, 2006, 6:06 am

joffers, thanks for your post and concern, that HJT log has been rightfully moved to the backroom of this site where I am running both the victim's side and the trainnee side too, my eye is on the clock, the process and the comunication. In fact, I infected myself in order to see what the symtoms are and not just to work from a log, also the log to me isn't finished until I know what is the problem was, (for example if it is Smitfraud can one still use CWshredder, if it is Coolwwwsearch can one Ewido or A2. A google search will tell one which lines are corrupt but not which program is best for that particular problem, only advice from experts here and ones own experience will give you that on going knowledge. I am at this point taking my studies very seriously, and the first thing I will do after cleaning up is machine will be to reinfect myself again with something else, the goal is simply to match the symtom with the best solutions with experience here. The problem in short for me is that since there are so many solutions it turns into a "the good is the enemy of the best" problem as they say in French. Another point, it is often the case that the person cannot get his Internet to run meaning that he is comunicating from a third person's machine, scans are out until he can get back on line, msbust springs to mind here, anyway I might sound like a nutter but even so building up a case files from experience might help other people here later.

btw I would prefer that this thread isn't hijacked further since I really would like to have a program that clones a machine at idiot level for victims, for example what is the point of cleaning up at comp here if one can't also then offer the victim the option that he may then make a clean backup of it.
User avatar
fleamailman
Banned Member
 
Posts: 171
Joined: October 28th, 2005, 6:32 pm
Location: geneva

Unread postby richieb001 » March 1st, 2006, 11:13 am

Might be worth looking here for some freebies for cloning hard drives.

http://www.thefreecountry.com/utilities ... mage.shtml

There are plenty of commercial ones out there also, although I'm not too sure how idiot proof they all are (I would guess that none are).
Nero Burning Rom also has a hard disk cloning program in the Nero suite.

Cheers,

RichieB
richieb001
Regular Member
 
Posts: 70
Joined: February 16th, 2006, 5:47 am

Unread postby fleamailman » March 1st, 2006, 11:35 am

thks richieb001, I owe you one
User avatar
fleamailman
Banned Member
 
Posts: 171
Joined: October 28th, 2005, 6:32 pm
Location: geneva

Unread postby Kimberly » March 1st, 2006, 12:14 pm

It's not a free solution, but it's really easy to use. Ghost from Symantec. No problems to backup the whole HDD, put it on a CD, DVD (both bootable if you wish), on an external USB drive ...

Two ways to restore : If XP is still working you can start it from the Ghost gui and with 2 mouse clicks the PC is rebooted and the restore process takes place. If XP doesn't boot anymore, you can start it from the bootable cd / dvd, select source and destination and there you go. If the media ain't bootable, start ghost from a floppy. It really backs up everything, even your MBR will be restored to it's initial state.

I'm using it myself since several years, never had a problem with it.
User avatar
Kimberly
MRU Teacher Emeritus
 
Posts: 3505
Joined: June 15th, 2005, 12:57 am

Unread postby random/random » March 1st, 2006, 2:28 pm

I use ghost as well. But remember it will overwrite the whole partition(or harddrive) so you will want to create a second partition and map the my documents folder to it. So that all the work is not lost when you restore

Personally I store the ghost image on the second partition

Some disk cloning programs claim to be able to clone drives from within windows but this can cause a lot of problems with files not being cloned correctly. So personally I always boot off of a ghost CD to make images of the drive.

Another disk cloner is acronis true image.
User avatar
random/random
Developer
Developer
 
Posts: 7730
Joined: December 18th, 2005, 3:30 pm

Unread postby fleamailman » March 1st, 2006, 3:01 pm

My fault sorry, but actually thank you both for this suggestion here as I will try Norton ghost for myself, and am really greatful; however, since I would still like to recommend something to the victim once his computer is clean I cannot recommend a product which isn't free. So I suppose I am looking for a program that has almost no options at all, is free, simple to use(and cute if possible)

Once again I think the feedback spirit is great here.
User avatar
fleamailman
Banned Member
 
Posts: 171
Joined: October 28th, 2005, 6:32 pm
Location: geneva

Unread postby Joffers » March 1st, 2006, 3:12 pm

Try Ewido, if the OS is XP, it will work. If 98 or other, I'm afraid it won't. Download A² in that case, which works on all Windows OS's, then post the log to the other thread, you are recieving help at :)

A² is free, if you click the link in my sig, and scroll down, it will say "A² Free", good luck.
User avatar
Joffers
Banned Member
 
Posts: 126
Joined: February 23rd, 2006, 3:03 pm

Unread postby Alphalutra1 » March 1st, 2006, 3:43 pm

Great free deals on payware located here at http://www.pcuser.com.au/pcuser/hs2.nsf ... gistration . In January of 2006 there is one for Paragon Imagin software
User avatar
Alphalutra1
Banned Member
 
Posts: 84
Joined: December 22nd, 2005, 12:27 pm
Location: 127.0.0.0/255.0.0.0

Unread postby Kimberly » March 1st, 2006, 3:47 pm

Joffers wrote:Try Ewido, if the OS is XP, it will work. If 98 or other, I'm afraid it won't. Download A² in that case, which works on all Windows OS's, then post the log to the other thread, you are recieving help at :)

A² is free, if you click the link in my sig, and scroll down, it will say "A² Free", good luck.


Joffers, we are talking about BACKUP SOFTWARE not about cleaning up spyware.
User avatar
Kimberly
MRU Teacher Emeritus
 
Posts: 3505
Joined: June 15th, 2005, 12:57 am

Unread postby Joffers » March 1st, 2006, 3:59 pm

Yes, but I was suggesting trying to clean the machine instead of re-formatting, as he said he was thinking of doing in the first post.
User avatar
Joffers
Banned Member
 
Posts: 126
Joined: February 23rd, 2006, 3:03 pm

Unread postby random/random » March 1st, 2006, 4:21 pm

I think a product like deep freeze may be the best option.

It basically means that all changes to C:\ will be lost when you reboot. Just remember to put work on D:\ or another partition/harddrive!

This http://www.microsoft.com/windowsxp/shar ... fault.mspx is similar, I think and most importantly free

Probelem with it is updating software.
User avatar
random/random
Developer
Developer
 
Posts: 7730
Joined: December 18th, 2005, 3:30 pm

Unread postby fleamailman » March 1st, 2006, 5:09 pm

First: Joffers, thanks for the advice, this is a selfsought infection to learn more on a dummy computer, I can actually remove the malware for myself and would do so, but then again I still would not know which malware I had actuallly got and its telltail symtons. Could someone have a look at that log and just name the malware for me. I believe that it show signs of Smitfraud but since there were also lines of bargainbuddy together with the toolbar there is Coolwwwsearch too. My goal is to know what I am seeing both form being the victim here and from your reading the HJT log for me, if then I can put the two together I would feel more confident with cleaning other people's malware this way. In fact, I ask myself if this isn't their new approach of mixing malware together to confound the victims efforts to remove it.

Second: I repeat my thanks to everyone here for their pointing me to programs that I can offer victims to make their restore disks. It seems I am making a lot of homework for myself then.

btw The shop where I have been helping out these two years, together with most of the other computer repair shop here in Geneva, tend to go for save/reformat/reinstall/load, their reason has nothing to do with the pros and cons of HJT logs but more to do with convincing the victim that the malware they contracted today had nothing to do with the malware they had the shop remove before, the victim just says it is the same and get rid of it this time for free or else. However, and even if I will be unable to use HJT in the shop itself, the program still has a lot going for it since it gives one a picture of the state of ones Internet conection, and helps those victims who wish to clean their computer for themselves with the help of HJT teachers to do so, which brings me to the feeling that it is pity to clean someones log, offering means to safeguard against malware per say, and the not offer some sort of backup system too.

Sorry if these post are too long, I really am now interested in being able to repay you guys for the education I am seeking from you.
User avatar
fleamailman
Banned Member
 
Posts: 171
Joined: October 28th, 2005, 6:32 pm
Location: geneva

Unread postby jahewi » March 2nd, 2006, 9:09 am

Hi there, fleamailman :D

I really hope you don't mind me giving you some of my thoughts.
After reading this topic and the thoughts/questions that you've laid down, i think the following remarks may help you in you quest for knowlegde ;)

fleamailman wrote:First: Joffers, thanks for the advice, this is a selfsought infection to learn more on a dummy computer, I can actually remove the malware for myself and would do so, but then again I still would not know which malware I had actuallly got and its telltail symtons. Could someone have a look at that log and just name the malware for me.

Actually, with (a little) help from Google and search-lists like those on Castle Cops, a lot of HijackThis-items can be found -- So, malware responsible for the bad items can also be found. When you know the name of the malware-variant, you can often find a description of it, or from a member of the same 'family', in one or more malware-libraries & -databases.
I believe that it show signs of Smitfraud but since there were also lines of bargainbuddy together with the toolbar there is Coolwwwsearch too. My goal is to know what I am seeing both form being the victim here and from your reading the HJT log for me, if then I can put the two together I would feel more confident with cleaning other people's malware this way. In fact, I ask myself if this isn't their new approach of mixing malware together to confound the victims efforts to remove it.

A lot of malware-variants (like smitfraud- and CWS-variants ... and many, many more ...) do not come alone. Those combined and complicated malware-infections, made up of a combi from all sorts of malware, usually start with sneaking in a downloader- or installer-trojan, wich in turn downloads it's malware-friends and gives them opportunity to install.
Second: I repeat my thanks to everyone here for their pointing me to programs that I can offer victims to make their restore disks. It seems I am making a lot of homework for myself then.

You certainly do, fleamailman :D
btw The shop where I have been helping out these two years, together with most of the other computer repair shop here in Geneva, tend to go for save/reformat/reinstall/load, their reason has nothing to do with the pros and cons of HJT logs but more to do with convincing the victim that the malware they contracted today had nothing to do with the malware they had the shop remove before, the victim just says it is the same and get rid of it this time for free or else. However, and even if I will be unable to use HJT in the shop itself, the program still has a lot going for it since it gives one a picture of the state of ones Internet conection, and helps those victims who wish to clean their computer for themselves with the help of HJT teachers to do so, which brings me to the feeling that it is pity to clean someones log, offering means to safeguard against malware per say, and the not offer some sort of backup system too.

You certainly have a good point, there. However, the problem is, like you already discovered, that finding a good and free of charge backup-solution is not so easy to find ...
Sorry if these post are too long, I really am now interested in being able to repay you guys for the education I am seeking from you.

I, for one, liked reading your post! 8)

I hope my answers help you ... even though they are a bit 'off-topic' ;)


Jan :)
User avatar
jahewi
Developer
Developer
 
Posts: 64
Joined: February 25th, 2006, 8:59 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to General Discussions



Who is online

Users browsing this forum: No registered users and 5 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware