Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Malware Assistance - can't remove with my own small brain :(

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Malware Assistance - can't remove with my own small brain :(

Unread postby Combat Yeoman » January 8th, 2009, 6:00 pm

OK,
Here's my last shot... :)

Scanner results
Scan taken on 08 Jan 2009 21:55:57 (GMT)
A-Squared Found nothing
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
G DATA Found nothing
Ikarus Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Sophos Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found nothing
Combat Yeoman
Regular Member
 
Posts: 35
Joined: December 31st, 2008, 6:36 pm
Advertisement
Register to Remove

Re: Malware Assistance - can't remove with my own small brain :(

Unread postby Bv202 » January 9th, 2009, 1:01 pm

Hi

Yes, that one is clean! Let's use it now to replace the infected files :)

Download Combofix
This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper


Please download ComboFix from one of these locations:

Link 1
Link 2
Link 3

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Do not run ComboFix yet!!


COMBOFIX-Script

  • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:

    Code: Select all
    FCopy::
    c:\windows\ServicePackFiles\i386\userinit.exe | C:\WINDOWS\system32\userinit.exe 
    c:\windows\ServicePackFiles\i386\userinit.exe | C:\WINDOWS\system32\dllcache\userinit.exe 
    

  • Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.

    Image
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.
CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

If ComboFix didn't reboot your computer yet, please do it now by yourself. Then, go again to jotti and upload this file:
C:\WINDOWS\system32\userinit.exe

Post the results in your next reply.

Also, let's have a look if there are any other copies present which may be infected:
Download FileFind by Atribune and unzip it to your Desktop.
  • Double click on FileFind.exe to open the programme.
  • Enter userinit.exe into the File: box.
  • Click on the Search button.
  • After a while a list of file locations will appear in the List of Files: box.
  • Click on the Export button.

This will create a Notepad file named Export.txt located in the C:\ folder, copy and paste it to your next post please.

In your next reply, please post:
1) The ComboFix log
2) The Jotti results
3) The FileFind log
Bv202
Regular Member
 
Posts: 1732
Joined: May 3rd, 2008, 10:46 am
Location: Belgium (GMT +1)

Re: Malware Assistance - can't remove with my own small brain :(

Unread postby Bv202 » January 12th, 2009, 1:16 pm

Hi again

It's been 3 days since my last reply - do you still need help? If not, please tell us so we can close the thread.

If you don't reply within 2 days, this thread will get closed.
Bv202
Regular Member
 
Posts: 1732
Joined: May 3rd, 2008, 10:46 am
Location: Belgium (GMT +1)

Re: Malware Assistance - can't remove with my own small brain :(

Unread postby Shaba » January 14th, 2009, 8:05 am

Due to lack of Response this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 495 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware