Jump to content
exile360

***False positive Trojan.Downloader.ED***

Recommended Posts

Still not able to pull up the MBAM fix tool as I cannot boot to Safe Mode still. Have done the newest Runrecoveryconsole.bat but that's as far as I can get. Am resigning myself to the fact that I will end up losing all my files, pics. emails etc. Bummed out big time. I am now about to reinstall Win7 Pro 64 bit but I am stuck at this screen. hmm now I cannot insert here.. anyways... I can either boot to my main drive or format my recovery partition to boot to. Any suggestions as I am trying to not lose all my files... This really sucks... Been working on this for a week now... Also says I cannot boot to my OEM Partitions as it is reserved... Any help out there for this ? Thanks in advance....

Share this post


Link to post
Share on other sites

Yes all your data is still there so whatever you do do not run a system recovery restore or factory restore without backing up the data first. This can be done with a bootcd and a usb drive. Did you contact support per the first post in the thread to help you with this?

Share this post


Link to post
Share on other sites

Yes I have been contacted by 2 different people now. My current help is Nan. I was going to do a parallel install thinking I would be able to save my files. So far no luck with either version of the runsystemrestore.bat. Can't boot to safe mode to get the fix run tool. Frustrated and getting ready just reformat my HD or try the parallel install which was told to me to be the only nondestructive way to get to my files. Am I wrong aabout that? Thanks

Share this post


Link to post
Share on other sites

a parallel install would allow you to do that. I would recommend you contact nan about that because you have to be careful. If you do it wrong you will wipe out your data.

Share this post


Link to post
Share on other sites

@Hammersteam

Do you have the Vista install DVD ? If so you might be able to boot from that and then copy the explorer.exe file to the c:\windows folder which may be what is keeping the desktop from showing.

Share this post


Link to post
Share on other sites

I had tried that and it would not fix. don't recall everything but I got stuck in a loop of try to repair or start normally neither of which worked...

Share this post


Link to post
Share on other sites

That's okay Hammersteam

Just wanted to ensure you can get in there. Please start the Repair but go into the Command Prompt.

Then try to see if the following files exist or not on the system. Please change the drive letter to match the drive where Windows is installed as the Recovery Environment may take that drive letter.

Example:

DIR C:\Windows\system32\USERINIT.EXE

DIR C:\Windows\EXPLORER.EXE

or this

DIR D:\Windows\system32\USERINIT.EXE

DIR D:\Windows\EXPLORER.EXE

If they do not exist then try to copy them from the Recovery Environment

Example

copy x:\explorer.exe C:\Windows

or

copy x:\explorer.exe D:\Windows

The same idea with USERINIT.EXE

If you need further or exact examples of doing this please let me know.

Share this post


Link to post
Share on other sites

Yes please explain or give me another example.. I cannot work on this at the moment but will get back to it asap since I've been down for over a week now... I've forgotten to copy out of the command prompt onto the notepad? I haven't worked in the command prompt for a long long time so I've forgotten a lot but it will come back to me.

When you say the Recovery Enivironment, do you mean the main hd or... I'll try to attach a pic...

This is the last screen just before I was about to install Win7 Pro 64bit in a parallel way on the only drive it would let me do it on. Not sure if this was going to work in an effort to save my files...

post-138525-0-28878300-1366829924.jpg

Share this post


Link to post
Share on other sites

No this is not correct Hammersteam.

Your files are okay and are safe as long as you don't run things like this on your own. Installing in parallel will install Windows 7 (but you say your computer is Windows Vista) but then ALL your programs and shortcuts will need to be reinstalled and recreated again which I'm sure you want to try and avoid.

Please use the other link I provided you with doing the Startup Recovery for Vista as shown in this link

http://www.vistax64....tup-repair.html

1233d1358755969t-startup-repair-startup_repair.jpg

From there you would click on the Command Prompt link to do the DIR commands to look for files. Once you're at the DOS prompt then you can do the DIR commands as shown.

Share this post


Link to post
Share on other sites

Yes I have done that several times and it puts me in a loop of either start normally or do another repair neither of which work.... I never said I have Vista I have installed Win7Pro 64bit

Share this post


Link to post
Share on other sites

Okay sorry about the Vista (not sure where I saw that, perhaps another user)

Are you able to use another computer to save data to a CD or USB stick if I send you a file to use in the Recovery Console?

Share this post


Link to post
Share on other sites

@noodz617

Unfortunately we won't reimburse you as you or someone assisting you took actions on the comptuer that should not have been done.

That said if the data is important to you then you should shut down the computer now and cease any further use and have a professional assist you with data recovery.

In most cases even with a reinstall of Windows you can often restore most of the user data if you stop using the computer and just shut it down.

Use Yelp.com to locate a reputable data recovery expert in your area and they should be able to help you. Yelp should have recommendations from users such as yourself to rate the shops.

@AdvancedSetup WTF you wont reinburse me. You listen to me, Mbam reported tons of viruses spreading through my system, i did not know these were false positives. Thertefore i did what any sane person would do upon seeing MBAM report massive infection like this i cut my losses. I figured with such a large infection my computer and it being compimised on such a large scale that there was no way to safly remove it all, i could not boot to safe mode and i had credit card info passwords etc on the system i was not going to let the supposed Virus that did not exist access my personal data. so i formatted the hard disk. DONT TELL ME that reinbursment is not possible YOU are the ones that SCREWED up and YOU are the ones that will find me an amicable solution to my problem or YOU will be the ones that find yourself in court ill i ask for is you offer some sort of compensation. i would of accepted another mbam pro licence key for the wifes computer but this is clearly too much for you. I trusted MBAM. All the Photos of my baby Daughters first few months of life are gone because of your bad update. DO NOT TRY TO BLAME THE END USER FOR YOUR MISTAKE, FIX IT INSTEAD.

Share this post


Link to post
Share on other sites

We are not trying to blame the issue on anyone. The false positive was our fault and we admitted it and have offered free support to everyone to fix their systems. I'm sorry but the actions you took by formatting your drive and reinstalling were not a good choice. However if all you did was reinstall Windows without formatting the drive then ALL of your data is there it's simply in another folder that you may not recognize. Did you format the drive when you reinstalled Windows or did you just install over the top?

As said if you stop using the computer its possible that you might be able to recover the data even if you did format the drive first. We have helped hundreds of users with this false positive and I've certainly not seen every ticket myself but you are the only one that I'm aware of that may have deleted all their data. No matter what ever happens to ones computer data backup or recovery should always be the first thing done before deciding to format and reinstall without backing up ones data.

If you would like direct help on trying to recover the data (as long as you did not format first) please let me know and I'll personally assist you with getting those files. If you did format the drive then it's best to shut it down and stop using it and do a Professional Data Recovery as I recommended above.

Thank you

Share this post


Link to post
Share on other sites

I'm new to this forum as I was away for three weeks and ran a scan a few days ago Two trojans came up, and i moved them to the ignore list. Are these files two of the false positives, and are they necessary if I did indeed delete them?

Sorry, I am a bit of a novice.

The two files are:

C:\Windows\System32\aclcache.dll

C:Windows\SysWOW64\aclcache.dll

how can i check to see if these are on my system now? Help greatly appreciated as I have only been able to boot in safe mode.

thanks

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.