Computer pests

[never_retreat]

I got a big one going on right now. Picked up from some health sight last night while i was browsing in the ER
Panda wont run on the computer. I scanned the hard disk with panda from another computer and came up empty handed.
Malware bytes nothing.
Cant run hijack this.
rkill works but kills nothing.
HELP.
I'm trying to download housecall from trendmicro. but I got killed as soon as the install was done.
Almost everything you try to do is, you don't have permission to do that.
I don't know what is going on.

[TechMan]

The biggest sledge hammer I can think of is Combofix, but it does carry some risk with it.

Do you have another computer available that you could download Kaspersky's Rescue Disk and burn the ISO to cd?

[never_retreat]

Thanks they are downloading now.
Ill try the kerpinsky first.
How does the combo fix work? I most likely wont be able to install or run it.

Im on another computer already. I don't want to give aps a diseases, god knows there are a few already.
 

[kgbsquirrel]

Did you remember to partition your drives initially and keep the important stuff off of the OS's drive?

[lee n. field]

I got a big one going on right now. Picked up from some health sight last night while i was browsing in the ER
Panda wont run on the computer. I scanned the hard disk with panda from another computer and came up empty handed.
Malware bytes nothing.
Cant run hijack this.
rkill works but kills nothing.
HELP.
I'm trying to download housecall from trendmicro. but I got killed as soon as the install was done.
Almost everything you try to do is, you don't have permission to do that.
I don't know what is going on.

AVG live CD.  Use unetbootin (goodle it) to make a bootable USB stick.  All this on a clean computer, of course.  Scan and clean the infested box.

Then combofix.  Some risk exists, as noted.

How does the combo fix work? I most likely wont be able to install or run it.

Dunno.  Magic.

[TechMan]

Combofix is magic...it mostly runs in DOS boxes, but you launch it from your windows interface.

[never_retreat]

I running the kerpinksi disk.
It started up and i bunch of stuff scrolled down the screen. It seams to have stopped. Is there supposed to be a long lag with nothing happening? Is that the scan. The cd drive is spinning up and down but thats about it?

[never_retreat]

Running the agv disk now. I think the kerpinsky was corrupt. It was stuck doing nothing.

[TechMan]

No...try rebooting,,,you eventually will get to a screen that you will have to hit A to accept the legal ease, from there you will have a gui and be able to launch the scanner from there.


Corruption could be a problem...though I have had it do the same thing that you describe and it would not work with the hardware in that computer.

[never_retreat]

No...try rebooting,,,you eventually will get to a screen that you will have to hit A to accept the legal ease, from there you will have a gui and be able to launch the scanner from there.


Corruption could be a problem...though I have had it do the same thing that you describe and it would not work with the hardware in that computer.

I got past all that. I crapped out after what looked like booting some sort of os.

[TechMan]

I got past all that. I crapped out after what looked like booting some sort of os.

Yep, it was booting another OS (linux variant) and you would come to another legalese screen.

[never_retreat]

Well it removed a while pile of crap. I rebooted and its still the some problem wont let me run anything.
Damit. Damit. Damit. Damit. Damit. Damit. Damit. Damit.

[Jim147]

Have you tried running any of these programs in safe mode?

jim

[never_retreat]

I been in safe mode the whole time.

[280plus]

It all sounds so very familiar. My answer was complete wipe and reload. These viruses are getting very intricate with blocking all the various malware stuff.

[never_retreat]

It all sounds so very familiar. My answer was complete wipe and reload. These viruses are getting very intricate with blocking all the various malware stuff.

It looks like it has come to that. I'm downloading crap onto a external hard drive now. I will scan all that before I reload it.
I just made a list of all my installed programs, Thats going to take awhile to reinstall.
I copied my .pst file off. Is there anyway to backup office setting like email accounts so I don't have to rebuild them all.
Luckily I don't store stuff on the computer, only stuff in progress.

[TechMan]

It looks like it has come to that. I'm downloading crap onto a external hard drive now. I will scan all that before I reload it.
I just made a list of all my installed programs, Thats going to take awhile to reinstall.
I copied my .pst file off. Is there anyway to backup office setting like email accounts so I don't have to rebuild them all.
Luckily I don't store stuff on the computer, only stuff in progress.

What version of Outlook?

[never_retreat]

07 I think

[TechMan]

From some quick googling it appears that there is not a native way to do it in Outlook, but this would, but you have to slap down $40 for it.

[never_retreat]

Anybody use this? Acronis® Backup & Recovery™
I was thinking about getting it to make up backup of everything in working condition.

[KD5NRH]

I can't remember what I had to do to get to the point where I could run system restore last time one hit me, but going to a roughly week old restore point cleared up the problems enough that I was able to use Hijackthis, Runalyzer and Spybot to clean up the rest of the mess.

[280plus]

I tried that, but used a couple different ones. It was ok for a couple days but then it was back. I got skeered about people getting my sensitive passwords.

I'm using mozilla know cause that's what bill left on it and I figured it was a hint.

[never_retreat]

So I just want to say that I think making a computer virus should be an executable offense.

[280plus]

I'm right there with you.

[RevDisk]

My stock solution is to disconnect from network/internet, remove the crapware "anti-malware" software, blacklight to check for rootkits, Microsoft safety scanner, some of the AV quick scanners, install Kaspersky AV, reconnect to the network/internet and patch the machine.  

Ideally, if a user is backing up their data, just format the machine, re-install with an unattended install disk (nLite for the win), install KAV, connect to internet, patch.  Microsoft killed off any offline patching utilities.  But if you're clever, you can isolate a port on a switch to only connect with your WSUS server.


You should not be using multiple AV/AM (anti-virus, anti-malware) products under normal circumstances.  Pick a good AV and use it solely under normal circumstances.  Trend, F-Secure, KAV are top tier.  McAfee, Bitdefender, Norton, Clam, Microsoft Security Essentials are second tier.  NOD32, AVG, et al are third tier.  

Patch your OS and software regularly.  Backup your info regularly.  This is as important or more important than your AV/AM solution.