| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 116462 | 2011-03-05 01:54:00 | Remove XP Home Security 2011 Malware trojan? | chiefnz (545) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1183659 | 2011-03-05 02:47:00 | No good!!! Successfully ran Malwarebytes scan and removal but when I did a restart I still couldn't run exe files WTF? I may just do a backup of music,pics and movies and do a clean install of the OS. Any other ideas? |
chiefnz (545) | ||
| 1183660 | 2011-03-05 02:57:00 | when I did a restart I still couldn't run exe files WTF? Because its still infected: Start the PC in safemode with networking, download and run Rkill (www.bleepingcomputer.com) - see that page for other optons to run it if the exe wont run ( it should in safemode). Make sure system restore is ON. Run Ccleaner. After running Rkill, download and run Combofix (www.bleepingcomputer.com), read the instructions on its use. Download location (www.bleepingcomputer.com). ALL the above is done in safe mode. Just a warning. on the odd occasion combofix after removing the infections, can cause the PC not to load windows. This normally happens on really badly infected PC's. Hence system restore being on, so IF it turns turtle, you can run system restore back via a command prompt. Assuming it gets rid of the infection(s) (it should) there will be more than one, once restarted - download and run Super Antispyware, Spybot S&D, both in full scan modes. |
wainuitech (129) | ||
| 1183661 | 2011-03-05 03:26:00 | Because its still infected: Start the PC in safemode with networking, download and run Rkill (www.bleepingcomputer.com) - see that page for other optons to run it if the exe wont run ( it should in safemode). Make sure system restore is ON. Run Ccleaner. After running Rkill, download and run Combofix (www.bleepingcomputer.com), read the instructions on its use. Download location (www.bleepingcomputer.com). ALL the above is done in safe mode. Just a warning. on the odd occasion combofix after removing the infections, can cause the PC not to load windows. This normally happens on really badly infected PC's. Hence system restore being on, so IF it turns turtle, you can run system restore back via a command prompt. Assuming it gets rid of the infection(s) (it should) there will be more than one, once restarted - download and run Super Antispyware, Spybot S&D, both in full scan modes. Still no result... bugger!!! Tried all the above but PC would not boot afterwards and I couldn't run system restore from the CLI either. I have decided to kill the OS once I've backed up all the files. Attached the drive to my rig and did a scan and nothing was found. thanks for all the advice though guys. Cheers, |
chiefnz (545) | ||
| 1183662 | 2011-03-06 03:06:00 | There's one last thing you can try before you nuke Windows. Get a live disc of Ubuntu Linux (i.e. pop it into your CD drive and boot off it), then when you boot off it and you get into Linux, click Applications, then go into Ubuntu Software Centre. Look for ClamAV and install it (note you must have an internet connection.) Then download definitions etc. and run a scan on your PC. Linux is great, so if you really must nuke Windows, consider installing Ubuntu instead because you don't get malware etc. with it. If you don't know anyone who can burn you a live disc of Ubuntu or you don't have one lying around, jump onto a working computer and go to ubuntu.com. Scroll down to the bottom of the page, and click DOwnload Ubuntu Desktop Edition. You can download an image of the disc and burn it onto a CD, or you can order a free CD (which can take ages to get.) This fix was in PC World, so it must work! :badpc: | mookster1 (15854) | ||
| 1183663 | 2011-03-06 21:03:00 | Do you have access to another PC? Install all apps as requested by PressF1's and update. Remove hard drive from infected PC. Install into USB Enclosure or as slave in PC. Run apps. That should kill the best.... This step has always been successful for me! | GR8Metal (14133) | ||
| 1183664 | 2011-03-06 23:22:00 | In that situation, I would remove the drive and clean from another pc! | SolMiester (139) | ||
| 1183665 | 2011-03-07 03:36:00 | If slaving the drive as others have suggested isn't viable, then the Kaspersky rescue disc (support.kaspersky.com) might help - it's a bootable Linux distro incorporating an A/V app - I'd disable system restore, and then boot into the disc and set it to deep scan. Might take a while, but it's pretty good; the key is not having the infected O/S running while scanning. | nofam (9009) | ||
| 1183666 | 2011-03-07 06:33:00 | Thanks guys, I have nuked the drive and re-installed everything. PC now running fine all updated and infection free. Cheers, |
chiefnz (545) | ||
| 1183667 | 2011-03-07 06:47:00 | There's a .com file you can download that repairs the associations. We had the same thing at work half a dozen times lately. Will find the details and post them for archivals sake |
Chilling_Silence (9) | ||
| 1183668 | 2011-03-07 06:52:00 | :thumbs: Nice one Chill. Yep that would be handy. Thanks, |
chiefnz (545) | ||
| 1 2 | |||||