Prev: Hard drive filling up??
Next: additional guard
From: Buck Rogers on 8 Dec 2009 14:53 On Tue, 8 Dec 2009 06:24:52 -0500, "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote: >From: "Buck Rogers" <buck(a)rogers.com> > > >| Question: Would Mbam or Combofix quash the crapware if I took the HD >| out and slaved it to another computer? That is, would the programs >| look at the registry, etc. of, and clean up the slave? If so, that >| seems to be the best solution for me, as trhe computer will not boot >| to a USB device. > >| Regards and thanks again for the input. > >| Buck > > >MBAM - yes. > >If you boot of the Recovery Console or if you place the drive in a surrogate PC you can >remove the offending EXE files, replace the drive in the affected PC and fully scan with >MBAM and other software such as Gmer. Mr. Lipman, Thanks for the input. I'll start the slave process this afternoon. I'll get back with my results. Regards, Buck
From: Buck Rogers on 8 Dec 2009 14:59 On Tue, 8 Dec 2009 07:40:14 -0500, "FromTheRafters" <erratic @nomail.afraid.org> wrote: >> >> FromTheRafters, >> >> Thanks for the input. Good suggestion. >> >> Question: Would Mbam or Combofix quash the crapware if I took the HD >> out and slaved it to another computer? > >If slaving the drive on another computer is easier for you - yes, you >can clean the drive of detectable malware that way. > >> That is, would the programs look at the registry, etc. of, and clean >> up the slave? > >No, you would still have to clean up the registry after bringing the >'cleaned' drive back to the "victim" computer. Depending on what >method(s) the malware used to defeat the execution of executables, you >may still not be able to run them easily if you boot from the affected >drive. > >> If so, that seems to be the best solution for me, as trhe computer >> will not boot to a USB device. > >No bootable CD either? You should suggest strongly to your customer to >remedy this situation (and make backups). > >Maybe you could download a 'regfix' file to the victim drive while you >are still hosting the drive on the 'good' computer. > >I've had some success with fixing the 'exefile' borked registry by >renaming the 'regfix.reg' (or exefix.reg) file as the malware filename >so that an attempt to run any exe (com,bat, or scr) actually invokes and >imports the regfile. I haven't tried this since I moved from Win98 to XP >though - so it might not work as I remember it. > >A lot depends on your level of expertise - good luck. > FromTheRafters, Thanks for the additional input. I'll start the slave process this afternoon to see if I can get on top of this thing enough to at least let me run an executable once I put it back in the original machine. I'll get back with the results. Regards, Buck
From: David H. Lipman on 8 Dec 2009 17:04 From: "Buck Rogers" <buck(a)rogers.com> | Mr. Lipman, | Thanks for the input. I'll start the slave process this afternoon. | I'll get back with my results. | Regards, | Buck Please... Just Dave or David :-) -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: Tiestosteele on 14 Dec 2009 13:36 Hello, I am having this same issue, Would LOVE some help if anyone could. I have this damn antivirus live infection, I found step by step instructions on how to remove said virus. Basically it tells me to run two removal tools, which I have transfered to the infected laptop's desktop. Issue is that the computer will not allow me to open any files, giving me a message that this application can not be executed because it is a virius. I do not have the knowledge to take out the HD and slave it too another machine. Is there anyway I can get this removal tool to open? My only other option is best buy said for $200 they would reinstall windows and I can start fresh. I dont really want to spend $200 the computer is only 2 months old and cost me $1100. Just sucks being able to find a solution but can not run the software to fix the problem. I can not reinstall windows myself because my computer never came with the disks I was supposed to make them myself, never got around to it. Smart move on my part. Any thoughts? Thanks -- Tiestosteele ------------------------------------------------------------------------ Tiestosteele's Profile: http://forums.techarena.in/members/163919.htm View this thread: http://forums.techarena.in/security-virus/1279655.htm http://forums.techarena.in
From: Andy Medina on 14 Dec 2009 14:40
What brand and model computer? Some have a restore partition that you can use to restore the system to the way it was when new. Gateway for instance, by pressing the F11 key just after the bios screen disappears and before the Windows boot screen appears, will restore the computer to the factory image. Hopefully nothing was dumped in there to reinfect the machine. "Tiestosteele" <Tiestosteele.43783b(a)DoNotSpam.com> wrote in message news:Tiestosteele.43783b(a)DoNotSpam.com... > > Hello, > > I am having this same issue, Would LOVE some help if anyone could. > > I have this damn antivirus live infection, I found step by step > instructions on how to remove said virus. Basically it tells me to run > two removal tools, which I have transfered to the infected laptop's > desktop. > > Issue is that the computer will not allow me to open any files, giving > me a message that this application can not be executed because it is a > virius. > > I do not have the knowledge to take out the HD and slave it too another > machine. Is there anyway I can get this removal tool to open? > > My only other option is best buy said for $200 they would reinstall > windows and I can start fresh. I dont really want to spend $200 the > computer is only 2 months old and cost me $1100. > > Just sucks being able to find a solution but can not run the software > to fix the problem. I can not reinstall windows myself because my > computer never came with the disks I was supposed to make them myself, > never got around to it. Smart move on my part. > > Any thoughts? Thanks |