VIrus ...
Results 1 to 9 of 9

Thread: VIrus ...

  1. #1
    Banned
    Join Date
    Apr 2003
    Posts
    3,840

    VIrus ...

    Im going to a friends house in a fre minutes, now he's telling me he has a virus ( from the sympotoms i think its Sasser.... now how can i remove it..yeas i have downloaded the removal tool, i know the removal instructions...should i boot into safe mode and remove it...should i update windows first then run the removal tool or vica-versa ?? And is there any other way that i can end a process because the Task Manager, Ms-Dos, msconfig automaticly closes in 2 seocnds when i open it....how can i end the virus process....or should i just run the tool... ? ANya dvice appriciated, i'm 98% sure i'll remove it, i just wanted to see if anyone else had it and how he removed it...Tx for any input guys...

  2. #2
    Senior Member
    Join Date
    Feb 2002
    Posts
    1,210
    yep safemode baby.. and don't bring just one removal tool.. there are at least three that I know of.. ms released (i think) version 3 of it's tool.. the first version was totally flawed.

    bring all your other tools too.. AV/trojan and spyware removal ones.. hijackthis.. etc.. may as well do a complete job.

    if you need help with the hijackthis log.. you know who to come to right ?
    (someone else you little bugger.. na.. just kidding, I'll help)

  3. #3
    Senior Member Spyrus's Avatar
    Join Date
    Oct 2002
    Posts
    742
    You can even run it from normal login if you want, the key is to make sure you disable windows System restore, because the tools never remove it from the restore function (note that disabling this will delete all previous restore points, but they are no good anyway anymore). You can do this by right clicking my computer going to properties and then clicking system restore option then disable it. I have run the symantec removal tool on prolly 200 computers and i just run the removal then add the patch. I have yet to have one return on me and the tool only takes like 5 minutes to run. When this is done I would reccommend removing the hard drive and scanning it on another comptuer. This will ensure that you dont have any other virii on your computer. then run through the typical spyware/adaware stuff... look here http://www.antionline.com/showthread...hreadid=257405
    Duct tape.....A whole lot of Duct Tape
    Spyware/Adaware problem click
    here

  4. #4
    Safe mode will keep it from starting, then you wont have to worry about the process. Use the tool, then go to safe mode w/ networking and update. Ive removed like 6 and thats worked great. Oh and make a batch file with shutdown -a, because some boxes ive worked on have been so slow I couldnt get to cmd in time.

  5. #5
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    i have yet to come across a box that is infected with only one virus. it seems like the last one they got is all they could stand. i tell people i work with in other departments to bring their computers in is they are having trouble yesterdat the cfo brought in his home computer...9 trojans, 4 different viruses (after stinger) and 128 pieces of adware/spyware. i used trendmicro's stinger after booting into safe mode. rebooted normally, then killed all the process i didn't want running then installed norton. ran adaware, spybot and finally had too use hijack this to get out the last remaining components, then connected to the internet from behind a firewall and got all the updates.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  6. #6
    Banned
    Join Date
    Apr 2003
    Posts
    3,840
    *Computer Fixed....tx guys...

  7. #7
    Senior Member Info Tech Geek's Avatar
    Join Date
    Jan 2003
    Location
    Vernon, CT
    Posts
    828
    You should share the technique you used for others to follow if the come across the same problem.

  8. #8
    Banned
    Join Date
    Apr 2003
    Posts
    3,840
    Ok i downloaded the removal tool Called "Stinger", http://vil.nai.com/vil/stinger/ i booted into safe mode, turned off System Restore, Ran the tool, removed 3 viruses ( it hink it detects 41 viruses, Bagle, Skynet, Sasser, etc...). Booted norally again and searched for any remaining files...(didnt find any). then i installed NAV 2004 and NIS 2004. Then i updated windows....thats about it...

  9. #9
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hah! you missed some

    Please get your friend to go into safe mode and run his updated AV etc. There might be some older ones in there that "Stinger" (the McAfee emergency tool) will not detect.

    I would then run Trend Micro's "Housecall" And Panda Software's online scanner. Then Adaware & Spybot S&D in safe mode, just like Tedob 1 has suggested. My last sortie yielded 3 viruses and 106 assorted scumwares. (Damn Ted~ you beat me )

    Over the past 4 years my experiences have been identical to Tedob1's..............careless people & multiple infections.

    Might also be worth running the trial of Moosoft's "The Cleaner"?

    Just a thought

    EDIT: and harden him up!

    1. RegistryProt
    2. SpywareGuard
    3. Spyware Blaster
    4. Run the "immunization" in SpyBot S&D

    http://Keir.net

    ScripTrap.............help him set that one up, you can set an automatic interface to the AV app.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides