Page 1 of 4 123 ... LastLast
Results 1 to 15 of 46
  1. #1
    New Lounger
    Join Date
    Dec 2009
    Location
    Galway Ireland
    Posts
    23
    Thanks
    9
    Thanked 0 Times in 0 Posts

    I think it is a virus

    Hi All
    Hope I am in the correct section
    I think I may have a vius on a friends pc that I have received.

    OS Win Xp with SP 3
    Symptoms
    IE 8 flashs and quits
    malware bytes and hijack this does the same
    Cannot get into safe mode just goes straight to boot up. The person can access their files. but not browse the internet.
    the error message that comes up is that "Windows cannot not access the specified device, path, or file. You may have inappropriate permissions to access the item"

    I have run TDSS rootkit. that has not solved the problem.
    and also reset IE 8

    your help in finding a solution would be very grateful.
    Dougie

  2. #2
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    Are there any security apps running?

  3. #3
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,631
    Thanks
    161
    Thanked 936 Times in 856 Posts
    I might try to put Malwarebytes on a flash in a known good PC then try to run on suspected infected PC.
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  4. #4
    New Lounger
    Join Date
    Dec 2009
    Location
    Galway Ireland
    Posts
    23
    Thanks
    9
    Thanked 0 Times in 0 Posts
    thanks for prompt reply

    There was a security app running but it was not paid for so was out of date. App was ca security. It is now deleted of pc.

    Tried to run malwarebytes from memory stick but same result.
    I am trying to avoid a clean install but if it has to be done so be it

  5. #5
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    I asked, because this looks very much the result of a security app malfunctioning. Did this happen after you deleted it, or is there no relationship?

  6. #6
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    You can also try either or both of these and see if it helps:

    http://live.sunbeltsoftware.com/ - It is an exe, you can execute it from a command prompt and see if it helps

    http://www.avira.com/en/support-down...-rescue-system - it will allow you to create a bootable CD, that you can use to scan the problematic system.

  7. The Following User Says Thank You to ruirib For This Useful Post:

    Dougie (2011-12-29)

  8. #7
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Calif
    Posts
    182
    Thanks
    0
    Thanked 14 Times in 13 Posts

    Lightbulb

    Hi Dougie : Would recommend you ask for help from an experienced, trained, certified, VOLUNTEER "Malware Removal Specialist" found on many Advanced malware removal forums . There are no such Specialists on these Windows Secrets Forums . The one I recommend is at www.geekstogo.com/forum . Eventually you would follow the Advice in their "Malware and Spyware Cleaning Guide"
    For the BEST in what counts in Life :

    http://www.ctftoronto.com

  9. #8
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    Milwaukee, WI
    Posts
    737
    Thanks
    23
    Thanked 64 Times in 52 Posts
    I just went through this exact issue with my daughter's XP laptop. From a non-infected PC, download the Microsoft Standalone Security Sweeper. You will will need a blank CD. It takes a bit to download and burn the CD. Boot the infected machine from the CD. It will launch automatically, but you will have to click the Scan button. It can take a really long time to scan everything, in fact it warns you that it may take hours. It found and cleaned something like 35 malicious files/infections on her laptop. This should get you to the point of being able to run programs without them shutting down. Next boot the laptop normally and install MalwareBytes. Run a full scan, which will also take a long time. Very likely it will find everything that Security Sweeper missed. Next, since it doesn't sound like you have any A/V scanning running, download Microsoft Security Essentials. Even if you don't want it permanently, install it, update it, and run it. Go to Windows updates and install the latest patches. Finally, download, install, and run Secunia's Personal Software Inspector, it will check the 3rd party software for security issues. Patch or update those that are showing a risk. Most likely it will flag the Acrobat Reader, Flash Player, and Shockwave player if they are installed. Most likely the infection came from an infected file that took advantage of the vulnerabilities in on of these.

    Quote Originally Posted by SpiritWind View Post
    Hi Dougie : Would recommend you ask for help from an experienced, trained, certified, VOLUNTEER "Malware Removal Specialist" found on many Advanced malware removal forums . There are no such Specialists on these Windows Secrets Forums . The one I recommend is at www.geekstogo.com/forum . Eventually you would follow the Advice in their "Malware and Spyware Cleaning Guide"
    "Malware Removal Specialist"? That's a good one. No such thing except for those who are self proclaimed. Actually I think SANS was looking to do something like this a few years ago, but it never materialized AFAIK. Malware changes so fast any certification would be outdated weeks after it was issued. Realistically if you are looking for a malware expert, someone who is GIAC certified is closest to what you are looking for. However, the forum you link to is excellent and is a great resource for Systems Admins, PC techs, and serious hobbyists.
    Last edited by Doc Brown; 2011-10-14 at 12:56.
    Chuck

  10. The Following 2 Users Say Thank You to Doc Brown For This Useful Post:

    Derek Jr (2011-10-21),Medico (2011-10-14)

  11. #9
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,631
    Thanks
    161
    Thanked 936 Times in 856 Posts
    Doc thanks so much for your "specialized" response to a difficult situation. Perhaps using this free tool from, guess who, Microsoft, Dougie will not have to resort to the

    Quote Originally Posted by SpiritWind View Post
    experienced, trained, certified, VOLUNTEER "Malware Removal Specialists"
    since

    Quote Originally Posted by SpiritWind View Post
    There are no such Specialists on these Windows Secrets Forums.
    All of us non-specialists do sincerely thank you for this excellent post.

    Note: By the way I have already made the CD in case this ever happens to me or mine.
    Last edited by Medico; 2011-10-14 at 17:31.
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  12. #10
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    Milwaukee, WI
    Posts
    737
    Thanks
    23
    Thanked 64 Times in 52 Posts
    You're very welcome Ted!
    Chuck

  13. #11
    Super Moderator jwitalka's Avatar
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    6,797
    Thanks
    117
    Thanked 799 Times in 720 Posts
    Ted and Doc, while most cases of malware infection can be removed with programs like Malwarebytes and Microsoft's standalone security sweeper, some of the more recent and svere cases will not be removed by them. Spiritwind may be a little over the top in his explanation, but several Malware forums do specialize in frre removal advice and do train specialists with lengthy courses. Geekstogo is one and the one I use is Bleepingcomputer . It can be very useful to post to one of these forums if you are unable to remove malware on your own. I don't know for sure but I suspect Spiritwind has invested a lot of time being trained at Geekstogo and is one of thier specialists that offers free assistance.

    Jerry

  14. #12
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    The subject of training and certification in relation to malware has been controversial because many professionals feel that once infected, you can never know your system is clean unless you rebuild it from scratch. I think there was a lot of news when someone from Microsoft took that position. From that perspective, since full security cannot be guaranteed without rebuilding, allowing even a thorough cleaning to be described as "removal" could provide a false sense of security. Hence, the major certificating organizations did not create a program for this, and others apparently have stepped in with their own programs. The training might be excellent, and the cleaning state of the art, but you'll never be certain your PC is as safe as the moment you first connected it to the internet.

  15. #13
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Calif
    Posts
    182
    Thanks
    0
    Thanked 14 Times in 13 Posts

    Lightbulb Malware Removal Specialist"

    Hi All : For those who possibly may be interested, a "Malware Removal Specialist" is one who is a member of either "U.N.I.T.E. ( Unified Network of Instructors and Trained Eliminators ) and/or "A.S.A.P. ( Alliance of Security Analysis Professionals ) . There are Training "Schools" available if interested in joining either .
    For the BEST in what counts in Life :

    http://www.ctftoronto.com

  16. #14
    New Lounger
    Join Date
    Dec 2009
    Location
    Galway Ireland
    Posts
    23
    Thanks
    9
    Thanked 0 Times in 0 Posts
    Gentlemen

    Sorry for not replying sooner but was away working. I will now try the various solutions posted. It is great to have a place like this to call on when it trouble.
    I am extremely grateful for the ideas and I will post back the results.

    Dougie

  17. #15
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    Milwaukee, WI
    Posts
    737
    Thanks
    23
    Thanked 64 Times in 52 Posts
    Quote Originally Posted by jwitalka View Post
    Ted and Doc, while most cases of malware infection can be removed with programs like Malwarebytes and Microsoft's standalone security sweeper, some of the more recent and svere cases will not be removed by them.
    Jerry
    Point well taken. Which is why I think its important to run more than one program. In the steps I outlined above, notice I suggested not one or two programs, but three. Even a second pass by MalwareBytes after the fact may not be a bad idea either. Another boot disk that could be used is the Kasperky TDSSKiller, as well as a few other root kit detectors out there. When attempting virus/malware removal one has to weigh out the time involved vs. the time of a complete rebuild. There have been times when I've been comfortable with the removal process, and times when I haven't and have chosen to rebuild. For my own stuff, I maintain images which makes that choice a lot easier.

    Quote Originally Posted by SpiritWind View Post
    Hi All : For those who possibly may be interested, a "Malware Removal Specialist" is one who is a member of either "U.N.I.T.E. ( Unified Network of Instructors and Trained Eliminators ) and/or "A.S.A.P. ( Alliance of Security Analysis Professionals ) . There are Training "Schools" available if interested in joining either .
    Thank you for posting that info. There are some very good links on the U.N.I.T.E. site. Keep in mind that like the lounge, these folks are all volunteers who's expertise varies widely. These sites are just more focused than the lounge. Much of the info in my post came from snippets derived from member sites of U.N.I.T.E. My experiences in removing viruses/malware is like searching Microsoft for a direct technical answer on an operating system issue. There isn't one. But little pieces parts from various posts found by strategic Google searches, coupled with a knowledge of how things work, is the way to get things fixed.

    Quote Originally Posted by Ted Myers View Post

    Note: By the way I have already made the CD in case this ever happens to me or mine.
    One thing to keep in mind is that it may be better to make the CD when you actually need it. Like any other A/V-Anti-malware program it depends on current signatures. I suspect that within a month a given CD is out of date.
    Chuck

  18. The Following User Says Thank You to Doc Brown For This Useful Post:

    Dougie (2011-12-29)

Page 1 of 4 123 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •