You do have to run in Safe Mode with Networking to access the
online scans. The problem is that many online scans require you to
load an ActiveX component to actually run the scan. Many times
the browser is "Polluted" and may not be able to access the site &
load/run the online scan. The SuperAntiSpyware online scan is just
a downloaded component with current defs that you can get from
a non-infected machine and copy/run on the infected one.
Here's the download link:
http://www.superantispyware.com/onlinescan.html
The filename is SAS_418B4.Com ~9.0 Megabytes. You want to
save the file and not Run to use on another PC.
*Don't mistake this for the Free version of SAS - it's a different
product.
Every situation is different and requires different tools, used in a
variable order. It's like a carnival "Whack-A-Mole" game you have
to exterminate one thing to be able to run the next. That's why a
PC may not be able to be cleaned thoroughly and a backup data
and fresh install is the only real solution. Even with a good cleanup
you have to verify no infectors remain, even RootKits.
Just to re-enforce what Malke said, here's a list of what I had to use
on a severely infected notebook with over 70 different Viruses,Trojans.
Including Vundo, Rogue AntiVirus and on and on....
Detect & Removal Steps:
1.) Safe Mode boot to run Trend-Micro SysCln
2.) Run the SuperAntiSpyware Online scan ( Captured to .Com )
Safe Mode ( no Networking )
3.) Run ESET NOD32 Online scan
4.) Run AutoRuns to block startup replication
5.) Install Malwarebytes and SpyBot ( Multiple Pass w/Boot Time scans )
6.) Install Microsoft Security Essentials ( Full Scan )
Cleanup & Repair:
1.) Reset all Registry Key permissions
2.) Fix or add Permissions to Windows Folders that were modified
Scheduled Tasks in \Windows\Tasks & several others:
*Must be done from Safe Mode as PC uses XP Home Edition.
3.) Repair or modify Hosts
4.) Delete or disable Browser Hijacks
5.) Cleanup \Downloaded Program Files
6.) Purge all Temp locations, Browser Caches, Cookies....
Sound like fun ?: - Nope and it can take a long time to complete all this.
Was customer's PC backed up ? - NO, but it is now. And all this got
onto a PC using AVG Free 8.
- Show quoted text -
Sorry for such a basic question: but I'd have to startup in safe mode
+networking in order to run the online scans correct? Will these
destroy the malware as at present won't run spybot and malwarebyte and
so this makes part 5 unworkable