Emsisoft

Hi Guys,

Last thread (closed) I found out that SAS, is not quite up to it potential.

So what do you think of "Emsisoft Emergency Kit Scanner"?

I'm cleaning an XP Box, that was heavily infected, with only Norton for protection, (not sure now what ver):

I ran "rkill" & got Hitman Pro to run this removed a rootkit ( _Setupx.dll ) plus many tracking cookies.

next. Emsisoft Emergency Kit which found:

Trojan.Suspect.CRC!IK 1
Win32.Suspect.CRC!IK 1
Gen.Trojan.Heur!IK 6
Trojan.ATRAPS!IK 2

I also like & plan to do an: eset online scan

Is this a good 1,2, 3 plan. Would you recommend replacements for the above mentioned?

Thanks
Rico

 

MBAM
DR Web CureIT
Emsisoft emergency kit

 

I would do a scan with "at least" one Antivirus Rescue CD. Some examples are:

1. Kaspersky Rescue Disk 10 CD
2. BitDefender Rescue CD
3. Avira Rescue System CD

A scan with Malwarebytes Anti-Malware is also highly recommended.

Dr.Web Cureit is also very good, but the scan speed is very slow.

 

1; No.
2; No.
Sounds pretty arrogant perhaps but with a rootkit and trojan infected system, it's not much use to keep scanning, fast-scanning, core-scanning, deep-scanning, online-scanning etc.
Safe yourself time, reboots and aggravation; backup important data, remove 'n repartition if applicable, full format the HDD/partitions and reinstall the OS and progs, then put back the well-scanned data.
It's the only way to be sure the system is clean and it's way faster than waiting on multiple full scans. (All imao of course ).

 

Sounds like an good 1, 2, 3 plan

Try Panda ActiveScan 2.0
http://www.pandasecurity.com/activescan/index/

Microsoft Malicious Software Removal Tool
http://www.microsoft.com/security/malwareremove/default.mspx

ESET Online Antivirus Scanner
http://go.eset.com/us/online-scanner/

Microsoft Safety Scanner
http://www.microsoft.com/security/scanner/en-us/default.aspx

Avira AntiVir Rescue System CD (I prefer the executable download)
http://www.avira.com/en/support-download-avira-antivir-rescue-system


NOTE: Choose Full Scan with all the above


HKEY1952

 

Malwarebytes antimalware
Hitman pro
Emsisoft emergency kit
Superantispyware
Tdssiller
F-secure easyclean
Bytehero
Norton power eraser
Remotedll

Online Scanner:

F-secure
Eset

Rescue Cd:

Avira
E-scan

 

Damn, if it was heavily infected just reformat it, we will never get rid of all traces, nothing like the SMELL (Inhaleeee . . . farts J/K) of a fresh OS!

 

There are times, cases, and or circumstances when an persons, friends, or clients computer exists valuable, personal,
or irreplaceable data and the above approaches in attempts to salvage that data are well worth the efforts before
permanently destroying that data.

When the core of the infection is removed from the computer the traces pose no further threat. From there the data
can be copied or archived to an external source and scanned for infections again. When the data is clean it is clean.

Or the owner of the computer can choose to live with the traces left behind from the infection as there is no threat.
Reformating the Hard Disk Drive is for Paranoia or if the infection caused permanent damage to Operating System Files.
However, before Reformatting.....SAVE THE WANTED DATA TO AN EXTERNAL SOURCE AND SCAN FOR INFECTIONS.

Reformat.....you loose.....
Nothing more rewarding than the smell of success


HKEY1952

 

You can try formatting the OS and install it on top of the old one without deleting the files

 

Start with

1. HMP
2. MBAM
3. EEK
______________
= The Holly Triad...

Then, go for Online Scanners, Live CDs, and Other Removal Tools (TDSSKiller, GMER, ComboFix etc.)

 

Yes.....good point and advice Noob.....

I believe that Microsoft referes to that procedure as 'Repair Windows'

I would still backup the most important files first to an external sourse before proceeding.


HKEY1952

 

Hahaha i think there was once an article about formatting on Technet or Windows

 

It's surprising no suggestions of :

autoruns
process explorer
tcp viewer
ark
...