I have an infection on a computer...

Discussion in 'malware problems & news' started by jjc225, Dec 17, 2020.

  1. jjc225

    jjc225 Registered Member

    Joined:
    Nov 25, 2010
    Posts:
    282
    On a clean computer I downloaded Emsisoft Emergency Kit to a flash drive, and then plugged it into a port of the infected computer, turned it on, and tried to install items, but it only got to 4% and stopped. I still have Internet access, but maybe I should do this offline. Are there any recommendations for a usb stick that has a cleaning program that will work against an already infected computer? Whatever the infection is, it disabled McAfee.
     
    Last edited: Dec 17, 2020
  2. A_mouse

    A_mouse Registered Member

    Joined:
    Jul 29, 2019
    Posts:
    94
    Location:
    A field
    If you have a virus infected device you should not let it go online or on a network.

    Don't try installing anything to the computer or you will likely infect those files.
    Run a standalone AV from a USB stick. no need to install.
    Malwarebytes was the goto choice for many until they stopped making a standalone.
    HitmanPro is a good option to try https://www.hitmanpro.com

    Not so many AV companies still offer a standalone you can boot from, but Avira still do and are one of the top 5 AV.
    https://www.avira.com/en/downloads#tab_a3_0

    Once you are confident you have cleaned the PC get rid of Mcafee and install something actually useful (eg. something in the top 5 AV)
    You can use Bitdefender, Avira and Kaspersky for free, and if you like it pay for the no-nag version.
    Alternatively just go back to windows Defender and tighten the settings more.
    This would be better than using Mcaffe.
    https://github.com/AndyFul/ConfigureDefender
     
    Last edited: Dec 18, 2020
  3. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    It's generally better to run scans while online, as most security software is largely cloud dependent these days. However, Dr.Web's CureIt isn't. They release a new version daily with updated signatures.
    https://free.drweb.com/
     
  4. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    2,002
    Location:
    Member state of European Union
    I would advise to:
    1. boot computer from a usb/dvd drive that already contains AV software such as Kaspersky Rescue Disk, update signatures and scan system drive. It is Linux-based so Wifi connection sometimes does not work. In that case try Ethernet crossover cable to download updates.
    2. unplug your internal drive from PC and plug into other computer that already have AV installed. Don't boot from infected drive. Don't copy any files. Don't even browse that drive via file manager. Don't take any other action other than scanning that drive using updated AV software to minimize the chance to transfer malware.
     
  5. A_mouse

    A_mouse Registered Member

    Joined:
    Jul 29, 2019
    Posts:
    94
    Location:
    A field
    My mistake, I overlooked the stage where the standalone will need to pull the current database.
    But generally speaking until you are dealing with the AV you don't want it going online.

    The Kaspersky and Avira live images are both excellent choices, and are created daily with the latest AV definitions, so even if you can't get it online with the linux distro it won't matter too much.

    Once you have cleaned it with a live image, you should do a second scan with a good AV from the booted windows system.
    Due to strict file permissions some files may not be accessible from outside the running OS.
     
  6. jjc225

    jjc225 Registered Member

    Joined:
    Nov 25, 2010
    Posts:
    282
    I got a FIx Me Stick, and it is working so far. Made it through the updates and to the scanning level, so I think it's going to clean the infection. I am really happy that this appears to be working. I'll provide an update.
     
  7. jjc225

    jjc225 Registered Member

    Joined:
    Nov 25, 2010
    Posts:
    282
    The Fix Me Stick basically worked, but I double-checked results with McAfee stinger and everything was clean. I am surprised that my first try with Emsisoft Emergency Kit was stopped during update. The virus was pretty nasty, as it also disabled the original McAfee protection.
     
  8. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    5,554
    Location:
    USA still the best. But barely.
    I'm surprised the FMS worked.
     
  9. A_mouse

    A_mouse Registered Member

    Joined:
    Jul 29, 2019
    Posts:
    94
    Location:
    A field
    Good to hear
    I looked into this Fix Me Stick. It uses Avira for the AV component.
    Basically you just bought the free Avira from a 3rd party, and it does not work as a runtime AV, only for standalone scans.
    Avira is what solved your problem.

    If I were you I'd stick with buying Avira direct from Avira so you get their support and access to all their optional tools.
    Avira offer a free ISO image anyone can use to create a bootable USB stick, much like you just paid for.

    Not sure why you think McAfee Stinger is any use for a second opinion, when McAfee as a first opinion didn't detect the virus to begin with.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.