Programs For System Repair After Infection

Hi there, I haven't noticed a thread about this kind of topic and these apps, that basicly could be used to fix certain issues left after removing certain bad malware. I am wondering if any of you guys tried/use/have any experience with any of these apps.

Dial-a-fix :
( http://wiki.lunarsoft.net/wiki/Dial-a-fix )

iReset - Files & Folders Reset Tool :
( http://www.sergiwa.com/modules/mydownloads/singlefile.php?cid=2&lid=10 )

Re-Enable :
( http://www.raymond.cc/blog/archives...egedit-cmd-folder-options-and-system-restore/ )

reg2exe :
( http://www.softpedia.com/get/Programming/Other-Programming-Files/Reg2exe.shtml )

RRT - Sergiwa Antiviral Toolkit :
( http://www.sergiwa.com/modules/mydownloads/singlefile.php?cid=2&lid=1 )

System Repair Engineere (by our Wilders member Smallfrogs) :
( http://www.kztechs.com/eng/index.html )

WinSock XP Fix :
( http://www.pchell.com/winsockxpfix/index.shtml )

Please note that some of these apps I haven't used myself and even if I did I can't guarantee they are all safe and do (only) what they say/are supposed to do.

Also if anyone knows of any other similar tools, please post here, if they are safe (not malware) and (potentially) usefull, someone here just might find great use for it/them.

 

No nswer. Heh, I hope that this was the raight place to post my question..

I am interested in this because my wifes computer was infected by a trojan and a-squared free removed it, but the effect it had on the system remained. I tired WinsockXPFix and it restored my internet connection, also tried Re-Enable to restore my Folder Options to normal (they were written in a different language for some reason), but it helped only partially, because I still can't make windows NOT open folders everytime in a new window - can't browse in one explorer window. Folders settings don't help with this.

Also after trying RRT - Sergiwa Antiviral Toolkit (demo), it reported virus found, and when I rescanned the sytem with a-squared free it now reported svchost as a trojan. I am not saying any of these apps infected the system but I am not excluding the possibility. The problem now is that Svchost is an important system file and I most probably can't just delete it with a-squared. Anyway I have decided I will format the computer in the near future anyway so the infection is not that much of a problem, what I am wondering is if anyone knows these apps and if they are safe.

LOL, I almost never have any malware problems on my computer, but my wifes laptop is a different story. I am out of ideas how to prevent infections in the near future.

 

Never fear ... the Sandboxie propaganda team are here

Maybe switch the approach with your wifes computer, to prevention, rather than cure. Check out Sandboxie. Sandboxing all browsers for carefree internet users is a good way to prevent malware infection. Takes a little while to understand how it works but it is well worth it.

If you decide to use Sandboxie, test whatever anti virus you use works within the sandbox. Use the eicar test files to see that you have a functioning scanner eicar site

Check out this forums excellent guide to securing your pc here

The virtualization tools are probably your best bet, like Sandboxie, Returnil, Shadow Defender (which I use and recommend), these are all very simple to use and excellent protection. There are lots of good tips on how to use these at this forum.

 

Agree with Keyboard Commando.
I use Sandboxie for extra protection when Mrs. Click uses the pc.
Also, take a look at Defensewall. It works like a charm for me.
And Shadowdefender is good too.
Do you take images of your C drive so that if it does get screwed you can revert to a clean image. I use Shadow Protect Desktop.
Good luck.
Hugger

 

Hi and thank you for your response Keyboard_Commando and Hugger.

I do use Sandboxie on my computer, but my wife is very unexperienced when it comes to computers. I know how to use Sandboxie and the rest, she doesn't and I think I wouldn't be able to teach her... lol

She uses her computer to surf the net, listen to music, watch videos and most importantly write work related documents in word.

I can't use a virtual environment because she doesn't want to loose her work. Imagine forgetting you are in the virtual environment and doing 5 or more hours of work and then loosing it all after reboot.. Also she has a wierd partition setup at the moment, the main windows partition has only 500 or so MB of space. Maybe after I format everything.

Anyway I just scanned my usb key where I have these apps for ''System Repair After Infection'' and a-squared free detects:
WinsockFix.exe detected: Hoax.Win32.VB!IK
System Repair Engineere\Plugins\FILEDSV.SRE detected: Trojan-Spy.Win32.Banbra!IK
System Repair Engineere\Plugins\NWMON.SRE detected: Trojan-Spy.Win32.Banbra!IK
Re-Enable\Re-Enable Portable.exe detected: Backdoor.Win32.Poison!IK

...

 

I remember reading about a member who just taught his 80 year old mother or grandmother how to use Sandboxie. I'm still trying to learn more about it.
I know that Sandboxie can be set up to save stuff to a folder that will be there after closing the browser.
And if I remember correctly, SB encapsulates the browser and certain other programs that you want it to.
I believe that you should go to the SB forums and ask there about how best to handle this problem.
Another option is Defensewall, though it too has a learning curve. It's a very strong piece of protective software.
Good luck.
Hugger

 

Thank you, will trie a demo of Defensewall to see if I like it and if it is usable for a so unexperienced user as my wife. She also had ThreatFire (witch is very easy to use) on her computer but it obviusly didn't help much in preventing the infection (nor did the antivirus), but most probably the biggest flaw in her computer security setup is the user. lol

Anyway thank you for the suggestion.

 

If it will cause some problems for your wife to use DW, I'd like to know what's exactly wrong in order to improve that points.

 

I find Sandboxie is used best by beginners if you give them a directory that SBIE has direct access to read and write from, then tell the browsers to download to that directory by default. This way, the user has only to save everything in 'my downloads', and always knows where that picture or whatever is, and there is no need for autorecovery because it is written directly.

Take it one step further and make that same 'my downloads' directory be forced to open in SBIE unless they move it.

Direct access to the browsers cookies and favorites etc rounds off the package. The result I have seen so far is that as long it does not SEEM like SBIE is doing something, there is no fear. The whole recover concept, while very simple to me, seems to cause beginners to get frantic. I suppose, they lose thier files without virtualizing though, so it is no wonder

Sul.

 

AppRanger

Have you guys tried AppRanger or Malware Bytes ?

 

Thank you all for the help and suggestions! ))

 

Take a close look at your sig.

For her:
Get Ubuntu: install and voila! no more infections
Surf
Videos
Open Office (can save docs in MSOffice format)
Music players
Print
Email
Free.
If the prerelease publicity is anything to go by, new version 9.10, will be very good.

If other OS: Get FireFox with NoScript and PrevX, set up LUA: all free, very few pop-ups.
OR: it looks like DefenceWall developer Ilya Rabinovich has taken a personal interest: that cant be bad
PS make sure she is behind your router: yes?

 

''Take a close look at your sig.'' Heh in my defence, I like ''playing'' with different combinations of malware programs, the mentioned setup is very unordinary and includes too many programs, I admit, but it works for me (believe it or not), my computer has no problems for a long time now. Putting this setup on a laptop would be overkill and she wouldn't use half of the stuf I use in different computing scenarios.

Unbutu would be a nice way to keep her laptop virus free but she would have to be prepared to learn using a new OS. She just got ''better acquainted'' with Windows. Also she wouldn't be able to use some of the games she likes to play.

''it looks like DefenseWall developer Ilya Rabinovich has taken a personal interest: that can't be bad.''

I didn't know Ilya is one of the developers of the mentioned program. Hi Ilya! lol Anyway I have tried DefenseWall and so far so good, no issues for now. I am seriusly considering this program for the near future. If any issues come about I will write here or pm you.

 

Just a suggestion.

Regards

 

In fact, Ilya is the only developer of the program. Hi, Mors_Victrix!

 

And yes, there are at least 5 wilders members I know of which have DW on their wife's PC. My Wife studied Pschychology, is a HR, hates PCs and she is able to work with it.

Only quesstion I have for Ilya: Is het possible to expand the "popup notifications events with some options"

Sometimes keylogger messages pop-up. I would like to have a silent option in which I can set default answers to certain pop-ups: see example

1, Resource protection Silent, Log, Deny once (no remember)
2. Keyloggers (clipborad copying etc) Silent, Log, Allow once
3. FireWall inbound Silent, Log, Deny once
4. FireWall outbound Silent, Log, Deny once
5. Install from downloads areas Silent, Log Deny once (note when whitelisting os on, white listed vendors are allowed to install)

The currrent default for resource protection work wel, If you want to get an idea, have a look at WinPatrol, it has a simular option regarding pop-ups and default answers.