Page 2 of 2 FirstFirst 12
Results 16 to 20 of 20

Thread: Virus from hell

  1. #16
    Joined
    Aug 2012
    Posts
    36

    Re: Virus from hell

    Gamer-PC
    Intel Core i7 4770K @ 4.2ghz, Corsair H100i
    MSI Z87-G45
    Gskill Sniper 16GB 2400mhz
    MSI AMD R9 290, Corsiar HG10, Corsair H55
    Samsung 840 EVO 250GB raid 0 (OS), Samsung 850 EVO 500GB (Games)
    Corsair HX650
    Corsair Air 540
    Windows 10 Pro
    Asus VG248QE

  2. #17
    Joined
    Nov 2001
    Location
    I've moved.....I'm over here now.
    Age
    61
    Posts
    7,290

    Re: Virus from hell

    I second combofix, but felt you would already have it as part of your cleanup routine.

    The other registry keys that will/can prevent you from running programs like regedit would be the Policy keys, i.e HKCU (and HKLM)\Software\Policies... ..\Microsoft\Windows\CurrentVersion\Policies, etc.

    Also, if .exe files in general are blocked, the exefix_xp.com utility from this page: http://windowsxp.mvps.org/exefile.htm (works on Vista and Win 7 too), will get you back up and running.

    If the programs aren't critical, just data, you could do what I do when I truly need a clean install and want to make sure to not lose any data: I rename Documents and Setting, Program Files and Windows directories to *.old and then just do a clean install without format. A simple cut and paste operation on the Documents directory, etc., when done puts all data back in its original location. If something is in a non-standard place and I miss it, it is still available on disk.

  3. #18
    Joined
    Feb 2005
    Location
    Broken Arrow, OK
    Age
    30
    Posts
    1,927

    Re: Virus from hell

    I ended up using Hiren's lejitsoftwareski boot CD's PE regedit to edit one of the users so that I could get stuff done. Then I ran combofix, which was like drain cleaner.

    Anyway, now I'm screwing around with user profiles and remembering why I use portable applications when I have the option. It looks like I'll be able to turn it over to them to get their data off of - rather than having to guess as to what may be important. Hopefully with the rootkit off I'll be able to just let them do the restore installation when/if they want to.
    My heatware

    Proudly NOT a console or subscription/micropayment gamer.

  4. #19
    Joined
    Nov 2003
    Location
    Corruptfornia
    Posts
    3,785

    Re: Virus from hell

    Those rootkit/bootkit bugs can be devastating especially with a Bot that morphs
    to infect reg and hide in some of the weirdest places until it or them are awakened
    again.

  5. #20
    Joined
    Feb 2005
    Location
    Broken Arrow, OK
    Age
    30
    Posts
    1,927

    Re: Virus from hell

    Yep. I've been out of town. Lucky me, I'm going another round with it today to try to fix the broken user profile's rights or port it over. Then I have to mess around with updates and all of that fun stuff. This should be fun with a capital FUUUUUUU.
    My heatware

    Proudly NOT a console or subscription/micropayment gamer.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •