![]() ![]() These are two separate things that amount to the same thing. I said "rescue disks (or removing the hard drive and attaching it to another PC with an enclosure)". Those live discs are intended for PCs that will not boot. You're running an OS that doesn't understand that what it's looking at might be important, and that's a bad idea. If it is possible to boot the PC into the OS that is on its own HD, this is basically always preferable to using any other method.ĭon't trust me (don't, seriously, I'm a nobody), go and ask the experts who have spent decades dealing with infections and learning how to clean them properly. ![]() Feel free to use whatever method you like. Here are some links that should help you. Of course you would mount the disc to scan! All I'm saying is that the OS is running off of a live disc and isn't utilizing the files on the hard disc. I think you need to familiarize yourself with how a rescue disc works. If this is a subject that really interests you, I suggest looking into a UNITE school. If you're trying to clean it you're probably trying to avoid that fate. The reason that rescue disks (or removing the hard drive and attaching it to another PC with an enclosure) is a bad idea is that the registry and important system files are just "stuff" at that point, and if a scan goes awry or gets overzealous, you're stuck nuking the hard drive anyway. You suggest a Linux rescue disc of Kaspersky, but you don't want to mount the hard drive? What's the point? What are you trying to accomplish with the rescue disc?Īlso your OTL suggestion seems to run after Windows boots up, making your registry argument invalid. I really don't understand at all what you're saying. So I'm not sure I'm understanding your explanation why it "wouldn't work". Doesn't even touch the harddrive unless you mount it. The registry is part of windows and a boot disc has it's own linux kernal that runs off the computer's RAM. Be careful with Power Eraser though as it can be quite agressive and may flag less mainstream software you want to keep, especially software used for machine control programing/control (PLC, CNC, microcontroller programing etc.). Running a rootkit scanner like Kaspersky tdsskiller or Norton Power Eraser, I use both, is not a bad idea either. When you suspect a virus/malware you should do your scanning in safe mode and I first run rkill then hit it with everything else. While you are there download RKill as well and keep it in your toolbox. If you determine it is not Conduit, try AdwCleaner from. It is not really a virus becuase it is not malicious, but it may as well be IMO, and usually will not be detected in scans. From what you are describing it sounds like Conduit to me. I agree with most of the other posters that it could be a browser extension/plugin. You are right though in that Avast and Kaspersky running together is a no no. I run Vipre Business Premium, Malwarebytes, and Superantispyware alongside each other with no problems. Webroot is not listed on my Vipre AV "Incompatability List". My understanding, from posts on Spiceworks I do not currently use it, is that Webroot can run alongside most other AV's as well. Malwarebytes can be run alongside most AV programs. Download and install CCleaner - Go to Tools - Startup - and you will see tabs for each browser you have installed, click on the one you use, and disable anything on that list that seems suspicious You don't have them all installed at the same time do you? You should only ever have one anti-virus program running. So what is it? And why the can't I get a handle on it and kill it?Īny advice would be greatly appreciated. Mandark is correct in that after a certain point, if the malware has damaged windows critical files, changed your DNS, changed many registry entries for functionality that you won't be able to rewrite, from an end-user ease case, it may be easier to kill the current OS install, wipe the partitions, and reinstall from scratch.I have Malwarebytes, Avast and Webroot, and Kaspersky Free Scan, and all 4 of them say everything is fine. Do you recognize everything being started? If the behavior no longer exists, it was one (or more) of those entries to concentrate on. If doing a clean reset of chrome (as mdd1963 suggested) does not work, do a clean boot. The reason I would guess someone suggested a Chrome wipe and reinstall is that it appears your updater for chrome has been deleted. If you can post screen caps of this list, someone may be able to tell you what is probably good and what entries are suspect What you are left with, you may have to research what the entries are, but it will show you what is being autostarted that isn't from microsoft. When using autoruns, put a check in the entry at top menus for "option" "hide microsoft entries" ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |