VIrus Problem, why can't I post anywhere else?!

E

eyez73

Member
Reaction score
7
Hi

I'm wondering if anyone can help.

I've been working on a customer PC on and off for a couple of days which was infected with various viruses and spyware.

I've cleaned the system with Malwarebytes, Super Anti-Spyware, Vipre, AVP tool, ESET online scanner, Combofix and SmitFraudFix.

Unfortunately I'm still have problems with the following ...

1) Opening IE in normal mode, simply get a egg timer for a couple of seconds and then nothing!!, but it opens fine in Safe Mode -

I've reset IE and all it's settings, then uninstalling v8. When I try to reinstall the installer never finishes simply gets stuck on installing core Component’s.

I've also uninstalled SP3 and reinstalled.

2) General installers are also not working! For example I've tried to install Ad-Aware, see if this will help, but the installer just hangs.

The owner only has the one account, so I can also tried logging into the Administrator account which tells me that I don't have the permissions to do so.

I believe the problems I'm having above are due to permissions (?) but I'm not sure if there is any way to easy and quickly reset them!

I ready don't want to nuke the drive and reinstall if I can help it.

Can anyone suggest anything else to try?

Thanks in advance

Richard
 
Hi Richard

Have you tried setting up another user account, to see if IE works.

Alternatively, install a different browser, ie firefox, opera, chrome etc.
 
If Nige's suggestion doesn't work and you think you have permission errors after a virus then I'd suggest looking into using subinacl to reset them.

Or Foolish Tech's D7 has an easy to use interface for it.
 
eyez73 said:
1) Opening IE in normal mode, simply get a egg timer for a couple of seconds and then nothing!!, but it opens fine in Safe Mode -

I've reset IE and all it's settings, then uninstalling v8. When I try to reinstall the installer never finishes simply gets stuck on installing core Component’s.

I've also uninstalled SP3 and reinstalled.

2) General installers are also not working! For example I've tried to install Ad-Aware, see if this will help, but the installer just hangs.

I believe the problems I'm having above are due to permissions (?) but I'm not sure if there is any way to easy and quickly reset them!
Click to expand...

Yep you're correct on #2, I've seen a few issues throwing Windows Installer 2203's (access denied, due to permissions errors) after zeroaccess removals. That malware likes to modify ACLs to prevent certain apps (e.g. anti-virus software) from running, and who knows what else... which causes this issue.

You want D7 > Malware tab > Repair Permissions. Takes a while but works great.

Your issue with IE is now convoluted with the troubleshooting steps you've taken so far (the uninstall / attempted reinstall.) See what happens on a reinstall of IE after you've repaired permissions.
 
You may also want to try a sfc /scannow and as last resort before a re-install try a repair install. Also have you tried a system restore to a time before this issue happened?

Also I would advise a new boot-able backup before doing something like a repair install just in case.

Let us know how it goes.
 
Hi

I've tried D7 and let it run through the process, but I'm still unable to install IE8.

It's still stuck on installing core components

I've created a new user account, which also has the same problem.

Unless anyone has good idea, I think I'm going to N&P :(

Don't like to give up on them !
 
This worries me a little:
eyez73 said:
I've cleaned the system with Malwarebytes, Super Anti-Spyware, Vipre, AVP tool, ESET online scanner, Combofix and SmitFraudFix.
Click to expand...
^Sounds a little odd...
1 - All the AVs listed are a bit junky apart from ESET and that should be installed not used through a browser
2 - Nothing you have done so far will remove the most stubborn rootkits
3 - Installing too many AVs can stop them working due to conflicts

It's common for virus removal to mess up your internet connection and can take a real genius to get working properly!

I would advise against a local "system restore" as they are, very often, used as a place to store backup copies of the virii to restore after removal. Undoing all your hard work!

Speaking with experience from both sides here ;)


There is only one way to really be sure the computer is clean...
Reinstall windows :(

I tend to backup all media (pictures, music, docs, etc), export program settings and what not. Then reinstall windows.
 
Have you done an offline scan (slaving the drive to a different computer) with a couple of different anti-malware?
 
AdamC said:
1 - All the AVs listed are a bit junky apart from ESET and that should be installed not used through a browser.
Click to expand...

MalwareBytes and Vipre .....you won't find many experienced techs that will call them "junky". Vipre is gaining widespread praise from IT VARs/consultants over the past year...it's proving to be a very good product. And I'm saying this as an Eset reseller that was once an Eset Gold Partner (I'm down to silver now because we've moved most of our clients over to N-Able EPS(Panda)).
 
You must log in or register to reply here.

Similar threads

HCHTech
Permission Hell
Replies
12
Views
482
Sky-Knight
Sky-Knight
T
Seeking understanding of why new Dell gamer laptops can't use Device Encryption
Replies
3
Views
214
Markverhyden
Markverhyden
YeOldeStonecat
Print a file such as DOCX out of New Outlook, 404 error.
Replies
5
Views
103
britechguy
britechguy
callthatgirl
Outlook Classic Search vs New Outlook Search
Replies
0
Views
84
callthatgirl
callthatgirl
britechguy
Microsoft and Windows Licensing (I know, groan, not again!)
Replies
11
Views
828
fincoder
fincoder
Back
Top