What to do if you're infected - eXPerience Rev.3

[Guest]

[knk2006]

Download and burn Avira's Rescue CD, it will scan offline and that will be much more reliable then an "online" scan...

http://www.avira.com/en/support/support_downloads.html

Avira AntiVir Rescue System

Use the ISO download and burn it to a CD, next boot your system from it and run a scan.

yeah that what was in my mind .. but I also still wonder if the Avira's CD will be able to clean the files when they are infected with worm , because you don't want to delete explorer.exe for example    .. as far as I know the only CD here with this ability is DrWeb live CD ... correct me if I'm wrong ..

[eXPerience]

yeah that what was in my mind .. but I also still wonder if the Avira's CD will be able to clean the files when they are infected with worm , because you don't want to delete explorer.exe for example    .. as far as I know the only CD here with this ability is DrWeb live CD ... correct me if I'm wrong ..

I'm planning on using that LiveCD from DrWeb anyway . But let's see what we can come up with also

eXPerience

[Kyle]

Bump didy dump.      You need to reupload those pics on the front page XP

[LaserWraith]

Bump didy dump.      You need to reupload those pics on the front page XP

Yeah .

But he is gone for good....


(Last active: September 14...seems like ages ago...)

[Dch48]

Download and burn Avira's Rescue CD, it will scan offline and that will be much more reliable then an "online" scan...

http://www.avira.com/en/support/support_downloads.html

Avira AntiVir Rescue System

Use the ISO download and burn it to a CD, next boot your system from it and run a scan.

Use a rewritable CD, Avira's rescue disk is not updateable. As I understand it,you need to redownload it every time you want to use it unless it has changed since it was reviewed at remove-malware.com.

[languy99]

why don't you guys include my SARDU videos on the how to? A bootable solution in my opinion is the only way to truly clean a computer today. 

I decided to make a video set on how to use SARDU and how to use it to clean a system.

Here you go.

Video 1  http://www.youtube.com/watch?v=JiJ1aUHql3E
Video 2  http://www.youtube.com/watch?v=VUUTUICZj0A
Video 3 http://www.youtube.com/watch?v=uaiCzSl_Eb4

[emhami2009]

hiya (and yet again SORRY if i'm posting in the wrong place!)...

i just posted the following question in the "what to do....Rev.2" not realising there was a Rev 3....

"Hello,

I seem to be having some 'kido.ih' virus problems.....& not having too much experience, self taught, have been trying to resolve them various ways.....kaspersky's kidokiller resulted (when i was FINALLY able to get CIS to update after various steps - seems maybe going back using system restore to the date at which comodo's AV was last updated MAY have been what helped) as infected (I've quarantined it)....

and so I'm now following the instructions here....BUT bitdefender during setup tells me i should uninstall any other AV i have on the computer - i only use comodo - which picked up kido whereas malwarebytes for example did not....

I'd greatly appreciate any advice - & hope I've posted in the right place.....

Thanks,

Em."

BUT, i see here that you are not even advising the use of bitdefender any longer - is there a reason for that?

Thanks for any info you can share,

Em.

ps: i haven't yet setup bitdefender & am about to run superantispyware for the first time - ANOTHER question i would like to ask is the following:

my knowledgable friend (who isn't around right now) says that really one can ultimately waste a lot of time dealing with these viruses - & you're better off just backing up & reformatting....your thoughts?

[languy99]

my recommendation is watch my videos and follow what I did, then use the kaspersky bootable part of sardu, boot up with that, update it and do a full scan, remove anything it finds.

If still not cleaned, follow up with a Sardu scan using Gdata. Gdata combined with Kaspersky have a detection rate of at least 99.9%

[Monkey_Boy=)]

I think emhami2009 friend is bringing up a valid point, many times a format can save you a lot of time (and speed up a computer thats full of junk, most homecomputers is full of junk after a while anyway and experiences major slowdowns..).. Ofc make sure to apply all windows updates directly after the format, or you will have a OS open to all sorts of attacks..

And always wear a condom err I mean, always use protection.. For the computer that is..  comodo is currently working on a product to make it possible to jump back in time when stuff like this happen and you get infected.. https://forums.comodo.com/beta_corner_ctm/comodo_time_machine_21116458141_beta_released-t46766.0.html <-- read about it if you like. =) But its beta so don't use it.. 

[syzygy]

I haven't been on here in a while and I don't see a way to start a new thread - kk

Has ne1 else had the experience of getting a comodo update only to find that the update has created a new configuration called "updated"?  On examination the configuration under the heading "My Protectied Con Interfaces" contains nothing  - it is null.

Isn't this a bit irregular?

I deleted the configuration - and was told I was successful - but I have no idea whether I am now compromised...

[Ronny]

If you upgrade a previous CIS version the updater will "copy" your current settings to the new install and add -updated behind the name of the profile.

You so somehow don't trust the settings, you can always select the default "Internet Security" or the more secure and more alerting "Proactive Security", downside of this is that all your rules have to be recreated because they are not part of the previous configuration.

[Tags:]