|
Getting a hell of a nasty bug on a desktop I'm trying to fix - it's running such that trying to run virtually any program other than web browsers or do anything that would require admin access is blocked by group policy. If this were a corporate computer I'd flatten and reimage it, but it's a residential computer and doing that is the absolute last resort. Kaspersky rescue disk detected a bunch of poo poo but hasn't fixed the GPO issue and running the variations of rkill/combofix/tdsskiller that don't use .exe extensions doesn't work either. Any ideas?
|
#
¿
May 9, 2014 14:43
|
|
|
|
| # ¿ Apr 28, 2024 22:11 |
|
|
Oh cool, I did more google and apparently this is a symptom of Alureon. 
|
|
#
¿
May 9, 2014 17:20
|
|
|
Does anyone know of any tools to deal with Conduit Search-protect? I'm getting tired of having to run scans to remove the actual program then digging through internet options for all their browsers digging out the settings changes that'd reinfect the computer. e: That is to say, I can remove it myself, it's just time consuming because of how much it does to dig into your browser settings which standard AV programs tend to not touch.
|
|
#
¿
May 19, 2014 18:54
|
|
|
Ynglaur posted:I'm unsure where else in SA to ask, but this thread seems like it has people who know what they're doing? Probably Avast! if you don't like MSE.
|
|
#
¿
May 20, 2014 21:42
|
|
|
ADWcleaner is rapidly becoming my go-to choice for a first run on infected machines, especially ones that do stuff like proxy/DNS redirection. It's a self-contained .exe so it can run directly off of a flash drive, it's fast, it's efficient, and it doesn't just remove the garbage but it also cleans up all the little hooks they love putting in so you don't have to do manual cleanup. I love it. Probably the only downside it has is that as soon as you confirm that it can clean off all the junk it found, it force-restarts immediately after it finishes.
|
|
#
¿
Aug 1, 2014 23:01
|
|
|
I reformatted a computer (customer's request) and when I reinstalled MSE it started going nuts telling me it's detecting Alureon on the system. I googled and apparently this poo poo creates hidden sectors to reinstall itself off of. 
|
|
#
¿
Sep 10, 2014 18:45
|
|
|
|
| # ¿ Apr 28, 2024 22:11 |
|
|
Goddamn, I've been fighting with a computer that has that all week. I'll give roguekiller a shot, and if that doesn't work I might have to flatten the goddamn thing. e: Roguekiller looks like it did it, thank christ. President Ark fucked around with this message at 17:34 on Nov 6, 2014 |
|
#
¿
Nov 6, 2014 17:00
|
|