-
November 30th, 2009, 04:13 PM
#1
Registered User
Malware infections disabling safemode problem
I don't know if many of you have seen this recently or have any input but as of the past 6 months I've seen more and more computers with malware infections that have a disabled safemode. When I say disabled I mean the system will bluescreen every time I try to use safemode. Is there any way to fix this type of issue without a windows disk? I don't mind replacing a file manually but I am remoting a lot more lately and it's a tad bit hard to do a repair install via remote desktop (espeicially if they are half a continent away).
One Script to rule them all.
One Script to find them.
One Script to bring them all,
and clean up after itself.
-
November 30th, 2009, 06:08 PM
#2
Locally - Detatch the drive, slave and scan from a disinfection computer.
Half-a-continent-away - send them to someone who will detatch the drive, slave and scan from a disinfection computer.
Last edited by CCT; November 30th, 2009 at 06:10 PM.
-
November 30th, 2009, 06:54 PM
#3
Registered User
Niclo, I'm going to assume you've tried some removal tools in standard mode with no success? If that's the case, you're left with running some removal tools from a boot CD, or pulling the drive. Option B pretty much always gets my vote.
Given the way these nasties mutate, I doubt you'd have much luck doing a manual removal remotely without knowing exactly what you needed to kill first.
-
November 30th, 2009, 09:05 PM
#4
Registered User
I can successfuly remove them from the PC but even after cleaning safemode is still damaged. My big problem is I can't just remove a drive. Nobody is footing the bill for me to travel to these remote locations and I'm not eating 200+ in travel for a flatrate client who only paid me 129 bucks. I have a feeling it shouldn't be impossible to fix if windows will load in normal mode so the hope is there is a way to fix this without A removing the drive and B using a CD at the location.
Sending a client away isn't an option. I don't get paid hourly I get paid commission.
One Script to rule them all.
One Script to find them.
One Script to bring them all,
and clean up after itself.
-
November 30th, 2009, 09:37 PM
#5
Registered User
Well, if it won't boot into safe mode, I would suspect the machine's still infected. Of course, I don't know what all's been done to it. I have seen this happen on a couple of machines that were infected with varieties of the Autoruns.VB.Trojans and a couple of the FakeAlert Trojans (per Eset's nomenclature, which Malwarebytes tends to identify as some sort of generic Rogue Antivirus Trojan or Downloader). Have you tried System File Checker on the machine?
-
December 1st, 2009, 10:45 AM
#6
Registered User
or have you run chkdsk /r after removing the bugs?
-
December 1st, 2009, 11:23 AM
#7
Registered User
Geo you made an interesting suggestion. I never thought to try that out. Though if you're suggesting bad sectors that's a lot of failing drives I've seen recently. The next time I get a situation like that I'll try it out. Don't worry I'm sure it will be soon.
One Script to rule them all.
One Script to find them.
One Script to bring them all,
and clean up after itself.
-
December 1st, 2009, 11:30 AM
#8
Registered User
Nope..not bad sectors, rather file system screwups from the repair process removing things there are calls for
-
December 2nd, 2009, 09:56 AM
#9
Registered User
Seems to me I am running chkdsk /r alot lately.
Have done so especially after Combofix.
System wouldnt even load without doing it.
-
December 2nd, 2009, 10:58 AM
#10
Registered User
Yeah..I've noticed the same thing..it's getting so I just do it automatically on every machine that comes in.
-
December 2nd, 2009, 02:34 PM
#11
Registered User
Originally Posted by Ferrit
Seems to me I am running chkdsk /r alot lately.
Have done so especially after Combofix.
System wouldnt even load without doing it.
I'm getting quite a few machines lately that aren't surviving their malware removals very well no matter which tools I've used. Scanned one last night with NOD32 and Malwarebytes and then couldn't get it past an endless reboot loop until I did a repair installation. Before the removal I could get to the desktop, get online, run some apps. That made my 4th of the week that required a repair installation after cleaning, which makes me very angry, very angry indeed.
Last edited by slgrieb; December 2nd, 2009 at 02:39 PM.
Similar Threads
-
By denis763 in forum Video Adapter/Monitor Drivers
Replies: 10
Last Post: July 31st, 2004, 10:42 AM
-
By Mrdyg in forum Tech-To-Tech
Replies: 7
Last Post: October 14th, 2001, 04:39 PM
-
By ph1sh in forum Video Adapter/Monitor Drivers
Replies: 6
Last Post: May 14th, 2001, 10:10 AM
-
By WestleyL in forum Windows 95/98/98SE/ME
Replies: 3
Last Post: March 13th, 2000, 02:54 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Bookmarks