Solved

Download of SuperAntiSpyware.exe fails

Posted on 2014-01-13
9
715 Views
Last Modified: 2014-02-03
I have a Windows XP client machine that's really infected. I've already run full scans with VIPRE (our in-house antvirus app) and MalwareBytes. Each time I try to push superantispyware.exe to this machine (either using a web download with Chrome or a Windows Explorer download from our sever) the download fails with about 1 second left. Is this malware hijacking the download or is something else going on?
0
Comment
Question by:jdana
9 Comments
 
LVL 19

Accepted Solution

by:
helpfinder earned 34 total points
ID: 39777154
could be - try to clean the disk when OS is not booted up. You can remove the disk and connect it into another machine with installed AV product you prefere and make a scan (be aware you can infect also host machine in some case)
Or use some AV solution which can be booted and not ran on live OS - I have good experience with Kaspersky Rescue Disk 10 which you can put on your USB stick (Kaspersky offers also utility which makes your USB stick bootable)
http://support.kaspersky.com/viruses/rescuedisk#downloads
0
 
LVL 29

Assisted Solution

by:Sudeep Sharma
Sudeep Sharma earned 34 total points
ID: 39777155
I would recommend you to run RogueKiller first and then before rebooting try copying the SAS and install it.

Download as per your OS architect.
http://www.adlice.com/softs/roguekiller/RogueKiller.exe
http://www.adlice.com/softs/roguekiller/RogueKillerX64.exe

Let us know if it still fails.

Thanks,
Sudeep
0
 
LVL 30

Assisted Solution

by:pgm554
pgm554 earned 34 total points
ID: 39777179
Simplistic thing to do is offline scanner using M$ Security Essentials.

If you have major issues ,offline is the only high percentage way to clean.

http://windows.microsoft.com/en-us/windows/what-is-windows-defender-offline
0
 
LVL 27

Assisted Solution

by:Tolomir
Tolomir earned 34 total points
ID: 39777181
Start on this page:

http://www.superantispyware.com/portablescannerhome.html

If you klick on the read big button, you get a random name:

http://www.superantispyware.com/sasportablehome.php

Follow the instructions and it should work.
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 16

Assisted Solution

by:R. Andrew Koffron
R. Andrew Koffron earned 34 total points
ID: 39777198
I've used RDP to download files when an infection or malware is stopping it.

setup up a remote connection,  allow local disk access in options, than you the remote machine to save it onto the hard drive. a little time consuming, but seems to by-pass all the address hijacking most infections/infiltration use.
0
 
LVL 17

Assisted Solution

by:Chris Millard
Chris Millard earned 34 total points
ID: 39777201
Another thing you could try is booting into Safe Mode with Networking and try downloading again. Also, it's possible that you may have a RootKit on the PC. Can you try downloading and running RootAlyzer?

http://forums.spybot.info/downloads.php?id=8

If you have access to another PC, you could always remove the hard drive from the infected PC, attach it to another PC WITH UP TO DATE VIRUS DEFINITIONS then scan the infected drive from there.
0
 
LVL 62

Assisted Solution

by:☠ MASQ ☠
☠ MASQ ☠ earned 33 total points
ID: 39777312
There are already lots of suggestions here so I don't want to add much other than:

At least initially try to disinfect your system using normal startup rather than Safe Mode.  If you get nowhere (after trying the Rogue Killer suggestions etc) then a Safe Mode clean up should be attempted but most of the nasties won't be detected as they don't launch in Safe Mode.

If SuperAntiSpyware is your clean up tool of choice try Tolomir's suggestion above and get the SAS package downloaded onto your PC using a random file name (many malware variants look for programs designed to get rid of them and block their download).

I prefer MBAM and their Chameleon variation does much the same thing and hides from the malware detection and catches it unawares!!

Best of luck with the cleaning.
0
 
LVL 91

Assisted Solution

by:nobus
nobus earned 33 total points
ID: 39778529
i always run tools in normal mode, but if that fails
i run it in safe mode, or run from a bootable cd :
http://majorgeeks.com/Kaspersky_Rescue_Disk_d6501.html            KASPERSKY   CD      
http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline     OFFLINE DEFENDER

but with heavily infected systems- i found it much better not to fix it, but do a fresh install; it always saves time, and is the only sure solution
0
 

Author Closing Comment

by:jdana
ID: 39831159
Thanks to all for great suggestions.

helpfinder,

Just as you suggested, I popped the drive, dropped it into my BlacX device, and scanned the drive with a suite of antivirus apps. It's now clean as whistle. I'll use that trick from now on.

J
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Suggested Solutions

Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now