Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Download of SuperAntiSpyware.exe fails

Posted on 2014-01-13
9
Medium Priority
?
726 Views
Last Modified: 2014-02-03
I have a Windows XP client machine that's really infected. I've already run full scans with VIPRE (our in-house antvirus app) and MalwareBytes. Each time I try to push superantispyware.exe to this machine (either using a web download with Chrome or a Windows Explorer download from our sever) the download fails with about 1 second left. Is this malware hijacking the download or is something else going on?
0
Comment
Question by:jdana
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 19

Accepted Solution

by:
helpfinder earned 136 total points
ID: 39777154
could be - try to clean the disk when OS is not booted up. You can remove the disk and connect it into another machine with installed AV product you prefere and make a scan (be aware you can infect also host machine in some case)
Or use some AV solution which can be booted and not ran on live OS - I have good experience with Kaspersky Rescue Disk 10 which you can put on your USB stick (Kaspersky offers also utility which makes your USB stick bootable)
http://support.kaspersky.com/viruses/rescuedisk#downloads
0
 
LVL 30

Assisted Solution

by:Sudeep Sharma
Sudeep Sharma earned 136 total points
ID: 39777155
I would recommend you to run RogueKiller first and then before rebooting try copying the SAS and install it.

Download as per your OS architect.
http://www.adlice.com/softs/roguekiller/RogueKiller.exe
http://www.adlice.com/softs/roguekiller/RogueKillerX64.exe

Let us know if it still fails.

Thanks,
Sudeep
0
 
LVL 30

Assisted Solution

by:pgm554
pgm554 earned 136 total points
ID: 39777179
Simplistic thing to do is offline scanner using M$ Security Essentials.

If you have major issues ,offline is the only high percentage way to clean.

http://windows.microsoft.com/en-us/windows/what-is-windows-defender-offline
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 27

Assisted Solution

by:Tolomir
Tolomir earned 136 total points
ID: 39777181
Start on this page:

http://www.superantispyware.com/portablescannerhome.html

If you klick on the read big button, you get a random name:

http://www.superantispyware.com/sasportablehome.php

Follow the instructions and it should work.
0
 
LVL 16

Assisted Solution

by:R. Andrew Koffron
R. Andrew Koffron earned 136 total points
ID: 39777198
I've used RDP to download files when an infection or malware is stopping it.

setup up a remote connection,  allow local disk access in options, than you the remote machine to save it onto the hard drive. a little time consuming, but seems to by-pass all the address hijacking most infections/infiltration use.
0
 
LVL 17

Assisted Solution

by:Chris Millard
Chris Millard earned 136 total points
ID: 39777201
Another thing you could try is booting into Safe Mode with Networking and try downloading again. Also, it's possible that you may have a RootKit on the PC. Can you try downloading and running RootAlyzer?

http://forums.spybot.info/downloads.php?id=8

If you have access to another PC, you could always remove the hard drive from the infected PC, attach it to another PC WITH UP TO DATE VIRUS DEFINITIONS then scan the infected drive from there.
0
 
LVL 63

Assisted Solution

by:☠ MASQ ☠
☠ MASQ ☠ earned 132 total points
ID: 39777312
There are already lots of suggestions here so I don't want to add much other than:

At least initially try to disinfect your system using normal startup rather than Safe Mode.  If you get nowhere (after trying the Rogue Killer suggestions etc) then a Safe Mode clean up should be attempted but most of the nasties won't be detected as they don't launch in Safe Mode.

If SuperAntiSpyware is your clean up tool of choice try Tolomir's suggestion above and get the SAS package downloaded onto your PC using a random file name (many malware variants look for programs designed to get rid of them and block their download).

I prefer MBAM and their Chameleon variation does much the same thing and hides from the malware detection and catches it unawares!!

Best of luck with the cleaning.
0
 
LVL 93

Assisted Solution

by:nobus
nobus earned 132 total points
ID: 39778529
i always run tools in normal mode, but if that fails
i run it in safe mode, or run from a bootable cd :
http://majorgeeks.com/Kaspersky_Rescue_Disk_d6501.html            KASPERSKY   CD      
http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline     OFFLINE DEFENDER

but with heavily infected systems- i found it much better not to fix it, but do a fresh install; it always saves time, and is the only sure solution
0
 

Author Closing Comment

by:jdana
ID: 39831159
Thanks to all for great suggestions.

helpfinder,

Just as you suggested, I popped the drive, dropped it into my BlacX device, and scanned the drive with a suite of antivirus apps. It's now clean as whistle. I'll use that trick from now on.

J
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Today, still in the boom of Apple, PC's and products, nearly 50% of the computer users use Windows as graphical operating systems. If you are among those users who love windows, but are grappling to keep the system's hard drive optimized, then you s…
The recent Petya-like ransomware attack served a big blow to hundreds of banks, corporations and government offices The Acronis blog takes a closer look at this damaging worm to see what’s behind it – and offers up tips on how you can safeguard your…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question