Solved

Download of SuperAntiSpyware.exe fails

Posted on 2014-01-13
9
717 Views
Last Modified: 2014-02-03
I have a Windows XP client machine that's really infected. I've already run full scans with VIPRE (our in-house antvirus app) and MalwareBytes. Each time I try to push superantispyware.exe to this machine (either using a web download with Chrome or a Windows Explorer download from our sever) the download fails with about 1 second left. Is this malware hijacking the download or is something else going on?
0
Comment
Question by:jdana
9 Comments
 
LVL 19

Accepted Solution

by:
helpfinder earned 34 total points
ID: 39777154
could be - try to clean the disk when OS is not booted up. You can remove the disk and connect it into another machine with installed AV product you prefere and make a scan (be aware you can infect also host machine in some case)
Or use some AV solution which can be booted and not ran on live OS - I have good experience with Kaspersky Rescue Disk 10 which you can put on your USB stick (Kaspersky offers also utility which makes your USB stick bootable)
http://support.kaspersky.com/viruses/rescuedisk#downloads
0
 
LVL 29

Assisted Solution

by:Sudeep Sharma
Sudeep Sharma earned 34 total points
ID: 39777155
I would recommend you to run RogueKiller first and then before rebooting try copying the SAS and install it.

Download as per your OS architect.
http://www.adlice.com/softs/roguekiller/RogueKiller.exe
http://www.adlice.com/softs/roguekiller/RogueKillerX64.exe

Let us know if it still fails.

Thanks,
Sudeep
0
 
LVL 30

Assisted Solution

by:pgm554
pgm554 earned 34 total points
ID: 39777179
Simplistic thing to do is offline scanner using M$ Security Essentials.

If you have major issues ,offline is the only high percentage way to clean.

http://windows.microsoft.com/en-us/windows/what-is-windows-defender-offline
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 27

Assisted Solution

by:Tolomir
Tolomir earned 34 total points
ID: 39777181
Start on this page:

http://www.superantispyware.com/portablescannerhome.html

If you klick on the read big button, you get a random name:

http://www.superantispyware.com/sasportablehome.php

Follow the instructions and it should work.
0
 
LVL 16

Assisted Solution

by:R. Andrew Koffron
R. Andrew Koffron earned 34 total points
ID: 39777198
I've used RDP to download files when an infection or malware is stopping it.

setup up a remote connection,  allow local disk access in options, than you the remote machine to save it onto the hard drive. a little time consuming, but seems to by-pass all the address hijacking most infections/infiltration use.
0
 
LVL 17

Assisted Solution

by:Chris Millard
Chris Millard earned 34 total points
ID: 39777201
Another thing you could try is booting into Safe Mode with Networking and try downloading again. Also, it's possible that you may have a RootKit on the PC. Can you try downloading and running RootAlyzer?

http://forums.spybot.info/downloads.php?id=8

If you have access to another PC, you could always remove the hard drive from the infected PC, attach it to another PC WITH UP TO DATE VIRUS DEFINITIONS then scan the infected drive from there.
0
 
LVL 62

Assisted Solution

by:☠ MASQ ☠
☠ MASQ ☠ earned 33 total points
ID: 39777312
There are already lots of suggestions here so I don't want to add much other than:

At least initially try to disinfect your system using normal startup rather than Safe Mode.  If you get nowhere (after trying the Rogue Killer suggestions etc) then a Safe Mode clean up should be attempted but most of the nasties won't be detected as they don't launch in Safe Mode.

If SuperAntiSpyware is your clean up tool of choice try Tolomir's suggestion above and get the SAS package downloaded onto your PC using a random file name (many malware variants look for programs designed to get rid of them and block their download).

I prefer MBAM and their Chameleon variation does much the same thing and hides from the malware detection and catches it unawares!!

Best of luck with the cleaning.
0
 
LVL 92

Assisted Solution

by:nobus
nobus earned 33 total points
ID: 39778529
i always run tools in normal mode, but if that fails
i run it in safe mode, or run from a bootable cd :
http://majorgeeks.com/Kaspersky_Rescue_Disk_d6501.html            KASPERSKY   CD      
http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline     OFFLINE DEFENDER

but with heavily infected systems- i found it much better not to fix it, but do a fresh install; it always saves time, and is the only sure solution
0
 

Author Closing Comment

by:jdana
ID: 39831159
Thanks to all for great suggestions.

helpfinder,

Just as you suggested, I popped the drive, dropped it into my BlacX device, and scanned the drive with a suite of antivirus apps. It's now clean as whistle. I'll use that trick from now on.

J
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question