Solved

Download of SuperAntiSpyware.exe fails

Posted on 2014-01-13
9
716 Views
Last Modified: 2014-02-03
I have a Windows XP client machine that's really infected. I've already run full scans with VIPRE (our in-house antvirus app) and MalwareBytes. Each time I try to push superantispyware.exe to this machine (either using a web download with Chrome or a Windows Explorer download from our sever) the download fails with about 1 second left. Is this malware hijacking the download or is something else going on?
0
Comment
Question by:jdana
9 Comments
 
LVL 19

Accepted Solution

by:
helpfinder earned 34 total points
ID: 39777154
could be - try to clean the disk when OS is not booted up. You can remove the disk and connect it into another machine with installed AV product you prefere and make a scan (be aware you can infect also host machine in some case)
Or use some AV solution which can be booted and not ran on live OS - I have good experience with Kaspersky Rescue Disk 10 which you can put on your USB stick (Kaspersky offers also utility which makes your USB stick bootable)
http://support.kaspersky.com/viruses/rescuedisk#downloads
0
 
LVL 29

Assisted Solution

by:Sudeep Sharma
Sudeep Sharma earned 34 total points
ID: 39777155
I would recommend you to run RogueKiller first and then before rebooting try copying the SAS and install it.

Download as per your OS architect.
http://www.adlice.com/softs/roguekiller/RogueKiller.exe
http://www.adlice.com/softs/roguekiller/RogueKillerX64.exe

Let us know if it still fails.

Thanks,
Sudeep
0
 
LVL 30

Assisted Solution

by:pgm554
pgm554 earned 34 total points
ID: 39777179
Simplistic thing to do is offline scanner using M$ Security Essentials.

If you have major issues ,offline is the only high percentage way to clean.

http://windows.microsoft.com/en-us/windows/what-is-windows-defender-offline
0
 
LVL 27

Assisted Solution

by:Tolomir
Tolomir earned 34 total points
ID: 39777181
Start on this page:

http://www.superantispyware.com/portablescannerhome.html

If you klick on the read big button, you get a random name:

http://www.superantispyware.com/sasportablehome.php

Follow the instructions and it should work.
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 
LVL 16

Assisted Solution

by:R. Andrew Koffron
R. Andrew Koffron earned 34 total points
ID: 39777198
I've used RDP to download files when an infection or malware is stopping it.

setup up a remote connection,  allow local disk access in options, than you the remote machine to save it onto the hard drive. a little time consuming, but seems to by-pass all the address hijacking most infections/infiltration use.
0
 
LVL 17

Assisted Solution

by:Chris Millard
Chris Millard earned 34 total points
ID: 39777201
Another thing you could try is booting into Safe Mode with Networking and try downloading again. Also, it's possible that you may have a RootKit on the PC. Can you try downloading and running RootAlyzer?

http://forums.spybot.info/downloads.php?id=8

If you have access to another PC, you could always remove the hard drive from the infected PC, attach it to another PC WITH UP TO DATE VIRUS DEFINITIONS then scan the infected drive from there.
0
 
LVL 62

Assisted Solution

by:☠ MASQ ☠
☠ MASQ ☠ earned 33 total points
ID: 39777312
There are already lots of suggestions here so I don't want to add much other than:

At least initially try to disinfect your system using normal startup rather than Safe Mode.  If you get nowhere (after trying the Rogue Killer suggestions etc) then a Safe Mode clean up should be attempted but most of the nasties won't be detected as they don't launch in Safe Mode.

If SuperAntiSpyware is your clean up tool of choice try Tolomir's suggestion above and get the SAS package downloaded onto your PC using a random file name (many malware variants look for programs designed to get rid of them and block their download).

I prefer MBAM and their Chameleon variation does much the same thing and hides from the malware detection and catches it unawares!!

Best of luck with the cleaning.
0
 
LVL 91

Assisted Solution

by:nobus
nobus earned 33 total points
ID: 39778529
i always run tools in normal mode, but if that fails
i run it in safe mode, or run from a bootable cd :
http://majorgeeks.com/Kaspersky_Rescue_Disk_d6501.html            KASPERSKY   CD      
http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline     OFFLINE DEFENDER

but with heavily infected systems- i found it much better not to fix it, but do a fresh install; it always saves time, and is the only sure solution
0
 

Author Closing Comment

by:jdana
ID: 39831159
Thanks to all for great suggestions.

helpfinder,

Just as you suggested, I popped the drive, dropped it into my BlacX device, and scanned the drive with a suite of antivirus apps. It's now clean as whistle. I'll use that trick from now on.

J
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Many functions in Excel can make decisions. The most simple of these is the IF function: it returns a value depending on whether a condition you describe is true or false. Once you get the hang of using the IF function, you will find it easier to us…

912 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now