Help! Computer question - virus removal with no internet - PeachParts Mercedes-Benz Forum

mpolli · #1 05-25-2009, 08:46 PM

Hi,

My friend's computer got the "W32/VirusIsolator.EG" virus aka "W32/fakeInit.I trojan". Problem is he cannot get onto the internet anymore. I downloaded spyware-doctor from PC Tools onto a USB drive and gave it to him but it will not run without internet updates!! He has XP.

He also tried System Restore but that did not work. What can he do?

Thanks

tankdriver · #2 05-25-2009, 08:57 PM

Has he tried starting up in safe mode? Should be able to get on the internet then.

mpolli · #3 05-25-2009, 09:03 PM

OK. What he did is he diagnosed the internet connection with IE7 and that got him connected. So then he did the update and now he is scanning with the spyware-doctor. I will let you know how it turns out...

pawoSD · #4 05-25-2009, 10:26 PM

I'd just salvage data off it, wipe, and reinstall. Much easier and you can be sure the virus is gone.

compress ignite · #5 05-25-2009, 10:58 PM

Nothing can stand up to that.

tankdriver · #6 05-25-2009, 11:14 PM

Quote:

Originally Posted by pawoSD

I'd just salvage data off it

How do you do that after the virus is already on there?

mpolli · #7 05-26-2009, 01:31 PM

Thanks for the ideas. He says the spyware-doctor got rid of that virus.

pawoSD · #8 05-26-2009, 02:04 PM

Quote:

Originally Posted by tankdriver

How do you do that after the virus is already on there?

Either boot it with a Linux Live-CD or parallel install windows (if the original install is dead) but leave the files in tact....then retrieve the files, save them on external media.....and proceed with the full wipe/install. Or use the Windows PE live CD to do that same thing as the Linux disc. I prefer linux.....but either way works.

toomany MBZ · #9 05-26-2009, 06:14 PM

I'm having the same problem, I have the re-install cd, but that says it will remove EVERYTHING and start over. That will not allow me to keep the files.

powerpig · #10 05-26-2009, 07:01 PM

Download malwarebytes free version, run it and you should be good to go.

Larry Delor · #11 05-27-2009, 12:09 AM

Be sure and go to malwarebytes.org ....not .com or .whatever

Or, do a search for mbam.exe - there should be a link to majorgeeks or some such site that hosts that file.

toomany MBZ · #12 05-27-2009, 08:05 AM

I was able to install and run Adware and AVG anti virus, it's still in the other computer.

link · #13 05-27-2009, 10:02 AM

The problem of the scorched earth solution (i.e. reformatting the drive) is that you never find the problem and as a result you’re likely going to have the same problem come back shortly after all the work of re-formatting the drive.

A simple solution is to put the infected drive in another computer, but set to be a slave drive in the other computer. Doing this means that the data is accessible without loading any programs on the drive.

Once the drive is in the other computer, run a suite of anti-virus and anti–spyware detection and removal tools. While both Spyware Doctor and Malware Bytes (mentioned above) are both excellent at detecting some spyware, they are selective in what they find. As a consequence you should use several programs. When I'm hired to do these kinds of scans, I use a total of 7 programs plus some other things. Generally all of the programs will find things the others missed.

lutzTD · #14 05-27-2009, 10:55 AM

I bought mcaffee at work and saved to and loaded it from a thumbdrive on my infected computer. I now stay connected all of the time and have been trouble free since.

aklim · #15 05-27-2009, 07:05 PM

Quote:

Originally Posted by pawoSD

I'd just salvage data off it, wipe, and reinstall. Much easier and you can be sure the virus is gone.

I wouldn't be too sure if it were me. How do you know the virus hasn't embedded itself into the datafiles you salvaged off?