Questions

Vitsa basic.............

+
0 Votes
Locked

Vitsa basic.............

Dusterman
I cannot seem to access the documents and setting folder , even as an Admin.
.
I have set the settings so that I can see everything and do everything else except this .
.
FYI ....... this machine was so infected that it has taken 12 hours to get it to stay booted long enough to kill most everything that I could find.
.
It appears as if the file is a short cut but I am not sure.
.
There is enough info on the computer to warrant a few hours to attempt to salvage the info intact.
.
I have found that if I "suck out" the info as is ..... it also is infected and makes attempts to infect the machine I try to clean the files in......
.
At this point I am out of ideas .......
.
Any help will be much appreciated :-)
.
Mike
  • +
    0 Votes
    The Scummy One

    but after reading this
    "this machine was so infected that it has taken 12 hours to get it to stay booted long enough to kill most everything that I could find."
    it may just be time to nuke the drive and start fresh. You do have recovery disks, correct?
    Usually bad infections also mean that rootkits may have been installed. And they are a real pain o rid of.

    Make sure to backup your data and then check the backup on another system. Then nuke the drive (secure wipe) and rebuild from there.

    +
    0 Votes
    Dusterman

    Well ........ I have not attempted to run that feature yet and of coarse the customer never has either .
    .
    I did have the a-typical start up problem where it hung at crcdisk.sys when booting in safe mode ...... but I finally got by that .
    .
    I am not sure that a clean install can be accomplished with disks burned now ?
    .
    Thank you for the heads up .
    .
    Mike

    +
    0 Votes
    shasca

    In our Vista OS's user data is stored under the "Users" Folder and not "documents and settings" as it was in previous OS versions.

    +
    0 Votes
    OH Smeg

    I'm not saying that this is the case here but it's worth a look see. Generally when things like this happen it is because the OS is infected and the Infection infects what you copy out of the system.

    To get around this you either need to pull the HDD and run it as a Slave in an External Enclosure or use a Live Linux like Knoppix to save the Data.

    http://www.livecdlist.com/

    You have to stop the Infected OS running as that is what generally infects Data that you copy off it but if you could post what exactly it is you have managed to remove off this it may help.

    Also I don't know if you have tried this yet but Malware Bytes will get a lot of the other things that AV products may miss.

    http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?tag=mncol&cdlPid=11018531

    Col

  • +
    0 Votes
    The Scummy One

    but after reading this
    "this machine was so infected that it has taken 12 hours to get it to stay booted long enough to kill most everything that I could find."
    it may just be time to nuke the drive and start fresh. You do have recovery disks, correct?
    Usually bad infections also mean that rootkits may have been installed. And they are a real pain o rid of.

    Make sure to backup your data and then check the backup on another system. Then nuke the drive (secure wipe) and rebuild from there.

    +
    0 Votes
    Dusterman

    Well ........ I have not attempted to run that feature yet and of coarse the customer never has either .
    .
    I did have the a-typical start up problem where it hung at crcdisk.sys when booting in safe mode ...... but I finally got by that .
    .
    I am not sure that a clean install can be accomplished with disks burned now ?
    .
    Thank you for the heads up .
    .
    Mike

    +
    0 Votes
    shasca

    In our Vista OS's user data is stored under the "Users" Folder and not "documents and settings" as it was in previous OS versions.

    +
    0 Votes
    OH Smeg

    I'm not saying that this is the case here but it's worth a look see. Generally when things like this happen it is because the OS is infected and the Infection infects what you copy out of the system.

    To get around this you either need to pull the HDD and run it as a Slave in an External Enclosure or use a Live Linux like Knoppix to save the Data.

    http://www.livecdlist.com/

    You have to stop the Infected OS running as that is what generally infects Data that you copy off it but if you could post what exactly it is you have managed to remove off this it may help.

    Also I don't know if you have tried this yet but Malware Bytes will get a lot of the other things that AV products may miss.

    http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?tag=mncol&cdlPid=11018531

    Col