none
Questions about recovering POST malware!

    Question

  • Hey all, hope this post finds you well and not having the problems I have been going through the past week.

    I have been "cleaning" a system for a customer.  I think I finally got the system back to normal.  I am about ready to give the machine back to the customer, but I have two things I need to do first.

    #1 What would be the best tool to evaluate the machine for the presence or lack there of, of virus-spyware-malware?

    I have used most of the available "free" options and that got me this far; including ewido, ad-aware, zero-adware, KAV, hijackthis, ccleaner, and a few other.  I have run most of these several times and I finally got a clean run from KAV last night after I finally removed oledsp32.dl_ that had the w32.zap.chast Trojan in it.  Before that I could not install new apps and or run others, I would get an error reporting that the app was not executable due to an infestation.

    Now on to my last question, I can try to run apps under the accounts with admin privileges, but some of them return an error that I do not have the permission to execute them.  I am guessing the some of the malware changed the admin privileges for the users that had admin rights.  What I need to do to be done with this box is to reset those privileges so that the "admin" users can install and execute apps as needed. 

    Any ideas on how to reset those users without having to create new users and transfer the old user settings to the new users? 

    Is there an easy way to reset the privileges? 

    OR is there an easier way to accomplish what I am trying to do?

    Thursday, January 26, 2006 5:42 AM

All replies

  • This is very old question but for asked scenario, you may use Windows Defender Offline or other bootable scanner.
    Tuesday, February 5, 2019 8:00 PM