“Fng Virus” removal tricks

So last night a buddy came over with a laptop that had developed a nasty cold that day (lunchtime)

The well designed little beast was quite liberal with his system – it had turned off emergency restore and would also grab hold of IE and cause it to do something that ate up CPU cycles and consumed HUGE amounts of RAM. This last bit of course was making it very difficult to do things like run anti virus software.

What I ended up dong was booting to safemode, and removing traces to the virus there.

I did find out that there is another cool options built into Windows today.
“System Configuration”

from the run command type “msConfig”
on the selective startup – deselect Load System Services and Load startup items, then in boot Choose Safeboot – with minimal selected.

Having the network adapter disabled would also be a good idea.

Go to the Services tab and checkĀ  “hide all Microsoft services” and press disable all (stopping services that should not be running from starting up) now reboot and remove the nasty bug – if you find a virus writer – tell some Muslim extremist group they insulted their prophet to ensure they have a slow and painful death!

 

As a note a friend I work with suggested the following utility

http://www.bleepingcomputer.com/download/combofix/

It is called combofix and is supposed to be good at fixing stuff that nothing else can get rid of, but it comes with a warning. It should be a last resort. It can render the OS useless and force you to do a reinstall of everything including the OS. However, it will also remove stuff that the others leave behind and give you back a system that would otherwise force you to reinstall anyway.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>