03-19-2010, 07:04 PM | #1 |
betrayal!
Join Date: Feb 2006
Posts: 1,092
|
Virus Removal/System Maintenance. I charge $50 for this, so read up.
I've noticed lately that a lot of people are having virus trouble and aren't reading the previous virus-related posts. This post is for them. While I'm at it, I'm going to give you some basic tips on keeping your computer running at peak efficiency.
Help I've got a virus! / Do I have a virus? First thing's first. If you're not sure if you have a virus, you've probably got a virus. You won't hurt your computer by treating as though it does so follow these instructions. The most common virus on computers today is a variant on "Windows XP Antivirus," a program that masquerades as a virus scanner and tells you you have an ungodly number of infections. If you didn't install a virus scanner on purpose, it's probably a variant on this. You will need the following tools: Malwarebytes Anti-Malware | Sophos Anti-Rootkit | A computer with internet access | Flash Drive (optional) | A virus scanner that isn't Norton or McAffee. 1. Start your computer in safe mode. That means when your computer is starting up, hit F8 a lot until you get a menu. Choose Safe Mode with Networking. 2. Turn off System Restore. A virus can hide out in your system restore area until it decides to come out, and all this work will have been for nothing. Programs - Accessories - System Tools - System Restore - System Restore Settings - Check turn off System Restore - Apply 3. Install Malwarebytes Anti-Malware, update and run it. Some viruses have gotten smart and often block MBAM from running or installing. You can circumvent this by changing the filename and extension of the installer and/or program. It will run just as well as a .bat, so if you've changed the name and it still doesn't work, change the extension as well. If it installs but won't run, find the installed program file under C:\Program Files\Malwarebytes Anti-Malware\mbam.exe. You can change both the filename and extension here as well to stop the madness. Let MBAM run, and once it has run tell it to remove selected. It's pretty self-explanatory here. 4. Still having problems, install and run Sophos Anti-Rootkit. 5. Still having problems? Google your symptoms. There's a solid chance others have the same issue and there's a fix to download for it. I've done this right in front of clients and they have no idea what I'm up to, and I still get paid for the fix. 6. Personally, I stop trying after about an hour or so and simply format and reinstall windows. Back up all your shit first, unless you want to lose it. You either have a copy lying around, know somebody who does, or your computer has a copy of windows in a special partition. This is a drastic measure, but it gets rid of EVERY problem you have. This step WILL cause hardware to stop functioning, so make sure that you are either using a disk designed for your make and model of PC, or learn where to download the drivers for your computer. They're usually not too hard to find. Run a virus scan on your backed-up files before putting them onto your new clean PC. 7. If you solved the problem without going to step 6, repeat step 2. This time you want to turn System Restore back on, and I recommend creating a fresh restore point as well. Keeping your computer running like new You will need the following tools: Malwarebytes Anti-Malware | CCleaner | Ad-Aware | A Virus Scanner that isn't Norton or McAffee. 1. Pay attention to what the fuck you are doing. Do not open email from strangers. Do not download video that has an unusual codec it wants you to use. Do not go to sites you do not trust, even for a moment. This goes, like, quintuple for porn. 2. DO NOT USE LIMEWIRE for god's sake. If you must download, use torrents. If you must use torrents, read the comments on the download page. I shouldn't have to tell this to my peers, but the majority of work I do for people my age is removing a virus and lecturing them on what I just told you. 3. Check the URL before clicking a link. Just hover your mouse over the link and look in the bottom left corner of your browser. A link may look like this http://www.facebook.com and go someplace completely different. If you think you've fallen victim to this, look at the top of the browser where you type in the address. It should say what you expect it to say. Anything else is a scam. 4. Use Firefox or Chrome. Just do it. Don't try to remove IE though, that can cause serious system issues. Use an ad-blocker. 5. Run Ad-Aware twice a month. 6. Run Malwarebytes once in a while, even if you don't think you need to. Safe Mode isn't necessary this time, but keep an eye on it. 7. Run CCleaner about once a month. Use the Cleaner tab as directed. Using the registry tab has never done me wrong, but back up the registry just in case. Use the Tools - Startup tab to disable programs that start with the computer. Don't be afraid, none of this stuff is critical, so you can disable everything if you like. 8. Run your virus scanner weekly. Right now my favorite is Panda Cloud; I'm installing it on client's computers every chance I get. It's got a very small footprint so it's great for those older models. I hope I've helped a bit by posting this. EDIT: Added a tip.
__________________
sudden but inevitable Last edited by Preturbed; 03-29-2010 at 12:53 AM. |
03-19-2010, 11:08 PM | #2 |
wat
Join Date: Jan 2005
Posts: 7,177
|
Keeping your computer running like new, the awesome way!
1. Have good Internet. 2. Backup files 3. Nuke it and start over |
03-19-2010, 11:22 PM | #3 |
betrayal!
Join Date: Feb 2006
Posts: 1,092
|
This man obviously has experience in the business.
__________________
sudden but inevitable |
03-20-2010, 02:19 PM | #4 |
Sent to the cornfield
Join Date: Feb 2008
Location: A right and proper Nerd Cave
Posts: 2,460
|
As often as I've had to reformat, it is quite inconvenient because nowadays it can take me weeks to finally get my computer back up to date as far as forwarding ports and installing programs and re-torrenting legitimate files and the like.
Last edited by Pip Boy; 03-20-2010 at 04:18 PM. |
03-20-2010, 04:04 PM | #5 | |
Blue Psychic, Programmer
Join Date: Feb 2007
Location: Home!
Posts: 8,814
|
And that's not even counting your raging piracy addiction! :p
__________________
Quote:
Journal | Twitter | FF Wiki (Talk) | Projects | Site |
|
03-20-2010, 04:14 PM | #6 |
synk-ism
|
a little prevention
Not a bad thread at all. Though I don't give up just after an hour or so nor do I advocate reformatting so easily, to each his own. In any case, that's a pretty solid list of the actions you should take. It may also be useful, for your peace of mind, to run HijackThis!, save the log, and post it somewhere (such as a malware help forum or, if you trust us here at NPF, here) to get the opinion of others, often people who do this for a living or have more experience than you, and help identifying issues.
I would also suggest that, regardless of one's browser preference, using something to enable easy management of scripts. For example, in Firefox I always run with NoScript and also Flashblock. While I don't intentionally visit shady sites on this machine -- that's what my Linux box is for -- at least NoScript will keep almost everything ever from running and auto-downloading or redirecting, etc., rendering sites impotent against me, including ones you feel are trustworthy. Fortunately, you can choose to allow sites you trust, or temporarily give scripts permission to run [the method I prefer]. Flashblock just stops anything flash-based from running; this is not as much for security as it is for my peace of mind. I abhor flash-based advertising and pages full of the animations, and things run quicker without them until I click to play what I want (e.g.: a YouTube video). And for everyone's sake, if you are on a Windows machine please run some kind of anti-virus and make sure your firewall, either the built-in one or otherwise, is doing something, anything. This isn't a bash on Windows but a reality of running the most widely-used operating system.
__________________
Find love.
|
03-20-2010, 04:16 PM | #7 |
Pure joy
|
|
03-20-2010, 05:53 PM | #8 |
betrayal!
Join Date: Feb 2006
Posts: 1,092
|
All good suggestions. I don't personally use a noscript/flashblock because like you said, it renders everything impotent including sites you trust. The reason I give up after an hour is not that I can't fix it, but that you hit a difficulty curve like a brick wall. If it takes more than an hour, it's probably going to take more like seven. Since I'm charging a flat rate I can't afford that sort of thing.
__________________
sudden but inevitable |
03-20-2010, 07:11 PM | #9 |
synk-ism
|
I am also a glutton for fixing computers regardless of the time.
Hmm, interesting point. I don't do this for money [yet?], so I trudge forth. I imagine if I did and had multiple clients I'd have to set a boundary/gauge/limit/whatehaveyou, as well.
__________________
Find love.
|
12-25-2013, 03:42 AM | #10 | |||
Sent to the cornfield
|
I didnt see combofix in the thread so I'll make sure it does show up. Its a life saver.
Edit: If you want advice from someone that has done side jobs and done the job for work ask me. ---------- Post added at 03:50 AM ---------- Previous post was at 03:41 AM ---------- Stop talking please. You two make my profession a joke. ---------- Post added at 04:07 AM ---------- Previous post was at 03:50 AM ---------- So newbies and non tech folks know. Malwarebytes is a great program for cleaning off malware and adware, you have to pay for real time protection though. Combofix is a program that checks for rootkits and viruses(I'd say advanced users only). ---------- Post added at 04:12 AM ---------- Previous post was at 04:07 AM ---------- Quote:
---------- Post added at 04:17 AM ---------- Previous post was at 04:12 AM ---------- The best advice anyone can follow is don't click links you don't trust or look shady. Use complex passwords and as always don't trust some ass on the internet to tell you the truth! ---------- Post added at 04:20 AM ---------- Previous post was at 04:17 AM ---------- Quote:
---------- Post added at 04:42 AM ---------- Previous post was at 04:20 AM ---------- Quote:
Idiots like you tell people about firewalls and there has always been a firewall between broadband users and the internet. Scare tactics are an asshole scammers game. For browser security I have always run ad block plus. Its usually pdf ads that infect people so adblock seems to help a lot. Last edited by Darkblade; 12-25-2013 at 03:48 AM. |
|||
|
|