Results 1 to 7 of 7

Thread: antivirus / antimaleware

  1. #1
    resU deretsigeR Terial's Avatar
    Join Date
    Dec 2012

    antivirus / antimaleware

    Okay, so i have this very small side gig where i help out elderly people with their PC's. Teaching them and making sure things are backed up, and easy stuff like that... no real issues.
    Every so often i get someone who has a virus, or maleware, and i never really have issues cleaning it off their machines.
    Usually just use Maleware Bytes for maleware.
    Recently though, i came across 1 PC for a couple where i just can't seem to remove the issue. Maleware bytes finds it, but it creeps back in later. I've gone through and manually removed everything from the registry and i've manually removed files and folders where this thing keeps creepign up and all seemed well till a week later where it pops back up again.
    Looking for something better than maleware bytes to help find and remove the issue for them... i don't want to really format here unless i really have to...thoughts?

    also, i don't remember the name of the virus/maleware that's popping up, going there tonight to do more work on their PC, i can check then unless i get it cleaned off.

  2. #2
    Delicious Noodles Noodleface's Avatar
    Join Date
    Dec 2012
    Try this:
    Virus removal step-by-step checklist with links to all required tools : techsupport

    Links are in the thread above, but here's the copied pasted version:

    I’ve worked in a small computer shop for several years and we do anywhere from 30-60 virus removals per week. Here is the step-by-step process that I’ve refined after working on countless customer computers. I’ve included links and several how-to's for those with additional questions. I hope it helps out!
    Boot to safe mode using F8 key at boot (before windows load screen) -How To-[1]
    Run Combofix[2] (this is a surgical malware removal tool with 50 steps. Don’t download the windows recovery when prompted to do so) -How To-[3] It helps to RENAME the Combofix[4] file to something other than the default as some malware looks to block it from running. If combofix wants to restart, ensure it restarts back into safe mode)
    Run TDSSKiller[5] , remove anything found -How To-[6]
    Restart in normal mode
    Run Revo Uninstaller[7] (this program is used to uninstall programs that are highly malicious in nature which may leave un-wanted pieces of themselves behind using the normal uninstall process. (Uniblue Registry, Crawler Toolbar, Ask Toolbar, Registry Mechanic, Frowstwire, Limewire, Smilebox, Gamevance, Playsushi are just a few examples) -How To-[8]
    Run CCleaner[9] -Uninstall unneeded but non-malicious installs (ie Google toolbar, HP Games, etc) -Adjust startup (delete all startup entries that are not required for normal use) -Clean registry (remove all bad entries found. There is no need to do a backup) -Clean temp files (remove all temp files using the stock CCleaner[10] settings)
    Run TFC[11] (this will probably reboot the PC) -How To-[12]
    Turn off system restore. XP users: -How To-[13] Vista or Windows 7 Users: -How To-[14]
    Install Malwarebytes[15] --make sure you decline the offer
    Install Microsoft Security Essentials[16] (OR antivirus of your choice)
    Install Spybot Search and Destroy[17] uncheck *ALL** additional settings for Spybot.
    Ensure all of these are UPDATED TO THE THEIR LATEST DEFINITIONS!!!!
    Run Malwarebytes[18] (ENSURE THAT Microsoft Security Essentials[19] IS already INSTALLED, UPDATED, and READY TO GO) --Remove any and all entries found (reboot will most likely be required) --Microsoft Security Essentials[20] (or your antivirus) will likely find infections as Malwarebytes[21] scans. Remove these findings as well
    Run a quick Microsoft Security Essentials[22] Scan or quick scan of your antivirus (long scan if you like overkill) --Remove any infections found
    Run Spybot Search and Destroy[23] (will require another round of updates most likely once started) --Remove any infections found
    ---At this point your PC should be virus free. The following steps help to ensure it stays that way:
    Check browser settings --Homepage (Google[24] , make this the default search as well) --Delete any malicious search engines (Crawler Search, MyWebSearch)
    Check firewall is on (located in security center) -How To-[25]
    Ensure all drivers are installed (check device manager) -How To-[26]
    Install any service packs as necessary (use standalone’s when possible but you can use windows update) ---XP is up to Service Pack 3[27] ---Vista is up to Service Pack 2 (32-bit)[28] (64-bit)[29] ---Windows7 is up to Service Pack 1[30]
    Install any Internet Explorer browser updates (again, upgrade to max supported using stand-alone installers when possible) --XP can use Internet Explorer 8[31] --Vista and Windows 7 can use Internet Explorer 9[32]
    Install all windows updates (except windows search and live essentials) -How To-[33]
    Install software updates (iTunes, Adobe Reader, Java, Flash, etc.) ---USE THE HIPPO[34] TO MAKE SURE YOU GOT IT ALL. It is also a good idea to install more browsers than just Internet Explorer like Firefox and Chrome. Make sure all browsers have Google search and homepages are
    Immunize (must have opened up all browsers at some point or the immunization will not take properly.) ---Spywareblaster[35] (make sure manual updating is selected) Download any updates. Immunize all. ---Spybot[36] Run the immunization tool
    Re-run CCleaner[37] --registry + temp file cleaner
    Defrag as necessary (I like Defraggler[38] )
    Here is a condensed section of tools for easy download:
    Revo Uninstaller[41]
    Microsoft Security Essentials[45]
    Spybot Search and Destroy[46]
    File Hippo Update Checker[48]
    Noodleface#1412 - <Rerolled> US-Hyjal Horde - Noodleface

    Follow me on Twitch! - Streaming Rerolled minivan dad raids Friday nights 9PM EST and Saturday mornings 11AM EST!

  3. #3
    resU deretsigeR Terial's Avatar
    Join Date
    Dec 2012
    thanks man, i get the feeling i have a long night ahead of me now hahah.

  4. #4
    Registered User joeboo's Avatar
    Join Date
    Dec 2012
    Kansas City
    You sir, are a saint. No chance I would have the patience to do that, lol.

  5. #5
    Scruffy the Janitor brekk's Avatar
    Join Date
    Dec 2012
    The CT
    DO NOT run Combofix on Windows 8/8.1 systems. It may break them irreparably. Also be careful where you download it from, there are bad sources for combofix that have tacked trojan files onto it, so it ends up infecting you worse instead of helping. In the past 6 monthes my business has shifted to combofix being a last resort.

    In general I run Malwarebytes, and then Roguekiller for especially nasty infections.

    If the infection is crapware (programs that cause popups, browser redirects) then run ADWCleaner this specifically cleans out browsers and related addons/plugins

    Spybot is garbage don't waste your time.

  6. #6
    The guy with the gun BrutulTM's Avatar
    Join Date
    Dec 2012
    Knowlton, Montana
    If it's me and Malwarebytes doesn't get it then I'd just back up their files and reinstall. Takes an hour and it's guaranteed to work vs. spending all night fucking around with virus software. Their computer will probably run better afterwards too. They will thank you.

  7. #7
    Registered User
    Join Date
    Dec 2012
    It's best to low level format and install from scratch when you have a troublesome virus that keeps coming back. I've seen first hand that a quick format and fresh install simply isn't enough.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts