|
Friend's computer is virused up to the max
So I'm going round there to sort it out.
I've sorted quite a few people's PCs out before and it's usually the trick of turning system restore offthat gets rid of the little blighters. However, this infection sounds quite bad. Although I built the machine and set her up with Spybot, AVG and made sure the Windows firewall was on, she has backdoor trojans, w32.myzor and various malware threats. This is down to all the dodgy "game of the day" sites she goes on as well as less as not updating and immunising Spybot for at least 6 months. She says her internet connection has now dropped so there's a small chance I won't be able to fix it without having some general purpose virus removal tools. So, whilst I've got the chance, what does anyone recommend I burn to CD and take round? Cheers. |
Re: Friend's computer is virused up to the max
if its that bad reformat and take a ghost image once the machine is up and running.
I have very little time for customers of mine that allow their system to get virused up to the max as it were and unless there prepared to pay 15 quid an hour for me to sit there watching a boot time virus scan then id just format and tell them off for downloading garbage Dude its obvious you put yourself accross as a system builder you should know what to do ;) |
Re: Friend's computer is virused up to the max
format c:\
Seriously. If a PC is that bad esp with some of the nasty spyware about then I find it far quicker just to do a clean reinstall. |
Re: Friend's computer is virused up to the max
Quote:
|
Re: Friend's computer is virused up to the max
Assuming you have your XP or Server 2003 disks, you can use Bart PE to build a bootable windows CD. This includes a plug in and instructions to enable you to download a McAfee virus scanner from the web. You can then run this from the CD.
Note: The plug in doesn't seem to require a McAfee licence. |
Re: Friend's computer is virused up to the max
Quote:
|
Re: Friend's computer is virused up to the max
I'm with the Zing on this - you could spend days trying to get rid of stuff and still not be certain there isn't a hidden rootkit.
Nuke it and tell her not to be so careless! |
Re: Friend's computer is virused up to the max
Quote:
|
Re: Friend's computer is virused up to the max
Yeah, like it says here... http://www.eweek.com/article2/0,1895,1945782,00.asp
Quote:
|
Re: Friend's computer is virused up to the max
Quote:
|
Re: Friend's computer is virused up to the max
http://www.cableforum.co.uk/board/sh...7&postcount=12 here is my link it shows you how you can use nero(you can run this from program files as long as its installed on the drive ) also so you can burn and saved files to cd/dvd without running from the hdd.
Having full shell access allows for easier copy and paste options :) |
Re: Friend's computer is virused up to the max
Quote:
I'm with everyone else though, just nuke it and start afresh. Much easier in the long run. |
Re: Friend's computer is virused up to the max
Ok, thanks for the advice.
|
Re: Friend's computer is virused up to the max
I usually go for a once over with Stinger, then Windows Update, AV install/config, and Spybot/SpywareBlaster.
|
Re: Friend's computer is virused up to the max
Hi McGraw, you mention backdoor trojams, which is by far one of the worst infections a user could have. This is because of their backdoor capabilities, which means the attacker could have installed almost anything on the sysytem, indeed many backdoor trojans/worms allow the attack to have so much control they could be sitting at the desk using the computer in question, thus you are never really able to trust that system fully again. So the decision to re-format and reinstall depends upon the infection, and also what the pc is used for.
The w32.myzor infection isn't a real problem, you should be able to remove it using the info at this link: http://www.bleepingcomputer.com/forums/topic63896.html Good tools are as follows: Anti-Spyware/Adware Adaware SE Personnal: http://www.lavasoft.de/software/adaware/ (Free, manual update) Anti-Malware: Ewido Anti-spyware: http://www.ewido.net/en/download/ 14 day full trial then on demand scanner have to update manually after trial(very good piece of software!) download setup files for ewido, and the separate full signature manual update to cd. Trojan Hunter: http://www.misec.net/ another free trial thinks it's 30 days. It is best to run all these scans in safe mode, as many malware files will not be deleted in normal mode, and [b]disconnect the infected PC from the internet [b](pull the plug) CCleaner: http://www.ccleaner.com/ccdownload.asp (I would run this first) Very good, but be careful of using the 'Issues' part of program, as it has been known to delete needed registry entries. The 'Cleaner' section which you need is completely safe, however it will remove cookies from your system so make sure you have all your passwords for forums hotmail etc witten down before using, and perhaps bookmarked (in Firefox,or put in favourites if you use IE) pages you visit regularily. Without knowing exactly what infections you have, I cannot help more, but I would strongly advise you to visit one of these ASAP forums: http://www.malwareremoval.com/a-sap.html and post a HijackThis log. This link may help you decide if a reformat is necessary: http://www.dslreports.com/faq/10063 In addition if you have been infected by backdoor trojans, there is the possibility of rootkit infected, which are often very hard to detect and remove, hence the previous reply to boot with a linux cd is a good idea, as most modern rootkits hide at the kernel level. Above all goodluck :) |
| All times are GMT +1. The time now is 02:24. |
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2026, vBulletin Solutions Inc.
All Posts and Content are © Cable Forum