• Thank you for visiting the Cafe Rad Lab Forum
  • We present & discuss radiation health, science & news
  • To keep you informed about vital nuke information.
Hello There, Guest! Login Register


Tips on cleaning PC infections
#1
Hiding on many computers, junk hiding beneath other junk.  How can you know your Windows computer is really clean?  

Microsoft has a useful tool called System File Checker.  This will verify that system files are not corrupt.  
Open a Command Prompt window as administrator and run SFC /SCANNOW .   If System File Checker finds corrupt files and can’t repair them, you’re still infected.  Takes 15-20 mins.

Download and update your cleaning programs, then take your computer offline to run scans.  Some infections rely on an internet connection to remain hidden.  Run repeatedly until you get a clean result because some infections are persistent, what I call repeaters.  A scanner might find and try to remove something but can’t really do it because the file or entry is still open by some infection.  Run scanners till you get a clean result.  If you have a repeater you are still infected.  

Go to Bleeping Computer and download some tools.  I like these tools because they give me quick tests to see what’s hiding in the usual places.  

rkill
https://www.bleepingcomputer.com/download/rkill/
Adding these in, very helpful.  Rkill comes with different names and extensions to get around infections that block all but a few programs.  A fast test, if it finds problems then your computer is infected with something.  The only false positive so far, Quicken loads a IO_Ctl process. Rkill checks memory and attempts to stop infected processes and services so other scanners have an easier time finding and fixing the problems.  

Roguekiller
https://www.bleepingcomputer.com/download/roguekiller/

adwcleaner
http://www.bleepingcomputer.com/download/adwcleaner/

Junkware Removal Tool - JRT
http://www.bleepingcomputer.com/download...oval-tool/

I use this as a manual scanner, one of my favorites for removing pups and trojans.   I don’t load the trial version because I don’t like cluttering up my resources with too many active protections.  At the end of the installation, uncheck the free trial offer.  
Malware Bytes Anti-Malware
http://www.bleepingcomputer.com/download...i-malware/

So you think you’ve got it clean but windows is still flakey.  Infections may have changed windows settings and this repair tool will get windows back to original default settings.  Useful when infections have changed permissions so scanners won’t find them or turned off features for memory space.  Fixes snipping tool, resets IE, repairs windows update, and much more.  Takes about 30 minutes to run.  Turn off your active protection to allow the program to make the necessary changes.  If you had a repeater, after running this tool, run scanners again to take out the repeater.  
http://www.bleepingcomputer.com/download...ll-in-one/

Check for rootkits.  Change parameters to detect TDLSF file system
https://usa.kaspersky.com/downloads/tdsskiller
This one is now kvrt.exe

When all else fails I use Bleeping Computer’s Combofix, just be careful to read some instructions on it before using.  Only win7, no version available for win10.

Check that all the important Windows Updates have been installed.  

Make sure your Antivirus and other scheduled tasks are running.  Most new computers come with power saving settings that might give scheduled tasks 15 minutes to run before the computer falls asleep.  It won’t scan or defrag if your computer keeps going to sleep.  

Use a good temp file cleaner, infections can fill up temp files that don’t go away till the infection is gone.  I like CC Cleaner by Piriform or TFC by OldTimer.

A virus infection can change your boot device to boot to a floppy first to get started before windows or make other changes to Bios.  After you remove a virus, its a good idea to reset the Bios and check settings.  Computer makers have instructions on how to enter Setup when powering on.  Resetting the bios can help disable a virus so a scanner can remove it.
"The map is not the territory that it is a map of ... the word is not the thing being referred to."
 
Reply
#2
I only have a couple Macs to maintain, they have few problems. This might help.
http://osxdaily.com/2010/09/19/another-d...p-address/
"The map is not the territory that it is a map of ... the word is not the thing being referred to."
 
Reply
  


Forum Jump:


Browsing: 1 Guest(s)