• Thank you for visiting the Cafe Rad Lab Forum
  • We present & discuss radiation health, science & news
  • To keep you informed about vital nuke information.
Hello There, Guest! Login Register


Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Tips on cleaning PC infections
#1
Hiding on many computers, junk hiding beneath other junk.  How can you know your computer is really clean?  

Microsoft has a useful tool called System File Checker.  This will verify that system files are not corrupt.  
Open a Command Prompt window as administrator and run SFC /SCANNOW .   If System File Checker finds corrupt files and can’t repair them, you’re still infected.  Takes 15-20 mins.

Download and update your cleaning programs, then take your computer offline to run scans.  Some infections rely on an internet connection to remain hidden.  Run repeatedly until you get a clean result because some infections are persistent, what I call repeaters.  A scanner might find and try to remove something but can’t really do it because the file or entry is still open by some infection.  Run scanners till you get a clean result.  If you have a repeater you are still infected.  

Go to Bleeping Computer and download some tools.  I like these tools because they give me quick tests to see what’s hiding in the usual places.  

Roguekiller
https://www.bleepingcomputer.com/download/roguekiller/

adwcleaner
http://www.bleepingcomputer.com/download/adwcleaner/

Junkware Removal Tool - JRT
http://www.bleepingcomputer.com/download...oval-tool/

I use this as a manual scanner, one of my favorites for removing pups and trojans.   I don’t load the trial version because I don’t like cluttering up my resources with too many active protections.  At the end of the installation, uncheck the free trial offer.  
Malware Bytes Anti-Malware
http://www.bleepingcomputer.com/download...i-malware/

So you think you’ve got it clean but windows is still flakey.  Infections may have changed windows settings and this repair tool will get windows back to original default settings.  Useful when infections have changed permissions so scanners won’t find them or turned off features for memory space.  Fixes snipping tool, resets IE, repairs windows update, and much more.  Takes about 30 minutes to run.  Turn off your active protection to allow the program to make the necessary changes.  If you had a repeater, after running this tool, run scanners again to take out the repeater.  
http://www.bleepingcomputer.com/download...ll-in-one/

Check for rootkits. Change parameters to detect TDLSF file system
https://usa.kaspersky.com/downloads/tdsskiller

When all else fails I use Bleeping Computer’s Combofix, just be careful to read some instructions on it before using.  

Check that all the important Windows Updates have been installed.  

Make sure your Antivirus and other scheduled tasks are running.  Most new computers come with power saving settings that might give scheduled tasks 15 minutes to run before the computer falls asleep.  It won’t scan or defrag if your computer keeps going to sleep.  

Use a good temp file cleaner, infections can fill up temp files that don’t go away till the infection is gone.  I like CC Cleaner by Piriform or TFC by OldTimer.

A virus infection can change your boot device to boot to a floppy first to get started before windows or make other changes to Bios.  After you remove a virus, its a good idea to reset the Bios and check settings.  Computer makers have instructions on how to enter Setup when powering on.  Resetting the bios can help disable a virus so a scanner can remove it.
"The map is not the territory that it is a map of ... the word is not the thing being referred to."
 
Reply
#2
I'm a Mac user so I do best I can with Kaspersky, "Malwarebytes Anti-Malware" and a DNS IP service. But, something queer has been happening again, hadn't happened since I last found a solution for some issues but it came back recently - I get a pop up telling me another device is using my IP address when I try to open Firefox.

I have no idea why or how. I have to shut down and reboot to clear that.
Pia
just pm me if needed.
 
Reply
#3
I only have a couple Macs to maintain, they have few problems. This might help.
http://osxdaily.com/2010/09/19/another-d...p-address/
"The map is not the territory that it is a map of ... the word is not the thing being referred to."
 
Reply
#4
Aha! Thanks, H. I'm going to try this first: renew your DHCP lease in Mac OS X
Pia
just pm me if needed.
 
Reply
#5
here's advice via @cryptomeorg in twitter this morning:  Masterspy top deputy offers 6 steps of cybersec http://www.dni.gov/index.php/newsroom/sp...telligence


snippet: Events of this past year are instructive; starting with the intrusions against Sands Casino and Sony Pictures, and continuing with the OPM breaches. It’s clear that the threat is real. And yet, we don’t do all we could to prevent those attacks. There are four concrete and simple steps we can take today to improve our cyber posture and two far more complex steps that Ithink are absolutely necessary to affect real change.

So, here are the easy ones first. One: patch IT software obsessively. Most cyber intrusions are through well-known vulnerabilities in commonly-used software, which can be fixed with patches readily available.

Two: segment your data. A single breach shouldn’t give attackers access to an entire network or infrastructure and a mother lode of proprietary data.

Three: stay updated on the threat bulletins that DHS and FBI put out. We regularly warn about the intrusions taking place against U.S. businesses and we advise private sector entities on how to protect themselves against those threats.

And four: teach folks, including your friends and family, what spear phishing looks like. So many times, bad actors get access to our systems and our information just by pretending to be someone else and then asking people to open an attachment or click on a link. It’s simple but it is the single most important factor in infections. The Chinese, in particular, are cleaning us out because we know we’re supposed to do those simple things and yet we don’t do them.

This is not to say that these steps will eliminate all the risk and uncertainty that comes with using cyber for communication and commerce, but it will have an immediate positive impact on our vulnerabilities.

The two remaining steps are challenging and interconnected. The first is to improve our cyber literacy as an intelligence community, as a government, and as a nation. And second, empower people to excel in the realm of cyber. Not so simple.
Pia
just pm me if needed.
 
Reply
#6
Wink 
And, a tip derived from the report on Cracka youth in Palestine hacking CIA chief's email - never ever give out your personal information and make sure your service provider understands security, especially if you are high profile. Note to Verizon....
Pia
just pm me if needed.
 
Reply
  


Forum Jump:


Browsing: 1 Guest(s)