[iLLeLogical]

Topic title says it all she fucked up badly (she's too naive..) and got some trojans and a shitload of spyware it seems (cpu is always >80% and above, 100+ processes running)
So I'm wondering what the best path to clean up is (whithout having to format), I was thinking of starting off with installing spybot s&d, installing ad-aware, scanning and cleaning.
Wondering if I also need to get some antivirus scanner for her pc, and most importantly which programs can prevent such things from happening again (I heard admuncher was pretty)

Your insights on the matter please :P

Definitly installing admuncher (http://www.admuncher.com/t/1.shtml) and I can't edit my own post... wtf :o

This post has been edited by iLLeLogical: 30 September 2009 - 12:56 AM

[talwoasc]

Anti virus is a must. I would suggest getting a load of free trials and installing each one, one at a time and making each one do a full system scan asn that should gaurantee that you pick up all the nasties. Personaly I recomend Kaspersky to anyone that asks as a anti-pretty-much-anything for day to day use. In your situation I would seriously consider just reformatting as it will most likely take the same amount of time but also give her a faster and totaly malware free machine to use.

[nebriv]

I'd boot from a liveCD and run scans from there. There are loads of liveCDs with virus scanners, and other malware scanners. Booting from a livecd would allow the scan and removal to be more effective because the files aren't being used and the processes aren't locking anything up or any of the other nasty stuff they do.

Honestly, watch out if you run the "free trials" because I've found most will either not find everything, find false positives, not allow you to remove anything, or be malicious.

I highly recommend Comodo AV or Comodo Internet Security for that matter, its free and very good.

This post has been edited by nebriv: 30 September 2009 - 03:39 AM

[hackuin60s]

If your PC is a standard product not assembled one, then you can go with "Non Destructive Recovery" where your data will not loss. But, few software you might have installed may not work, you need to re-install them. However, it will be very clean one.

If you don't want to go with that, then this steps may help you.

1. Download Anti-virus, I recommend windows Live-One Care, you can download trail version for 90 days. I find it pretty good till now. Or, you can go Google yourself for various Anti-virus programs and install and run the full scan.
2. Check the Process list in your Task Manager, I am pretty sure, there will bunch of un-needed process eating up your memory, then use Ms config to configure, how your machine need to start up, I mean select necessary service or programs to be loaded when your machine boots up.

Next time, please provide us your specifications of the system with which your are having issues.

-Hackuin

[Nea]

The best way of preventing this from happening again is to teach her some basic tech survival skills. If she knows about how the web works she won't get her computer as easily into trouble.

[iLLeLogical]

nebriv, on 30 September 2009 - 03:37 AM, said:

I'd boot from a liveCD and run scans from there. There are loads of liveCDs with virus scanners, and other malware scanners. Booting from a livecd would allow the scan and removal to be more effective because the files aren't being used and the processes aren't locking anything up or any of the other nasty stuff they do.

Honestly, watch out if you run the "free trials" because I've found most will either not find everything, find false positives, not allow you to remove anything, or be malicious.

I highly recommend Comodo AV or Comodo Internet Security for that matter, its free and very good.

can you give me some links to above mentioned livecds?

[nebriv]

http://www.knoppix-std.org/ is probably what you should be looking at. It comes with ClamAV. You can also back up files from the liveCD so in case you do need to reformat you can get the data before doing so.

Let me know if you want some tips you can share with your sister so she can avoid getting her computer infected again.

This post has been edited by nebriv: 01 October 2009 - 03:19 AM

[TBTriviality]

Nea, on 30 September 2009 - 08:06 PM, said:

The best way of preventing this from happening again is to teach her some basic tech survival skills. If she knows about how the web works she won't get her computer as easily into trouble.

I third that.

• Add/Remove Programs, with her consent of what to remove
  
• The anti-virus ideas for-mentioned

[andrew247]

The forum index was very misleading:


Here was me expecting some sort of incestuous story or a question on how to carry out a revenge attack on whoever made TBTriviality's sister pregnant.

The disappointment is overwhelming.

[TBTriviality]

andrew247, on 10 October 2009 - 09:55 PM, said:

Here was me expecting some sort of incestuous story or a question on how to carry out a revenge attack on whoever made TBTriviality's sister pregnant.

lol, I was considering saying the CLOSE to the same thing ;)

This post has been edited by TBTriviality: 13 October 2009 - 01:09 AM

[schim]

If you are sure it are torjans and malware she has been infected with I would use anti malwarebyte's anti malware.
It cleaned up my computer after I was infected by some new kind of virus some years ago, maybe you heard from it?? Aniti malware 2009 (the year was 2008 how would this not be a virus :-)

I hope it helps

SCHiM

[Thetan]

This is why i maintain a regularly updated database of disk images throughout time. Not to mention this also comes in handy when i ever feel the urge to swap systems on the disks to 2 separate machines. Also when my wife fucks something up i can just rip an image of her laptop, blast it on a random machine at work and fix it their so i don't have to take her entire laptop with me and then blast the fixed image over her system when i get home.

[ctrlaltphreak]

Sorry baph but I need this on the front page, it brightens my day!

[baph0m3t]

Bitch :P

[DamegedSpy]

Well you can always use a LiveCD like BackTrack and run malware scans from there.
The best thing to do is wipe the drive. (And it also teaches you to be more careful)

And yes it makes my day also :D

This post has been edited by DamegedSpy: 07 February 2010 - 04:16 PM

[baph0m3t]

Doesn't have to be BackTrack for this, it can be any live CD. I'd suggest FLY ;)

E: JESUS!!! I just put it back on the main board. :|

This post has been edited by baph0m3t: 07 February 2010 - 06:22 PM

[DamegedSpy]

I said "Like" and BT as an example.

[Pilot]

Im debating raining on your parade :P

And in effort of keeping this post useful...

If you're going to use FLY, you'll need net connectivity to download the lastest signature files by running the 'update definitions' menu item for ClamAV. Then mount the infected drive somewhere (on /mnt would be a good idea) and then run ClamAV on that directory.