Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Clean install?


  • Please log in to reply
13 replies to this topic

#1 paul88ks

paul88ks

  • Members
  • 1,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dallas,Texas
  • Local time:02:50 AM

Posted 09 October 2014 - 09:49 PM

Has anyone had a system so corrupted that it can't be fixed and it is easier to do a new clean install rather than try to solve the problem? I have a friend who's computer I am working on and have tried every malware,virus program that I know of to find the problem. Malewarebytes,Escan,Combo fix,Advanced System care, Ccleaner etc.... I am still getting redirects and unwanted ads.I have adblock plus,pop up blocker on, Windows 7,Dell Inspiron 2.9 gig processor and 4 gigs memory.I am very frustrated and have spent way too much time on this system. It would be easier to save his files and docs.and music and just start over- anybody else?



BC AdBot (Login to Remove)

 


#2 dicke

dicke

    Paraclete


  • Members
  • 2,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Charlotte, NC
  • Local time:03:50 AM

Posted 09 October 2014 - 09:54 PM

It sounds like you have a plan. Time to execute it.

Keep us posted

 

Dick


Stay well and surf safe [stay protected]

Dick E


#3 JohnC_21

JohnC_21

  • Members
  • 24,437 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:50 AM

Posted 09 October 2014 - 09:56 PM

Yes, sometimes it best just to cut your losses and start fresth. I would recommend though that you try the following.

 

Run Rkill but do not reboot. Then run Malwarebytes.

 

Run Adwcleaner

 

Run Hitman Pro

 

Finally if that does not work, Download Kaspersky Rescue Disk. Burn the iso to a disk and boot. Have the computer connected to the internet via Ethernet so the software can update.



#4 paul88ks

paul88ks
  • Topic Starter

  • Members
  • 1,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dallas,Texas
  • Local time:02:50 AM

Posted 09 October 2014 - 10:14 PM

I haven't tried Rkill or Kapersky yet but will give it a shot! Have used Adwcleaner and Hitman Pro and the others I mentioned above.



#5 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,236 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:05:50 PM

Posted 09 October 2014 - 11:24 PM

Much malware these days cannot be removed by running removal programs in a random fashion.

 

A great way of removing malware is to head over to the malware removal forum here on BC and start your own thread.

 

:busy:



#6 paul88ks

paul88ks
  • Topic Starter

  • Members
  • 1,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dallas,Texas
  • Local time:02:50 AM

Posted 09 October 2014 - 11:55 PM

Thanks- I was fishing in general and that never occured to me- Doh!



#7 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 7,018 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:03:50 AM

Posted 10 October 2014 - 01:24 AM

Normally, if my work is for someone else, which is always pro bono, if the standard tools of the trade doesn't fix things, if recovery disk set hasn't been created, I'll make these. And will collect an inventory of all installed software with Belarc Advisor. plus make sure that the latest drivers are already on hand. 

 

Then will copy anything that person wants over to a Flash drive, where during the next step, these will be scanned with a few tools to ensure they're clean. Sometimes it's so bad that I'll advise to nuke it all. So once the recovery disk set has been created, I'm off to the races with a re-install. If this were my computer & knew what was going on, I'd use the inbuilt Recovery partition, as I re-install every year to 18 months as a form of cleanup (it shows too, with a nice speed increase & more responsive). Better than the unsafe Registry cleaners by far, some of which may leave all unbootable. However, it's always possible that the Recovery partition can get infected. 

 

After install, I update what drivers can be done before updating, then off to that, after this is complete, with the few reboots in between, I'll finish installing any drivers, check Device Manager to ensure all devices has drivers. Then will remove any junk software installed on the computer. And will then defrag, run a combo AV+AM scan with the Emsisoft Emergency Kit (same engine as Emsisoft Anti Malware, a dual purpose AV+AM scan), and perform 1st backup (this one, I always keep & advise everyone to, it provides a clean install at anytime). Once that's done, will run Extended Disk Cleanup & reboot, install all (or most) software that was installed prior, defrag & backup again. 

 

I'll then install any subscription based security software (if present), if not, will install Avast Free Antivirus normally, and Malwarebytes Anti Malware (free version) & call the owner to pickup. 

 

Note that while this is considered a shotgun approach, there's no doubt that the OS is clean when it leaves my place, before it leaves, will also let it sit and run a Custom scan with MBAM, all options selected, as well as a boot time scan with Avast (an exclusive feature of that brand). During the boot time scan, it searches places it can't while Windows is running. Much like some paid defrag software, the boot time defrag ensures the page & system files are defragged. BTW, that's what I defrag with, and download & install a Perfect Disk Trial on their computer. While this may seem time consuming, it's really not. By the time I've spent over 12 hours running various tests & am still infected, I can have most of the way freshly installed the OS clean. 

 

Plus if I needed to post in the "Am I Infected" section, that's 3-5 days gone. And as posted above, the speed and response improvements are worth the efforts. 

 

And if the infection is severe (normally or often the case), I tell others as I practice myself. In such a case, that computer is no longer trustworthy & no way would I even check my email on it, let alone make a transaction (well, really it's been almost 3 years since I have made a transaction on a Windows OS). Linux MInt has been my "go to" OS for over 5 years. 

 

Note that since most of my work is pro-bono, there's no $100-$200 shop charge involved, yet I'm often rewarded with many things, such as fresh veggies in the season, a 3 year old monitor or possibly notebook when a new one is purchased, and other items. So it pays to give.  :)

 

Plus I enjoy helping others, regardless of whether the folks can give back in return or not, it doesn't matter to me. The ones who gives to me in return for repairs are those whom are too tight to pay for the services. There are others I assist, in particularly seniors/disabled, who cannot afford to pay, nor give anything, and I expect nothing. I do spend a little more time with these folks on education in smart computing practices, and you know what. Seldom does these call on me again. They're more likely to listen, have good attitudes & I'm happy to assist these because of it. Oftentimes their infection came at the hands of a relative or friend, not what they done. 

 

In this case, I create an account with limited rights, this helps greatly with infections, and the visitation of unauthorized sites. 18 years old & below Web restrictions covers a lot of ground. 

 

In fact, I have a reinstall of Windows 7 to do Sunday for a senior. 

 

Cat


Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 


#8 paul88ks

paul88ks
  • Topic Starter

  • Members
  • 1,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dallas,Texas
  • Local time:02:50 AM

Posted 10 October 2014 - 02:42 AM

Normally, if my work is for someone else, which is always pro bono, if the standard tools of the trade doesn't fix things, if recovery disk set hasn't been created, I'll make these. And will collect an inventory of all installed software with Belarc Advisor. plus make sure that the latest drivers are already on hand. 

 

Then will copy anything that person wants over to a Flash drive, where during the next step, these will be scanned with a few tools to ensure they're clean. Sometimes it's so bad that I'll advise to nuke it all. So once the recovery disk set has been created, I'm off to the races with a re-install. If this were my computer & knew what was going on, I'd use the inbuilt Recovery partition, as I re-install every year to 18 months as a form of cleanup (it shows too, with a nice speed increase & more responsive). Better than the unsafe Registry cleaners by far, some of which may leave all unbootable. However, it's always possible that the Recovery partition can get infected. 

 

After install, I update what drivers can be done before updating, then off to that, after this is complete, with the few reboots in between, I'll finish installing any drivers, check Device Manager to ensure all devices has drivers. Then will remove any junk software installed on the computer. And will then defrag, run a combo AV+AM scan with the Emsisoft Emergency Kit (same engine as Emsisoft Anti Malware, a dual purpose AV+AM scan), and perform 1st backup (this one, I always keep & advise everyone to, it provides a clean install at anytime). Once that's done, will run Extended Disk Cleanup & reboot, install all (or most) software that was installed prior, defrag & backup again. 

 

I'll then install any subscription based security software (if present), if not, will install Avast Free Antivirus normally, and Malwarebytes Anti Malware (free version) & call the owner to pickup. 

 

Note that while this is considered a shotgun approach, there's no doubt that the OS is clean when it leaves my place, before it leaves, will also let it sit and run a Custom scan with MBAM, all options selected, as well as a boot time scan with Avast (an exclusive feature of that brand). During the boot time scan, it searches places it can't while Windows is running. Much like some paid defrag software, the boot time defrag ensures the page & system files are defragged. BTW, that's what I defrag with, and download & install a Perfect Disk Trial on their computer. While this may seem time consuming, it's really not. By the time I've spent over 12 hours running various tests & am still infected, I can have most of the way freshly installed the OS clean. 

 

Plus if I needed to post in the "Am I Infected" section, that's 3-5 days gone. And as posted above, the speed and response improvements are worth the efforts. 

 

And if the infection is severe (normally or often the case), I tell others as I practice myself. In such a case, that computer is no longer trustworthy & no way would I even check my email on it, let alone make a transaction (well, really it's been almost 3 years since I have made a transaction on a Windows OS). Linux MInt has been my "go to" OS for over 5 years. 

 

Note that since most of my work is pro-bono, there's no $100-$200 shop charge involved, yet I'm often rewarded with many things, such as fresh veggies in the season, a 3 year old monitor or possibly notebook when a new one is purchased, and other items. So it pays to give.  :)

 

Plus I enjoy helping others, regardless of whether the folks can give back in return or not, it doesn't matter to me. The ones who gives to me in return for repairs are those whom are too tight to pay for the services. There are others I assist, in particularly seniors/disabled, who cannot afford to pay, nor give anything, and I expect nothing. I do spend a little more time with these folks on education in smart computing practices, and you know what. Seldom does these call on me again. They're more likely to listen, have good attitudes & I'm happy to assist these because of it. Oftentimes their infection came at the hands of a relative or friend, not what they done. 

 

In this case, I create an account with limited rights, this helps greatly with infections, and the visitation of unauthorized sites. 18 years old & below Web restrictions covers a lot of ground. 

 

In fact, I have a reinstall of Windows 7 to do Sunday for a senior. 

 

Cat

Cat- Thanks so much for your reply-with the exception of a few extra steps that you have laid out here,that is what I am planning on doing.The problem is that the client wants me to work on the problem at his house,and he is high-strung and very impatient.If the computer were at my house,I would probably already have it fixed.He is also a friend of mine,and he has no job,so,hence he has no money,so I told him I would fix it pro-bono.Reinstalling the OS is no big deal,but I dont want to sit around and wait for all the security updates,and then updates for the updates.Then reinstalling all the program files- I think I am going to persuade him to give me the computer for 2 days,and I will have everything back up and running.Ant,thanks for the additional advice on some of the extra steps you take to be thorough.I will use that info in the future,A lot of his problems are "User Error" like not renewing his anti-virus program when it expires-DOH! I like your attitude toward other people and helping them out,and I usually get some sort of swap as well in goods or services.I will let you know how this turns out!Paul



#9 hamluis

hamluis

    Moderator


  • Moderator
  • 56,281 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:02:50 AM

Posted 10 October 2014 - 11:46 AM

If file corruption (cited in initial post) is the issue...all the programs in the world won't have any impact on that.  The only tool Windows provides which deals somewhat with file corruption is the chkdsk /r command...and it cannot overcome every instance of file corruption or file system (NTFS) corruption.

 

If the problem is malware...the suggestion post in Am I Infected is probably the best, IMO...since more tools are available to fight malware here at BC than the average user can use properly.

 

Since your title indicates a 3d alternative...I would suggest a hard drive diagnostic before such...to ensure that you are not just wasting your time.

 

Most importantly...to assume that you know what the most basic issue is...will probably yield unsatisfactory results.

 

Louis



#10 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,714 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:12:50 AM

Posted 10 October 2014 - 12:00 PM

Chkdsk /r checks for bad sectors on the hdd and recovers any readable information.  Windows has a tool which is designed to scan all protected system files and replaces corrupted and incorrect versions with correct Microsoft versions, this is sfc /scannow (System File Check).

 

Please run System File Checker (sfc)
 
Click on the Start orb and then type cmd in the Search programs and files box.
 
In the pane above the search box Programs will appear with cmd below it, right click on cmd and choose Run as administrator.
 
If you are prompted for an administrator password or for a confirmation, enter the password, or click Allow.
 
A page similar to the one below will open.
 
elevatedcommandpromptw7_zpseba8c499.png
 
Type in sfc /scannow and then press Enter to start the scan.  Please notice the space between sfc and the /scannow.
 
If the scan finds no integrity  problems in the first portion of the scan it should stop, to be sure that the scan has stopped wait five minutes, then type in exit and press Enter to stop the scan.
 
When the scan is finished please post the log of this scan.
 
To find sfc /scannow log, type cmd in the Search programs and files box. 
 
cmd will appear above the search box under Apps., right click on it and choose Run as administrator, this will open the Elevated Command Prompt.  This will look simlare to the image above.
 
Copy and paste the following in the Search programs and files box, then press Enter.  
 
findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >%userprofile%\Desktop\sfcdetails.txt
 
This will place a new icon on the desktop titled sfcdetails.  Click on this to open the log, copy it and paste it in your topic.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#11 paul88ks

paul88ks
  • Topic Starter

  • Members
  • 1,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dallas,Texas
  • Local time:02:50 AM

Posted 13 October 2014 - 05:00 PM

Hey guys- well I decided to take another shot at cleaning the computer I mentioned, I manage to get rid of 2 viruses and 4PUPs. Now I am trying to get rid of some redirects and random advertising- I have ad block plus installed and it blocks most ads but wondered if there is anything additional I can do. Also I need a solution for the redirects.More specifically, when I go to certain websites,I get 1 to 3 additional tabs opening with some sort of advertising.Sometimes they will be :about blank and sometimes related to the first webpage. The client is using Opera Browser! Thanks!



#12 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,236 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:05:50 PM

Posted 13 October 2014 - 06:14 PM

I still advise you start a malware removal thread...

 

Mod Edit:  Topic moved to Am I Infected forum - Hamluis.


Edited by hamluis, 13 October 2014 - 06:20 PM.


#13 paul88ks

paul88ks
  • Topic Starter

  • Members
  • 1,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dallas,Texas
  • Local time:02:50 AM

Posted 13 October 2014 - 11:35 PM

Thanks for moving me to the correct forum- this site is a little difficult to navigate for a new user- please see above question----



#14 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,714 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:12:50 AM

Posted 14 October 2014 - 10:22 AM

Please post the logs of the scans you have run.  It would be helpful if you label these logs so we sure which programs the logs are from.
 
 
Please download and run Emsisoft.
 
Please copy and paste the results in your topic.


Please run the ESET OnlineScan

This scan takes quite a long time to run, so be prepared to have the time to allow this to run till it is completed.

***Please note. If you run this scan using Internet Explorer you won't need to download the Eset Smartinstaller.***

  • Click on this link to open ESET OnlineScan in a new window.
  • The ESET Online Scanner page will open, click on Yes, I agree to the trems of use, then click on Start, the scan will now begine.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

Edited by dc3, 14 October 2014 - 10:23 AM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users