commentator8
New Member
- Reaction score
- 0
Hi all.
Seems strange to be posting here, not having visited for a while, but it can be fun to talk to people who actually have a clue as to what you are talking about (as opposed to almost all customers)! I understand that this will be a very loosely connected post - so be it.
First off: AV scanners. I have browsed a few of the recent posts on what each persons personal preference was with regard to infected computers and procedure. Personally i will run rkill or taskkill, try and manually remove most visible parts of a virus (autoruns, task manager), then run a portable SAS and MBAM (had a computer at a house without internet recently and wasn't worth taking it back with me) in normal or safemode, and depending on the problem hijack this and tdsskiller. I will finally install MSE and run a scan.
Now - with regard to anti virus scans, most all ones i have tried are painfully slow. I have a copy of the AVG, GDATA, Kaspersky boot discs, UBCS, UBCD4WIN, falcon4/hirens, and other fun discs. All very slow. MSE isn't bad, but i had a fresh install the other day that somehow scanned almost 500,000 files. I believe most of it resided in the winsxs folder too. I heard mention in passing in a post that panda cloud is very fast. Is this true, and regardless, what AV is?!
And i still prefer in system scanning than taking out the hard drive and slaving it.
Next. With regard to rouge antivirus's: I have had 3 systems come in with dake antivirus's, all of which prevented opening anything (called it a virus and killed it), so task manager was out, msconfig... I inevitably ended up in safe mode (occasionally with the virus still running), and trying to disable it. Then i could start on eradicating it. One interesting point i saw was simply renaming the folder (generally in appdata or user/). This will stop it running the next reboot? Simple yet nice way to start. Any confirmation would be nice. (till the next system anyway).
Another point that may help people is something that i recently encountered on vista and 7 that took a while to figure out, but really helped. I had one computer (win 7) that installed some updates as a routine task and was shut down after seemingly stalling (finished updates in shutdown and hit black screen) and staying as a black screen for 3 min. Wouldn't boot (bsod 0x000000f4) nor would the windows disc help.
And if you have ever faced a problematic vista/7 with no restore points and a "startup repair" that ends with an error, microsoft have in their enormous wisdom decided to remove the repair windows from disc option. So if you get in a situation like this you are in trouble. I ended up being able to resuscitate it (exactly as it was, no loss) by running sfc. Which of course is sort of har without windows. You boot from the startup repair, choose cmd, and DONT run sfc /scannow. Rather you run sfc /scannow /offbootdir=c:\ /offwindir=c:\windows. For reasons you can google if you want (re running sfc from a image). Obviously this isn't a fix all, but a useful addition to the toolbox.
The other related issue was on vista. After beginning to install sp1, running through the full half hour then needing to reboot, it rebooted to a sp1 error "catastrophic error" and then to the startup repair screen. That went nowhere. The solution finally, after trying to fix it by restoring the registry, checking boot.ini, blah blah blah, was to delete everything in "Downloaded Program Files" and another similar sounding folder. The files for sp1 were preventing it from restarting and some error was preventing sp1 from continuing. Love the logic.
So hope that helps someone some day, as in xp the only luck i have ever had after beginning a system repair and having it fail midway has been to format/reinstall xp (except for one time with a dud PSU). It normally gets stuck in a loop. Albeit i haven't had that problem in a while.
Seems strange to be posting here, not having visited for a while, but it can be fun to talk to people who actually have a clue as to what you are talking about (as opposed to almost all customers)! I understand that this will be a very loosely connected post - so be it.
First off: AV scanners. I have browsed a few of the recent posts on what each persons personal preference was with regard to infected computers and procedure. Personally i will run rkill or taskkill, try and manually remove most visible parts of a virus (autoruns, task manager), then run a portable SAS and MBAM (had a computer at a house without internet recently and wasn't worth taking it back with me) in normal or safemode, and depending on the problem hijack this and tdsskiller. I will finally install MSE and run a scan.
Now - with regard to anti virus scans, most all ones i have tried are painfully slow. I have a copy of the AVG, GDATA, Kaspersky boot discs, UBCS, UBCD4WIN, falcon4/hirens, and other fun discs. All very slow. MSE isn't bad, but i had a fresh install the other day that somehow scanned almost 500,000 files. I believe most of it resided in the winsxs folder too. I heard mention in passing in a post that panda cloud is very fast. Is this true, and regardless, what AV is?!
And i still prefer in system scanning than taking out the hard drive and slaving it.
Next. With regard to rouge antivirus's: I have had 3 systems come in with dake antivirus's, all of which prevented opening anything (called it a virus and killed it), so task manager was out, msconfig... I inevitably ended up in safe mode (occasionally with the virus still running), and trying to disable it. Then i could start on eradicating it. One interesting point i saw was simply renaming the folder (generally in appdata or user/). This will stop it running the next reboot? Simple yet nice way to start. Any confirmation would be nice. (till the next system anyway).
Another point that may help people is something that i recently encountered on vista and 7 that took a while to figure out, but really helped. I had one computer (win 7) that installed some updates as a routine task and was shut down after seemingly stalling (finished updates in shutdown and hit black screen) and staying as a black screen for 3 min. Wouldn't boot (bsod 0x000000f4) nor would the windows disc help.
And if you have ever faced a problematic vista/7 with no restore points and a "startup repair" that ends with an error, microsoft have in their enormous wisdom decided to remove the repair windows from disc option. So if you get in a situation like this you are in trouble. I ended up being able to resuscitate it (exactly as it was, no loss) by running sfc. Which of course is sort of har without windows. You boot from the startup repair, choose cmd, and DONT run sfc /scannow. Rather you run sfc /scannow /offbootdir=c:\ /offwindir=c:\windows. For reasons you can google if you want (re running sfc from a image). Obviously this isn't a fix all, but a useful addition to the toolbox.
The other related issue was on vista. After beginning to install sp1, running through the full half hour then needing to reboot, it rebooted to a sp1 error "catastrophic error" and then to the startup repair screen. That went nowhere. The solution finally, after trying to fix it by restoring the registry, checking boot.ini, blah blah blah, was to delete everything in "Downloaded Program Files" and another similar sounding folder. The files for sp1 were preventing it from restarting and some error was preventing sp1 from continuing. Love the logic.
So hope that helps someone some day, as in xp the only luck i have ever had after beginning a system repair and having it fail midway has been to format/reinstall xp (except for one time with a dud PSU). It normally gets stuck in a loop. Albeit i haven't had that problem in a while.
