Trying to fix pc full of viruses and spyware.

[capman21]

Trying to fix a friends computer that is completely packed with viruses and spyware. You cant go to any web site, well you can but when you click on a link or type in a url it takes you to a completely different one. Some of the virus software I tried wont remove a lot of it either. So I dont have a lot of time to mess with it, and he doesnt know how to do it himself. I figured just do a clean install of XP. What do you think? If this is the easiest way to do it should I just stick in the winxp cd or should I go about another method such as formating HD, and than rebooting to xp cd.

[Xylob the Destroyer]

no time to dick with it?
definitely wipe and re-install the OS.
boot from the XP cd and reformat the hard drive, then re-install XP.
Shouldn't take more than 2 hours (unless the machine is ancient and slow as hell).

[aedipuss]

i usually use a floppy with dos on it to fdisk the hard drive, remove all the old partitions and then boot the os disk and completely format the drive(not quick format) to make sure all traces of the crud is gone forever. unplug the network cable and make sure to install av and firewall before installing xp and going on the net. infection can occur in minutes to an unprotected pc.

[JohnnyMalaria]

Reinstalling will be the quickest, least painful and thorough way.

Stick the install disk in and run the setup. You will have an option to reformat the existing drive (actually delete the existing partition and create a new one then format).

Then make sure your friend installs some protection!

[ntscuser]

My experience of such friends is that they'll begin downloading spyware, adware and browser hijackers all over again just as soon as the reformat is complete

[Soopafresh]

My experience of such friends is that they'll begin downloading spyware, adware and browser hijackers all over again just as soon as the reformat is complete

?

Edit - Oh, now I understand what you're saying. You're quite right. Make them use FireFox ! Hide the Internet explorer Icon!

[ntscuser]

If somebody is of the type who is in the habit of downloading crap without regard to the effect it will have on their machine, they will continue doing it regardless of how many times the PC has to be reformatted. I know of at least one such person.

[capman21]

I tell you I dont think I have ever seen a pc as messed up as this one. I mean there are so many viruses and spyware on this thing that he should be shot for letting it happen. BTW, his email keeps like resending to himself. Like if someone replys to a message he has sent there are at least 10-20 copies of that reply in his inbox. I am pretty sure thats a virus also.

[jollyjohn]

My experience of such friends is that they'll begin downloading spyware, adware and browser hijackers all over again just as soon as the reformat is complete

Well. They deserve to get infected.

[Bjs]

I'd clean it out myself ... but in your case .

Go to hard drive manufacturers website and download the bootable iso which includes the hd prep tool ... wipe out and prepared for os install .

Reinstall os , update drivers , reregister with ms .

Take drive to your system and use an image system tool to make a backup image ... drive image is very good .

---

Last one I cleaned out : 320 virus's + 600 trojans ... took nearly an hour before one could start using it , and when connected to nett ... game over ... trojan war in full swing .

Lost only one personal doc file due to corruption , and its been normal since bugs removed .

Most would have given up ... But when its dell system that dosent include a backup disc set , unless you know you can purchase them when buying the pc ... your pretty well stuffed doing it on your own , unless you know someone with experience and the correct tools to remove them .

I have yet to cross paths with an infected pc that can not be recovered with time and effort .

[anosis]

After the re-install it comes down to prevention.

1. If the "friend" is using cable or DSL make sure his router is setup correctly. Open only ports that are absolutely necessary.
2. Install a good anti-virus - Some of my favorites are ESET NOD32 and BitDefender. Stay away from bloaded AV like Norton - they install many other apps that slow down your PC for little return
3. Spyware protection. SpywareBlaster is freeware and is updated frequently.
4. PeerGuardian2 - somewhat protects you from P2P file sharing from sites that might report you for copy protected software/media
4. Common sense - well this might be the biggest protection. Stay away from sites with pop-ups - P0rn, warez. Don't download just about anything just because it sounds good. Do not allow to install activeX components that you do not know. Stay away form sites that say you have a virus and they are your last "resource" to clean it for you - they are actually the virus.

[TBoneit]

Yup I've seen PCS that took well over a 1/2 hour to start too. Then click the start button and wait, wait, wait til that pops up, then choose programs and wait, wait, wait til that pops up and well you get the picture.

Just start over, Intsall some decent AV/AS software.

The trial version of AVG Internet security has Antivirus, Antispyware, Firewall, Spam filter and so on, good for a month as I remember it.

[isogonic]

if you want to do your friend a favor tell him/her how one gets malware in the first place. piles of anti this and anti that software wont help. unless one knows the how, they will be doomed to repeat it.

[TBoneit]

True, I had to clean a computer for a customer. His GF was trying to open an attachment in email. Norton kept stopping her. So, you guessed it, She turned off Norton, 30 minutes later dead computer. I had an IT type that bought parts and systems from us. He was telling me how he spent hours cleaning off a workers computer. Told her more than once, Don't open attachments, He's walking away, click, she opened an attachment again, got infected again.

What can you do. Some people are doomed to repeat.

Other customers, their kids computers get so crapped up, do the kids learn. Nope they go do it to mom and pops computer too.

Some people the only way to keep the computer malware free is cut the cord and they never visit the internet again. Other option make it a hard drive free computer and use something like the ultimate boot Cd with a flash drive for temp storage. Then they can't get infected enough to do any damage.

[ofbarea]

My experience of such friends is that they'll begin downloading spyware, adware and browser hijackers all over again just as soon as the reformat is complete

First install Firefox, Latest version of Java (www.java.com) and latest version of flash player from adobe site.

Configure Firefox as default internet browser.

Then download and install SpywareBlaster and Spyware Search & Destroy. Download all updates and Immunize the system with both applications.

Finally install AVG Free Anti-Virus. Download all updates and scan the system.

Finally (as Soopafresh mentioned) hide IE icon.

[redwudz]

Having a system restore program like True Image, Ghost or one of the freeware ones would be a good investment. I finally did that with my brother who had a habit of downloading anything and everything. He told me his email had quit. I didn't think you could accumulate a gigabyte of spam mail on a server, but that's why it quit working.

When he trashed the system, I just came over and restored it back to new. Worked great.

He has Vista on a laptop now. And he hasn't called me about problems for a month. I won't tell him how to bypass anything on it.

[rotten apple]

I have yet to cross paths with an infected pc that can not be recovered with time and effort .

But as mentioned by the more informed in the current PC environment WHY on earth would you bother considering the fast, reliable and easy to use imaging or countless other forms of COMPLETE + convenient backup softwares methods like automatic registry (settings) + file based "PC movers" software around today ( as typified by Acronis's True Image over recent years - though contradicted by the usual bloated, nightmarish and useless software (and support) from Symantec ( or Norton, the once good name of from the previously respected software producer they took over and b*stardized at the start of this centuary just as they did to the software Drive Image using ....).... Ghost containing only a former shadow of one of its merged (now deceased) Parent Drive Image from many years ago. If you REALLY valued your data in comparison the time and effort you suggest needed for complete PC disinfection you would have had the time to find out about basic backup and have installed it etc ( and if you REALLY value your data like me you always have a secondry backup so as not to be reliant on the main one) if carelessness and/or ignorance was the reason for the virus infection then reinstalation would be less time and effort because such characteristics would never understand or appreciate value of the Data in the first place (just like such characteristics would inevitably lead to a loss of material wealth (if not emotional wealth and physical health too).

However apart from such people all the suggestions here of merely (eg. no mention of a PC mover software to do all the hard work after the fresh OS install) COMPLETE reformat and fresh Reinstalation is in the Dark Ages imo - as if reinstallation of ALL sofwares (not just the OS) was not time + effort consuming enough the first time around LET ALONE before any growth/expansion over time took place, making all the at least workable settings and tweaks, fixing compatibility issues between the different softwares in the endless possible combinations not only between themselves but the hardwear itself. Like redwudz clearly describes just complete format the drive of any potential nasties and snap back to the last image, you don't need to image the whole disk, just quickly image and restore the the active dynamic OS drive with programmes - regular multimedia/storage files that the OS and programmes 'work on' rather than being part of the proccesses making the system function can be backed up and restored as quickly from conventional back up (including compression) storage (making any back up at WHATEVER personal rate/time, automatic/manual you find suits you for back ups "AKA your personal milage may vary" ) At least go back to an image were the malware/viruses can be easilly taken care of especially with the knowledge already gained from experiencing the infection originally - but if you misjudge you have "infinite chances" to re try from the reinstall of the same FRESH IMAGE rather than the archaic complete rewind of the clock and the unrecoverable loss of sum total,possibley over years, of fitting the OS to your personal needs, like a glove to a hand.


Lastly re FIREFOX you do realize its protection from Malware is the same Urban myth (of the many spun and proped up by the manipulation and deceit producing factory named Apple - it also makes a by product only eosterically known to a tiny fraction of the population (coincidently also the fraction which is fully institutionalised) that slanderously proposes to be a sane human's alternative to the PC ) ie the more you promote your believed greater protection from the net, the more breached it becomes due to its considered rise in value/ worth to hackers due to increased popularity, if you care to look through the holes you pretend you can't see in firefox the data shows you the relative bounds in the rates of patching the software corresponds to its increased customer share.

Just like the allegedly, asumed halucinogenic side effects from sectioned inpatient treament/illness secondry symptoms (but never witnessed in practice - saw on "off day" each time apparently ) crash and hassle free use of a Mac, i've found personal experience mirrored too for Firefox all over the net - Firefox has all the ease of design, user friendlyness and efficiency for it victims as Vista ie all the respect for self-determination,freedom of expression and intellectual potential as it would if the user were a labotomized cadaver. Frankly for the extra time,effort and irritation it takes with firefox for a comparible same session on IE6 (NB 7 = Vista "blow out brains" experience - + yes i've had enough tweaks already for XP fine tuning without doing Crapista (DRM etc) bloat too) i'd gladly take the increased risk using best AV/anti-malware combined with snap restore Backups - as if anything that valuble would be on the same partition as an external connection let alone not backed up carefully, anyway.

[sanlyn]

As a retired programmer who's spent the last 10 years making an extra living cleaning malware-infected PC's, I see a lot of myth and dream-weaving in this post. The PC originally described should be considered a lost install -- whoever came up with the notion that reformatting a drive and having the same infections return at the next bootup is a little out of touch with reality. The former data on a completely reformatted and reinstalled hard drive is gone. Period. The registry entries, boot sector, system restore points, etc., that gave life to the old trojans and worms are gone. Period. If, indeed, you've done a reformat and install, and had the same bad guys return shortly thereafter, you either did something wrong, skipped a step somewhere, or foolishly installed the same "free" screensaver toys that infected your machine in the first place.

Myth: Norton anti-v is garbage. Not true. There is no single program that cleans 100%, no matter who sells it.
Myth: "Blaster" is a good antispy program. Wrong again.
Myth: Firefox can't be hijacked. Sooo not true. Go on the 'net with Firefox and download a rootkit installer like DriveCleaner or WinAntiVirusPro, and you'll lose all control of your OS to a dozen or more VX2 trojans.

If you don't know how to detect and remove rootkit hijackers, and don't have 24 to 36 hours to do it, and you still think there is ANY BestBuy or CircuitCity "antivirus" program on the market today that can do it for you, and if you think a trojan or BHO is a "virus", then you are better off learning how to reformat and reinstall. If you don't know how to use Microsoft's tools to repair a broken Winsock layer, you can run anti-crap software all day long and kill a hundred "viruses", but your operating system still won't connect to the Internet.

I haven't seen a genuine "virus" on a PC in about 5 or 6 years. What most people call a virus today isn't a virus at all, but is a new breed of system hijacker that resides in the damndest hiding places you can imagine. Some of the bootup infections even keep a copy of their startup code as encrypted registry entries, and keep copies of their runtime executables in your system restore files. If you don't know that you should turn off System Restore and destroy all previous restore points before trying to clean up a machine, you're wasting your time (BTW, Norton and AVG are among the few cleanup programs that also inspect your system restore files). If you think one program or one fixer is going to do all the work for you, then you're a prime candidate for a format/reinstall, even if you've already spent $500 on anti-crap software.

Last year I ran some diagnostic programs that found 4,330 infected files and registry entries on a single PC. What kind of protection was installed on it? McAfee Internet Security Suite with Privacy Protection, and AOL's spyware scanner (redundant. AOL and McAfee are the same software). Also, a properly maintained copy of SpySweeper (it found the Zlob trojan, but didn't even come close to killing it). Even if I charged an hourly rate far below minimum wage, I'd have to ask $750.00 to clean that system. No way. I've learned to successfuilly clean dozens of PC's without a reinstall. . . but 4000+ bad guys on one PC ??? Nope. Back up whatever you can to another device, portable drive, etc., and have a coffee or some chablis while you run a total reinstall.

[budz]

My experience of such friends is that they'll begin downloading spyware, adware and browser hijackers all over again just as soon as the reformat is complete.

I got tired of fixing relatives/friends computers because of the shit loads of viruses and spyware. I remember fixing 2 computers that failed to boot up because it was so infected w/viruses and spyware. 6 months later I had to fix those same 2 computers for the same reasons. So I began to tell them I will now charge $60.00 to wipe the hard drives and to reinstall OS.

There's no excuses for not scanning files they download and to scan for spyware when their computers have all the free antivirus and spyware programs that I've installed. I tell people the computer can only do so much & it's the humans that have to take the time to do the scanning for viruses and spyware. Geez, most antivirus programs can scan automatically when you want it to. There's really no excuse! Relatives and friends think no problem we know someone who can fix the pc when it's broken. Hahahaha! Since I decided to charge people my relatives/friends tell me it's okay we'll run the computer until it doesn't boot up then we'll call you.

To the OP just wipe the hard drive completely which can be done when using the xp disc. Just delete any partitions that are there and create new one/ones. Then reinstall the OS.

[hech54]

I tend to side with sanlyn for the most part. I see WAY too many knee-jerk "reformat" people pop up (no pun intended) in threads like this.
BUT....I'll never go back to Norton again....Avast, Spywareblaster, Adaware, Spybot and most importantly FIREFOX have kept me problem free for a long long time....those and of course common sense/knowledge gained from experience.
Installing Firefox to enable yourself to go and get help is key if this is the only computer available to use and the cleanup must be done "on site".
HiJackThis is also a very important but dangerous (to rookies) tool.

[ofbarea]

... ie the more you promote your believed greater protection from the net - talking about Firefox - , the more breached it becomes due to its considered rise in value/ worth to hackers due to increased popularity, if you care to look through the holes you pretend you can't see in firefox the data shows you the relative bounds in the rates of patching the software corresponds to its increased customer share.

True, but still Firefox remains a more secure way surf the net. This may change, but we are not there yet.

[Bjs]

Smart people use imaging software in case of such problems .
Clever ducks use smart technology such as mirrored drives or arrays .

But the average unsuspecting user who dosent understand , relies on being overcharged by so called technicians , when problems strike .

The average user is not informed of such problems existing , or informed of how simple the backup process is , even with freeware tools ... so when trouble strikes , I do all I can to recover the system for very little return apart from a thankyou .

In many cases , there is no backup image , no os cd to rely on ... and pcs sold with recovery partitions ... well , by the time they come to me , the drive is almost on its last legs , and recovery is made even more difficult .

I get pc's which have been to several technicians already , and the owner is sick of being ripped off every time .

One visit here , and its sorted for good ... and I give them a recovery backup disk just in case with written instructions on how to use it ... and to phone just in case .

Next time I see them is they want to upgrade something .

Ive even bought pcs for people , with my own money ... just check them , deliver , setup , and away they go after a lesson on safe internet usage ... I even phone them to find out how there going , cause it be months , and have not heard from them in some time .

I might even call around and run a few tests just to check to make sure .

Not many like myself around these day's .

Oh ... and I don't need money ... Mr tax man nabbed $200,000.00 last year from me .