|
Or you could just use SafeMSI.
|
| # ¿ Mar 2, 2011 17:51 |
|
|
|
| # ¿ May 22, 2013 12:41 |
|
|
Cuntpunch posted:These days I should hope anyone tech saavy would use something like KeePass for anything they don't need mobile access to. Being able to quickly generate long, hard to remember passwords that are easily accessible when you need them seems better than simply using letter-swap rules. Hell, since most of this poo poo is online I just make sure I have my PortableApps thumbdrive with me at all times. I don't know my SA password, but I'm logged in on PortableFireFox for anywhere surfing.
|
| # ¿ Apr 5, 2011 16:59 |
|
|
Bob Morales posted:Ended up running 'rkill', then installing MBAM, then after it was cleaned up, installed MSSE and removed AVG. It's the girls second to last day here, I told her don't touch any more computers. Rkill combined with Combofix has yet to fail at getting rid of one of those infections for me. It doesn't always remove other stuff (crapware and some rootkits, notably) but it's great for getting a computer to a scannable state. Plus, if you have hands on anyway you should really be running a TDSSKiller and Malwarebytes scan at least. I usually go Rkill, Combofix, TDSSKiller, SuperAntiSpyware Portable, Malwarebytes, replace HOSTS file, reboot. The biggest problem is making sure everything is updated, but I run Ketarin to keep everything updated.
|
| # ¿ May 3, 2011 17:58 |
|
|
RichieWolk posted:I keep a folder on my desktop with all my programs for my USB drive in it, and whenever I go out to work, I just wipe a stick and copy the contents over. I'll probably start using that ketarin program to keep the big ones updated. For me, it's basically this + -Virus scan removers for everything I can find. McAfee, Norton, AVG, Avast!, MSE, BitDefender, NOD32, etc. All of them. -.Net Removal Tool and .Net installers (3.5 and 4.0) -Updated definitions for Malwarebytes and a few others -MSE 32 and 64 bit installers -hosts file from here -the entire Sysinternals suite - though I keep Autoruns and PE in the root -The full suite of Nirsoft utilities -Dial-A-Fix Along with the previously mentioned but not linked Ketarin for keeping them up to date. Takes me two minutes a day to update, max. It's hugely overkill, but I've suprised a few clients by having exactly what they needed. I also carry around a bootable pendrive made with SARDU - I don't think it's that great of a program but I put zero effort into it. I can boot Parted Magic, AVG and Kaspersky rescue disks, and if I put some effort into fixing my coworker's screwups on the image I could boot XP recovery console, two versions of UBCD, and several other useful programs.
|
| # ¿ May 6, 2011 19:55 |
|
|
coinstarpatrick posted:Add the portable version of Superantispyware. It comes in handy and is kept up to date. The scan is a lot quicker than a MWB scan, MWB can be extremely slow if you are on site (especially on a highly infected sloth box). You're saying Malwarebytes is slow and recomending Superantispyware  SAS is the second loving slowest AV I've used behind ClamAV. I use SAS because it gets drat near everything, but I use Malwarebytes when I'm with customers because it's so much faster. Maybe the install version runs faster, but god drat does the portable version drag.
|
| # ¿ May 10, 2011 18:09 |
|
|
Gothmog1065 posted:Are there any special variables/settings I should be putting on in Ketarin? Can someone email me an example file so I can make sure I'm doing this correctly? This is from my Ketarin install from Dropbox, so it doesn't have all that much, but here's my jobs.db. It should get you just about everything. I don't much care for using FileHippo, so I download most everything from Majorgeeks. I just ripped a downloader script from the forums, get it here: Majorgeeks.xml
|
| # ¿ May 11, 2011 19:14 |
|
|
I think the biggest lesson to take from MBAM vs. SAS is to run SAS in safe mode, do more cleaning, then run MBAM in normal mode to double-check you're clean just before the computer heads out the door. I've caught a few computers with nasty reinstalls, like one that I swear was timed to wait out four or five reboots before resintalling. Hell, that's how I'd make a virus. It would also overclock your CRT and make it explode.
|
| # ¿ May 17, 2011 21:48 |
|
|
Pope Guilty posted:Well, other than being able to run MBAM at all since most competent malware authors refuse to let you run programs other than the malware in regular mode. This is why rkill has a version that reports as iexplore.exe.
|
| # ¿ May 18, 2011 23:27 |
|
|
Warp Zone posted:I read six pages of this thread and it was mostly foreign, but I was able to understand enough to be scared shitless. Honestly, here's whate you need to do:
Everything else is just window dressing. I have two computers that have run for the past four years using Avast/Firefox and have never gotten a virus. If you can, though, consider using a seperate hard drive for your windows install and keeping everything else on a different drive. I have a little 40GB boot drive that I install all my utility programs to (firefox, avast, Word, etc) and that way if something goes wrong I just reinstall Windows. Including the Windows install it takes about two hours and I'm back exactly where I was. Use a second hard drive if you can, that way you can completely blow away the drive with DBAN if you need to. That boot-sector virus can't do much when it turns into a bunch of 0's 
|
| # ¿ May 27, 2011 21:12 |
|
|
TwoKnives posted:What about Norton? Are their latest offerings as terrible as their older suites? Not nearly. They're still poo poo, though.
|
| # ¿ Jun 16, 2011 21:49 |
|
|
So you're saying Adobe "Flashed" your BIOS?
|
| # ¿ Sep 16, 2011 16:02 |
|
|
RickVoid posted:Yeah. I don't have that. That would mean Combofix didn't complete fully. RickVoid posted:Now's probably a good time to mention that I let it sit for three hours after it stopped doing anything during the deletion phase, checked task manager, saw that it wasn't showing any activity, and killed the window, right? Yep, that's combofix. It's the only program I've ever used that will take overnight to compile a loving plaintext report. RickVoid posted:And now the reaming will begin. The computer still boots and runs programs, I'm pretty sure I didn't hurt it. Try grabbing Rkill (I use the one packed at iexplore.exe, personally) and run that, then the latest version of Combofix overnight. If it still hasn't generated a log file overnight, then you're no worse off. It it doesn't fix your problem, it's time to start checking pre-windows poo poo.
|
| # ¿ Nov 21, 2011 18:13 |
|
|
At my shop we've been using Symantec Endpoint for our clients, who are generally small businesses who can't afford their own IT. Problem is, SEP is utter poo poo and has started conflicting with Backup Exec, of all things. Long story short, we need (I want) a new AV with a good management console and not too many costs. How's Forefront? I can get a free license through my .edu email account for testing, but I wanted to know what other people thought of it.
|
| # ¿ Nov 21, 2011 23:03 |
|
|
Thanks for the responses about antivirus solutions, all. We tried the ESET solution and the guy doing the demo hated how clunky it was to use. I guess I'll try a trial of McAfee and Forefront and we'll see how that goes.
|
| # ¿ Nov 23, 2011 00:16 |
|
|
sfwarlock posted:Also: Burn a copy of Hiren's, boot to GParted, look for an extra partition that looks out of place. gently caress Hiren's. There's nothing Hiren's does partition-wise does that Parted Magic doesn't do better and nothing Hiren's does virus-wise that UBCD doesn't do better. Both UBCD and Parted Magic have the advantage of being free of legal snares. Hell, you could spend some time and make a Windows 7 LiveCD to run your programs off if you feel adventurous.
|
| # ¿ Jan 25, 2012 00:27 |
|
|
Maniaman posted:So I think I've seen at least 3 computers in the last month or so that has had a fake antivirus that has just up and deleted itself. Had a computer I fired up esterday that was very much infected with a fake antivirus, shut it down and let it run a harddrive test overnight, turned it on today and the virus is gone. I can see the pitch now. "It's not a fake antivirus, we make a real antivirus and use it to detect all the viruses on a user's system! Just go through and delete everything that might, you know, drop a program on a user's. . . wait. . . "
|
| # ¿ Jan 25, 2012 18:58 |
|
|
|
| # ¿ May 22, 2013 12:41 |
|
|
Hex Darkstar posted:powerful-flame-cyberweapon-tied-to-powerfully-angry-birds I was really suprised when this went to Fox News instead of The Onion.
|
| # ¿ Jun 5, 2012 20:51 |
|
