Results 1 to 5 of 5

Thread: Windows AntiVirus Help

  1. #1
    AO Part Timer
    Join Date
    Feb 2003
    Posts
    331

    Windows AntiVirus Help

    Warning this tutorial will not be able to tell you if your infected. Alot of symptoms your pc has may seem like OOHHH, It's a virus. This is a very common misconception. If you are absolutley sure, then this tutorial maybe of some help.

    First things first. This is a group effort. This tutorial was brought to you by ZomBieMann77 and I of course, dopeydadwarf.

    Just a few days ago, there was this individual whom posted on the front board. He told us that he had screwed up his puter with some illegal warez. Movies if I remember correctly. My opinions about his download belong in another article. I initially responded to this newbie in a negative manner. Then I began to contemplate my settled convictions. Only then did I realize, I am supposed to be here to help people. What people do in there own time is there business. When they come to the boards asking for help. Why shouldn't we help them. I mean I see it like this. I disagree with half of what alot of people do. That however shouldn't influence the way I react to people right?

    ZomBieMann77 wrote to me shortly after I posted some help advice to this newbie. We agreed that perhaps the site needed an Antivirus tutorial. It seems as if alot of people expect those around them to know so much, yet they never tell them anything.

    Intro to prevention. Yes this will be very redundant

    This information is just an intro. Since it is an intro it will only discuss the windows operating system. But some of it will also be applicable to other OSes. In order to slow and or halt infection you should without a doubt run an antivirus program. It should be updated weekly, depending on your connection speed and risk perhaps everyday wouldn't hurt. The first thing any Pc owner should do is create a startup disk. Be sure that this disk or disks will support your cd drive. Often they do, but be sure of it. How is that you ask. We'll what good is a tool that may save your ass, if you don't know how to use it? After you make these disks reboot off of them and see how they work. Oh, one more thing WRITE PROTECT THESE DISKS. You can make rescue disks for your antivirus following similar steps. This just depends on your antivirus. I prefer Norton above all. But please use what every makes you happy. Now alot of people over look this next very simple step. If you make your rescue disks in say early 2003, yet you need to use it in 2004. You will have a problem. Especially considering your infection, due to your precautions, is probably a very new strain. Miss the point? Okay, Those resuce disks are viral strings form several months ago. They won't help, because they are outdated. I create new rescue disks monthly.

    If it is financially feasible then by all means use more than one virus scanner and keep them both up to date and scan with BOTH of them. Not all AV programs are created equal. One program might have an update for a new virus that another does not. This can not be said enough. If you are going to use an AV program KEEP IT UPDATED. An out of date virus scanner is only useful if you catch an older virus. Also bear in mind that new virus’s are created everyday so the Av program of choice still doesn’t mae you one hundred percent safe. Just like a condom its smart to use one but you still might get infected.

    Backups.

    I don't care if you back your stuff on floppy disks,cdr's, tape drives, or if you prefer copying the whole drive using hot swappables. Back up anything that you want to keep. I promise it will save you a headache in the future.

    Now attachments and downloads.

    I'll be breif. Do not download something in your mailbox that you are unsure of. If you decide to anyway. At least scan it when it's on your HD. Do not download canned kiddie tools. Espically don't run them or install them onto your pc. Cannied tools for clarification purposes automate "attacks". Some legitimate tools find holes then offer good advice on repairs.

    Some simple steps to recovery.

    Depending on your startup disks, and Bios boot process. You may have to make a few alterations.
    Your bios holds your boot process. If you are infected with a virus chances are it is in the boot sector. This means to increase your recovery success, you should disable the HD from your boot process. In some cases even your CD. Once you are at the a: with your boot disk you may have to set a path to c: if so type
    a:\>path=c:
    then
    a:\>fdisk /mbr c:
    then reboot off the startup disk again and use your rescue disks. This is usually a process of three or four disks. It will scan the HD for viruses, trojans, and anything else it has comparision strings for.

    At this point it may find something that is not fixable. If this occurs don't trip out yet.
    Tell it quarantine the infected files. If they are needed for windows to operate, then you will have to get your Windows System disk. This next step won't help you if you have a system like a dell, compaq, or a gateway. These systems operate off of a "restore process". You are actually gonna need a full version of your OS. You can actually reinstall Windows without formatting. It basically reinstalls all the windows files, drivers, and resets the registry and any custom tweaks you may have up to now. But in many cases it will fix your problem and is proven to be worth it. Then you would proceed to reset your bios and head to the desktop and update your AV. Then go ahead and run a full system scan for good measure. Delete the stuff it quarantened earlier. Now you should look pretty good. Now that You've rid yourself of the virus. Stop and think about how you got it. If you got it from someplace like kaaza, or from a canned kiddie tool, perhaps you didn't deserve this help tut. That isn't my call however, so I wrote it anyways.

    The extreme virus removal steps

    I have come across some in the past that hide in say the RAM, and even the RAM on the video card. I even came across one that managed to hide in the time and date stamp that the cmos battery kept alive. So perhaps trying remove the cmos battery and or any applicable jumpers. Be sure you know exactly what you are doing before trying this. It requires you to turn the pc on without the battery in if you have to move jumpers around. We don't wanna put it in the wrong place and smoke your motherboard. So please use extreme caution when attempting the previous steps. Now If you manage to boot past a virus like NYB cause it was hiding in your RAM, you can try a few of the previous steps. If you are able to reinstall windows from the system disk, then by all means do so. If not then it is time for a full format. Don't forget to fdisk /mbr, just for good measure of course. After that reinstall your OS, don't pass and do not collect two hundred dollars. Now you get to start over. Lots of fun huh?

    If you get stuck at any point, ask about a specific step. Be sure to give us as much information as possible. Of course you could always just pay a professional. Interestingly enough half the "professionals" don't know the difference bettween fat32 and NTFS.


    Some links to various antivirus software developers.

    http://www.symantec.com/ the ever popular Norton’s antivirus.

    http://www.trendmicro.com/en/home/us/enterprise.htm PC-Cillin


    http://www.mcafee.com/default.asp another popular antivirus program


    http://www.grisoft.com/html/us_index...8f41c59a57eb42 my favorite cause its FREE for home use and no update subscription required.



    Be safe and stay free.
    Your heart was talking, not your mind.
    -Tiger Shark

  2. #2
    Doc d00dz Attackin's Avatar
    Join Date
    Mar 2003
    Location
    Florida
    Posts
    661
    Thanx dopeydadwarf for the refresher, a nice basic tut that can make a big difference. keep up the good work.

    Cya
    First you listen, then you do, finally you teach.
    Duck Hunting Chat
    VirtualConvenience
    RROD

  3. #3
    Dead Man Walking
    Join Date
    Jan 2003
    Posts
    810
    Stay tuned ladies and gentleman there is more to come.This is just the first of what looks like to be at least a few more colaboratioins between dopey and i. Personaly i think that if this tutorial helps even just one person recover and maybe learn from their screw up then its worth it

  4. #4
    AO Veteran NeuTron's Avatar
    Join Date
    Apr 2003
    Posts
    550
    Originally posted here by ZomBieMann77
    Stay tuned ladies and gentleman there is more to come.This is just the first of what looks like to be at least a few more colaboratioins between dopey and i. Personaly i think that if this tutorial helps even just one person recover and maybe learn from their screw up then its worth it
    good post.......you sure cleared up this topic.

  5. #5
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    What can I say.. good work guy's ..

    Thanks

    Cheers
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •