Disk Wiping - a steer for a new member

Hi,

I have been through just about every permutation of spybot, HJT, adaware and a bunch of other trusted techniques, courtesy of another forum.

I have a functioning system, but not a clean one. (Looks clean one minute turn your back and there a bunch of new problems.) Something nasty is buried in there.

I have good enough back ups to make a complete disc wipe and rebuild an option, but I am a novice and do not know which forum I should direct this query too.

The closest would seem to be the Acronis forum. Looks pretty product-centred (which is OK I am happy to pay for good software) but the general feedback on experiences with these tools seems pretty negative.

If this is simply a challeneging task to get right, no matter how good the tool - OK I'll try, but I am not particularly skilled.

All I know is that I have spent a lot of time and followed a lot of valuable and appreciated advice, but I think its time for a more drastic approach.

All guidance welcome

Cammer

 

Hi Cammer,

Welcome to Wilders.

I have moved your thread from the Test Forum into the Software & Services forum where it will get better attention for the questions you've asked.

Regards,

snap

 

While I read all of your post....is the above quote where you would like assistance ? If so....would you add a few more pieces like what are some of your indications....pop-ups, your malware programs finding culprits, firewall program warnings....etc. In short....what indications are you seeing of a nasty.

Also....as snapdragin said....Welcome to Wilders

 

Looks I am now past the worst, so you should regard my post as a general "how to" rather than a "Help!!"...hence not urgent....more of a suggestion.

Over the last three weeks I have installed and used a combination of Spybot, Spysweeper, AdAware, HJT, SpywareGuard, SpywareBlaster and and a few others like IE-Spypad, and virues scanners like Housecall and Panda.

I have dozens of logs covering two or three dozen different instances of spyware. With help I think I have fixed the problem, but I am sure this assortement of tools now represents a messy bag of spanners that could create interactions and functional overlaps that I won't be able to interpret and will make your attempts to diagnose problems in the future more difficult.

Question 1....Is there a "standard core security build" that you would recommend for a reasonably literate user? (eg Spybot + Adaware + HJT + whatever) As a small business user I am prepared to pay sensible money for good software, even though I know there is excellent freeware out there.

Perhaps there should be two versions - 100% freeware (to suit students or economy concious home users) and the a sensible mix of freeware and commercial software with an annual subscription ceiling of, say, $50-$150, a range that any small business owner should see as a bare minimum.

Question 2....I came close to trying a disc wipe because fixing the problem seemed to be too elusive....for the forum moderators (not Wilder), as well as for me. Once again perhaps there is a case for you to create and recommend a "SOP" for a complete Wipe/Rebuild/Restore when the situation justifies it. Looking at some of the threads on this topic quite a few people seem to run into trouble. The tools involved to do a good job seem far less simple that I have assumed.

Feel free to close this thread if there are other parts of Wilder where exactly this type of information sits and/or if there is another forum where general exchange of ideas (Rather than specific problem solving) is conducted.

Thanks for your welcome and Happy New Year!

rgds
Cammer

 

My personal configuration is listed here. Expanding a bit and skipping embedded url's (which are in the link just quoted), my core is:

1. A strong AV/AT combo. The precise choice depends on raw power of the PC. For absolute rock solid protection, I'd go with the Kaspersky and BOClean combination right now.
2. Get the "recovery tools" downloaded and set to go now. That includes a fixer of Winsock and the specialized treatment tools (CWShredder, McAfee Stinger, HJT, jv Power Tools (or something similar)).
3. Can the PC be down/off-line at all? If not, I'd consider configuring it with two physical hard drives and set it up to be bootable from either hard drive. I use this configuration, and there have been times when I've had a problem, booted to the alternate boot partition, and been ready to go within 2 minutes. The alternate approach, which may have more merit in your circumstance - have a readily available current image (nightly?) backup of the system and keep active replicates of needed files (example - for e-mail files, keep a copy on the ISP's server instead of downloading with deletion at the ISP). In a previous mission critical circumstance, I had created a series of rotating nightly image backups on a key LAN that provided a solid week of images which were automatically generated and recycled. Storage is cheap.
4. I use Adaware and Giant Antispyware on demand. You can't get Giant again until Microsoft releases their flavor of it, but you can get CounterSpy, which is a rebranded variant of the pre-MS build. It will diverge going forward, don't know if that's for the better or worse, but pricing is good right now.
5. Firefox for the main browser and use IE only when needed for sites which employ Active-X for key functionality.
6. Total cost < $150/PC for software.

In this case I would establish a base image that is known to be clean and stable, burn that image, and have the tools set to go to immediately restore that image as needed. To verify that the image was valid, I would perform a test restore before locking that image. I would also keep it on a spare hardrive for sake of restoration speed. In a business setting, I would probably also have a spare harddrive with that image burned and set to go so that immediate recovery would be a drive swap with information recovery from the compromised drive being pursued offline where that drive is slaved on a known clean PC. Perhaps overkill for a home, actually pretty cheap for a business where time can be critical.

Blue