IT guy toolkit

InspectorFowler,
Reboot, open in safe mode with network. Connect to the internet, install malwarebytes antimalware, as well as super antispyware.(you might have to download the install file to a thumb drive if the virus won't let you connect to the internet). Run full scans with both as well as AVG or Avast or other antivirus. When scans done, and you have removed all threats, reboot the laptop and run the scans again. The other thing is with this annoying virus that it could have come from a trusted site you have been to numerous times before.

I got something similair on my work laptop a month or two ago and that is what my IT team had me do.

I'll echo what Rainsmercy said.

Also be aware that, depending on the virus or malware, it may block the malware bytes program install (has happened more than once on my watch). If so, I believe renaming the executable to something obscure helps get past the problem.

trueheart78 wrote:

I'll echo what Rainsmercy said.

Also be aware that, depending on the virus or malware, it may block the malware bytes program install (has happened more than once on my watch). If so, I believe renaming the executable to something obscure helps get past the problem.

In some cases the 'infection' is tied to a local account, so if you can log in as a different user you can gain enough control to install the cleaning tools. Just cleaned one off a work computer a few minutes ago.

I'll Nth Malwarebytes and all the advice above. Just cleaned up three computers at church.

The anti-virus program only helps if you actually schedule a scan and let it run, folks.

AVG worked for me* in a dire "Exactly how WTFpwned did you let your machine get, mom?!?" moment. (* I wasn't there on the scene at the time, my brother-in-law--who is decided less tech savvy than I am--managed it.) I suspect he used the Rescue CD on a thumb drive. The machine was so hosed that getting anything onto it over the network was pretty much impossible.

For regular resident AV and scanning, I use AVG since then. I don't like the way AVG installs browser plugin stuff by default, but with that stuff disabled it's been pretty low key.

Anybody have any experience with R-Linux?
Its a freeware data recovery tool that can recover the Ext2 file system in adition to newer ones.

Seems to be working so far *crosses fingers*

A user at one of the satellite offices at work was using an Iomega NetHDD that became unable to access through the ethernet port. I took out the IDE drive and plugged it into a USB adapter. Windows drive manager could see the partition(s) but listed them as unknown partitions and could not assign drive letter(s).

I'll keep you posted if I am able to recover files from it. It has "recognized" 9000 files so far...

In some cases the 'infection' is tied to a local account, so if you can log in as a different user you can gain enough control to install the cleaning tools. Just cleaned one off a work computer a few minutes ago.

I have had luck renaming the infected profile folder to oldfolder.
Then I copy the default user profile folder and rename it to the users profile.
At this point, most of the time, the user can login.
You can then copy the favorites, my documents, and desktop back over from the renamed profile to the new bare bones profile.

R-Linux was able to recover the files.

It seperated them out by file type so the file folder structure is gone and the file names are numbers (1439.xls, 564.docx, etc)

Some files also open up in the proper application but contain garbage data. But this is so far a small amount.

But it recovered 57gb worth of data from a 250gb drive! (which I'd approximate is all of the used space)

What's this? Apt-Get like functionality in Windows? Why yes, thank you I would like something like that. http://www.wuinstall.com/

A great tool I just found for the admins out there.

Edwin wrote:

What's this? Apt-Get like functionality in Windows? Why yes, thank you I would like something like that. http://www.wuinstall.com/

A great tool I just found for the admins out there.

See also: WSUS offline (previously c't update)

It's a shame there's nothing like linux software packaging built into windows, where you could just add a repository and let it handle it. Instead we've got a dozen separate incompatible systems with varying feature sets.

I don't think anyone could do that for free, the bandwidth requirements would be stratospheric. And people aren't going to be very interested in donating servers and Ethernet drops for Windows... when they do it for Linux, they're helping the people who've been helping them, but Microsoft charges for its products.

Was looking to reclaim precious disk space on my 128GB SSD and found info on this built-in tool.

Windows 7 SP1 Disk Cleanup Tool

1. Run cmd as admin
2. dism /online /cleanup-image /spsuperseded

It freed almost 9GB. However, this prevents the uninstallation of Service Packs.

Scratched wrote:

It's a shame there's nothing like linux software packaging built into windows, where you could just add a repository and let it handle it. Instead we've got a dozen separate incompatible systems with varying feature sets.

Malor wrote:

I don't think anyone could do that for free, the bandwidth requirements would be stratospheric. And people aren't going to be very interested in donating servers and Ethernet drops for Windows... when they do it for Linux, they're helping the people who've been helping them, but Microsoft charges for its products.

I wasn't so much thinking of one central service for everything, but rather one windows method that everyone can plug into for software management. So MS would handle their own stuff, Valve could plug in their stuff, EA, Activision, Adobe, Apple, Google, Mozilla, all just plug their repositories in which resolve to their own servers. I guess it would get a bit messy if you tried to add licenses and commerce to that though.

Nice tip, BishopRS. From examining the /? help in the tool, you may want to add one more switch:

dism /online /cleanup-image /spsuperseded /hidesp

That hides the service pack from Installed Programs. You can't uninstall it anymore, so you might as well remove the option to try.

Saved me 3 gigs... on a 160g drive, that's noticeable.

Ever need to see if a particular update is installed on your Windows machine?

wmic qfe list full /format:htable > updates.html

One of the cooler features of Win7 is the ability to install from USB key. However, depending on your BIOS, the key itself may show up as a hard drive, preventing you from partitioning and installing to the real hard drive. I just spent almost two hours trying to figure out why the hell I couldn't partition and install to my SSD. I knew it had something to do with this, but I just couldn't pin it down, and was trying dozens of different variations of boot order and drive detection and so on.

Turns out the solution is very easy: write-protect your install media. Boom, done. I'd just used it last week, so I was really confused about why things had changed. What had changed was that I turned the write-protect tab on my SD card off so I could add some files, and then didn't turn it back on again. Result: mysterious install failure. Re-write-protected the card, and it installed first try.

Strong argument, btw, for using SD cards for this... nice handy write-protect tab. The main downside is that not all readers are very accurate -- my Mac, for instance, pretty much requires some scotch tape on the edge of any SD card, or it refuses to write on it.

Random link I saw on reddit that I think can be useful: Hardware component return rates. The site also seems to have earlier data in the miscellaneous section.

Anybody got a recommendation for a SMART hard drive monitoring utility? I've got a suspect 2TB WD in my v1 WHS that I need to watch for a bit.

Preferably free, but not necessarily.

Most manufacturers cripple SMART so that it's not very useful -- marketing demands that they do so, to make their drives "look more reliable". It's a good engineering idea that's been neutered by the marketroids. If you do have a SMART error, that means you need to back up and replace pronto, because any error at all most likely means 'drive death imminent'.

I use smartmontools under Linux for that, but I'm not sure what to use on Windows.

Speedfan does it last time I checked.

Malor wrote:

Most manufacturers cripple SMART so that it's not very useful -- marketing demands that they do so, to make their drives "look more reliable". It's a good engineering idea that's been neutered by the marketroids. If you do have a SMART error, that means you need to back up and replace pronto, because any error at all most likely means 'drive death imminent'.

I use smartmontools under Linux for that, but I'm not sure what to use on Windows.

Yeah, I knew it wasn't as useful as designed, but I thought I'd check anyway.

I didn't know speedfan had it in there, so thanks for that. I'll look.

I'd found a Passmark utility at the top of my search results, might test that.

I'd had my PC backups failing to the server for a week, so I'd gone in yesterday and ran the database repair utility and set up a script to run chkdsk overnight. Came back with a couple of bad sectors on the 2TB, but it still shows up as healthy. I think I'll replace one of the smaller drives with maybe a 3TB (should be able to install the driver and get it to work even though it's not natively supported in Server 2003). Then I can remove the 2TB from the pool, or at least data duplicate more of my stuff so that if it fails I really lose nothing.

This is starting to get to be a pretty old piece of hardware. I need to start looking at new solutions, but am not ready to move yet. Might use a low powered Win 8 box as a media storage home leveraging Storage Spaces, then figure out something else for image backups.

Does anyone know of any sort of free spyware or anti-virus software for macs? Got a text message from my sister (who is on other side of the country) saying she got something on her MacBook and couldn't find anything on cnet that wasn't looking for money after installing it.

I'm a windows guy so this is beyond my knowledge, and Demyx hasn't had trouble with her MacBook so I'm way out of my comfort zone with this problem.

This is a great resource:

Interactive manpages

Basically, this is like the man command in reverse. Man shows you all the options for a tool, so you can build something. This command takes an existing, prebuilt command, and shows you what all the switches mean, so you can quickly figure out what someone else is doing.

Anyone know of a GPU temperature monitoring tool that also logs to a file every X amount of time? I suspect my HD5790 is overheating when I full screen certain games but when they're full screen I obviously can't be looking at the CCC temperature display or other non-log tools. If things crash a reboot is necessary which wipes anything that's not logged so I'm left unable to confirm or deny my suspicion that the GPU is the cause.

I just completed migrating my system to a SSD and I found this guide incredibly helpful: http://lifehacker.com/5837543/how-to...

+1 on that recommendation. That looks like an excellent article.

+1 That's the one I used too. It's a good 'un.

I work fixing computers at a local store, here's my short list

1. Tdsskiller(mbr rootkit cleaner)
2. combofix(hard core cleaner)
3. mbar by malwarebytes(hard core cleaner)
4. malwarebytes antimalware
5. adwcleaner(for removing add ons)
6. Tweaking.com all in one windows repair
**the best all in one fix it I have found: resets permissions on registry and file system, re-registers amost all the relevant dlls, fixes windows updates, resets associations and services. Huge time saver
7. revo-uninstaller, best uninstall utility
8. recuva-by ccleaner: best undelete program--make sure to check deep scan in the options.
9. autoruns--best utility for removing unwanted startup programs.

So, I'd installed Kaskpersky AV awhile ago, because Security Essentials has been backburnered for Microsoft.

It works mostly okay, I guess, although it's super, super intrusive, and I had to turn a lot of its stuff off: for instance, it appeared that it might be trying to insert itself into SSL connections, in a variant of a MITM attack, so that it could inspect the traffic as it went by. Thanks, but no thanks. I wanted it just to watch files, so I had to chop off many tentacles.

So, guess what I found when I sat down at the machine this morning? An advertisement, telling me to sell Kaspersky AV to all my friends and neighbors.

Seriously. They just used their privileged position in my computer, after I had paid them to watch for viruses, to advertise at me.

Immediate uninstall, and they can go die in a ditch somewhere.

So, any recommendations on what else is good?