linkbucks.com browser hijack malware/virus removal questions

Hopefully though, this linkbucks hijack wasn't brought in by something more sinister embedded somewhere deeper in the OS. That's why if mbam turns up anything more than just adware, spyware, trojans, etc, run TDSSKiller!
 
Yevrag35 said:
Hopefully though, this linkbucks hijack wasn't brought in by something more sinister embedded somewhere deeper in the OS. That's why if mbam turns up anything more than just adware, spyware, trojans, etc, run TDSSKiller!
Click to expand...

I've seen that mentioned for other things before; but I hadn't thought about using tdsskiller.

But I'm a little more concerned about how much more time I'd spend before I'd have to resort to formatting; I'm not trying to bill people for every minute of work I do but work is work and I'd hate to bill for time that yielded no results or very little if any.
 
mynetdude said:
I've seen that mentioned for other things before; but I hadn't thought about using tdsskiller.

But I'm a little more concerned about how much more time I'd spend before I'd have to resort to formatting; I'm not trying to bill people for every minute of work I do but work is work and I'd hate to bill for time that yielded no results or very little if any.
Click to expand...

What I would do is present your customer with an ultimatum. Say, "I can attempt to remove the virus while also trying to preserve your files for X amount of dollars (this amount should be more), or I can simply reformat your computer but you will lose any data on the hard drive in the process for Y amount of dollars (this amount should be less)."

There's a reason why most places charge MORE for virus removal than for System Recoveries (because it can take an unpredictable amount of time).
Either way, the customer should be paying more the removal of the virus unless already worked out or specified in a warranty.
 
Yevrag35 said:
What I would do is present your customer with an ultimatum. Say, "I can attempt to remove the virus while also trying to preserve your files for X amount of dollars (this amount should be more), or I can simply reformat your computer but you will lose any data on the hard drive in the process for Y amount of dollars (this amount should be less)."

There's a reason why most places charge MORE for virus removal than for System Recoveries (because it can take an unpredictable amount of time).
Click to expand...

Yeah, I figured as much; she brought me her PC yesterday so we looked at it and she's aware it will take more time to do the virus removal.

Even some of the worst viruses can't always be feasibly removed I don't suppose and you have no choice but to wipe clean.
 
to be honest if it is a virus/malware/adware that the main scanners don't pick up and remove, then I would say do a back up, and re-install windows
This will take you an hour to do, you have already had this thread active for 12 hours
The truth is you could have had the job done by now lol, and the most secure way to confirm that it has gone is a full re-install

remember if software such as malwarebytes and other similarly good software can't remove it, then you are not 100% sure what it is doing to the machine, and could be more than just a browser re-direct, this could be doing anything from key logging to god knows what.

So the safest option is to wipe the drive, and this is the best way to protect your customer.
 
Frosty is a Snowman said:
to be honest if it is a virus/malware/adware that the main scanners don't pick up and remove, then I would say do a back up, and re-install windows
This will take you an hour to do, you have already had this thread active for 12 hours
The truth is you could have had the job done by now lol, and the most secure way to confirm that it has gone is a full re-install

remember if software such as malwarebytes and other similarly good software can't remove it, then you are not 100% sure what it is doing to the machine, and could be more than just a browser re-direct, this could be doing anything from key logging to god knows what.

So the safest option is to wipe the drive, and this is the best way to protect your customer.
Click to expand...

I don't have the machine, so I can't do anything or I'd have already done something. And I would never charge someone for "research time" unless it was something they actually wanted me to do or it was needed; I could have resorted to reformatting without ever bringing up this thread but I wanted to find out more not for her but for myself too.

I hear ya, I'd rather err on the safe side and do a wipe myself; An hour, if that is pretty good especially if I can copy all the files and wipe/re-install. Most of the process is automated so this leaves me to do other tasks while that is doing that.
 
Frosty is a Snowman said:
So the safest option is to wipe the drive, and this is the best way to protect your customer.
Click to expand...
Bingo. I wish all businesses thought like you lol. I agree: backup (ask her what she wants backed up if you haven't done so), reformat, out-the-door, happy customer :)

mynetdude said:
I could have resorted to reformatting without ever bringing up this thread but I wanted to find out more not for her but for myself too.
Click to expand...
I understand that too. It's not very satisfying just wiping and starting over, it almost feels like giving up (like you let the virus win)
 
Last edited:
if you want to get to the bottom of the virus try and infect a virtual machine with the virus, and play around with it until you are happy you have beaten it

but the truth is there is always a little something left over, or damage that has been done and just can't be reversed and the customers computer might still have operational problems.
The re-install gives the customer a fresh OS that usually leaves them feeling that they have a better machine than prior to them getting the virus.
Plus they don't come back moaning that the computer is still having issues.
It is more than just their security that you have to think of, there is customer service/satisfaction, and your reputation, as there is nothing more damaging than people who have to keep coming back for what they see as a problem that was not fixed at the first attempt.
 
No a Registry Cleaner will not work for this. All those things do is look for entries that are not active, since the redirect is active, it will not be removed. No it will not be able to be done without going under the hood.

Sorry but with this type on redirect there is no automated option.
 
You must log in or register to reply here.

Similar threads

D
Who needs SSL security software?
Replies
3
Views
2K
markanderson
markanderson
K
Low performance with this config?
Replies
5
Views
1K
PP Mguire
PP Mguire
K
Is this a normal performance with this config? What could be the problem?
Replies
0
Views
1K
Kerygam
K
L
How to stay anonymous and untraceable on the internet?
Replies
1
Views
2K
U.F.O.
U.F.O.
HeTiCu
Win10 Networking frustrations
Replies
3
Views
2K
HeTiCu
HeTiCu
Back
Top Bottom