PDA

View Full Version : virus and adware removal


HI-TEKKSOLUTIONS
02-25-2009, 03:15 AM
I was just wondering what programs and steps does everyone take when removing virus and adware. I have been using hijack this and sys explorer first to see what starts up. then i run norton removal tool, because they seem to have that installed everytime. then i go onto ccleaner so the scans will go faster. after that i install superantispyware, malwarebytes, and then avast. after i update those three programs i run them in safemode. when they are done i run ccleaner again and thats about it other then the finishing touches.

does anyone have any suggestions on this.

l337
02-25-2009, 03:36 AM
heres my average routine for spyware and malware cleanup


CCleaner (why not speed the system up a little before we work on it)
Spybot Search And Destroy
Adaware
Combofix
Malwarebytes
Autoruns & Process Explorer
AVG (i dont always scan with avg just sometimes if ive got the time cause avg seems to take sooo long)
Nod32 Online Scanner (just to make sure everything is sparkly clean)
Windows XP SP3 / Vista SP1
Additional Windows Updates via Windows Update
Deffragler / JkDefrag
Microsoft Bootvis Startup Optomize (sometimes and for XP only)
CCleaner (just to toss away any temp files created during the service)

gunslinger
02-25-2009, 04:08 AM
1. Boot into Safe Mode w/ Networking ( disable system restore ).
2. Run Combofix,SmitFraudFix and RogueRemover.
3. Run Ccleaner and EasyCleaner.
4. install and run MalwareBytes and SuperAntiSpyware full scan.
5. Run Hijackthis
6. Install AntiVir antivirus and do a full scan.
7. Install Spywareblaster, update it and take a system snapshot.
8. Make sure the windows firewall is turned on and install all needed Windows updates.

Note: Back up all customer data as needed and scan with Kaspersky antivirus before reintroducing it into the clean system.

Methical
02-25-2009, 04:33 AM
Yeah I go the same way with you gunslinger; but use CWShredder as well. And the Norton Removal Tool (some reason people still like that product).

theclevercloggs
02-25-2009, 09:52 AM
check that a valid subscription is not running first!!

Lesm

Resler
02-25-2009, 10:48 AM
If your running Hijack This first I hope you aren't "Fixing" anything at that step. From my understanding of it HJT doesn't remove any files just references to "bad" files. So you should do that step last. But if your just using it at the beginning to check whats running then your fine.

TimeCode
02-25-2009, 02:34 PM
And the Norton Removal Tool (some reason people still like that product).

Be careful... You don't want to remove something that somebody may think is good. I've had people get offended when I wanted to install a better program.

gunslinger
02-25-2009, 02:43 PM
Be careful... You don't want to remove something that somebody may think is good. I've had people get offended when I wanted to install a better program.

My policy "I will not work on it if it has any version of Norton or McAfee on it."
I'll put it back on the system when I'm finished if the customer insists. I'm also quick to tell them there is no way I can make their computer faster as long as they have these programs.

That being said I have yet to test Norton 2009, I hear its much better.

Heriberto t.
02-25-2009, 03:16 PM
i run ccleaner, then install malwarebytes, update, and run it. for viruses, i usually download Avast! and if they dont want to come out, or i dont find anything and i suspect there are some, then i slave the hdd to a desktop which has bitdefender.

@ gunslinger, i'm going to try norton 2009 later, probably over the weekend cause i too, hear its suppose to be faster and use less resources. even if it did, it wouldnt replace Bitdefender.

scorcher
02-25-2009, 03:19 PM
My policy "I will not work on it if it has any version of Norton or McAfee on it."
I'll put it back on the system when I'm finished if the customer insists. I'm also quick to tell them there is no way I can make their computer faster as long as they have these programs.

That being said I have yet to test Norton 2009, I hear its much better.

Good point gunslinger. I also tell customers that I can't guarantee their system can be faster with these two running (especially to customers that have 512 RAM and running NAV or McAfee).

I haven't seen Norton 2009 either but a reputible friend has seen it and he is very impressed with it.

usacvlr
02-25-2009, 04:34 PM
I don't care if they do have a subscription. norton gets killed step one.

check that a valid subscription is not running first!!

Lesm

Keegan
02-26-2009, 01:34 PM
1. Boot into Safe Mode w/ Networking ( disable system restore ).
2. Run Combofix,SmitFraudFix and RogueRemover.
3. Run Ccleaner and EasyCleaner.
4. install and run MalwareBytes and SuperAntiSpyware full scan.
5. Run Hijackthis
6. Install AntiVir antivirus and do a full scan.
7. Install Spywareblaster, update it and take a system snapshot.
8. Make sure the windows firewall is turned on and install all needed Windows updates.

Note: Back up all customer data as needed and scan with Kaspersky antivirus before reintroducing it into the clean system.


why don't you move Spywareblaster up 2 nr. 2?

gunslinger
02-26-2009, 07:45 PM
why don't you move Spywareblaster up 2 nr. 2?

Because Spywareblaster does not scan for or delete spyware. It protects your system from it and locks it down. I also use Spywareblaster to create a snapshot or restore point and I want to make sure I'm doing this on a clean system.

Keegan
02-26-2009, 07:53 PM
Because Spywareblaster does not scan for or delete spyware. It protects your system from it and locks it down. I also use Spywareblaster to create a snapshot or restore point and I want to make sure I'm doing this on a clean system.

yeah that's my point 2, it locks it down. Makes it easier to remove malware.
That's why i would run it first, then start removing

but anyway nice list:)

topshelfpc
03-02-2009, 06:37 AM
No one has mentioned hitman pro. Has anyone else discovered this little gem? It used to be free, now it is just free for "home" use.

gunslinger
03-02-2009, 12:12 PM
No one has mentioned hitman pro. Has anyone else discovered this little gem? It used to be free, now it is just free for "home" use.

I used to use hitman pro but got away from it for two reasons. For one some of the programs are really not effective against todays malware. Programs such as Ad-aware I stopped using years ago. Second, I don't really like the idea of installing a lot of programs on an already infected/slow machine.

I had much rather run 3-4 portable apps off my flash drive, then once relatively clean I will install Malwarebytes.

What would be very useful would be if someone more up on programing than me could decompile the script they use with hitman pro and make it run all of the clean up apps off of my my flash drive.

You also need an active Internet connection and thats not always possible on an infected machine.

topshelfpc
03-02-2009, 12:47 PM
The new version of hitman pro no longer uses all those apps, it now uses it's own proprietary cleaning engine.

thor999
03-03-2009, 02:45 AM
Yeah, thats what I thought too. Anyways, I'm going w/ Gunslinger, I don't see how you could provide much more service than that.

rellison
03-03-2009, 05:20 PM
Gunslinger...
What are the apps names??
and do you know their manual update link???
Do you know if they have auto start, clean and close down command line commands???

I wrote my own in VB about 4 years ago but the apps that I was using at the time are no longer useful and the update links are all deleted now..

Wouldn't be hard to rework the code to add new apps in to it..

It worked good because it would download the updates and then depending on what applications you picked would run them but you need to be able to start them from a commandline...
I took my idea from the Geeks MRI LASER setup...


Rick