Malware cleaning tools thoughts

JRT/AdwCleaner/MBAR or Panda AR/Malwarebytes/Rogue Killer

This series is my default go-to. For the most part, JRT and AdwCleaner do most of the heavy lifting, so by the time I get to MBAM, I don't even need Rogue Killer, but I do it anyways.

Hitman Kickstart > Main Series as stated above

Someone mentioned what's the difference between kickstart and regular, I've yet to see one. One is a pre-boot the other is not. Though kickstart is more for Ransomware.

Assuming those have failed, ComboFix is the last to go in. Someone said you can't control it. Not true. Have you imported scripts in to your ComboFix? Try that, and see what it can do now. It can be an extremely dangerous tool if you don't know how to use it. Like handing a baby a .50 Cal. I've seen users approach me after going to bleepingcomputer.com (not blaming bleepingcomputer.com) and following what someone else was told to do. I tell a lot of my clients to not go to websites and try to remove it themselves. And they end up needing a system restore, or worse...Nuke and Pave.

Don't do much in the way of using an AV that's not already installed. If they got MSE or Windows Defender, I will recommend something else being installed. So Kaspersky is out like many have said they use.

CCleaner, I'll use this at the beginning if I can and then again at the end. At the start, I just do a simple clean up of temp files, been caught by surprise with a slow computer than was gummed up with over 20GB of junk on a 80GB hard drive. At the end of the service I do a reg cleaner (always save a backup) and a temp file cleaning.

MBAR: It's getting worse I think. Try Rootkit Buster or Panda Anti-Rootkit for alternative.

We got other tools, and awesome little things we use as well. But those are for the most part for special little annoyances.
 
You can download the kickstart for free. It's not a full time virus/malware removal program. It's a "second opinion" and pre-boot virus removal. I think Hitman Pro goes for $30/year/computer.
 
frederick said:
You can download the kickstart for free. It's not a full time virus/malware removal program. It's a "second opinion" and pre-boot virus removal. I think Hitman Pro goes for $30/year/computer.
Click to expand...

thanks!
 
A couple of questions for those that don't like JRT because it doesn't give them any control over what it does:

What type of control are you looking for? The ability to select which toolbars and such that it removes? The ability to add things to the database of junkware he uses?

How often do you de-select items to be removed by programs like MBAM or Rogue Killer? Is there something that they flag that you consistently exclude from them removing?

I understand the reluctance of using Combofix since there is little known about what each of the 50 steps are. But I still use it in many cases because it has worked well for me for a long time with very few issues.
 
It takes as lont just to generate the log file as it does to do the scan
Can be a long pain for on site.

I had a problem last week XP when you got to login screen it took 15-20 mins to login I tried everything I was almost ready to nuke, combofix fixed it
 
ComputerPro said:
Just wondered what everyone's thoughts are on running the following programs for malware cleaning. The pros and cons of each and if there are any others that should be included.

-rkill:
-ADW
-JRT
-comboFix

-MalwareBytes
-SAS
-HitmanPro

Thanks,
Click to expand...

I dont use SAS I use to but dont anymore.
rkill- Is a great utility if you cannot run anything!!
ADW is a great utility to use same with JRT!
ComboFix should be last resort!
MalwareBytes is a great product! I sell this with every cleanup!! It is a lifetime license so my customers love hearing that and its affordable!
HitmanPro isnt a bad utility I havent had a need to use it for a while!

So now I gave my 2 cents I figured I would add little more!! I do allot of malware and virus cleaning as its not really a huge money maker I see it as a way to get my foot in the door and I get allot of repeat customers form it! This is my process-

Blow out the system and check fans!

Disable clients Antivirus software!
CrystalDiskInfo- No sense continuing if the HDD is bad!! If that finds anything I ran another HDD scan and depending on what it is repair the issue or call the client immediately and tell them the drive is bad.

CCleaner- I have the tech version but the free would work to. I run both the cleaner and registry.

Toolbar Cleaner- This is a great utility to remote toolbars and other addons from all the browsers.

Remove programs from add remove and if I cannot get it to uninstall I use RevoUnistaller

JRT

AdwCleaner

TDSSKiller- good for rootkit removal its normally a really short and fast scan.

Update Antivirus! Run the antivirus or one off my jumpdrive.

After that I install and run MalwareBytes Pro! This is normally sold with my cleanups!
I also upsale Avast! So many people don't have antivirus or its outdated. I have seen systems with nothing not even MSE enabled.

Then I run CHKDSK/ SFC

I remove the not needed items in the startup and services.

I then run windows updates along with java, flash, and adobe reader.

Then I defrag with defraggler!

I then delete all system restore points and create a new one!

Now this is just a quick list I do use other utilities if needed like combofix, windows all in one repair, AutoRuns, rkiller and more but only if needed. Most of this can be scripted and automated so you click on the script it runs and saves a report take time to look it over.

I am looking into D7 as it includes allot of utilities and can help automate most of this process as well.
I have used D7 for other tasks and I like it!!
 
ekelley said:
....snip

Now this is just a quick list I do use other utilities if needed like combofix, windows all in one repair, AutoRuns, rkiller and more but only if needed. Most of this can be scripted and automated so you click on the script it runs and saves a report take time to look it over.

I am looking into D7 as it includes allot of utilities and can help automate most of this process as well.
I have used D7 for other tasks and I like it!!
Click to expand...

D7 will do all the above and more, most of it can be done automatic, just click a few buttons, and let it run.

Best thing you could treat yourself to this Xmas IMO.
 
I use D7 all the time but for some reason auto mode with too many things checked doesn't ways work for me. So I resort to running some of the things one by one which being right there on a list is still very easy and convenient.
 
ComputerPro said:
I use D7 all the time but for some reason auto mode with too many things checked doesn't ways work for me. So I resort to running some of the things one by one which being right there on a list is still very easy and convenient.
Click to expand...

I have to admit, especially on the scanners, I do them one by one. But as for the tune up part of it, I do use the auto feature. Then it emails the report direct to me, which I then copy into pcrt, both for my self and client.
 
Cadishead Computers said:
I have to admit, especially on the scanners, I do them one by one. But as for the tune up part of it, I do use the auto feature. Then it emails the report direct to me, which I then copy into pcrt, both for my self and client.
Click to expand...

We have d7 premium but have not taken the time to learn most of its features. Would you mind sharing which features you incorporate in your tuneup? Thanks :)
 
We looked at the Kaspersky Virus removal tool - but we found it to be a little slow. We do use the Kaspersky rescue CD when we come across a nasty infection that's really crippled the system and won't let us run our other tools on it.
 
Cadishead Computers said:
I have to admit, especially on the scanners, I do them one by one. But as for the tune up part of it, I do use the auto feature. Then it emails the report direct to me, which I then copy into pcrt, both for my self and client.
Click to expand...

I do the same thing because D7's scripts usually automatically select ignore when using Hitman Pro, but I can manually change it if i run them one at a time or all at once. Also, I can run multiple scanners at once if I want.
 
Oh, except going to the pre combofix restore point... which fixed the issue ;)

This just told me i should pay a little more attention to the softwares options lol I had a issue with combo fix and didnt take enough time to observe its functions etc.. spending 15 minutes reading into softwares abilities will save hours and days, another lesson learned :p
 
We use malwarebytes via ninite its quick and does the job ASAP. time is very valuable. if it comes down to it.... ghost it!
 
You must log in or register to reply here.

Similar threads

CompConfig
(SOLVED) Need help please. PCKeeper ad ware removal.
Replies
18
Views
4K
CompConfig
CompConfig
shamrin
[SOLVED] Malware - second Explorer.exe that eats CPU and RAM
2
Replies
35
Views
4K
HFultzjr
HFultzjr
wtigger
Malware caused limited Internet access
Replies
13
Views
2K
Xander
Xander
calldrdave
Thankful for RepairShopr!
Replies
2
Views
2K
HCHTech
HCHTech
S
[SOLVED] Problems after malware removal
2
Replies
22
Views
3K
sorcerer
S
Back
Top