Which tools do you use to scan for malware when performing diagnostics / tune up

[gunslinger]

Any particular reason you don't use HitManPro? I'll often use prior to MBAM because it seems to be a lot faster.

Used to, but havent in years.

I thought Hijackthis wouldn't work with x86 systems. I haven't used it since Windows XP

Its worked for me on everything.

 

[cypress]

Used to, but havent in years.






Its worked for me on everything.

That's great to hear, I'll have to give it another try.

 

[nlinecomputers]

I thought Hijackthis wouldn't work with x86 systems. I haven't used it since Windows XP

Last I checked Xp was x86???? So if it didn't work on x86 systems how could you use it on xp? HJT works on all flavors windows but Autoruns covers more so I don't mess with HJT anymore.

 

[cypress]

Last I checked Xp was x86???? So if it didn't work on x86 systems how could you use it on xp? HJT works on all flavors windows but Autoruns covers more so I don't mess with HJT anymore.

I apologize for the mistype I meant x64 systems like Vista and 7 and the last OS I did use it on successfully was Windows XP.

But I'll try Autoruns since I downloaded it awhile ago but never did use it.

 

[gunslinger]

I apologize for the mistype I meant x64 systems like Vista and 7 and the last OS I did use it on successfully was Windows XP.

But I'll try Autoruns since I downloaded it awhile ago but never did use it.

Works fine on 64 bit

 

[Xander]

Last I checked Xp was x86????

http://en.wikipedia.org/wiki/Windows_XP_Professional_x64_Edition

Since you're busy splitting hairs, XP x64 has existed since 2005. Just FYI.

 

[glricht]

... But I'll try Autoruns since I downloaded it awhile ago but never did use it.

An Autoruns tip I picked up a while back: after the initial scan is done, click "Options" -> "Filter Options", then check both "Verify Code Signatures" and "Hide Microsoft Entries", then click "Rescan". Suppresses the display of a lot of entries, making it easier to review what's left.

 

[ComputerRepairTech]

An Autoruns tip I picked up a while back: after the initial scan is done, click "Options" -> "Filter Options", then check both "Verify Code Signatures" and "Hide Microsoft Entries", then click "Rescan". Suppresses the display of a lot of entries, making it easier to review what's left.

Soon as you open autoruns just keep clicking ESC and then you dont have to wait for the initial scan to finish.

 

[nlinecomputers]

http://en.wikipedia.org/wiki/Windows_XP_Professional_x64_Edition

Since you're busy splitting hairs, XP x64 has existed since 2005. Just FYI.

Yeah but have you ever seen anyone use it?

 

[bertie40]

Yeah but have you ever seen anyone use it?

I came across it once, it was a bitch finding drivers for it.

 

[Xander]

Yeah but have you ever seen anyone use it?

Once. Ever. In the same way where you'll see someone running 7 Ultimate for their one-man business -- overkill.

 

[nlinecomputers]

Once. Ever. In the same way where you'll see someone running 7 Ultimate for their one-man business -- overkill.

Now what a minute. I am a one man business and I have Win 7 Ultimate on my system. And I have an Exchange server, a SQL server and a Linux server. Too much? LOL

 

[MainCore]

If it's just a tune up

1.SMWN to work faster
2.ATF
3.ADWare
4.MBAM quick scan
5.Tweaking
6.AusLogics defrag
7.msconfig
8.Depending on hardware, change visuals/appearance settings
9.sfc /scannow

If malware is suspected I still remove all temps but with Ccleaner then

1.SAS
2.HitmanPro
3.MBAM
4.TDSSKiller

once I am sure i got it go through tune up

If issue persist, Killthemall and Process Explorer and some manual removal maybe use FileAssassin. Manual registry cleaning. I save ComboFix for the last ditch effort. Not that it's ever fried a machine on me, but I've heard stories. After that, I run a repair disc, just in case.

I saw the OTL and I will give it a try. Looks interesting.

 

[PBComputer]

If it's just a tune up

1.SMWN to work faster
2.ATF
3.ADWare
4.MBAM quick scan
5.Tweaking
6.AusLogics defrag
7.msconfig
8.Depending on hardware, change visuals/appearance settings
9.sfc /scannow

If malware is suspected I still remove all temps but with Ccleaner then

1.SAS
2.HitmanPro
3.MBAM
4.TDSSKiller

once I am sure i got it go through tune up

If issue persist, Killthemall and Process Explorer and some manual removal maybe use FileAssassin. Manual registry cleaning. I save ComboFix for the last ditch effort. Not that it's ever fried a machine on me, but I've heard stories. After that, I run a repair disc, just in case.

I saw the OTL and I will give it a try. Looks interesting.

I might be the only one but what is SMWN?

 

[glricht]

Yeah but have you ever seen anyone use it?

We had a customer a few years ago that had 4 PCs using XP Pro 64-bit; they did CAD/CAM and each PC had 6GB of memory to support the graphics work.

And as Bertie said, getting drivers was a major pain.

 

[gunslinger]

I thought we were just talking about programs we run against malware? If we are also including the pre-malware temp file cleanup I run:

1) Ccleaner
2) ATF Cleaner
3) PureRA

 

[nlinecomputers]

I might be the only one but what is SMWN?

Safe Mode With Network.

 

[bertie40]

Safe Mode With Network.

SMWN ?
C'mon PBComputer, call yourself a tech? Everyone knows that !!!!

(Except us two,.... I was about to google it )

 

[PBComputer]

SMWN ?
C'mon PBComputer, call yourself a tech? Everyone knows that !!!!

(Except us two,.... I was about to google it )

Now I don't feel so bad.

 

[bertie40]

Just a reminder of what we used to do before d7.

Actually a fair point, I need to refresher on how to do this all manually.