Virus Removal procedures

B

bill of oz

Member
i have been doing virus removal on approx 2-3 computers every day, and have been very successful partially due to the help i have received here, i would consider myself advanced but no expert and im learning every day,

my general virus removal procedure is the following.....

- ccleaner
- adwcleaner
- JRT
- Spybot S+D
- Malwarebytes

after that i do a virus scan with a random antivirus program (bit defender, avast, avg, etc etc)

this process has worked well along with the recent additions of combofix and tddskiller (thanks to John)

this process seems effective, but the negative side is its taking a very lengthy time to do all these scans,

is there a way to speed up my virus removal procedure by adding or removing any programs i am using? programs that work faster maybe?

i am trying to get the work done as fast as possible, as an example, is it really nessessary for me to use both spybot and malwaresbytes? or do they both basically do the same thing?

i noticed when i run malwarebytes after the spybot scan it usually picks up another 5-10 issues,

is it nessessary to scan with an antivirus program at the end?

i noticed programs like jrt, combofix, tddskiller, run alot faster then spybot and malwarebytes, but are they as effective?

any advice is appreciated
 
Each program scans for different things. There isn't one program that will catch everything unfortunately. I wouldn't bother using spybot as I know that used to take forever to scan. The only time I would use spybot is if someone has a keylogger, which spybot is pretty good at catching and removing. If you follow the guide in the sticky in the security section then most if not all of the issues should be taken care of.

And it's not a good idea to run CCleaner first anymore unless you know for sure you don't have a certain type of infection. If you run CCleaner when you have one of those infections that hide your desktop icons and start menu programs then there is no way to recover fully from it.
 
If time is of the essence (sounds like that's the issue), would it be wise to schedule some of these programs to run during early hours, or when you're not at the keyboard?

John, when you say "it's not a good idea to run CCleaner first", you're implying it's still OK to run it later in the sequence, or would you drop it altogether?

BTW, I too have benefited greatly from John's and others advice on this site. Thanks again to all.
 
As long as you know for sure you don't have one of the many desktop icon/start menu program hiding malware on your system then you are okay. But actually TFC, aka Temp File Cleaner does a much better job and deletes more than Ccleaner does.

TFC - http://www.bleepingcomputer.com/download/tfc/

Actually what I do anymore is run Ccleaner and then run TFC.

Usually you get one of those fake hard drive diagnosing malware or running low on disk space. What it does it takes your desktop icons and your start menu programs and puts them in a temp file in a special folder that if you were to run a temp file cleaner program, then it would be deleted. With this type of malware, you would need to run a program called Unhide first.

Unhide - http://www.bleepingcomputer.com/download/unhide/
 
johnb35 said:
Each program scans for different things. There isn't one program that will catch everything unfortunately. I wouldn't bother using spybot as I know that used to take forever to scan. The only time I would use spybot is if someone has a keylogger, which spybot is pretty good at catching and removing. If you follow the guide in the sticky in the security section then most if not all of the issues should be taken care of.

And it's not a good idea to run CCleaner first anymore unless you know for sure you don't have a certain type of infection. If you run CCleaner when you have one of those infections that hide your desktop icons and start menu programs then there is no way to recover fully from it.
Click to expand...

thanks for the help once again, i read the sticky and it was great,

i have downloaded the ASWmbr program and ran it on my own computer,

i updated the software as it asked using avast then i hit scan,

it took awhile then said "scan completed successfully"

does that mean it has done its job? or do i need to do something further from this point?
 
Are you talking about Avast or ASWmbr? ASWmbr is used to detect rootkits. All depends on what the log says.
 
johnb35 said:
Are you talking about Avast or ASWmbr? ASWmbr is used to detect rootkits. All depends on what the log says.
Click to expand...

i ran aswmbr,

a popup came up and said to update the definitions from avast, i clicked yes and it updated successfully, then i hit scan and the scan completed
 
You should have gotten an output log from aswmbr. Rootkits used to be an every day thing, now I don't see them much anymore.
 
You must log in or register to reply here.
Back
Top