PDA

View Full Version : Best way to clean up virus/malware



myke
23-09-2009, 11:38 PM
If your anti-virus is failing to completely clean up a virus or whatever... what is the best way to clean up a PC?
I'm just asking a general question. I've seen plenty of shoulder shrugging, followed by simply reinstalling the O/S. But surely there is a better way.
I thought that reinstalling the O/S was not actually the best option anyway.

So what would be best practice for cleaning up a machine?

Speedy Gonzales
23-09-2009, 11:45 PM
1. Disable system restore

2. Boot into safe mode / networking

3. Get hijackthis, install it run it. Click on scan the system and save a log. Copy and paste the log here. Then get malwarebytes / trojan remover install both update both then scan

4. Get rid of any file sharing / P2P programs that are installed

Whatever you've been infected with, probably disabled AV and firewall programs. Depends WHAT exactly you've been infected with and what damage its done. If its infected windows files, sometimes there's no other option but to reformat / reinstall.

myke
23-09-2009, 11:57 PM
1. Disable system restore
....
Whatever you've been infected with, probably disabled AV and firewall programs. Depends WHAT exactly you've been infected with and what damage its done. If its infected windows files, sometimes there's no other option but to reformat / reinstall.

Thanks... I'm dealing with a number of end users, young and keen to download just about anything they can get their hands on. So I need a bit of a tool kit, me thinks.

The restore points is a good thing to highlight, as people might not realise that they may simply end up restoring the virus through a restore point.

Speedy Gonzales
24-09-2009, 12:05 AM
The first thing you SHOULD always do is disable system restore, if the OS uses / supports it. Actually it does nothing useful, besides being a hiding / storage place for malware / viruses. And if you use file sharing / P2P programs, you've got more chance of getting infected. Ccleaner comes in handy too. Since some malware / viruses will also disable regedit and task manager. Ccleaner will let you delete / disable files in startup that malware / viruses load, so they infect systems.

If you know what youre doing, you can also fix it remotely with something like teamviewer. The person needs to boot into safe mode / networking and then install teamviewer. Then installl and run it. Then give you the ID and password that appears in teamviewer.

CYaBro
24-09-2009, 01:13 AM
Sometimes you may need to pull the hdd out and slave it on a another machine or use a USB adapter and then run a virus / malware scan on it from that.