Sunday, August 28, 2011

Virus and spyware removal

In this post I will provide a brief overview of how I remove viruses and spyware from a computer.

Warning: This post is intended for people who are already familiar with virus and spyware removal procedures. You can damage your files and software. If in doubt; go no further.

Software

I keep these files on a thumb drive and a network share. I have batch files created for both A squared and Avira that updates, scans, and saves a log.

The Process

First boot the computer into safe mode. Run hijackthis and remove suspicious items, if you don't know what to remove leave this alone. Next run ccleaner to clear temp files and prefetch. Install and update malwarebytes and spybot but don't start scanning yet. Start super portable and update if necessary, don't start scanning yet. Start A squared and avira, with my batch files they do everything without input. Now start super, malwarebytes, and spybot. The scans will take some time, about two hours on a newer system and as much as eight hours on an older system. Once the scans finish remove the infections found and restart the system.

Now in normal mode run combofix and let it work its magic. Next run ccleaner, this time remove and sketchy toolbars and software; then use the registry cleaner. Now make sure that Windows and any anti-virus software is up to date. I also use a ninite installer to update adobe flash, adobe reader, and java. At this point about 95% percent of computers will be clean and working properly, but of course there are some infections that require a more specialized approach.

Closing Thoughts

This is a very brief overview of the process I follow to remove viruses and spyware, it has evolved over the course of several years. There is no one "right" way to remove infections and you should be wary of anyone who claims there is. I have noticed on several forums that many people have a perception of combofix as being a panacea and that if combofix doesn't remove everything you should just reinstall. If you ascribe to this notion then you should save yourself 10 minutes and just start reinstalling immediately. Combofix is a great tool and has come a long, long way over the years. The reason that I use combofix last is because when it first came out combofix would break about 25% of the systems I worked on and I only used it as a tool of last resort before I reinstalled the operating system. As combofix got better I started using it more often, but always last, and I guess old habits are hard to get rid of.

For anyone in Waco or Central Texas who still needs help with computer problems feel free to come G&A Computers at 608 N. New rd. Waco, Tx and we will be happy to take care of your computer for you.

No comments:

Post a Comment