Your Anti programs...keep them upto date !!

  skidzy 08:20 17 Feb 2009

Some of you may have seen my threads regarding Safe and Clean Computers.
I would like to take this opportunity to explain why your anti programs need to be kept updated and run on a regular basis.

I often have computers dropped off to me and asked to clean them up if possible without restoring the operating system.

Friday,i had a laptop dropped off and was seriously infected with over 1300 infections,this does not mean 1300 different viruses but various infections.

Now we all know how good Mbam and SAS is,but these would only clean so much.

With the help of many programs i have successfully cleaned the machine with no damage done and no data loss...but was a big headache.

This machine had various P2P programs that was the cause of the multiple infections.

My point is,keep your anti's upto date and run weekly or at worse every two weeks,not forgetting those backups.

Tools used for the cleanup;

Spybot Search and Destroy
DrWebCureIt and Live cd
Kaspersky AVP Tool (extreme in depth scanner and removal)
ComboFix (use with guidance only)
HiJackThis (use with guidance only)
Avast Antivirus
Various online scanners
Manual registry editing (very risky,backup needed)

The list goes on,no one program could tidy this machine due to the reproduction of the infections and there entries.

Im happy to say the machine now flies along and was one of the most difficult i had seen for a long time.

Hopefully someone may read this and point someone in the direction of how bad P2P programs can be if used incorrectly.

Just to add;

Do NOT disable System Restore when trying to cleanup unless advised by a trusted source.
Reason being,i had to restore after running one particular program and then carry on the dis-infection.

Once you are happy that the machine is clean (several reboots needed) then and only then disable System Restore (this will flush all old restore points) and reboot,then create a new restore point.

Hope this helps some for future reference.

  Diodorus Siculus 08:50 17 Feb 2009

Useful thread :)

I'd just suggest that you add to it official download links for the above programs; a lot of them can be spoofed and hard to find in the case of an infected machine.

  Sparkly 09:06 17 Feb 2009

once again you post a very Useful thread thanks for your time and good work advising all here....

  skidzy 09:13 17 Feb 2009

Hi Dio thanks for the reminder, i didnt even give it a thought :-)

safe links to those above;

Malwarebytes click here

Superantispyware click here

DrWebCureIt click here

Kaspersky AVP Tool click here

HiJackThis click here again use only with guidance !

ComboFix Tutorial and download click here Please only use with guidance !

Avast click here

Online scanners;
Kaspersky click here
F-Secure click here
Eset click here

Jotti click here
extremely useful for a suspicious file

  oldbeefer2 09:44 17 Feb 2009


  hiwatt 09:45 17 Feb 2009

Very helpful thread.Can the DrWebCureIt be ran as an on demand scanner to check for infection rather than just to remove a known infection?

  Picklefactory 09:48 17 Feb 2009

Thanks skidzy

  skidzy 09:57 17 Feb 2009

DrWebCureIt can be run as on demand that gives you three choices.

Complete scan
Custom scan
Express scan

If you use the Express scan and any infection is found,it is best to then boot into safe mode and run the complete scan.

Its not the quickest around,but is another piece of armory.

This app has no realtime protection and will need manual updating by re-downloading the package.

  brundle 10:35 17 Feb 2009

Stick this on a flash drive; click here

  skidzy 10:38 17 Feb 2009

Cheers for that brundle.

I do have one small issue on this lappy but not causing any trouble...ive tried everything to rid the little will give your link a bash.

Still impressed with the PSI....had a little bug last week but soon rectified. :-)

  skidzy 10:44 17 Feb 2009

oh i see what it is now...thats really handy.

just trying to find out if i can add my own apps like AVP/DWC/ Jotti/ etc.

Thanks again.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

WPA2 hack: How secure is your Wi-Fi?

Add Depth Of Field to a photo using Tilt Shift Blur in Photoshop

iPhone tips & tricks

Les meilleures tablettes 2017