Administrator Tarun Posted November 1, 2006 Administrator Posted November 1, 2006 I primarily use a custom package that I save to a Cleanup folder. It contains Peperfix, VX2Finder, TheNotifier (used to verify the results of VX2Finder), ADSSpy, SpywareBlaster, CCleaner, CWShredder, Ad-Aware (and I install the defs I pre-downloaded using my InstallDefs.bat file), Spybot S&D (and all three of the updates), Autoruns, HijackThis, Dial-a-fix, LSPFix and UPHClean. Personal methods: I have a number of tools I use to diagnose and repair systems. It generally takes an hour to two hours, depending on the speed of the machine and how critical the infections are. From start to finish: Peperfix, VX2Finder, TheNotifier (used to verify the results of VX2Finder), ADSSpy, SpywareBlaster, CCleaner, CWShredder, Ad-Aware (and I install the defs I pre-downloaded using my InstallDefs.bat file), Spybot S&D (and all three of the updates), Autoruns, HijackThis, Dial-a-fix, LSPFix, UPHClean and Windows Updates. Peperfix is to of course remove any Peper files, VX2Finder finds and repairs any VX2 infections, and ADSSpy for malicious ADS-Stream data. SpywareBlaster is a great asset as it protects both IE and Firefox; plus it stops any active malware on the system from properly functioning. CCleaner is then used to clean out the system of junk files. Additionally when you use it to clean your system, it can also clean out temp directories and other locations where malware can hide and replicate. CWShredder is used to remove any CWS infections that can bog down the system. I've not been seeing near as much CWS as I used to. Ad-Aware and Spybot are run concurrently, both scanning at the same time. Prior to scanning with Spybot, I Immunize the system and also allow it to clean up File Sets. Then begin the scan and while scanning I look over the ActiveX and BHO's via Spybot's Tools. When finished I remove all malicious findings after reviewing them and then I move on to my next tool, Autoruns. Also, if Spybot asks me to run again on startup I always say no because it's usually lying. Autoruns is used while Ad-Aware and Spybot are scanning. Under Options I apply a check beside Verify Code Signatures and Hide Signed Microsoft Entries. I check for File Missing entries and look for anything malicious which I then remove manually. I check every user listed as well. HijackThis is used next and I inspect the entries, making whatever removals necessary. I make use of LSPFix to check for any other issues to Winsock, etc. Dial-a-fix gets used for good measure, hitting the green checkmark and clicking Go to tidy up and resolve any potential issues. I'll also put IE7 on to increase security and get their system up to date. UPHClean is installed last and I follow up by checking for Windows Updates, getting all of them. Or I'll make use of AutoPatcher if they're on a low-speed connection. After rebooting and making sure the system is working good as new (or better); I'll use CCleaner to scan for Issues and remove anything found, always making backups as a precaution as I've seen CCleaner break a lot of systems when using the Issues scanning. Should they need an Anti-Virus; it's always Avast witha minimal install and set up to update silently. ---- At work I use pretty much the same tools, though I do not install and use Firefox, Thunderbird, Firetune or AVG-AS on client machines (It's pretty much for visitors to my website only, as many of the tools I use should only be used by professionals). I do update Firefox/Thunderbird if it's already installed and add a few extensions that are lightweight and beneficial. If a client doesn't want to buy an anti-virus, I was able to have my boss have us put Avast onto client machines. I avoid toolbars and will always uninstall them when I encounter them. A properly configured system won't have to worry about popups. With Firefox I use Firetune on it, then I go into about:config and manually change the browser.cache.memory.capacity and change the setting to 16384 (this keeps Firefox from becoming a load on the system). Always installed extensions are Cutemenus, AdBlock Plus, DownThemAll, and TabMixPlus. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.