Virus removal checklist

Forums › Microsoft Windows › Virus removal checklist

woodson

232 posts

Master Geek

#167388 12-Mar-2015 09:35

I wondered what people's opinions were on this checklist (from Reddit)? http://www.reddit.com/r/techsupport/comments/i953i/virus_removal_stepbystep_checklist_with_links_to/

It's a bit outdated, for sure, but is it on the mark?

nakedmolerat

4629 posts

Uber Geek

Trusted

Lifetime subscriber

#1256859 12-Mar-2015 09:59

I would personally start from scratch again.

Format the harddrive then restore the image from backup.

woodson

232 posts

Master Geek

#1256866 12-Mar-2015 10:15

Re. this checklist, I didn't mean it for a virus issue I have personally, but rather whether such a checklist is "correct" as a process for virus removals in general?

Batman

Mad Scientist
29761 posts

Uber Geek

Trusted

Lifetime subscriber

#1256867 12-Mar-2015 10:16

if one has no idea about software malware and viruses then you can spend 100hrs a week removing stuff they will come straight back at you.

if one has no idea about software malware and viruses they probably don't know how to reinstall anything.

just do a factory restore everytime you feel like it is my advise

michaelmurfy

meow
13242 posts

Uber Geek

Moderator

ID Verified

Trusted

Lifetime subscriber

#1256883 12-Mar-2015 10:38

I've had customers who have infected themselves with the Zeus trojan, if this is the case I take no chances and reformat and tell them to change all their passwords (and never use the old one again).

Even though I can successfully remove it doesn't mean I can fully trust the removal process.

Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

Lias

5589 posts

Uber Geek

ID Verified

Trusted

Lifetime subscriber

#1256904 12-Mar-2015 10:47

It's appears to be a thorough and reasonable check-list, but unless there is a very compelling reason not to, always start from scratch if a machine is compromised.

I'm a geek, a gamer, a dad, a Quic user, and an IT Professional. I have a full rack home lab, size 15 feet, an epic beard and Asperger's. I'm a bit of a Cypherpunk, who believes information wants to be free and the Net interprets censorship as damage and routes around it. If you use my Quic signup you can also use the code R570394EKGIZ8 for free setup.

1101

3122 posts

Uber Geek

#1257322 12-Mar-2015 17:02

I really get the feeling the person who wrote that list doesnt really have much experience with this, just my feeling.
oops, its 3 years old, that explains it

malwarebytes & TDSSKiller, very good. Run them first
MSSE/defender, really a waste of time.
revo uninstaller: I have only tried 2 3rd party uninstallers: really just BS . nothing special. Maybee revo is better ?
CCleaner, can speed up the process by deleting tmps files , so you dont scan them . Generally not part of a malware removal

There is no mention of a GOOD av program, so that list is worthless.

But in general, Malwarebytes finds malware that other programs cant (on average)
Allways disable any av when doing a malware scan with another program. Allways, very important
Scan ALL FILES , Dont use the default scan option .
Lots of other things that need mentioning, not in that list. Dont have time to type it all out. Hometime :-)

Yes a malware cleanup IS a long process . no guarantees at the end. Often quicker to wipe & reload, but thats not allways an option.
And there will allways be malware/viruses that cant be detected by anything (as the AV companies dont know of its existence) . I had that on one cleanup , so I sent it to kasperky & they confirmed its a 'new' virus. Perhaps would be nice if they named it after me...or that may be a bad thing

Batman

Mad Scientist
29761 posts

Uber Geek

Trusted

Lifetime subscriber

#1257331 12-Mar-2015 17:21

Run avast free boot scan.
Run malwarebytes free.

Done. It won't remove everything but that's life.