-=PCTechTalk=- Re: Need the Most Efficient & Effective for Viral Removal

HI Gman,

I found this email very interesting.  I would like to sometime set my system 
up like you said with my stored files separate from my OS, maybe when I 
purchase my new computer.  I also found it interesting about renaming the AV 
files and all.  Seems we have to always be three steps ahead of the bad guys 
;0.  I will also save that link below.

christy

----- Original Message ----- 
From: "Gman" <gman.pctt@xxxxxxxxx>
To: <pctechtalk@xxxxxxxxxxxxx>
Sent: Tuesday, January 27, 2009 6:20 PM
Subject: -=PCTechTalk=- Re: Need the Most Efficient & Effective for Viral 
Removal


> Dan,
>    What you seek does exist, but it's WAY too long to type out in an email
> or post to a single web page.  The problem is that serious computer
> infections can be almost like fingerprints in that no two are exactly 
> alike.
>
>    One of the obvious problems you're having is that you have Windows
> installed to a large hard drive volume.  When it comes time to run a scan,
> CHKDSK or defrag, it takes forever to complete, even though the offending
> files (corrupted, fragmented or infected) might only add up to a single
> megabyte or so.  You're much better off having your OS separated from your
> storage (downloaded files, MP3 collection, etc.).  I have 3 XP installs on
> only 15 - 20GB partitions and it's a breeze to run any type of scan on 
> them.
> I know this isn't really the time to be suggesting something like that to
> you, but it'll give you food for thought for the future.
>
>    Once infected, the system itself will help you determine the best 
> course
> of action.  To find out what I'm dealing with, I often turn first to
> HijackThis so I can get a log of what's running and research anything that
> seems out of place.  The more I work with these logs, the more easily I'm
> able to recognize items that do belong.  I will also attack the system 
> with
> Malwarebyte's Anti-malware, which is really good at removing a lot of 
> things
> that other anti-xxx apps can't touch.  The trick with both of these apps 
> is
> that you often have to rename them before running them, otherwise, the
> infection might recognize and prevent it form running (or push false 
> results
> through it).  Since many infections do recognize a lot of AV and AM
> utilities, always keep the ones you download encased within a RAR or ZIP
> file and only pull it out when needed.  Rename the freshly extracted
> installation file and then run it.  During the install, use the Custom or
> Manual method so that you can give the main folder a different name, too.
> Finally, when the install is done, don't allow it to fire up the program
> just yet.  Instead, go into the main folder you just created and rename 
> the
> main exe file, too.  Only then should you run it (and most will now be 
> able
> to get past the walls put up by the infection).  When renaming, choose
> something that has nothing at all to do with regular AV type  names.  When
> installing HijackThis, I prefer to use something like abc.exe for both the
> extracted installation filename as well as the main .exe filename.  That 
> one
> will also be written to C:\Program files\ABC as its main folder during
> installation.  When I set up Malwarebyte's, I'll use 123.exe and 
> C:\Program
> files\123.
>
>    If it turns out that Malwarebyte's is not quite enough to completely
> clean the system (or if it still refuses to run), upload a copy of your
> HijackThis log to one of several dedicated malware removal forums and let
> one of their experts have a look at it.  These folks train for about a 
> year
> before they're allowed to handle anyone without any supervision and 
> they're
> VERY good at what they do.  Below is just one such site, but it's the one 
> I
> tend to recommend the most.
>
> http://www.techsupportforum.com/security-center/virus-trojan-spyware-help/
> OR
> http://tinyurl.com/6todlj
>
>    You'll find that they carefully pick the tools they tell you to use
> based on exactly what they see within your logs.  After running what they
> suggest, you'll need to post a new log so they can see the results.  That
> will often lead to the use of another utility to remove more.  You'll go
> back and forth with the person until they give you the 'all clear'.  Try 
> to
> give yourself plenty of time when you start so you can get through the
> procedures in one or two days
>
>
>    I'll now go and check out the links you provided.
>
> Peace,
> Gman
>
> "The only dumb questions are the ones we fail to ask"
>
> ----- Original Message ----- 
> From: "Dan Chisolm" <d0ct0rdan@xxxxxxxxxxx>
> To: <pctechtalk@xxxxxxxxxxxxx>
> Sent: Tuesday, January 27, 2009 9:13 AM
> Subject: -=PCTechTalk=- Need the Most Efficient & Effective for Viral
> Removal
>
>
>>
>> In your opinion where can I find an outline to remove malwares, viruses,
>> spywares, etc?
>>
>> I've tried sypbot, Ad-aware, and Avast.  These have detected and removed
>> about 53 inffections.  Currently, I'm running Panda ActiveScan; however,
>> it's been running for twelve hours and it's only 35% completed (while
>> indicating that it has found 47 infected files).  I'm concerned that
>> should I let it continue, there will still be infected files on the 
>> system
>> at its completion.  I'm interested in starting an approach that offer me 
>> a
>> reasonable chance for success at the completion.
>>
>> What do you think about the two YouTube videos found at
>> http://snipurl.com/atgj6?
>>
>> Thanks in advance for your thoughts.
>>
>> Dan
>
> ---------------------------------------------------------------
> Please remember to trim your replies (including this sentence and 
> everything below it) and adjust the subject line as necessary.
>
> To unsubscribe or change your email settings:
> http://www.freelists.org/webpage/pctechtalk
>
> To access our Archives:
> http://groups.yahoo.com/group/PCTechTalk/messages/
> http://www.freelists.org/archives/pctechtalk/
>
> To contact only the PCTT Mod Squad, write to:
> pctechtalk-moderators@xxxxxxxxxxxxx
>
> To join the PCTableTalk off-topic group, send a blank email to:
> pctabletalk+subscribe@xxxxxxxxxxxxxxxx
> ---------------------------------------------------------------
>
> 


---------------------------------------------------------------
Please remember to trim your replies (including this sentence and everything 
below it) and adjust the subject line as necessary.

To unsubscribe or change your email settings:
http://www.freelists.org/webpage/pctechtalk

To access our Archives:
http://groups.yahoo.com/group/PCTechTalk/messages/
http://www.freelists.org/archives/pctechtalk/

To contact only the PCTT Mod Squad, write to:
pctechtalk-moderators@xxxxxxxxxxxxx

To join the PCTableTalk off-topic group, send a blank email to:
pctabletalk+subscribe@xxxxxxxxxxxxxxxx
---------------------------------------------------------------

Other related posts: