CORRECT Procedure for VIRUS removal

Discussion in 'malware problems & news' started by creamop66, Mar 7, 2006.

Thread Status:
Not open for further replies.
  1. creamop66

    creamop66 Registered Member

    Joined:
    Mar 7, 2006
    Posts:
    3
    Hi,
    My first post........Ok. Could someone please verify the Correct procedure to remove a VIRUS ect.
    Here the situation.... I've scanned my computer with "A" antivirus. It finds a Virus..say the "blah blah" virus. Does it depend on WERE it finds the virus that determines my next moveo_O Does how many times it finds the "blah blah " virus matter ie. multiple files/registry entries.Ok say it finds it once in a file I downloaded BUT never executed.... am I safe to just DELETE the file?? should I let the AV program try and FIX ito_O What if I find it in a file I downloaded and in the operating system....registry and system fileso_O Should I just delete them all?? let the AV program try and fix it?? Should I visit the AV programs website and see if it has a REPAIR TOOL for "blah blah"o_O Should I see if the AV program can delete the files...if NOT try fix IT?? if it CAN NOT FIX it do I then visit the AV companyo_O?


    I hope I havent made things toooo complicated,

    Thanks for any help.
     
  2. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    Possibly; for example, if the bug is found in your Java cache, temp internet files, among your restore points or in an archive etc you may be taking different action than if it is installed and running from C:\Windows\System32.
    Multiple entries may suggest it is a virus that is spreading in your system or an installed trojan that is downloading stuff on you - obviously that is more serious than a lone entry in an archive.
    If the malware has never got running and installed itself, then it is pretty much 'dead meat' on your system and deleting the file will get rid of it.
    If you mean by 'fix' that the file should be 'repaired', 'treated', 'cleaned', or whatever jargon the AV company uses, then that only applies to viruses which infect system files - it has no application to the majority of infections, which are likely to be trojan files that are simply deleted.
    Well there is no need to manually delete something if your AV will kindly do the job for you - especially since the AV will most likely erase (that is overwrite) the file which is even better than merely deleting it.
    Oh! so it has got installed? Then go through the following routine:-

    1) Disable system restore;

    2) Clean out all your temp windows, internet, and other temp files;

    3) Boot into 'safe' mode;

    4) Scan with your AV, AT and AS scanners, all of which should be using latest definitions;

    5) Do an online scan to see if you are now clean.
    If the above doesn't work and there is a special tool available, then use it - so long as you know what you are doing!
    What are you looking to fix here, the file or the AV?

    Infected files are not 'fixed' they are deleted. The only exception (apart from trying to pick through an archive) being important system files infected by a virus - but this is a special case and repairing such files is often problematic in any case.
     
  3. creamop66

    creamop66 Registered Member

    Joined:
    Mar 7, 2006
    Posts:
    3
    thanks for the exellent response....this was all "what if"..... been getting a few jobs off freinds to clean their computers and they have all gone well....so I've decided to try my luck in the computer fixin game.
    whats your opinion on using "PE" and "RESCUE DISKS" to clean computers of malware?? While I find it does a good job , and the fact you dont have to waste time installing software is great.BUT the fact that they dont scan the systems "c drive" registry is a bit disapointing....that is antivirus programs run from a "preinstalled enviroment , see the registry as the one they are running within and not the one one "c drive".Not to sure about rescue disk?? Mind you use pe builder to make kaspersky's.

    thanks
     
Loading...
Thread Status:
Not open for further replies.