what av to use to clean infected computer?

Discussion in 'NOD32 version 2 Forum' started by trojan hunter, Feb 28, 2004.

Thread Status:
Not open for further replies.
  1. trojan hunter

    trojan hunter Registered Member

    Joined:
    Dec 31, 2003
    Posts:
    19
    Location:
    Seminole, Florida
    I tried to clean a customer's computer today with trial version of nod32
    much to my surprise it didn't find anything.
    the customer called me in because avg had found stuff recently but coulcn't clean it.

    I removed avg and installed nod32 and ran the scan. "nothing"

    then I went to trend micro and it found 15 infected files and I deleted them.
    I then reinstalled the av program and ran it with clean results.

    I gather that the virus disabled the av programs ?

    Some of my friends use stinger to clean a machine.
    but that wasn't available at the time.

    So what is reccommended as an initial cleaner?

    thanks
     
  2. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    Hi and welcome to Wilders forums ;)
    When you install the trial, had you updated the bases?, Please click on Update and Update now.
    Please click on Start, execute and write the following: "C:\Porgram Files\ESET\nod32.exe" /ah /mailbox+ /scanmem+ /sound+ /selfcheck+ /break+ /pattern+ /scanfile+ /heur+ /scanboot+ /scanmbr+ /pack+ /all /heurdeep /log+ /arch+
    With those command switches, NOD will use all detection feature including its Advanced Heuristic.
    If those doesn't work, please start your pc in safe mode and follow the above instructions. If nothing occur, please send the file in question to samples@nod32.com
     
  3. trojan hunter

    trojan hunter Registered Member

    Joined:
    Dec 31, 2003
    Posts:
    19
    Location:
    Seminole, Florida
    no I just installed the program
    Obviously there's more to learn about using this program
    thanks for the info
     
  4. ragamix

    ragamix Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    17
    Location:
    Bratislava, Slovak republic
    hello,
    features like scan inside archives, scan compressed executables etc. are disabled when you install NOD so you need to enable them first. you can do this like sir_carew suggested or also in the program itself. the only thing I wouldn't do is use advanced heuristic to scan the whole disk.. [/ah switch] as it would take too long. I would use advanced heuristic only to scan the files in question.
     
  5. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    Sorry to seem a little off but if you are being trusted to clean someone elses machine(customer or just a friend)you should use a program you know and are familiar with,and if you are working in a professinal capacity you should REALLY know a AV programs need to have the latst updates to be effective
     
  6. trojan hunter

    trojan hunter Registered Member

    Joined:
    Dec 31, 2003
    Posts:
    19
    Location:
    Seminole, Florida
    I freely confessed my sins.

    Your lecture on my omissions was unncecessary

    I had to use the only thing I had available at the moment.

    I was interested in the methodoly used by others

    My apologies to other more understanding members
     
  7. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    Trojan hunter:-Sorry didn't mean to sound like lecture!
    Steve
     
  8. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    We use Nod32 installed on a clean machine (fully tweaked up and up-to-date). The infected drive is then "slaved" off the clean PC and a scan (clean) with Nod is run on the second drive (the infected drive). When Nod eventually comes up clean, a final scan is run with a up-to-date alternative anti-virus program (just to be sure).

    When all this is finnished, Nod is then installed on the now clean PC as well as a Firewall, Spybot Search and Destroy, Spyware Blaster and Spyware Guard.

    Hope this helps...

    Cheers :D
     
  9. trojan hunter

    trojan hunter Registered Member

    Joined:
    Dec 31, 2003
    Posts:
    19
    Location:
    Seminole, Florida
    thanks that's an idea
    will work for my in shop machines
    probably half my work is done on customer's premises
    cut's down on travel time and I get it over with and paid.
    does anyone use the dos nod program ?
    reminds me of the old day's with an av disk in my bag.

    I used the command line setup[trial version] specified earlier    

    "C:\Program Files\ESET\nod32.exe" /ah /mailbox+ /scanmem+ /sound+ /selfcheck+ /break+ /pattern+ /scanfile+ /heur+ /scanboot+ /scanmbr+ /pack+ /all /heurdeep /log+ /arch+

    3 times today at customer's residences and it all went.

    I would love to have a version my customer's could download & buy from my web site that was almost idiot proof.

    thanks
     
  10. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    A lot of our work is onsite as well, we take a standard clean PC with the side off, and a 1.5m 12v Power Cable and 1.5m IDE Cable. This allows us to place individual PC's alongside the clean PC and plug it's infected drive in as a slave, without having to remove the hard drives from their PC's..

    We also tweak up Nod on their system, and give them step by step instructions on how to keep their system secure and up-to-date, this makes it as "Bullet Proof" as possible, it still requires action on the customers part, however, gives you the least amount of headaches :D

    If you message me, I'll give you a copy of what we send out with every Nod32 license...

    Cheers :D
     
Thread Status:
Not open for further replies.