- Apr 26, 2011
- 2,779
For what it is worth, I like to first scan with HitMan Pro. If it finds something ugly, I then use HijackThis and check every box and click fix (I can do that because I always make sure any non-threatening line items are marked as safe so when I do get an infection I can check all boxes without fear--restore points and backups intact).
After those two steps I go to safe mode with networking and update MBAM, SAS, Dr. Web, and Avira. I scan with their on- demand scanners and remove any threats.
Then I reboot and run TDSS Killer and Norton Power Eraser with its rootkit scan.
I finish up with GMER. Then I utilize SpyDll Remover or Process Hacker 2 to make sure there are no unusual processes running.
You might ask, "Why doesn't that lunatic scan with GMER right out of the gate?". The simple answer is that I want rapid intelligence pertinent to the most serious threat to my system, followed by a quick disable of some of its activities, and then retreat to a safe haven in SAFE MODE to start hammering on the pest(s).
It sounds like a lot, but the Safe Mode operations are the only slow part of the process.
By the way, sometimes I like to use the AutoRuns EVERYTHING tab to complement Process Hacker 2 and SpyDll Remover.
If I have a BROKEN ARROW, I call it in to the appropriate techs so we can break out ComboFix together. Hooyah!!!
Note: I am in no way criticizing the MRGW, as it is much more thorough than my method would be for the typical user. I think MRGW is fine and gracefully evolving. I just wanted to share.
After those two steps I go to safe mode with networking and update MBAM, SAS, Dr. Web, and Avira. I scan with their on- demand scanners and remove any threats.
Then I reboot and run TDSS Killer and Norton Power Eraser with its rootkit scan.
I finish up with GMER. Then I utilize SpyDll Remover or Process Hacker 2 to make sure there are no unusual processes running.
You might ask, "Why doesn't that lunatic scan with GMER right out of the gate?". The simple answer is that I want rapid intelligence pertinent to the most serious threat to my system, followed by a quick disable of some of its activities, and then retreat to a safe haven in SAFE MODE to start hammering on the pest(s).
It sounds like a lot, but the Safe Mode operations are the only slow part of the process.
By the way, sometimes I like to use the AutoRuns EVERYTHING tab to complement Process Hacker 2 and SpyDll Remover.
If I have a BROKEN ARROW, I call it in to the appropriate techs so we can break out ComboFix together. Hooyah!!!
Note: I am in no way criticizing the MRGW, as it is much more thorough than my method would be for the typical user. I think MRGW is fine and gracefully evolving. I just wanted to share.