Avast?

MSE?

Spybot?

Unfortunately, MBAM is considered THE program to use. Not just my opinion, but that of many other techs out there. Before MBAM came along, I used a combo of AdAware and Spybot S&D, but after using MBAM for a couple of months in testing, I found that there was nothing that the other two found that MBAM didn't. It's that freaking good.

I said "unfortunately" for a reason: those bad guys writing malware also know how good MBAM is, and will do their best to disable it or prevent it from updating. The latest way of doing this is one I just spent 5 days figuring out. Based on a rootkit known as "TLD", the virus "hooks" into a driver, which allows it to be loaded (in many cases) even in safe mode. The variant I played with took out the networking, so MBAM and Avira couldn't get updates to get rid of what was infected.

Using a various hodge-podge of utilities from bleepingcomputer.com, my own stash of rescue utils, and good old-fashioned copying good files over the bad, I got it going.

My tips:

-Run in safe mode (hit F8 before Windows starts to get a menu, and select). As stated above, if the infection is really nasty, even this won't work.

-If you have access to a known "clean" computer, you can use that to scan your drive by removing it and connecting it to a secondary port (desktop) or using an adapter (USB-Pata/Sata) for laptop/desktop drives. After this gets rid of the "big stuff", you'll replace the drive and boot. Windows XP should "think" longer, but Vista/Win7 will actually show a "Startup Repair" screen. Be patient. After the fix is done, re-run AV and MBAM in normal mode. Hopefully, everything works. If not...

-Using another computer with internet access and a CD burner, grab a copy of the Ultimate Boot CD (UBCD) here. It's only 360MBs, so it fits on ANY CD-R(W) you have lying around (I use a CDRW, so I can just overwrite when a new version comes out). Instructions are there on how to burn an ISO image to CD. This will be your boot utility, and it has a version of Avira Anti-virus that can scan the drive, as well as a small version of Linux that is used to run PartEd Magic.

WARNING! UBCD has utilities that can, and will (by design) hose your system beyond repair. If you do not understand what is going on, do not use the disk/program. You've been warned.

Select and run Avira from the "Others" menu after booting. If you don't read German, click on the Union Jack to switch to English. If that still finds nothing, then...

-Are you sure you've got a virus? UBCD can also be used to diagnose hardware problems with your machine. Select PartEd Magic (Linux) mode to check the drive(s) using the Smart Utility. Since you're running Linux at this point, if the drive(s) check out, then activate the network and browse the web to see if the rest of the system works. There's also a hardware browser to let you inspect what's working and what's not. If everything is still okay, then reboot UBCD and select "RAM --> Memcheck86+" from the main menu, and let it run a few passes to check for bad RAM. This also will heat things up to help find any overheating issues.

^I know that's a lot to digest, but the virus bad guys are not making things easier. I get very frustrated, and I know what the hell I'm doing. I currently have only one computer still running Windows (XP) - the rest run Linux, as I got tired of spending most of my time updating, installing, and scanning. Of course, everyone else uses Windows machines, so I'm still finding myself sitting in front of somebody's computer for days on end (yes, even on Christmas Day!) trying to get rid of whatever they caught from Bearshare or MyRedditTwitFace. {Sigh} (For those of you wondering why I don't just Nuke-&-Pave®, it's because when I tell these folks to back their sh!t up to an external drive, I'm apparently speaking Nihon-go or something.)

Note: If you can, post the specs/model of your computer, which version of Windows you've got, and your specific problem.

barcode
(I may take a while to bounce back in here, schedule permitting...)

http://www.customerssuck.com/board/s...ad.php?t=14226

Sticky at the top of this section. Feel free to look through there, and Barcode - you could easily add your advice in there so it's easier to find.

Rapscallion

On it, boss!

barcode

I don't actually know if I've got a virus. I just like to have these programs ready and willing, as it were, if things should get hinky in the future.

And of course, I got the darn thing to run--a complete scan!--after I posted. I swear, this computer runs half on fear... I was trying to scan today because AVG's been giving me "undefined errors" since the last time it updated itself, and then this morning AdAware also gave me an error message... but I updated everything, ran several scans, and rebooted. AdAware's not complaining, though AVG is still unhappy. I'm going to chalk that up to its latest update not being quite so good, I think.

(I've got ZoneAlarm, Avast, AVG [when it's not giving me undefined errors], AdAware, Superantispyware, and Spybot going as well. I'm a smidge paranoid.)

Sometimes if you have multiple AntiVirus software running, I hear that can cause some slowdowns as well. I'm more of a Mac person though, so take my advice with a grain of salt. I have been getting to putting the Mac OS on PC hardware for almost 2 years though now.

Every so often, maybe a year or two, sometimes it's good to just do a fresh install of your entire system. I recall Maximum PC's article on the order of installing things, which I believe was the actual OS install, then Windows updates, then anti-virus software. All of their issues are available free in pdf format if you're interested.

How new/old is your system too? Sometimes current software and software updates can slow things down over time.

Oh, I know having "too many" things running will slow things down, and I don't really have any complaints about the speed of my system.

I actually had a machine do this (already had antivirus, and the user re-installed the OS using the non-destructive restore, which put the trial version of Norton back in there without disabling the first one, and...). It didn't just slow that thing down - it made it crawl on the floor begging for someone to shoot it. Anyone have to wait 15 minutes for their desktop to appear? Or another two minutes to open up "My Computer", as the two scanners were hammering each others VDF? Not pretty.

Okay, for those keeping score...

-ZoneAlarm = Advanced Firewall, (dis)allows things in/out of system. <-- Check this! It may not be allowing AVG to grab the updates!

-Avast = Virus/malware checker
-AVG = Virus/malware checker <--Oops! Only ONE of these at a time! Pick one and stick with it! (As mentioned above, I like Avira, as I've had it royally kick AVG's a$$ up one data channel and down the other...*)

-AdAware = Malware removal
-Superantispyware = Malware removal
-Spybot S&D = Malware removal <-- Okay to have more than one of these, but as I mentioned above, I've found that MBAM does the job of at least two of these programs (never used Super), and then some. Save yourself some headaches, and drive space, and just use MBAM with Super as the backup. Also, check that Spybot's "TeaTimer" is disabled/uninstalled - I've had this do weird things on some machines, where others were fine with it.

barcode

* Once upon a time, this computer was having "issues", and I saw it already had AVG installed. So, why not? Well, after waiting three (3!) hours for it to give me something, I got kinda pissed. I uninstalled AVG, installed Avira, updated, ran a FULL scan, and had a virus report in front of me in less than 90 minutes, total. AVG's performance on that machine was, to put it politely, "less than stellar".

Something else i thought of... a worst case scenario, when the system is so slow to the point where you plan to reformat the drive...

See if you can pick up a Ubuntu Linux CD. Some of the Half Price Books around were selling them, but I don't see them as frequently anymore. Anyhow, you can boot from the CD (usually pressing F12 or similar when you boot up), and the machine will run from the CD. At that point you should be able to hook up an external hard drive or flash drive, then copy files from your hard drive to your external hard drive or flash drive.

Even better?

You know that UBCD I mentioned earlier? It has a copy of PartEd Magic, which is a Linux-booting multi-utility package that does all this. It'll run on a lowly 256MB Pentium-I class machine, and can copy or clone entire partitions, check hard drive status (SMART and diskchk), and even run a version of Ghost for Linux (G4L).

I used to carry around a Samsung tote to all my housecalls with various floppies and CDs. Once I found and used UBCD, I'm now down to two CDs (UBCD and a Fedora Spin) and a flash drive. If I know they're someone who never backs up data, then I may throw in my USB-SATA/PATA adapter and a blank hard drive, but I usually don't have to. Yup, that one CD has made my life a whole lot easier!

barcode

To expand a bit on what Barcode said...

Running more than one Anti-Virus program concurrently can not only make your system crawl as they both (all) try to simultaneously check the same file(s)/device(s) in real-time, they can actively damage one another (unintentionally) as AV-Prgm-A finds AV-Prgm-B's virus signature data files and attempts to remove them (because they look like a virus!). Gets particularly exciting if both are scanning at the same time because they will each find the others data files and nuke'em, all with the best of intentions.

As Barcode said, pick one, and only one, and stick with it. I happen to prefer Trend-Micro with Norton as a second choice, but hten I haven't had occasion to try AVG yet.

I've been anti-AVG for years. I actually have special dispensation to disable parts of it on my work computer because it hates me. >_<

The only reason we use it over Norton was at the time it had some network-based utility that Norton lacked.

While I wold suggest that nobody do this, I've been without an anti-virus since I got this machine, nearly two years ago. Although I do back-up my personal files about three times a year, so if I did have to nuke and pave, it wouldn't be very painful.

^-.-^

Well, it's not a war against AVG on my part, but there seems to be a "bloat" mentality with developers lately...

The higher-ups seem to equate that having 1000 functions shoved in their product, and all being turned on by default, means they've got the best {whatever} of the bunch. Sure, there are times you need to run around with a large truck, but if you want to zip through traffic easily, nothing beats a Geo Metro (Suzuki Swift). Sometimes, smaller is better.

The folks at MalwareBytes know this. The Avira folks know this. That's why I recommend them. They do what they do - no more, no less. It seems (to me) that once a program gets popular, the powers-that-be get a sudden case of the "Why Not?"s, and start bloating the hell out of what was once a really good package. I've seen it happen to Norton, McAfee, AdAware, AVG, et. al.

barcode
"The Unbloated"

P.S. I don't run anti-virus programs, either - I use Linux. On the one dual-booter I have, I only use Windows to run MBAM and Avira to scan other drives.