Original Article at: http://www.tfsnetworks.com/repair/virus-spyware-removal/

Virus and Spyware Removal. When you find someone that really knows how to do this properly it usually does not take a very long time.  (Usually about an hour or two at the most depending on the severity of the infection.) Occasionally a new virus or spyware will come out and there is a lag time to get a proper solution or fix for it.

When a virus or spyware is brand new and there is not yet a fix for it, we call that a zero hour virus.  The anti-virus and anti-spyware programs have not yet updated to take care of such a virus or spyware development.  But usually within a day or two…the new virus is added to the databases of those who fight against them.

Most technicians who are worth their salt will make use of some manual scanning because they know what to look for, but they will also use some great tools such as MalwareBytes,  Spybot Search and Destroy, Avast, Avira, AVG, ComboFix, Hitman Pro, and others to eliminate traces of spyware and viruses from your computer.

Whatever the ultimate solution is…it usually ends up being a combination of several Anti-Spyware and Anti-Virus tools and a manual scanning of the Windows registry using tools such as Autoruns or HiJackThis.  The manual part of this process is to identify random looking .dll’s or processes that are in start up folders ready to attack your computer when you boot it up.

When imposter or intruder registry entries are found they usually point the way to the file’s location.  Once the registry startups and the files have been removed from their primary locations they can not run any longer and the primary evidence of infection, such as popups, desktop hijacking, and process stopping symptoms tend to fade.

In the cases of more insidious infections such as root kits, the virus or spyware is given access to system level files in a very sneaky way, somewhat akin to the old shell game.  Once the virus has gained low-level access at the root of the hard disk it can be quite difficult to eradicate.  That is when we end up bringing in tools like ComboFix and Hitman Pro to scan the system in safe mode and then re-scan it on reboot before the process can dig in to the system again.   Of course this is discussing the situation in laymen’s terms to some degree.  Even I do not memorize all the gritty details of operating system permissions.

These kinds of tools that help the technician remove even low level root kits are available for free and generally free tools is all you need if you know a little about what you are doing.  A typical virus removal starts with a manual scan of registry to disable the primary cause of infection, followed by a root kit scanner, and then cleaned up with an anti-spyware scan.  If you can run an anti-virus scan in completion without any infections we usually call it a done deal.  As you can imagine, we spend more time waiting for scans to complete than anything else.

Occasionally a really nasty virus will infect a system beyond reasonable possibility to fix, having destroyed system processes and functions that are critical to the operation of the computer.  When this is the case it is usually just faster to back up the data, and reload the computer.   This is usually slightly more expensive in cost than a standard 2 hour virus repair.

I hope some of these tips help you solve your computer issues.  If not, then don’t forget to give me a call.  Many things can be resolved using remote online support through your broadband internet connection.

Greg Eddolls – Owner/Operator – TFS Networks

(928) 925-8679