Video Screencast Help
Security Community Blog

Less time searching more time cleaning

B and P
Created: 22 May 2014 • Updated: 27 May 2014
The Conquistador's picture
+2 2 Votes
Login to vote

Every now and then I come across infections that are not picked up by SEP, or they happen to be picked up by SEP, but they only register "newly infected" or "Still infected"
The worst thing about these types of infections is there is not much on the surface. Some malware will stand out at you and pretty much tell you, "HEY YOU ARE INFECTED" by running it's own "level of protection" This will prevent you from running other programs or even accessing the internet to get files that can be beneficial in cleaning out this mess.

I have noticed that whenever things like this occur, I have to either google and/or download different parts of programs even though I already have an AV Program installed. One of the things I do is download MalwareBytes Anti Malware and the Norton Power eraser. These have been the two most powerful tools I have had in cleaning up infected files.
Once run, I am able to make great progress and get a PC/Server back on track. There are other programs that are not so blatant about their existence (RootKits) and I take the same approach by using MWB and the NPE.exe.
In a previous blog I have listed my steps of how to clean up a PC/Server if it becomes infected. I have used other tools out there such as TDDSKiller.exe and MS Defender and MS Security essentials; however I was never able to get the same results as I did using MWB and NPE.exe.
I am basically writing this blog to try to save readers time from extensive searches that may or may not yield the answers you are looking for. If you have an infected system, I strongly recommend using NPE.exe to scan, once that is done, follow up with MWB, always read what it is that has been found this way you ensure you do not delete something that is actually a good file. NPE.exe has saved me from system file damage that would have been irreparable without it and the PC/Server O/S would have needed to have been reinstalled. Save yourself some time and headaches of lengthy searches and start out with NPE.exe and MWB. If it doesn't clean up everything, it will immensely help you to get your systems back up and running to their fullest potential.