Best Automated Virus removal Procedure

Hello Everyone!

I'm been in the PC support game for the better part of 11 years or so. In the first 9 years of my career, I have been blessed by working for an organization that was serious about keeping up to date operating system images for every make of computer we had in the enterprise. When we would get a virus, we would have the user reboot, press F11 and deploy a new image in ~10 mins and all their settings were stored on our servers, ect. You all know the drill I'm sure.

Since I have been on my own for the last two years, and most of these customers dont have the money or time to invest in a good imaging platform, What is a good Product/Process you recommend for removing viruses and malware that works 90% of the time and takes less than a day to run? I have some clients that have standalone machines that get viruses all the time and I'm constantly in there picking up the pieces that are left behind by Kaspersky and Avast!.
I have a "process" were I go in, boot that machine into safe mode, run MBAM, then SUPERantispyware, then Microsoft Security Essentials - once those three are run I give Ccleaner a go to clean out the registry and temp files. I keep thinking that there is a better way. I tried searching but with the litany of anti virus/malware products out there, I don't even know what keywords to search for.

What would you guys reccommend? Is there a process that you guys have or a product that you swear by?

Thanks a lot!
LVL 1
r1ckm4nAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

edster9999Commented:
Any good AV program (I use Norton AV) and a good malware program (I use SpyBot)
If you have these 2 programs in place it will stop most things getting onto the PC.
If they do get on then a scan takes about 1-2 hours for each program and in hard cases you may need to reboot in safe mode and run it again there or remove the program manually.
r1ckm4nAuthor Commented:
Most of my clients that are using up to date versions of norton are the first to call me with things like that PC Security 2012 virus...
edster9999Commented:
well you need one more thing..... You need AV, Anti-Malware.....and.... some user education telling them not to click on links on sites like that ;)

Virus Depot: Cyber Crime Becomes Big Business

The rising threat of malware-as-a-service is not one to be overlooked. Malware-as-a-service is growing and easily purchased from a full-service cyber-criminal store in a “Virus Depot” fashion. View our webinar recording to learn how to best defend against these attacks!

Mez4343Commented:
Best process for me is:
1)CCleaner
2)Malwarebytes
3) Full scan Anti-Virus (any brand but not a free one like AVG. Had some problems here and there)

I dont know of a standalone,1 provider solution to take care of both Spyware and Virus, so the process is only way.
stevepcguyCommented:
While people have ridiculed me for having Norton 360 and called it "bloatware", I have found that it's quite good at catching nasty stuff like the latest "Antivirus 2012" malware. If you are on your own and don't have access to images for your clients, I've found MBAM and ccclean to be very good in my experience, even in an enterprise environment. Trouble is, you can't make individuals conform to enterprise best practices, so you're a bit stuck.

Keep up the good fight!
rettif9DaleCommented:
Here are two articles posted here on E-E that are worthwhile reading;
Stop-the-Bleeding-First-Aid-for-Malware
Rogue-Killer-What-a-great-name

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
r1ckm4nAuthor Commented:
Mez,

You run CCleaner before you go into MBAM? I always made it my last stop before a reboot to clean out orphaned keys and the like.

younghvCommented:
r1ckm4n -
You are absolutely right!
NEVER run any of the 'cleaner' programs until you are 100% sure that the system is malware free. Many variants move files and folders from the user's profile to the "Temp" directories and any 'cleaner' program will delete them.

In addition to the EE Articles mentioned above, please read these two about "Prevention" and "Best Practices" (if you are infected).

MALWARE - "An Ounce of Prevention..."
Malware Fighting – Best Practices
sbcookeCommented:
I've found the registered version of Malwarebytes very effective at blocking almost all viruses including rootkits. For the one(s) that may slip by, Malwarebytes is a very effective tool to extricate the little nasties.  The latest Malwarebytes release (1.6.0.1600) is also very effective at blocking 'scareware' from getting into a user's computer. Education and common sense however are still the best practices for computer users. Prevention is still the best medicine.  
Mez4343Commented:
@r1ckm4n:

<<You run CCleaner before you go into MBAM? I always made it my last stop before a reboot to clean out orphaned keys and the like. >>

Yes, I had a customer that had 13 virus/malware programs on the laptop. Malwarebytes wouldnt run because virus was preventing internet access. I ran CCleaner first and it luckily made it possible to run Malware Update and scan to clean up the malware. Then ran AV Full Scan.

IMO, it doesnt hurt to run CCleaner first and last.
younghvCommented:
@Mez4343.
As stated earlier, there are variants of malware that move critical data files and folders into the Temp directory - which CCleaner permanently deletes by default.

It would very much 'hurt' anyone who lost all of the data files in their profile because some technician improperly ran a temp cleaner.

In all likelihood, malwarebytes probably couldn't run because there were rogue processes blocking it - hence the recommendation to run a rogue stopper (RogueKiller or RKill).

Please be cautious about posting your 'my way' advice. It can have a very detrimental effect on the people we are trying to help.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Legacy OS

From novice to tech pro — start learning today.