Jump to content
Seth

Disabling startup items when cleaning a system

Recommended Posts

Wasn't sure what forum to post this in:

As a computer tech, I'm having to clean systems of various types of malware almost on a daily basis. My two scanners of choice are SAS and BitDefender. BTW Nick, I recommend SAS to all my customers and am seriously considering the possibility of becoming a reseller.

Anyway, one step I perform before disinfection is disabling all the startup items in msconfig. Many of these items are malware. Through the various steps I perform, I've always succeeded in the disinfection. However, occasionaly I have to do run a manaul file and reg search to remove a particularly stubborn entry.

My question is this: On a particular malware removal forum that I occasionaly check out, they request the user enable all malware items in msconfig before running scans. Yet, I've never had to do that.

So what do you recommend? Disable the malware startup entries or leave them running?

Thanks

Share this post


Link to post
Share on other sites
Wasn't sure what forum to post this in:

As a computer tech, I'm having to clean systems of various types of malware almost on a daily basis. My two scanners of choice are SAS and BitDefender. BTW Nick, I recommend SAS to all my customers and am seriously considering the possibility of becoming a reseller.

Anyway, one step I perform before disinfection is disabling all the startup items in msconfig. Many of these items are malware. Through the various steps I perform, I've always succeeded in the disinfection. However, occasionaly I have to do run a manaul file and reg search to remove a particularly stubborn entry.

My question is this: On a particular malware removal forum that I occasionaly check out, they request the user enable all malware items in msconfig before running scans. Yet, I've never had to do that.

So what do you recommend? Disable the malware startup entries or leave them running?

Thanks

First, thank you so much for recommending our software - and if you would like to be a reseller, we would certainly welcome you.

Regarding the enabling of startup items, my hunch is that this is done so the scanners can "find" those links immediately because some scanners don't truley scan the whole drive, that's why they scan fast, and that's why SUPERAntispyware scans slower, because we do scan the whole drive (on a complete scan).

What I would suggest instead, is installing SUPERAntiSpyware (by they way, we are looking at a stand alone version that can run from USB/removable media), then boot to Safe Mode and perform the scan there - Windows by default won't load anything in the startup/run keys, but the links will remain for the scanners to pick up quickly and rid the system of those links - this also gives you a shot at many of the kernel drivers/rootkits as some of them don't put themselves in the SafeBoot keys to start in Safe Mode.

If there is anything we can do to help, don't hesitate to contact us. If find samples/infections we don't remove, PLEASE submit the samples to samples AT superantispyware.com and we will analyze them and update our definitions promptly.

Share this post


Link to post
Share on other sites

Thanks Nick.

I'll utilize your scanning suggestions and submit samples as needed. I'll also PM you soon for reseller information.

Share this post


Link to post
Share on other sites
Thanks Nick.

I'll utilize your scanning suggestions and submit samples as needed. I'll also PM you soon for reseller information.

Seth sounds great! Just let us know if we can help in any way, and thank you again for recommending and using our product!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...