Virus Removal... Your selected weapons?

So im getting a laptop that needs repair this weekend, and its infected which sparked an idea for me.

What do you people personally use for removal of malware?

Now this guys laptop has an infected registry and is stopping him from accessing security sites, naturally the guy thinks his other PC will fix this issue, which personally i would say makes the problem worse.

So what tools would you use for such problems?

My plan is as follows.

Malwarebytes - I shall try load this into the system, security sites maybe blocked for him, but there maybe a small chance that i can get a suite installed.

Katana flash drive - the fact it has rescue disks on it is a bonus, plus i have Gparted on a small drive and Katana comes with Backtrack also, i should be very well protected thanks to the linux kernel. just face the problem of wiping the drive without getting infected too lol.

Nuke and Boot & Windows disks - if i cant remove the malware well what else is there to do, nuke the disk so im sure the disk is wiped and then reinstall whatever version of windows he has (I expect XP) hopefully it doesnt come to this, allowing a 1/2 day rescue time before i choose this.

But i do face some problems with doing this job.

I cant connect to a network, so rescue disks may not work.

Again my flash drive could become victim to the infection, hopefully not but if not i need to wipe it without getting my system damaged, malwarebytes should protect me :)

Recovery of his files, to say they are possibly infected.

So we shall see, but post below what you would use to remove this threat, would be nice to test some new tools out on this :) i will possibly report my findings of what he has virus wise and what tools worked :)

This is going to sound douchey but I just use linux. On windows I try and stick with trusted websites such as filehippo or ninite. Other than that, you sound like you got it pretty together as far as software goes.

I use linux also, but mainly windows now due to adobe still been on here and games, also tempted to add spybot into the mix now that they updated their software :)

I don't even use an antivirus and my PC has never been infected.

Use the latest version of Combofix. You can then followup with malwarebytes if you want a second opinion. :D

That is by far a terrible thing to think. Not all viruses are up front. You could very well have some spyware sitting in your machine but because you dont have any form of anti virus, You wont know. Any website can infect a system with a virus. Bad adds, Hacked sites without knowing. Just bad sites all together. A computer will oftine face a virus even from popular sites every few days to maybe a week. When you understand that 80% of all websites are scams, It makes more sence. I have witnessed my ISP using direct packet injection to place adds on all my webpages. One of the adds started infecting computers on my network. I was on the phone to telstra so quick. 

The moral of the story is, Always have something. I use EsetEndpoint AntiVirus. Most people wont need anything like a corperat level antivirus but I like to be extra secure. Also stay away from Norton for the love of god. 

To clean a hdd thats infected, The best thing is to grab a sata to usb cable, If you dont have one, Open up an old external HDD and take the front. Plug it into a quarintiene machine and do he scans with your pefered antivirus. I just use Malware Bites and Eset. If its really bad or you dont mind spending a day reinstalling software. Just grab the files you want to keep, (Scan them just to be sure) and reload windows. Sometimes its just the easier thing to do rather than spending days trying to clean out the infection and oftine finding traces left that have corrupted windows.

I've just had a fun time manually removing malware. It was mainly attacking my browser, and it didn't show up in control panel.

To delete the files

%programdata%

%appdata%

and in browser

about:config

Hopefully that's taken care of it. I don't trust many of these anti-malware programs, they are just as bad as the malware.

If that hasn't taken care of it, I often plan fresh installs of my OS whenever I feel it is important to do so. Save important files, format drives.

I've exceeded my internet usage this month. Next month, when my anticipated game is released, I will reinstall my OS, a few useful programs, the game I want. It's a matter of finding the right time.

I rely on a multitude of software including MalwareBytes and Kaspersky Anti virus. I use an old version of Spybot that still updates its threat database this seems to block a lot of crap such as trackers that websites install.

If I had to remove everything and start from scratch Boot and Nuke is something I always recommend.

I also make a habit of using CCleaner on a persons machine if possible afterwards to fix any registry gaps the malware removal can leave.

If you know what your doing and not expose that PC to malicious software/sites then there's no need for an antivirus for people who don't mind formatting as soon as there is a problem. I back files up, scan them, and use linux if need be. Eset pales in comparision with bitdefender or avg. Avast is basically nothing, only slows your windows. Security essentials, while it's also just an onion peel compared to a proper antivirus, it's good enough for quick scans on old files (by then definitions would be updated one would think).

Call me retarded if you so desire but I believe most of these anti-spyware tools themselves are spyware. Skepticism is good, and so is working on a clean windows install. Have precious data you don't want to lose? Don't use windows or osx, use linux and visit secure and encrypted sites, while also not inserting foreign removable media in your PC. Just like STDs.

As far as software goes I did use a PCMagazine repair disk in the past (linux :P)

• Ccleaner
• Avast or Vipre
• Hiren's Boot CD
• Malwarebytes
• Common sense

Most people don't have common sense when they're thinking with their dicks or when are lured into greedy scams, you need scruples rather.

Virus Removal... Your selected weapons?

Prevention... prevention... prevention!!!

Surf the web in a sandbox, torrent and test in a virtual machine.

Be smart, be safe and us a proxy :)

I would add SpyBot- SD to your list. Used after you remove the malware. Just in case.

Actually , while i have all the common tools i prefer wipe , reinstall its really the best way. Everything important to me is stored to externals. So my boot os and storage drives are temporary . Also makes it no big deal should there be issues. Frankly spending the time to clean a virus or a nasty malware is not worth the time its takes. You should be wiping and reinstalling every so often anyway.

The first thing i do when i get a virus is 'System Restore' and BAM! virus gone

I've never used it, but I've heard of a piece of software called ComboFix which is apparently some sort of anti-virus nuke. Maybe be worth looking at.

System Restore may be a good option to start off with to kill any active or background running virus processes. This still may not fully remove registry hacks or virus files. I've personally found RogueKiller to be brilliant at finding registry hacks as well as root/boot kits and only takes a few minutes to run. Malwarebytes is a pretty decent scanner on it's own but used in conjunction with probably RogueKiller and maybe Kaspersky Virus Removal tool I have found few infections that are left unfound.