Jump to content



Photo

What is the most effective way of removing Malware?


  • Please log in to reply
22 replies to this topic

#1 kompact

kompact

    Neowinian

  • Joined: 25-October 05

Posted 22 December 2013 - 18:42

I got out of the computer game years ago to go do other things. I have not kept up on the most effective methods of removing malware.

 

Back in the day it was best to remove the hdd and toss it in a clean system and do a virus scan on it. After that we would put it back in the original pc, boot into safe mode and run another scan from that machine.

 

1. Is that still the best way to go about things?

 

2. What are the best tools to use these days to remove rootkits, virus, malware, etc?

 

3. What tools are a waste of time?

 

Thanks :)

 

 




#2 Aheer.R.S.

Aheer.R.S.

    I cannot Teach Him, the Boy has no Patience!

  • Tech Issues Solved: 9
  • Joined: 15-October 10

Posted 22 December 2013 - 18:45

Kaspersky tssd killer
Malwarebytes
Any reputable internet security suite come to mind

I wont recommend any brands as someone will sooner or later pipe up to say my choices are junk

#3 +Phouchg

Phouchg

    Resident Misanthrope

  • Tech Issues Solved: 9
  • Joined: 28-March 11
  • Location: Neowin Detainment Camp

Posted 22 December 2013 - 20:18

I would agree that scanning it in another system with some bootable rescue CD (that can update itself) is the safest course.

If there was a definite proof of malware, I would not agree on running it after the cleaning, regardless of results. I'd take important files and settings only and then go for a clean slate.



#4 Som

Som

    Neowinian

  • Joined: 14-December 06
  • Location: Ireland

Posted 22 December 2013 - 20:33

combofix & malwarebytes



#5 Atomic Wanderer Chicken

Atomic Wanderer Chicken

    Assistant Special Agent Chicken in charge

  • Tech Issues Solved: 5
  • Joined: 20-August 12
  • Location: Black Mesa Research Facility, USA
  • OS: Windows 95 with Microsoft Plus
  • Phone: Motorola MicroTAC Elite

Posted 22 December 2013 - 20:35

Malwarebyes is the best  removal software! I have used it for many years to scan and get rid of things from Trojan horses to adware. :)



#6 +goretsky

goretsky

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 12-March 04
  • Location: Southern California

Posted 23 December 2013 - 07:18

Hello,

 

The most effective way of removing malware is to erase the drive and then reload the operating system and applications from their original media and your data from your backups.

 

The second most effective operation is to contact your anti-malware developers technical support department and have them walk you through removing the malware, or remotely connect to your computer and remove it.  They are going to be the experts on what that particular family of malware is doing right now to users' systems, and know the exact steps needed to remove it as well as any changes it might have made to the system.

 

Regards,

 

Aryeh Goretsky



#7 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 96
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 23 December 2013 - 16:14

^ agreed!!!

"The most effective way of removing malware is to erase the drive and then reload the operating system and applications from their original media and your data from your backups."

I say NUKE it from Orbit it is the ONLY way to be sure ;) This is quite often less time consuming, and really the only way to be 100% sure your clean.

Now I rarely do this for users machines - I will normally just clean them off best I can, where I am 90% sure its gone.. But if it was my machine. Lets pretend I let some retarded people use it for some reason, how else would it get infected? ;) heheheeheh I would most likely wipe it, so that I was 100% sure..

#8 incendy

incendy

    Neowinian

  • Tech Issues Solved: 1
  • Joined: 21-October 05

Posted 23 December 2013 - 16:18

Depends on the malware, but usually System Restore will take care of most of it the best. Some malware affects system restore files, but 95% of the time it is the easiest and best way to get rid of it. Just make sure you pick a date before your system was infected.



#9 Max Norris

Max Norris

    Neowinian Senior

  • Tech Issues Solved: 17
  • Joined: 20-February 11
  • OS: Windows 8.1, BSD Unix
  • Phone: HTC One (Home) Lumia 1020 (Work)

Posted 23 December 2013 - 16:21

Personally, best way is to not get infected in the first place.  Safe browsing habits, make use of sandboxes, keep your software up to date so any app/OS vulnerabilities are patched, stop running everything as admin/root, etc etc.  Probably 99% of the time it's the user's fault it happened in the first place.. it doesn't appear out of thin air.   Proactive versus reactive. When all else fails.. yea I'd go for the "nuke it from orbit" method too, make use of that handy backup that you should be making regularly.



#10 +riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 23 December 2013 - 16:26

Hello,

boot-and-nuke.jpg

If that fails, contact Budman ASAP.

#11 GotBored

GotBored

    Brain Trust

  • Tech Issues Solved: 3
  • Joined: 24-June 13
  • OS: Windows 8.1
  • Phone: iPhone 5

Posted 23 December 2013 - 16:27

Format the Hard drive and re-install OS is the cleanest way, but overkill in most cases.

 

Just get an Internet Security suite and clean it, cleans most malware and if it infected OS files you may need to put your OS disc in and do a system repair.



#12 OP kompact

kompact

    Neowinian

  • Joined: 25-October 05

Posted 23 December 2013 - 17:30

Appreciate the advice guys, thanks.



#13 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 96
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 23 December 2013 - 20:12

"Just get an Internet Security suite and clean it, cleans most malware"

Well how and the F did they get infected in the first place then? What about those it doesn't? There is no such thing as software that can detect let alone clean all forms of malware/virus/trojans/payware/ransomware/etc

This badware lets call it changes by the minute to be honest, there is always a new variants, a new zero day a new nasty pos software that will show what its going to do in very small print that you agreed too, so many of the major player tools can not even touch those because the user agreed to install them.. Oh and there is a bug in their uninstall "that they are working on" where it might not uninstall on "rare" occasions..

Its rare to come across a box that is just infested with 1 thing, its more than likely a whole nest of crap!! Now you can run all the tools you know about, and it might look clean tool X found abc, tool Y found 123, tool Z shows clean.. Does that mean your clean or that XY and Z just don't detect what your infected with and you needed to run tool W as well.

If its your box - hey fine XYZ shows it clean.. But if my box.. NUKE IT, sorry its the ONLY way to be sure! Overkill I say not ;) Not when it comes to my computer.. Sorry.

#14 ozgeek

ozgeek

    Neowinian Senior

  • Tech Issues Solved: 1
  • Joined: 08-June 03
  • Location: Queensland, Australia

Posted 23 December 2013 - 20:23

 

only effective way



#15 AR556

AR556

    Neowinian Senior

  • Joined: 07-August 03

Posted 23 December 2013 - 20:50

*Boot it from a Kaspersky rescue CD, full scan.

*Run Ccleaner, Empty restore points.

*Run full scan of TDSSkiller, Malwarebytes, and Superantispyware.

*Reboot, scan again, make sure nothing fishy set to startup.

*Scan with ESET online scanner.

*Fully update Windows and any other programs like Flash, Reader, etc.

*Remove Java and explain to person that its the devil.

*Install reputable AV and set Windows Update to auto.

*Make a system image.

 

Preferably I'd rather Just wipe/reload as I can't trust the machine anymore. Some people just make that too difficult an option because they're missing application discs for things I can't get.