In the past year and a half or so I’ve repaired over 350 computers. In this series I’m describing the very repair tools that I use daily. If you would like, you can see the entire series by following these links: part 1, part 2, part 3, part 4, part 5, part 6, part 7, part 8, part 9, part 10, part 10.1.
Part 10.2: Continuing what I started in part 10 and part 10.1, in the next few posts I’ll show you the repair tools that I have on my USB flash drives and tell you what they are used for. At the moment I carry around six USB drives so let’s take a look at some more programs that I have on flash drive #2:
1) Comodo Cleaning Essentials: This is a tool that I have been using a lot lately and it has been very effective in removing malware that other programs miss. Takes a while to update and scan but very effective. I usually run it while I’m out on another call. I really like it!
- KillSwitch – an advanced system monitoring tool that allows users to identify, monitor and stop any unsafe processes that are running on their system.
- Malware scanner – Fully customizable scanner capable of unearthing and removing viruses, rootkits, hidden files and malicious registry keys hidden deep in your system.
CCE is a lightweight, portable application which requires no installation and can be run directly from removable media such as a USB key, CD or DVD. Home users can quickly and easily run scans and operate the software with the minimum of fuss. More experienced users will enjoy the high levels of visibility and control over system processes and the ability to configure customized scans from the granular options menu.
2) Hitman Pro 3: Hitman Pro is very fast and I love the Scan Cloud feature. If a file is suspicious, Hitman Pro will have it checked by five different malware scanners and report back to you. Great stuff!
Hitman Pro is a second opinion scanner, designed to rescue your computer from malware (viruses, trojans, rootkits, etc.) that have infected your computer despite all the security measures you have taken (such as anti virus software, firewalls, etc.). Hitman Pro is designed to work alongside existing security programs without any conflicts. It scans the computer quickly (less than 5 minutes) and does not slow down the computer (except for the few minutes it is scanning). Hitman Pro does not need to be installed. It can be run straight from a USB flash drive, a CD/DVD, local or network attached hard drive.
3) ComboFix: I must tell you that ComboFix is my #1 malware cleaner! I cannot tell you how many times it has “done the job” when other cleaners have come up a bit short. The latest version will disinfect the dreaded ZeroAccess rootkit that “holes up” in the TCP/IP stack. I usually run ComboFix last (after I have run several other malware cleaners), and I’m always impressed with the effectiveness of this great program. In the past ten days alone I have had six infected machines (all with ZeroAccess) and ComboFix has cleaned them all!
ComboFix is a program, created by sUBs, that scans your computer for known malware, and when found, attempts to clean these infections automatically. In addition to being able to remove a large amount of the most common and current malware, ComboFix also displays a report that can be used by trained helpers to remove malware that is not automatically removed by the program.
4) Rogue Removal Kit: There is some overlap here with other individual tools that I use, but this guy John (check out his website), has put many of them into a single “kit”. Great to have on your USB flash drive!
A robust kit from John at EliteKiller.com. John put together this kit using some of the finest tools that detect and remove assorted trojans, rootkits (including the nasty TDL3 & 4 variants), and other rogue antivirus/antispyware that are capable of hiding files on your computer. This form of malware includes those with fake security alerts that goad the end user into downloading and/or purchasing rogue software. Please check the README and follow the directions. In addition, do not be alarmed if some programs detect certain executables in this kit as a “Trojan” and/or “RiskTool”. AV programs cannot distinguish between “good” and “malicious” use of such programs, therefore they may alert the user.
5) aswMBR 0.9.9: I just started using this about ten days ago. MBR rootkits will disable your machine and you have to be very careful when you remove this type of malware or you will end up “wiping out” the Master Boot Record and you’ll be sitting there with a Hard Drive that won’t boot! I use this program and ComboFix for this type of malware.
aswMBR is a anti-rootkit scanner that searchs your computer for Rootkits that infect the Master Boot Record, or MBR, of your computer. This includes the TDL4/3, MBRoot (Sinowal), and Whistler rootkits. For this program to properly work it must first download the Avast virus definitions, so you will need an active Internet connection before using it.
A rootkit is a malware program that is designed to hide itself or other computer infections on your computer. These types of programs are typically harder to remove than generic malware, which is the reason that stand-alone utilities such as TDSSKiller have been developed.
When you run aswMBR, if it is shutdown automatically, then it is most likely the infection detecting that aswMBR is running and terminating it. In this situation you should rename executable to iexplore.exe before you attempt to run it.
Professor Randy says: A computer repair technician without great tools is like milk without cookies! Pointless! Fill your flash drive up with great tools and you’ll have the solution to the problem in the palm of your hand!