Any opinions on the best anti-virus rescue cd?

Discussion in 'other anti-virus software' started by ratchet, Sep 15, 2009.

Thread Status:
Not open for further replies.
  1. ratchet

    ratchet Registered Member

    Joined:
    Feb 20, 2006
    Posts:
    1,912
    My friend's pc is nuked. He said it had only been running in Safe Mode but now it won't even do that. Claims all restore points are gone and what ever caused this took out his McAfee also (perhaps that was part of the problem). I'm aware of Avira, BitDefender, F-Secure and Kaspersky rescue CDs and there may be others. I skimmed the features and Avira updates their's through out the day while the others you have to be able to get online to update which could be a problem. Other than a reformat, which I'm sure would take a day with XP SP1 cd, plus I don't know if he has the cd for all the drivers, what other tools can I help him with? Thank You!
     
  2. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    how can a rescue CD help if it wasnt created while his PC was actually in good shape. A reformat is the only safe way to go here.
     
  3. ratchet

    ratchet Registered Member

    Joined:
    Feb 20, 2006
    Posts:
    1,912
    Not really! Form the aforementioned companies I can burn him a cd. You can boot into them and they scan and clean.
     
  4. HKEY1952

    HKEY1952 Registered Member

    Joined:
    Jul 22, 2009
    Posts:
    648
    Location:
    HKEY/SECURITY/ (value not set)
    I prefer using the Avira Rescue System CD because of the broader range of hardware compatibility and ease of updating.
    Concerning the case with your friends computer, the information provided suggests that the boot sequence of Microsoft Windows is corrupted and whatever infected the computer also corrupted
    the security software and who knows what else. I strongly suggest re-formatting of the hard drive and re-installing Microsoft Windows. As for the drivers, one can visit the computer manufacturers
    Web Site and download the needed drivers. In most cases all that is required to find and gain access to the drivers are the Computer Model Number and/or Serial Number.

    Advice by member "trjam" is most often sound advice. I believe that member "trjam" mistakenly interpreted your Post concerning the Rescue CD creation, however,
    the advice on formatting the hard drive is sound advice.


    HKEY1952


    Edited by HKEY1952 for clarification
     
    Last edited: Sep 16, 2009
  5. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    I have very limited experience (with actual removal of malware) with Rescue CD's. I have tried many of them but have had 100% hardware compatibility only with the AVIRA Rescue CD. The AVIRA Rescue CD will boot, allow updates (if necessary) and run a scan of all of the hard drives of my four home PC's. I have never used it to clean a truly infected PC. I use it for a second opinion about once a month on my PC's. AVIRA says that Rootkits are easily found and removed when Windows is not running.
     
  6. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    I see what you are saying and to me the choice would be Best Buy.;)

    Avira is the answer.
     
  7. Keyboard_Commando

    Keyboard_Commando Registered Member

    Joined:
    Mar 6, 2009
    Posts:
    690
  8. 0strodamus

    0strodamus Registered Member

    Joined:
    Aug 23, 2009
    Posts:
    1,047
    Location:
    United Surveillance States
    I would burn them all. CDs are cheap. I have Avira and F-Secure CDs, but haven't had a need to use them yet. If you read the pdf file that comes with the F-Secure CD, you'll see that you can download updated virus definitions manually, save them to a USB drive, and update from that on your friends computer with the boot CD.

    I do agree with trjam that the best route may be to reformat. I would even go so far as to use Darik's Boot And Nuke to wipe that HDD first.

    Then you need to teach your friend how to image his system and back up his data on a regular basis. ;)
     
  9. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    How long does it typically take to "Nuke" a hard drive? I know that it will vary widely depending on the hard drive size and the system. Once I started to Nuke a 60 GB ATA100 hard drive and it looked like the process would take a long time (around a day or so) so I aborted the "Nuke".

    Would a simple "zero-write" be sufficient to make sure that Malware is made permanently inoperative? I have done a "zero-write" on a couple of hard drives to see how long the process would take. I think that a 240 GB hard drive "zero-write" took around a couple of hours. I used Terabyte Unlimited's Copy-Wipe bootable CD for the "zero-write" operation.
     
  10. 0strodamus

    0strodamus Registered Member

    Joined:
    Aug 23, 2009
    Posts:
    1,047
    Location:
    United Surveillance States
    If my memory serves me correctly, the newer version of dban on some SATA 80Gb HDD Pentium 4 systems that I wiped recently took around 3 hours to complete using autonuke.
     
  11. Durad

    Durad Registered Member

    Joined:
    Aug 13, 2005
    Posts:
    591
    Location:
    Canada
    You have to update Avira Rescue Disk once you boot from it, there is an update feature because fresh downloads are not updated often.

    I use Avira, Dr-Web and VBA32 rescue CD. This usually help to start Windows and than I run Combofix.exe followed by MalwareBytes (manual update for both, internet disconnected).

    When this is done I run HitMan Pro with internet connected.

    This remove over 95% of stuff. Than I run renamed HijackThis and inspect each line over at http://www.systemlookup.com/

    If i find something new I submit to Avira because they add detection over night and than i scan PC again to make sure the same files are not used to replace some legitime programs.

    When this is done I than remove junk files, clean registry, do Windows update and reset security related programs and settings. I run GMER to make sure there is no something new letf..

    Last step is to immunize your system and than install security programs (antivirus, firewall and antispyware).

    Paid ones includes: MalwareBytes, AVIRA FREE with max heuristic and SafeStart, new FREE PC Tools firewall.
     
  12. thathagat

    thathagat Guest

  13. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    IMO the best option is UBCD4Win,it contains numerous AV/AS scanners along with registry tools,mbr utils and a ton of other useful stuff too.
     
  14. ratchet

    ratchet Registered Member

    Joined:
    Feb 20, 2006
    Posts:
    1,912
    Does anyone know if I could make my NOD32 SysRescue disk and use that? It does mention that it uses your NOD username and license which it would not find/see on his system.
     
  15. ASpace

    ASpace Guest


    Hi!

    It is not necessary to make ESET SysRescue CD , although you can . It would be much faster to make BartPE CD . Note - while making this bootable CD , simply copy the ESET NOD32 AV folder (X:\Program files\ESET\ESET NOD32 Antivirus) . This folder includes ESET Command line scanner and ESET signatures.

    Then , when you boot from the BartPE disk , goto Start , find the programs and run CMD (Command Prompt).

    From the main directory , simply type ecls.exe /auto and press [ENTER] . This would run ESET Command line scanner with updated definitions and would clean and remove whatever NOD32 finds.

    If the OS can then boot , you are fine . If not , you could perform Windows Repair Install.
     
  16. dschrader

    dschrader AV Expert

    Joined:
    Mar 10, 2009
    Posts:
    54
    The Norton rescue disk works well - (of course I work for Symantec so I would say that). But really, I used it for on a friend's PC the other day. The installation disk is a self-booting rescue disk - it even found the internet connection and updated its scanner before it ran. Of course you have to buy the software to get an activation code to run it. But that may be worth it if it allows you to avoid nuking the HD.
     
  17. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    Remove his hard drive, slave it to a healthy PC that's fully updated. Install/update several malware removal tools such as MalwarBytes and Microsoft Security Essentials..scan and clean.
     
  18. Technical

    Technical Registered Member

    Joined:
    Oct 12, 2003
    Posts:
    471
    Location:
    Brazil
Loading...
Thread Status:
Not open for further replies.