More tools for troubleshooting/viruskilling, please.
January 3, 2009 2:18 PM Subscribe
What software should I add to my Windows diagnostics/antispyware/antivirus kit?
So, I'm a tech who does a small amount of on-site service, usually for either individuals or small businesses and almost always on Windows XP or Vista machines (though I occasionally see 98 Second Edition or 2000), and I'm looking for things to add to the list of software I bring with me. Also, I generally try to keep it all in the free to very inexpensive range. Here's what I carry around at present:
Adaware
Antivir
AVG
Burn In Test
Dial-A-Fix
HijackThis (which kinda scares me, so I never use it)
Malwarebytes' AntiMalware
Spybot - Search and Destroy
SpywareBlaster
SuperAntiSpyware
Windows Installer Cleanup
... and a copy of the Windows Defender installer.
I have a fair amount of software in the malware/spyware removal realm, but not much in the way of hardware or registry diagnostics. So, what more should I be bringing with me? (I was inspired to ask over the course of this thread and have been looking over some of the other stuff there, like Combofix.)
So, I'm a tech who does a small amount of on-site service, usually for either individuals or small businesses and almost always on Windows XP or Vista machines (though I occasionally see 98 Second Edition or 2000), and I'm looking for things to add to the list of software I bring with me. Also, I generally try to keep it all in the free to very inexpensive range. Here's what I carry around at present:
Adaware
Antivir
AVG
Burn In Test
Dial-A-Fix
HijackThis (which kinda scares me, so I never use it)
Malwarebytes' AntiMalware
Spybot - Search and Destroy
SpywareBlaster
SuperAntiSpyware
Windows Installer Cleanup
... and a copy of the Windows Defender installer.
I have a fair amount of software in the malware/spyware removal realm, but not much in the way of hardware or registry diagnostics. So, what more should I be bringing with me? (I was inspired to ask over the course of this thread and have been looking over some of the other stuff there, like Combofix.)
i do not have a lot to add that was not already covered in the thread you linked to. i will say that a live windows cd loaded with the tools works much better than running them from an infected machine.
i have had success with bartpe myself.
posted by phil at 3:15 PM on January 3, 2009
i have had success with bartpe myself.
posted by phil at 3:15 PM on January 3, 2009
Glary Utilities
Glary Register Repair. This has saved me twice.
posted by JayRwv at 3:15 PM on January 3, 2009
Glary Register Repair. This has saved me twice.
posted by JayRwv at 3:15 PM on January 3, 2009
Response by poster: Oh, right, and feel free to add anything else that might be useful (like a live windows cd (thanks, phil!) or the Norton Removal Tool, Keyfinder, etc).
posted by The Great Big Mulp at 3:32 PM on January 3, 2009
posted by The Great Big Mulp at 3:32 PM on January 3, 2009
Best answer: assorted nirsoft utilities such as mailpassview and other neat password recovery utlities
ultimate boot CD has an XP password reset program that is invaluable to anyone that has an administrator password set and absolutely no idea what it is
netscan
and siw for general system information about hardware and software, including license keys for office, acrobat, etc for when full system reloads are necessary and you need to prep for a reinstall of windows
posted by ijoyner at 3:33 PM on January 3, 2009
ultimate boot CD has an XP password reset program that is invaluable to anyone that has an administrator password set and absolutely no idea what it is
netscan
and siw for general system information about hardware and software, including license keys for office, acrobat, etc for when full system reloads are necessary and you need to prep for a reinstall of windows
posted by ijoyner at 3:33 PM on January 3, 2009
Oh, and build yourself an ubcd4win so you can run some of these tools from a bootable CD instead of the host OS. Also you should use some kind of image backup solution to image the drive to an external drive so if any of those tooks borks the machine you can roll-back. Ive seen some of those tools turn a spyware infected machine into a rebooting BSOD machine with no roll-back option. There's a ghost plugin for this CD and bartpe.
posted by damn dirty ape at 3:36 PM on January 3, 2009
posted by damn dirty ape at 3:36 PM on January 3, 2009
Best answer: I also like to carry a copy of:
CPU-Z, tells me the CPU, memory type, motherboard model, etc.
SpeedFan, tells me the temperature, has builtin SMART reader
MemTest86, for memory testing
Magic Jellybean Keyfinder, pulls license keys because clients dont usually have these written anywhere
MSCONFIG, because windows 2000 machines dont ship with it.
Unknown Hardware Identifier, a little easier than googling hardware ID strings.
A lot of the sysinternal tools like tcpview, psexec, process explorer, filemon, etc.
posted by damn dirty ape at 3:42 PM on January 3, 2009
CPU-Z, tells me the CPU, memory type, motherboard model, etc.
SpeedFan, tells me the temperature, has builtin SMART reader
MemTest86, for memory testing
Magic Jellybean Keyfinder, pulls license keys because clients dont usually have these written anywhere
MSCONFIG, because windows 2000 machines dont ship with it.
Unknown Hardware Identifier, a little easier than googling hardware ID strings.
A lot of the sysinternal tools like tcpview, psexec, process explorer, filemon, etc.
posted by damn dirty ape at 3:42 PM on January 3, 2009
assorted nirsoft utilities such as mailpassview and other neat password recovery utlities
A lot of antivirus apps see these are viruses/malware. If they are on your usb stick then the av will quarantine or delete them once you stick them in. You can disable the AV as a workaround but its such a PITA I dont even carry them anymore. YMMV.
Also, you dont need the ubcd just for the password reset feature. Thats actually this project and you can burn a disc just for that.
posted by damn dirty ape at 3:52 PM on January 3, 2009
A lot of antivirus apps see these are viruses/malware. If they are on your usb stick then the av will quarantine or delete them once you stick them in. You can disable the AV as a workaround but its such a PITA I dont even carry them anymore. YMMV.
Also, you dont need the ubcd just for the password reset feature. Thats actually this project and you can burn a disc just for that.
posted by damn dirty ape at 3:52 PM on January 3, 2009
HijackThis (which kinda scares me, so I never use it)
I wouldnt worry about this. Hijackthis doesnt really do anything than read the registry to list all the drivers, startup settings, etc. It doesnt actually remove any spyware. Its for posting or emailing someone your config so they can see if you have any malware.
posted by damn dirty ape at 3:54 PM on January 3, 2009
I wouldnt worry about this. Hijackthis doesnt really do anything than read the registry to list all the drivers, startup settings, etc. It doesnt actually remove any spyware. Its for posting or emailing someone your config so they can see if you have any malware.
posted by damn dirty ape at 3:54 PM on January 3, 2009
* Acronis True Image Pro
* Microsoft Sysinternals: Autoruns, Process Explorer, Process Monitor.
posted by cnc at 6:28 PM on January 4, 2009
* Microsoft Sysinternals: Autoruns, Process Explorer, Process Monitor.
posted by cnc at 6:28 PM on January 4, 2009
This thread is closed to new comments.
Add ccleaner to that list just as a general housekeeping tool.
posted by FusiveResonance at 2:37 PM on January 3, 2009