Best Virus Removal Tools: Cleaning a deeply infected system

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

believe it or not this is a really badly infected system so much so that even if we search for vars removal tool try to download it and run it this is what happens we get a fake antivirus pop-up and the actual tool is never allowed to execute and it's not just a vast we can go back and try kaspersky's virus removal tool download that kvrt with the same result in fact now we have two of these amazing fake AV pop-ups you know what two's not enough for a good thumbnail so I'm gonna go for a few more and there you go I think that's a really good thumbnail but how do we get rid of this how do we actually clean up this system effectively what tools should we use and I just want to say that before making this video I've had a live stream where I've tried every single tool out there pretty much on the system and we've tried to discover the most effective things that actually work so the first tool we're going to use in this case is going to be Norton power razor why this why Norton as you know I'm not necessarily the biggest fan of Norton Antivirus but this is actually a very effective tool at removing critical malware and making your system functional and it's very fast and effective I've also tried Malwarebytes kvrt bunch of other tools this was the only one that was able to get rid of our friendly fake antivirus here the other tool which I use quite often would be Hitman Pro now the thing about Hitman Pro is again it's very effective at quickly scanning your system all it does is basically collects hashes if the most common files checks them in the cloud tells you if anything's possibly infected it's a very good diagnostic tool in the sense that I can tell you if a system is infected it can identify malware in common locations what it's not great at is removing malware the best tool for that is actually Kaspersky because they have advanced disinfection technology so they will do the least damage to your system and try to remove the malware without necessarily harming the files that may be a part of however on the this system we can't run Kaspersky yet because our friendly neighborhood antivirus won't let us do that another tool to keep in mind of course is Malwarebytes but while it's very good at removing traces again it's not going to execute on the system until we can get rid of our buddy here so the First Tool and the order is important is going to be Norden power razor we're going to do a full system scan which as you can see is going to be really fast and it is already identified a lot of malware as you can see we've got many exes under the windows folder which is never a good thing we've got some files trying to look like system process if we scroll down there are also some medium threats and these are the antivirus installers that we downloaded but if we look at the Creator they're all apparently made by Tech tages developers which is definitely not what kvrt and Avast should have in their metadata so the core malware in this case has been replacing all the exes we've been downloading from the internet and thereby controlling what exe even runs on the system we've also got a modification of the host file in sys32 drivers and this is also likely part of the hijack mechanism so we're going to select this as well and we'll say fix now and a system as badly infected as this we're going to have to do a restart of the system but once that's done we should have some level of control we are back and Norton says eight items were removed or repaired so let's see if we have better luck trying to download and run an antivirus we've got another copy of kvrt and this time wait it actually runs and now we can do a scan this is going to be a much longer scan but the advantage is it has some really good repair capabilities in some circumstances where other tools will potentially damage your system this can recover it without necessarily deleting a bunch of services or exe files we can also do a scan with Hitman Pro nothing really is detected other than a few tracking cookies so noon off the bat has done a really good job of course there's still traces on the system and at this point we can try tools like Malwarebytes ADW cleaner but I just want to go back to the previous snapshot and show you how badly infected it was with another Hitman Pro Scan here a lot of scary stuff in the results we've got several Services exe faults and windows and the best part is all of these are currently active so the Run next to them some of them are active as services but interestingly Hitman Pro did not detect the host file modification nor the infected exe faults in our downloads where the actual AV setup was replaced by malware so in summary the order of tools I would use would be Norton prowracer npe to start Kaspersky next followed by Hitman Pro and Malwarebytes just to make sure there are no traces on the system all of these tools are free very easy to use so I'm not going to go too much in depth talking about my new details with Hitman Pro you can only quarantine and delete whereas with powerazer you can repair certain system files and functions Kaspersky will also obviously have their Advanced disinfection option which I do recommend if you're cleaning an actual system this is of course a VM and the reason I recommend this combination of tools is because I've tried this several times with several different tools and this is what is provided the best results this is actually the machine we use for the forensics video and I did a Discord live stream where I tried to clean it with all possible tools and this is what I learned so hopefully you find this useful I know some of you are probably thinking why didn't you mention transcript now the thing to understand with custom tools like that and automation is that they can be really useful but if you pay attention to the instructions even with transcript it's going to tell you that it's a tool designed for advanced users if you're not careful there's always a risk that it does something you didn't want it to do also when we did try transcript on the system it didn't manage to remove the malware successfully but maybe we'll make another video on transcripts specifically and customize it let me know if you want to see that thank you so much for watching don't forget to join our Discord server if you want to join those fun live streams where I'm playing around with system and discovering stuff like this and now to our sponsors we want to back up and share faults with full privacy we want to prevent Microsoft and Google from monopolizing the cloud then check out internet a cloud storage platform focused on privacy where you can sign up and get 10 gigs for free using the link in the description all your data is encrypted at zero knowledge and it's easy to use it's got drag and drop previews it's also got a trash so if ransomware were to encrypt your drive or something like that you would still have some way to get your data back you can use it to back up your data on your computer or sync your photos from your phone internets also have a really cool product called send you can just drag and drop something here click on get a link and boom it's ready to go now you can just copy the link paste it anywhere and you have access to this file they've got a variety of pricing options for individuals and business but you can obviously start off for free now personally I have a business one drive with a lot of storage but I still use internet to share faults with friends just because I really like the UI and I think it's really convenient especially the send feature so please check them out using the link in description or go to enter nxt.com if you do decide to support them and buy a plan make sure to use the code PC security to get 25 off I think it's really important for us to use and encourage third-party providers in this space and not just rely on Google and Microsoft because as you know they don't have a great track record on privacy this is Leo thank you so much for watching and as always stay informed stay secure

Info

Channel: The PC Security Channel

Views: 552,659

Rating: undefined out of 5

Keywords: The PC Security Channel, TPSC, cybersecurity, cyber security, computer security, internet security, antivirus, anti malware, ransomware, trojan, virus, PUP, best antivirus, best internet security, learn cybersecurity, hacking, hack, security, technology, cyber insurance, cybersecurity degree, best EDR, EDR

Id: -nkVzJ1V0rM

Channel Id: undefined

Length: 8min 31sec (511 seconds)

Published: Sat Dec 10 2022