Virus, Malware Removal


  1. Posts : 17,796
    Windows 10, Home Clean Install
       #1

    Virus, Malware Removal


    There is no software that can replace the excellent excellent help that is available at the SevenForums, but it is always good to be able to try and help ourselves in the event of a crisis. I have had this article for quite a while in my favorites and decided to share with all that care to take the time to read it.
    Comments are welcome, if you do not think that the information is valuable or helpful, let us know. In that way you are contributing as much as me.

    Safe surfing

    Richard
    Ultimate Malware Removal Guide -- Purge Your PC of Junk Files! | Maximum PC
      My Computer


  2. Posts : 234
    Windows 7 Home Premium 64bit
       #2

    Nice site and good anti-virus programs too!
    Thanks.
      My Computer


  3. Posts : 2,303
    Windows 7 & Windows Vista Ultimate
       #3

    Much depends on the nature of the infection. Granted SAS and MBAM are both great tools and, as you've seen, I recommend MBAM frequently.

    However, ComboFix is not a "free-for-all" tool and should only be used with the guidance of a trained malware expert.

    Panda Activescan is one choice for an online scan. There are others, as illustrated in the pinned topic here: https://www.sevenforums.com/security-...tml#post934480

    O^E's Killbox has been around for many years. However, there is a technique for replacing files with Killbox on Windows Vista and Windows 7. In addition, the way it is explained in that article, any finding by the online scan should be deleted. There is no suggestion to research the findings.

    It is dangerous suggesting registry edits, particularly since there's no suggestion to back up the registry prior to the registry edits.

    As to the Comodo registry cleaner, well, aside from my personal opinion of Comodo products, I am against registry cleaners.

    Windows is a closed source system. Developers of registry cleaners do not have the core code of Windows 7 and are not working on definitive information, but rather they are going on past knowledge and experience. Automatic cleaners will usually have to do some guesswork.

    Modifying registry keys incorrectly can cause Windows instability, or make Windows unbootable. No registry cleaner is completely safe and the potential is ever present to cause more problems than they claim to fix.

    Registry cleaners cannot distinguish between good and bad. If you run a registry cleaner, it will delete all those keys which are obsolete and sitting idle; but in reality, those keys may well be needed by some programs or windows at a later time.

    Windows 7 is much more efficient at managing the registry than previous Windows versions. If you are very knowledgeable of the registry, you can use Ccleaner to delete keys left over when uninstalling programs. However, these few keys will not make 1 millisecond's difference in performance. If you run CCleaner or any other registry cleaner and do not know precisely what you are doing, you will have problems down the road. There are no gains to be had from using a registry cleaner and the risk is great.

    Forget all the "wisdom" you learned about XP. Windows 7 is not XP and does not manage the registry the same as XP.

    Are registry cleaners necessary?
    Back up the registry
      My Computer


  4. Posts : 121
    Windows 7
       #4

    I only browsed through the article, but it looks pretty nice. I think everyone who is interested in malware, especially everyone who is in the White Hat, Info Security, malware removal end of the spectrum has their own method of doing things.

    Personally, I like to get as deep into Windows as I can when dealing with malware. I like to use tools that let me do things at a low level, like sys internals tools or Gmer, or just using the command line and searching the registry.

    If I don't have an adequte tool for a job, I'll often write a script or sometimes a program that will do it for me. For example, I was (and still am) often fed up with so-so web site filters, because they aren't always current. So I wrote a tool for the Outpost Firewall that takes a bunch of malware list, like the Malware Domain List, IP address blocking list, and others and converted them to the .lst format that Outpost uses. Afterwards, I could block not just thousands, but hundreds of thousands of current infected domains.

    But there are of course times that I have to rely on automated tools, like Boot CD's, pocket kill box, etc. So it is each to his own.

    Your article was great though, and it has a lot of nice tips, and even some software I had never heard of.

    Thank you for sharing it
    Last edited by dranfu; 02 Sep 2010 at 20:35.
      My Computer


  5. Posts : 5,941
    Linux CENTOS 7 / various Windows OS'es and servers
       #5

    Hi all
    Good advice if you like going into the technical realms of Window / Kernel programming -- but a lot of us are real USERS of computers with business or sensitive data on them and aren't "Programmer material".

    In this case I still say that unless you want to mess about with this stuff I'd go for a restore of a clean image every time rather than trying to disinfect a virus ridden machine.

    As I pointed out earlier - would you let the Fox guard the chickens in the Henhouse.

    If you want to use the experience for learning purposes --great stuff but I for one would not even THINK of logging on to say my Internet Bank if the computer I was using had a virus on it even if the AV software said Computer now clean.

    To me the only 100% safe way is a complete restore of a known CLEAN image and unless you really want to mess about with this type of software I'd recommend most people to go down the restore image root.

    Apart from anything else it gets you into the habit of taking regular backups which is ALWAYS a good idea. - Even the most experienced people make mistakes too like accidentally deleting important data etc etc.

    Cheers

    jimbo
      My Computer


  6. Posts : 465
    Windows 7 Ultimate x64 and Home Premium x64
       #6

    I think it is mostly because people forget that there are non-technical type people who will also read something of that nature. A fair deal of us actually have strengths in certain areas and are familiar with the terminology, and then there are people who are just literally new to the scene, only have vague ideas.

    I believe one posting here linked to Uncommon, common sense with protecting yourself on the internet. And the sad thing of it all, the article states that the internet is not a safe place. It is true, it isn't. I can't tell you how much I give certain people a hard time about falling for scams on the internet, and hearing them wondering how something of theirs got hacked. I also can't tell you how many times I have heard, "Why would anyone make a virus to attack a computer..." then watch them look at me with a slightly disturbed look when I start rattling off many reasons they haven't even considered, let alone believe as to why someone would spend time rattling off programs of this nature.

    The real sad thing of it all, though, is that it is our own breakneck speed in technology and also just throwing it to the masses, is what is creating our own problems. Within the last 15 years, computers went from being something people had to learn to becoming this century's version of the 20th Century Radio/Television. You don't need to 'know' much on computers, just that there is an on switch and you type something and it comes up. And I use this analogy because while a Car is not that much more complex than a computer, you do have people who have to take some formal lessons and a test to have the right to drive a car... With a computer, you do not. The chances of people having accidents or problems with a computer are more likely than a car, I would think, simply because of all the possible ways to screw it up is easier... Although car accidents are still much more fatal and still prone to foolish and idiotic behavior of people as well.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 23:34.
Find Us