Windows 7: Virus, Malware Removal

There is no software that can replace the excellent excellent help that is available at the SevenForums, but it is always good to be able to try and help ourselves in the event of a crisis. I have had this article for quite a while in my favorites and decided to share with all that care to take the time to read it.
Comments are welcome, if you do not think that the information is valuable or helpful, let us know. In that way you are contributing as much as me.

Safe surfing

Richard
Ultimate Malware Removal Guide -- Purge Your PC of Junk Files! | Maximum PC

Nice site and good anti-virus programs too!
Thanks.

Much depends on the nature of the infection. Granted SAS and MBAM are both great tools and, as you've seen, I recommend MBAM frequently.

However, ComboFix is not a "free-for-all" tool and should only be used with the guidance of a trained malware expert.

Panda Activescan is one choice for an online scan. There are others, as illustrated in the pinned topic here: Online File Scanner Sites

O^E's Killbox has been around for many years. However, there is a technique for replacing files with Killbox on Windows Vista and Windows 7. In addition, the way it is explained in that article, any finding by the online scan should be deleted. There is no suggestion to research the findings.

It is dangerous suggesting registry edits, particularly since there's no suggestion to back up the registry prior to the registry edits.

As to the Comodo registry cleaner, well, aside from my personal opinion of Comodo products, I am against registry cleaners.

I only browsed through the article, but it looks pretty nice. I think everyone who is interested in malware, especially everyone who is in the White Hat, Info Security, malware removal end of the spectrum has their own method of doing things.

Personally, I like to get as deep into Windows as I can when dealing with malware. I like to use tools that let me do things at a low level, like sys internals tools or Gmer, or just using the command line and searching the registry.

If I don't have an adequte tool for a job, I'll often write a script or sometimes a program that will do it for me. For example, I was (and still am) often fed up with so-so web site filters, because they aren't always current. So I wrote a tool for the Outpost Firewall that takes a bunch of malware list, like the Malware Domain List, IP address blocking list, and others and converted them to the .lst format that Outpost uses. Afterwards, I could block not just thousands, but hundreds of thousands of current infected domains.

But there are of course times that I have to rely on automated tools, like Boot CD's, pocket kill box, etc. So it is each to his own.

Your article was great though, and it has a lot of nice tips, and even some software I had never heard of.

Thank you for sharing it

Hi all
Good advice if you like going into the technical realms of Window / Kernel programming -- but a lot of us are real USERS of computers with business or sensitive data on them and aren't "Programmer material".

In this case I still say that unless you want to mess about with this stuff I'd go for a restore of a clean image every time rather than trying to disinfect a virus ridden machine.

As I pointed out earlier - would you let the Fox guard the chickens in the Henhouse.

If you want to use the experience for learning purposes --great stuff but I for one would not even THINK of logging on to say my Internet Bank if the computer I was using had a virus on it even if the AV software said Computer now clean.

To me the only 100% safe way is a complete restore of a known CLEAN image and unless you really want to mess about with this type of software I'd recommend most people to go down the restore image root.

Apart from anything else it gets you into the habit of taking regular backups which is ALWAYS a good idea. - Even the most experienced people make mistakes too like accidentally deleting important data etc etc.

Cheers

jimbo

I think it is mostly because people forget that there are non-technical type people who will also read something of that nature. A fair deal of us actually have strengths in certain areas and are familiar with the terminology, and then there are people who are just literally new to the scene, only have vague ideas.

I believe one posting here linked to Uncommon, common sense with protecting yourself on the internet. And the sad thing of it all, the article states that the internet is not a safe place. It is true, it isn't. I can't tell you how much I give certain people a hard time about falling for scams on the internet, and hearing them wondering how something of theirs got hacked. I also can't tell you how many times I have heard, "Why would anyone make a virus to attack a computer..." then watch them look at me with a slightly disturbed look when I start rattling off many reasons they haven't even considered, let alone believe as to why someone would spend time rattling off programs of this nature.

The real sad thing of it all, though, is that it is our own breakneck speed in technology and also just throwing it to the masses, is what is creating our own problems. Within the last 15 years, computers went from being something people had to learn to becoming this century's version of the 20th Century Radio/Television. You don't need to 'know' much on computers, just that there is an on switch and you type something and it comes up. And I use this analogy because while a Car is not that much more complex than a computer, you do have people who have to take some formal lessons and a test to have the right to drive a car... With a computer, you do not. The chances of people having accidents or problems with a computer are more likely than a car, I would think, simply because of all the possible ways to screw it up is easier... Although car accidents are still much more fatal and still prone to foolish and idiotic behavior of people as well.