Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Looking for generalized malware removal techniques


  • Please log in to reply
1 reply to this topic

#1 eyetripoli

eyetripoli

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 01 March 2012 - 10:01 PM

Hi,

I can't seem to find what I'm looking for so as a longtime lurker I decided to post. I'm looking for a few bits of information including most common techniques used by current malware. Common places to look in the registry for entries for auto start. I do use anti virus scanners but it often takes a long time to do full scans and different scanners have different rates of success. Because my job requires it, I need to learn quicker ways of identifying malware running and getting rid of it manually. I've gone over several guides posted including ones of malware hiding in services, svchost defined, combing through the registry. I am already experienced in windows but I am trying to learn more.

What are some of the initial tests that you guys use to view a system. What catches your eye when looking through the logs? Where do you start your look in the registry and start with disabling the malware manually?

Thanks for your help,
ieee

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,754 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:38 PM

Posted 02 March 2012 - 07:45 AM

:welcome: to BC eyetripoli

Learning the techniques of malware removal and developing investigative skills to read/analyze logs created by tools such as DDS, OLT, RSIT and ComboFix can take many months. There is just too much information to provide in a general topic discussion and answer the voluminous number of questions which would follow. Since this is the case, it is recommended that those desiring to learn about malware and removal techniques enroll in one of the various Unite Schools which offers such training in private areas of the forums not viewable to the general public.

One reason for doing this is to safeguard and protect the integrity of our tools and knowledge from malware writers. They read public forum topics looking for clues on how to circumvent our tools and removal techniques. We don't want to provide any information they can use against us so we deliberately do not provide specific information on the inner workings of our tools and how we use them in areas where attackers can see that information. As such, our discussion in public areas is limited and sometimes may appear vague or not fully address a specific question.

If this is something you are interested in, let me know and I will send (PM) more information.

QM7
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users