Gustav Brock
Gustav at cactus.dk
Sun Feb 17 03:42:52 CST 2013
Hi John Right, I haven't seen a machine yet that wasn't cleanable by combined use of TrojanHunter, AntiMalwarebytes, CrapCleaner, and the like. But once it took most of a day at a client where they had been browsing for all sorts of video stuff on doubtful sites - and no antivirus. Contrary to the article, I've found that no single "method" is valid. Machines and infections are just too different. Your best method is experience and intuition and patience combined. Your first milestone is to stop the malware from reinstalling itself, which often is a challenge. From that point it is quite easy. But the twist is, that often this sport doesn't pay off. Reinstall takes a given and certain amount of time with the added bonus that the machine is cleaned from other things as well. /gustav >>> john at winhaven.net 17-02-13 1:02 >>> Let's just throw our arms and the air and give up! Wow, not really buying into that paranoia. -----Original Message----- From: dba-tech-bounces at databaseadvisors.com [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of Hans-Christian Andersen Sent: Saturday, February 16, 2013 3:32 PM To: Discussion of Hardware and Software issues Subject: Re: [dba-Tech] How to remove Malware I wouldn't trust a compromised system as far as I can try it, even if I did try to remove the malware. The bad guys are far more advanced than we are. Format and reinstall is usually the quicker and best option. - Hans On 2013-02-16, at 10:55 AM, "Jim Lawrence" <accessd at shaw.ca> wrote: > Hi All: > > Many people depend on their various security software packages to > detect and destroy all threats. When a user has done something really > stupid and a piece of malware has secured itself within their OS what > steps do you take to remove it? > > Over the years I would suspect that you, techs have done much of this > type work already but here is a concise little article on the step by > step removal and recovery process. > > http://blogs.technet.com/b/markrussinovich/archive/2013/01/07/3543763.aspx > > Hope this helps someone. > Jim