System restore and virusscan make sense. But running a registry cleaner? I mean seriously! Anybody who knows how the registry works knows where particular values and several key locations where autorun information is stored, as well as the winlogon/notify. Although there might be a few remaining COM objects, a CCleaner will clean those up as well.
yeah well did mean to annoy any one with my other blog. i system restored yesterday after getting a false scan virus for ivpro.exe and virus is now gone.
so it works
my 3 steps
1. system restore
2. virus scan
3. registry cleaner
it works id say 90% of the time but you need to act as soon as infect rather than letting it spread. there honest statistics from a guy who disinfected machines for a living. me.
and when that doesent work i do what you guys do get a report and a little research on the bug
Anybody who runs a "registry booster" or "registry cleaner" application has no idea how the registry works; and likewise has no idea how the way that those two types of programs can cause it to NOT work.
when I get an infection, I don't follow the steps in the guide here... I have my own and they work pretty well:
1:Sysinternals Process explorer to identify DLLs and EXE programs to delete.
2:drop to recovery console. delete files.
3:reboot, start registry editor and remove infected keys. (RUN keys and WinLogon notify keys)
and you know what? it works 100% ALL THE TIME GUARANTEED... although sometimes I'll miss a dll the first time and it reinstalls the infections, which is why it's important to get all the DLL names right the first time.
But- Do I go on some random crusade trying to change the way they do malware removal? No. Even if the method was better (which is wouldn't be, after scaling it to those who come to the site, trying to direct a person through finding and then deleting the files in RC would be a huge nightmare)- the key point is-
your not going to change the way they do it. If they are going to change the way they remove malware,
they will decide too; they won't be influence by some two-bit grammar deficient lackey whose persistence in driving their malware removal method is only outweighed by they're naivety on the subject itself.
As far as your two-bit methods are concerned, System Restore is
infected itself by most viruses.
far more then 10%. So how it even sits in your method befuddles and confuses anybody who holds this common piece of information.
As well- other posts of yours suggest you use Norton 360, which puts the final nail in the coffin to any claim of expertise on your part. anybody who has a clue about malware prevention and removal knows that Norton 360, or any Norton Anti-virus product, is completely worthless at anything aside from hogging resources unnecessarily and digging itself into the very core of the operating system making uninstallation often take multiple reboots.
The fact is- after all that- your machine isn't clean at all, your Anti-virus justs blows the big one so hard you cannot see the 100+ trojans and what-not you would see with our currently defined method of malware removal, with REAL malware removal tools, not the piece of terd that has become almost any norton product.
And then; as a final step you run your "registry cleaner" or registry booster or whatnot, which as far as you can tell finds the keys and deletes them. Of course, the trouble is the malware is still infecting your computer- and simply recreates the keys. No harm done to them. All is as it was when you set out to disinfect, but your none the wiser.
