Looking for good books on Malware removal
Looking for some good books on malware removal, what do you recomend.
Comments
-
cyberguypr Mod Posts: 6,928 ModCurious what the community can come up with. All books I've seen on malware are centered on analysis, reverse engineering, and forensics.
-
the_Grinch Member Posts: 4,165 ■■■■■■■■■■I really don't think there are too many (if any) books on removal of malware. As cyberguypr pointed out, most are on the analysis, reverse engineering, and forensics of malware. Though if you read up on the forensics of malware, that would definitely help you on the removal side of the house. But that would also take a ton of time to pull out the needed information for successful removal.WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
glenn_33 Member Posts: 113 ■■■□□□□□□□I know of some great free programs that I have used. But I have never seen any books on it...A+/N+/S+/CCNA:RS/CCNA:Sec
-
unandig Member Posts: 25 ■□□□□□□□□□Ok so no good books. Is there any training or certs that anyone could recommend.
-
rsutton Member Posts: 1,029 ■■■■■□□□□□Removing malware mainly relies on using tools, and the "best" Malware removal tools tend to change year from year. If you really want to understand how to remove Malware, I would recommend reading the malware removal threads on bleepingcomputer.com and if you are feeling brave you could even sign up as a volunteer to remove users malware. I did this for 6 months and learned a great deal about malware removal.
-
unandig Member Posts: 25 ■□□□□□□□□□I love bleepingcomputer.com use them a lot. What i am looking for is something to help train a new tech with. If i had the time i would do it.
-
rsutton Member Posts: 1,029 ■■■■■□□□□□I would start by training the tech how to use(and not use) the tools required for malware removal. You could even install malware on some lab computers to let him practice, although I do not know of a good source for obtaining malware.
-
NetworkingStudent Member Posts: 1,407 ■■■■■■■■□□Looking for some good books on malware removal, what do you recomend.
Depends on the shop/person....Some people swear by Combofix, while others say it can destroy Windows files. Everyone has a favorite tool they swear by for removing malware.
I found this guide that might help
Like everyone else said though..the training should be done by uo or someone in your shop/business.
Malware Removal Guide for Windows - Select Real Security
Cleaning an Infected Windows PC
Removing Spyware and Malware from a Windows PC Using Spybot Search and Destroy
Tune Up Your Windows Computer
Not sure about the spybot search and destroy.. does anyone still use that tool?When one door closes, another opens; but we often look so long and so regretfully upon the closed door that we do not see the one which has opened."
--Alexander Graham Bell,
American inventor -
Cold Titanium Users Awaiting Email Confirmation Posts: 82 ■■□□□□□□□□If you really want to learn how to remove malware, I can recommend that you check out the GeekU program at GeekU « Geeks to Go! – Free help from tech experts
Hmm...It would appear that the application link is broken. Oh well, bleepingcomputer.com is also a great website.2014 Goals- Pass OSCP (In Progress)
- Obtain employment in IT Security
-
sthomas Member Posts: 1,240 ■■■□□□□□□□If you want to become good at removing malware you will need to learn the Windows Operating System inside and out. Tools will only get you so far. I would recommend looking into the Windows Internals books.
Amazon.com: Windows Internals, Part 1: Covering Windows Server 2008 R2 and Windows 7 (9780735648739): Mark E. Russinovich, David A. Solomon, Alex Ionescu: Books
Keep in mind that the Win7/Server 2008 Windows Internal books have 2 parts and the link I provided it for part one.Working on: MCSA 2012 R2 -
sratakhin Member Posts: 818I don't think you need a book. Read a few articles on bleepingcomputer.com, and download Malwarebytes, ComboFix and TDSSKiller. These tools help in 95% cases.
-
Plantwiz Mod Posts: 5,057 ModOk so no good books. Is there any training or certs that anyone could recommend.
Not certain how 'green' your new hire is, but certainly they should have some basic idea of how to remove a virus, right? If you really have to 'teach' this, then the isolated test box would be the best method (IMO). Short of that, I'd tell them they better get motivated to learn the skills for their job (which means, the simply may need to do this type of study on their own).
Depending on the type of work environement you have (if Consulting firm):
Home Users:
1. They'll need to get familar with file recovery.
2. Removing malware manually or with tools (and tools are typically, follow directions)
Corporate Users:
(typically, these accounts require all users to backup or work form network storage, meaning NOTHING of company value is on a workstation, therefore the most cost effective solution is to format/reinstall....boy do I hate thinking that way, but no company being fiscally responsible will pay for someone to hand-clean a machine that can be back and running in an hour-to-hour and a half).
1. Find out what they have agreed (via contract) for the type of recovery/repair on malware.
2. Use appropriate tools or format/reinstall
3. Get them up and running.
IN-House:
1. Pray there is SOP about corporate machine and user expectations.
2. Format/Reinstall and get the user back up and running with spare box in the rotation.
When dealing with home-users or users who use their device for home and work (personal work machine not issued by company) then finding the best method to clean the machine with the least amount of re-setup time may be ideal. So your rookie needs to know what they are working with first. The expectations of the client. How to use the tools to clean. How to teach the user to use a back-up source, malware protection and stay away from downloading music and other crap that isn't necessary but frequently harbors malware.
I'd be worried that the kid wasn't familar with this stuff before being hired though...pray for a quick study! We had a employee like that once...Plantwiz
_____
"Grammar and spelling aren't everything, but this is a forum, not a chat room. You have plenty of time to spell out the word "you", and look just a little bit smarter." by Phaideaux
***I'll add you can Capitalize the word 'I' to show a little respect for yourself too.
'i' before 'e' except after 'c'.... weird? -
unandig Member Posts: 25 ■□□□□□□□□□Thanks Plantwiz for your reply, it has helped a lot. Finding someone that is motivated for the job is what we need.
-
Cold Titanium Users Awaiting Email Confirmation Posts: 82 ■■□□□□□□□□"read a few articles on bleepingcomputer.com, and download Malwarebytes, ComboFix and TDSSKiller. "
Woah there! Combofix can be a very dangerous tool if wielded wrong. I'd suggest you be highly cautious with it. I've seen a couple systems bricked because of someone goofing around with it.2014 Goals- Pass OSCP (In Progress)
- Obtain employment in IT Security
-
sratakhin Member Posts: 818I used ComboFix on hundreds of systems and only saw negative consequences may be a couple of times. What's the worst that can happen? Save the user's data and reinstall Windows
-
Brian12 Registered Users Posts: 1 ■□□□□□□□□□NetworkingStudent wrote: »Depends on the shop/person....Some people swear by Combofix, while others say it can destroy Windows files. Everyone has a favorite tool they swear by for removing malware.
I found this guide that might help
Malware Removal Guide for Windows - Select Real Security
Thank you.