Author Topic: Malware Prevention / Detection / Removal  (Read 86352 times)

0 Members and 1 Guest are viewing this topic.

August 04, 2007, 05:40:12 pm
Read 86352 times

JohnC

  • Special Members
  • Hero Member

  • Offline
  • *

  • 1964
There are some great websites available to help people identify if they are infected with malware and if so, try to remove it. They also give great advice to help you prevent being infected.

Here is a small list of good websites, which are recommended for people that think they might be infected.

BleepingComputer Forum
SecurityCadets Forum
SuggestAFix Forum
MalwareRemoval Forum
MalwareBytes Forum
GeeksToGo Forum
MajorGeeks Forum
CastleCops Forum
TheSpyKiller Forum
TechGuy Forum
SpywareInfo Forum
SpyBot S&D Forum
SpywareWarrior Forum
MalwareTeks Forum
WildersSecurity Forum
TeMerc Forum
PC PitStop Forum
Atribune


I just came across a site which has a more comprehensive list which you may find useful. It is the Alliance of Security Analysis Professionals (ASAP).

December 10, 2007, 08:37:51 am
Reply #1

addepalli

  • Newbie

  • Offline
  • *

  • 5
Why don't we start one of our own?

We definitely have all the expertise..

I'm game in case you want to start one :)

December 10, 2007, 11:41:37 am
Reply #2

sowhat-x

  • Guest
Quote
Why don't we start one of our own?
We definitely have all the expertise...

Here are my personal thoughts...
certainly don't consider them though as an "official statement" or so... :)

There are at list 15 different forums out there dealing with this kind of stuff,
and even more,if you also add to the above list,
the official support forums from AV/anti-spyware and firewall products...
you get my point here...adding one more to the list,
is certainly not gonna help end-users' daily experience become malware free...
In short (and especially when it comes to already well-known AV products' support forums),
in what way would it help to replicate other people's work?  ::)

Quite a few of the aformentioned forums also act as "frontends" for some AV products...
this obviously means quite a lot of important things,but I'll just stick to the most relevant ones:
that regardless the fact if we "have all the expertise" or not,quite a few of the people there,
who are charged with the concept of assisting end-users in removing/healing infections,
might also have direct access to the malware in question from inside the security firm they work for...
Thereby,they can give out to people the BEST possible instructions.
Obviously,we don't have that kind of access here...
and beyond a certain point,it also becomes a matter of personal/ethical responsibility:
giving semi-working instructions to malware victims out there,
is something that no one would like to be happening...  :(

There's more stuff to think of...
say for example,in the cases where these forums don't act like "frontends":
they are at least sponsored by some security firms/organizations...
something which also isn't the case here in MDL.
Maths are more than simple here:sponsors equal money,and money equals time.
And in order to have people willing to regularly help others in proper disinfection,
obviously,both time and money are needed to fulfill these requirements...lol...
do you really believe that everyone out there spends his/her time doing this,
only because he/she is a "good samaritan"?  ;D
There are no companies/firms/whatsoever here to accomplish properly the above task...

Actually,it's exactly the strict policy of AV firms to NOT share malware links in "public",
that made the need/existence of MDL possible in first place...at least for the most part of it.
That's fairly understandable from their point of view...again,maths are simple:
more 'private' samples equals better detection rates and this equals more sales... :)
We simply share a different point of view regarding this problem:
since literally tons of hacks and exploit codes get to be publicly available these last years,
the "full disclosure" as it is called...
then why should websites hosting already precompiled malware exes and other threats,
not be available to admins/researchers?
Things are interconnected...more or less,what has been already proved,
is that along with the "full disclosure" explosion,
what we also get to see as one of the "side-effects",is also a malware distribution explosion:
is there really anyone out there who actually believes this is gonna stop?  :(
Times have changed drastically,and older "taboos" have no place/excuse no more...

...MDL is still a hobby project,aiming to evolve to a united community effort,
in the fight against malware,a meeting point for the currently individual researchers:
no matter where they come from,be it reversers,network admins,whatever...
Anyone who wants to share info with the public,for whatever reason,
either it be a "professional aver" working daily in some company to earn his/her living,
or an "amateur individual researcher" trying to learn a bit of stuff...is of course welcomed. :)

December 10, 2007, 03:51:31 pm
Reply #3

addepalli

  • Newbie

  • Offline
  • *

  • 5