Jump to content

Looking for training in the area of Infection Removal


Recommended Posts

I currently work for a computer repair shop and I often see infections come through the door. I generally never have an issue removing the infections using the tools I have cultivated over time doing research on forums and using Google. However, I know there are individuals who are skilled in using tools such as HijackThis and Combofix. I am looking for for someone to guide me down a path where I can learn how to use these tools and others. I am looking to learn how to read over logs and understand them so I can assist others and be better at my job.

Currently I use the following tools, not for every job, but they are in my "kit":

 

rkill

JRT

ADW

Hitman Pro

MBAM

Norton Power Eraser

TDSS Killer

Ccleaner

Tweaking Repair

 

With these tools I am able to handle pretty much every infection. The biggest problems I have are Browser Infections in IE.

 

Please let me know if you can assist me in going down the correct path. 

 

Thank you.

 

Link to post
Share on other sites

HijackThis and Combofix are tools for forum and trained Malware Removal helpers.

 

People who have access to infected computers should use low level tools such as Process Explorer, AutoRuns, TCPView and Process Monitor by the Sysinternals branch of Microsoft.  Other tools from NirSoft such as CPorts and BlueScreenView.

 

As for Browser related issues, they are caused when a Browser Helper Object ( BHO ) is used.  AutoRuns delineates them.

 

Someone in a service shop should get acquainted with and get experienced in actual technical tools. 

 

Of course I also suggest getting Malwarebytes TechBench as using MBAM in a shop to clean a customer's PC is a clear EULA violation.

Malwarebytes Techbench USB Tool Help

Link to post
Share on other sites

Hello Failedpixel, and welcome to Malwarebytes forum.

 

This site is not able to provide full training for exactly what you want, but our list below covers most of those that can help you.

Note that there are times that these training schools have more applicants than spaces, so you are best to try a few and see if you can get accepted by one of them.

 

If you're interested in helping others with removal of Malware please visit one of the sites below to sign up for a training school.
 

Good Luck, and thank you for the enquiry.  :)

 

The following are general recognized websites who host training facilities: United Network of Instructors and Trained Eliminators

Link to post
Share on other sites

  • Root Admin

If you're unable to get into one of the schools right away then the following can help you learn quite a bit about digging in deeper to find out what's going on and help to remove malware of fix other difficult to find computer issues.

 

Please download Microsoft Process Monitor from the following link.
https://technet.microsoft.com/en-us/Library/bb896645.aspx

The links below are videos that go into more detail on how to use and how to try to track down issues using the tool.

Case of the Unexplained: Troubleshooting with Mark Russinovich



Case of the Unexplained: Troubleshooting with Mark Russinovich


TWC: Malware Hunting with Mark Russinovich and the Sysinternals Tools



Mysteries of Memory Management Revealed (Part 1/2)


Mysteries of Memory Management Revealed (Part 2/2)



Windows Debugging and Troubleshooting



Process Monitor Filter Tips


 
Link to post
Share on other sites

Thanks for all the links everyone, a starting point was exactly what I was looking for. 

 

I had no idea using MBAM on a customer's computer was a violation of the EULA. The shop owner is the one who told me about it. I will let her know about the tech version. 

 

Thank you everyone.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.