Spawn

Administrator
Verified
Staff member
Looking to know if there is a secure way to delete any malicious files from your PC, that are undetected by your current AV.

I've seen some samples, come with the .vir extension so it cannot be executed, correct?

Thanks for the help. :D
 
D

Deleted member 178

Earth said:
I've seen some samples, come with the .vir extension so it cannot be executed, correct?
Correct, this file extension are the way some antivirus detect and forbid their execution unless done manually.
 
P

Plexx

If not mistaken Unlocker could also unlock to allow deletion but I would need to test.
 

blues

Level 1
The nearest thing I can think of to a bulletproof remedy would be to surf while employing Shadow Defender (or a similar app).

Then when you reboot any trace of malware will be gone as long as you didn't somehow provide an exclusion for it or "commit" it to your system.
 
D

Deleted member 178

blues said:
The nearest thing I can think of to a bulletproof remedy would be to surf while employing Shadow Defender (or a similar app).

Then when you reboot any trace of malware will be gone as long as you didn't somehow provide an exclusion for it or "commit" it to your system.
Exactly what i'm doing when testing malwares. SD allow me to use my real system, and see its efficiency.
 

blues

Level 1
umbrapolaris said:
blues said:
The nearest thing I can think of to a bulletproof remedy would be to surf while employing Shadow Defender (or a similar app).

Then when you reboot any trace of malware will be gone as long as you didn't somehow provide an exclusion for it or "commit" it to your system.
Exactly what i'm doing when testing malwares. SD allow me to use my real system, and see its efficiency.
Just to play devil's advocate, why wouldn't you want to have a setup such as this one to run all the time?:

Sandboxie (to restrict start/run, resource access, net access)

PrivateFirewall (inbond/outbound firewall, anti-logger, HIPS/Process detection)

Shadow Defender: (reboot to restore a clean machine (aside from committed / excluded files)

None of those three apps require frequent updates (none for SD) and other than having to come out of shadow mode to install updates to your system or add files to your real system, I can see little downside.

So, what is the benefit of having (like i do in my signature), security apps that require daily updating and which can still possibly leave your "real" system exposed?

Thanks for your thoughts and reply.
 
D

Deleted member 178

1- i do lot of manipulations and installations on my system and datas' partition, so running them under Shadow Mode permanently will make me commit too many folders.

2- i don't like PrivateFirewall

3- i don't have a Sandboxie license

4- i have a backup image

5- i like my config ^^
 
D

Deleted member 178

blues said:
Well, shut my mouth! :p
Your advices were pertinent, i admit to have thought for a while about running my system permanently under a multi-virtualized environment, but the restrictions i said above made me keep my "overkill" config.
 

blues

Level 1
umbrapolaris said:
blues said:
Well, shut my mouth! :p
Your advices were pertinent, i admit to have thought for a while about running my system permanently under a multi-virtualized environment, but the restrictions i said above made me keep my "overkill" config.
I knew you weren't being rude...I was just having a little fun is all.

Your thoughts and insights are appreciated. It helps us learn.
 
D

Deleted member 178

blues said:
Your thoughts and insights are appreciated. It helps us learn.
Thanks :D

Feel free to ask whatever you want on this forum , members here have various approaches about security so you will always have multiple possibilities and advices.

I am among the "wisely-made overkill & paranoid approach" when others are the total opposite following a more simple and minimalistic way, running all under sandboxie and other virtualized system.
 
P

Plexx

umbrapolaris said:
I am among the "wisely-made overkill & paranoid approach" when others are the total opposite following a more simple and minimalistic way, running all under sandboxie and other virtualized system.
Lets not forget the users in the middle. Somehow I felt left out :p
 

blues

Level 1
I think my signature shows that I travel those same roads. I'm more concerned about protecting personal and financial data (from loggers etc) than I am about getting infected in general. (I make images regularly with Drive Snapshot and Macrium, alternating.)

That said, it's pretty funny that the search for and implementation of security software becomes an addiction and passion all its own. ;)

Reminds me of folks who'd rather clean their motorcycles than ride them. LOL!
 
P

Plexx

Someone give umbra a Harley with custom paint with Malware written on it :p
 
D

Deleted member 178

blues said:
That said, it's pretty funny that the search for and implementation of security software becomes an addiction and passion all its own. ;)
Reminds me of folks who'd rather clean their motorcycles than ride them. LOL!
Your are very close to the truth, it will be more than 3 years without any infections...i must run some malwares myself to see my AVs in action :D
 
Top