Our community has more than 50.000 registered members, and we'd love to have you as a member. Join us and take part in our unbiased discussions among people of all different backgrounds about Windows OS, Software, Hardware and more.
Part of my duties at work is overseeing infected systems coming into the retail side of our business.
Keep in mind I am giving you a perspective on what's going on in U.S. infected systems. Exploits vary my country these days.
99% what I am seeing lately is exploit/repair ware. You know the screen that pops up and warns the user your machine is infected with blah-blah and to call a toll-free number for help.
As long as the user hasn't relinquished control of their system a couple of scans with adwcleaner and any other anti malware program usually does the trick. Check out Bleeping Computer for current reviews of anti-malware programs, things change and programs don't always keep up.
Malwarebytes is my old stand-by but whatever works for you, so be it.
If the user has allowed access remotely to their system, it's either Win 10 system reset, save files but scan them afterwards or reload Win 7. System restore has either been disabled or can't be trusted in all cases I have encountered.
I haven't seen a need for anti-rootkit programs since the Russians went crazy and were utilizing rootkit variations of code they purchased on IRC. Ironically that stopped in the U.S. after the 2016 elections, you draw your own conclusions but it's a fact.
I will try to check in if I encounter anything new worth mentioning.
Keep in mind, YMMV.
Just out of curiosity, knowing that the members here may encounter some files that John Q Average may not, I have a question:
What A/V are you using and how often does it give you false positives?
Now that's kind of a loaded question. I think A/V software companies biggest fear is the one that got thru.
A/V companies rely heavily on user's program feedback to build their databases. This is why so many companies provide free versions of their software, you are in effect an employee of theirs. Non-commercial users are more prone to go to those "funny" places where infections prevail.
Their second line of detection is heuristics. That is they scan for virus-like activity or software signatures that are missing or forged. This is the source of false positives. Many of the patches or activators peer into places in the operating system and registry and read and or alter sensitive information which makes some A/Vs go bonkers.
My own experience so far is Avast is the king of the false positives. Their thinking must be just call everything a virus that they aren't aware of and let the user sort it out. Kaspersky isn't so bad. Windows Defender for Win 10 is pretty well mannered too. I don't know if it's already been said but Defender in Windows 7 is not the same as Win 10 and should not be a first line defense.
Well what's your experience? It's a different user that comes here and I would welcome all forum members to post their own A/V opinions