What's your infected machine "attack strategy"?

reimage

 

thanks ranget, i can do that. but what about things like browsing history, book marks, or even cookies that i might like to keep?

 

maybe File or Folder (the path of Bookmark Folder ) exclusion ? i don't think that is possible i never tried it

 

Depending on which program you use, you can have exclusion folders on the "shadow" or "frozen" drive. I never use that option and just have all my data on a separate partition - including all browser profiles, etc. I can't imagine computing life without these programs, but many (like yourself) make many changes to the system and deem it a hassle. The PLUS side of it is installing and trying new programs without having to commit to them - after a reboot they are gone. You just reboot in an unfrozen mode to add a program and commit a change permanently. Again, depending on the program, with some you can enter a special mode and 'commit' permanently without the need to reboot. Initially developed for libraries, public kiosks and the like, many of these companies are now more openly targeting the consumer with these products.

 

Here's my advice for novice to advanced users:
https://www.techsupportalert.com/content/how-clean-infected-computer.htm

That said, I haven't taken into account what to do about ransomware. At that point I don't think there's much you can do. Is there?

 

You can always check kernelmode.info, to see if anyone posted specific removal links.

 

removal (cleaning) is futile!

you cant repair - you cant fill gaps - you dont know nothing about that malware!

Image/backup all and restart from scratch including mbr.
then you can recover secure data.

admins first three rules: backup, backup, backup.

 

As Ranget alluded to, the easiest way to use disk virtualization utilities is to have separate system and data partitions, with just the system partition virtualised during normal use. Depending on which browser and mail client you are using, it may be possible to move the browser and mail client profiles to the data partition.

For example, I use Firefox as my main browser and Thunderbird as my mail client and moved the Firefox and Thunderbird profiles to my data partition. As Firefox and Thunderbird store all user data within their profile folders this works well. It also simplifies the task of making and restoring images of the system partition.

 

According to what I've read, doing this is not a good idea for cleaning up malware.

Read this -http://forums.malwarebytes.org/index.php?showtopic=108587