Published: July 10, 2007
The aim of the Malware Removal Starter Kit is to provide reactive guidance and prescriptive steps to help you recover a computer that has been exposed to malicious software. It is important to understand that no process can guarantee a full recovery from the damage that malicious software can do. For this reason, there is no substitute for solid defenses and reliable backup and recovery processes. In this way, if the worst does happen and you have to rebuild the computer, the impact will be minimized.
If you do use the recovery steps in this guide, we recommend spending some time after the computer is fixed to investigate how the malicious software was introduced to it. This effort should attempt to learn how the problem was introduced rather than trying to find something or someone to blame. If the weakness was with a technical defense measure, such as a firewall or antivirus program, you can review it and update the measure as required. If the problem was introduced because of the actions of staff, additional training may be required to ensure the problem is not repeated. Remember the golden rule: “Prevention is better than cure.”
Finally, while this guide is specifically written to help IT Generalists repair computers attacked by malware in small- to medium-sized organizations, much of this information is valuable for protecting the home computers that belong to you and your staff. For more information about protecting home computers, visit the Microsoft Security at Home Web site.
Please direct questions and comments about this guidance to Security Solutions Questions & Feedback.
The Solution Accelerators – Security and Compliance group (SA-SC) would like to acknowledge and thank the team that produced the Malware Removal Starter Kit. The following people were either directly responsible or made a substantial contribution to the writing, development, and testing of this solution.
Authors, Contributors, and Writers
John Cobb - Wadeware LLC
Richard Harrison – Content Master Ltd
Jennifer Kerns - Wadeware LLC
Gaurav Singh Bora
Saurabh Garg - Infosys Technologies Ltd
Sumit Parikh - Infosys Technologies Ltd
Cindy Agnew - Fife School District, Dr. Barbara Endicott-Popovsky, Joseph Kessler, Thom Nesbitt, Sterling Reasor
Rebecca Black, Anthony Blumfield, Derick Campbell, Chase Carpenter, Shiroy Choksey, Bret Clark, Steve Clark, Greg Cottingham, Jeremy Croy, Fidelis Ekezue, Joe Faulhaber, Karl Grunwald, Kumi Hilwa, Bashar Kachachi, David Kennedy, Jimmy Kuo, Greg Lenti, Nishanth Lingamneni, Mark Miller, Adam Overton, Sanjay Pandit, Bill Stackpole, Max Uritsky, Jeff Williams, Lee Yan