close

Privacy guaranteed - Your email is not shared with anyone.

Virus/Malware Removal Guide for Windows

Discussion in 'Tech Talk' started by Brian12, Aug 21, 2012.


  1. Brian12

    Brian12
    Expand Collapse

    Joined:
    Apr 22, 2012
    6
    0
    Hi everyone,

    I would like to share my malware removal guide with the forum community. It contains step-by-step instructions on how to remove malicious software from a computer. It's a work in progress. I would appreciate any feedback. :supergrin:

    Guide: http://www.selectrealsecurity.com/malware-removal-guide/

    Comments and Reviews: http://www.selectrealsecurity.com/comments-and-reviews/

     

    Wanna kill these ads? We can help!
    #1 Brian12, Aug 21, 2012
    Last edited: Nov 15, 2012
  2. Brian12

    Brian12
    Expand Collapse

    Joined:
    Apr 22, 2012
    6
    0
    Post.
     

    #2 Brian12, Aug 23, 2012
    Last edited: Nov 15, 2012
  3. sappy13

    sappy13
    Expand Collapse

    Joined:
    Sep 30, 2007
    2,666
    1
    Location:
    Bremen, GA
    You hit the just about all the main stuff. My typical removal is
    1. Rkill
    2. TDSS
    3. Malware Bytes
    4. ComboFix ONLY if needed
    5. Ccleaner-Temp, Reg Cleaning, Startup, and Uninstalls
    6. Delete all old restore points and create clean restore point.

    The unhide utility is a great one if its a bad infection. Takes forever to run though. Just go to lunch while it runs.

    Here is a good one for you. This will fix .EXE file associations, which a lot of malware will mess with to prevent removal programs from running. Create a file called "FixEXE.reg". Then copy this script into there. Worked like a champ for me for a long time.

    "FixEXE.Reg" Script


    Windows Registry Editor Version 5.00

    [-HKEY_CLASSES_ROOT\.exe\shell]

    [-HKEY_CLASSES_ROOT\.exe\DefaultIcon]

    [HKEY_CLASSES_ROOT\.exe]
    @="exefile"

    [HKEY_CLASSES_ROOT\exefile]
    "Content Type"=-

    [HKEY_CLASSES_ROOT\exefile\shell\open\command]
    @="\"%1\" %*"
    "IsolatedCommand"=-

    [HKEY_CLASSES_ROOT\exefile\shell\runas\command]
    "IsolatedCommand"=-

    [HKEY_CLASSES_ROOT\.bat]
    @="batfile"

    [HKEY_CLASSES_ROOT\batfile\shell\open\command]
    @="\"%1\" %*"

    [-HKEY_CURRENT_USER\SOFTWARE\Classes\.exe]

    [-HKEY_CURRENT_USER\Software\Classes\exefile]

    [-HKEY_CLASSES_ROOT\secfile]

    [-HKEY_CURRENT_USER\Software\Classes\secfile]

    [-HKEY_CLASSES_ROOT\pezfile]

    [-HKEY_CURRENT_USER\Software\Classes\pezfile]

    [-HKEY_CLASSES_ROOT\sezfile]

    [-HKEY_CURRENT_USER\Software\Classes\sezfile]

    [-HKEY_CLASSES_ROOT\ah]

    [-HKEY_CURRENT_USER\Software\Classes\ah]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command]
    @="firefox.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command]
    @="firefox.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
    @="iexplore.exe"
     
  4. IndyGunFreak

    IndyGunFreak
    Expand Collapse
    KO Windows

    Joined:
    Jan 26, 2001
    25,699
    982
    Location:
    Indiana
    I would just say "Install Linux"... but I love reading "fix window" threads.. :)
     
  5. sappy13

    sappy13
    Expand Collapse

    Joined:
    Sep 30, 2007
    2,666
    1
    Location:
    Bremen, GA
    /agree

    Can't remember a time when my Linux box had an issue after visiting any site or Downloading something.

    Sent from my LG-P925 using Tapatalk 2
     
  6. captainstormy

    captainstormy
    Expand Collapse

    Joined:
    Jul 3, 2007
    4,730
    336
    Location:
    Columbus, Ohio
    I agree those other posts are crazy long about how ti fix a virus issue. Not sure why people still use windows myself.
     
  7. Bushflyr

    Bushflyr
    Expand Collapse
    ʇno uıƃuɐɥ ʇsnɾ
    Millennium Member

    Joined:
    Mar 17, 1999
    3,524
    0
    Location:
    Western WA
    Because it keeps IT wonks in kibble and beer. :supergrin: 99% of them would be on the street if it weren't for Redmond turning out crap code.

    [​IMG]
     
  8. Brian12

    Brian12
    Expand Collapse

    Joined:
    Apr 22, 2012
    6
    0
  9. captainstormy

    captainstormy
    Expand Collapse

    Joined:
    Jul 3, 2007
    4,730
    336
    Location:
    Columbus, Ohio
    No doubt that it does keep a good number of guys employed. That's something I suppose. :cool:
     
  10. MySiK26

    MySiK26
    Expand Collapse
    ******

    Joined:
    May 5, 2008
    2,950
    0
    Location:
    Mulligan's Valley, CO
    tagged.
     
  11. Brian12

    Brian12
    Expand Collapse

    Joined:
    Apr 22, 2012
    6
    0
    More opinions?
     
  12. medman357

    medman357
    Expand Collapse

    Joined:
    Aug 10, 2012
    8
    0
    Location:
    Palm Coast, FL
    Buy a Mac LOL
     
  13. GlockFanWA

    GlockFanWA
    Expand Collapse

    Joined:
    Sep 9, 2012
    722
    12
    Location:
    Washington
    My advice to people is learn some common sense. Having been a heavy Windows user since 3.1 I have never had an infection of any type on my computer.
     
  14. IndyGunFreak

    IndyGunFreak
    Expand Collapse
    KO Windows

    Joined:
    Jan 26, 2001
    25,699
    982
    Location:
    Indiana
    I agree. I've never had a "major" issue on my Windows computers either (although I've cleared them for family numerous times).

    That said, I despise Windows.
     
  15. Brian12

    Brian12
    Expand Collapse

    Joined:
    Apr 22, 2012
    6
    0
  16. NMGlocker

    NMGlocker
    Expand Collapse
    BOOM headshot

    Joined:
    Jun 29, 2001
    2,014
    0
    Location:
    New Mexico
    Invasion of the Linux nerds.
    In one thread they say all computer problems would be solved if everyone was on Linux, in another thread they talk about Linux not being the best desktop OS/GUI.
    :rofl: