close

Privacy guaranteed - Your email is not shared with anyone.

Virus/Malware Removal Guide for Windows

Discussion in 'Tech Talk' started by Brian12, Aug 21, 2012.

  1. Brian12

    Brian12

    Joined:
    Apr 22, 2012
    Messages:
    6
    Likes Received:
    0
    Hi everyone,

    I would like to share my malware removal guide with the forum community. It contains step-by-step instructions on how to remove malicious software from a computer. It's a work in progress. I would appreciate any feedback. :supergrin:

    Guide: http://www.selectrealsecurity.com/malware-removal-guide/

    Comments and Reviews: http://www.selectrealsecurity.com/comments-and-reviews/

     
    Last edited: Nov 15, 2012
  2. Brian12

    Brian12

    Joined:
    Apr 22, 2012
    Messages:
    6
    Likes Received:
    0
    Post.
     
    Last edited: Nov 15, 2012

  3. sappy13

    sappy13

    Joined:
    Sep 30, 2007
    Messages:
    2,666
    Likes Received:
    1
    Location:
    Bremen, GA
    You hit the just about all the main stuff. My typical removal is
    1. Rkill
    2. TDSS
    3. Malware Bytes
    4. ComboFix ONLY if needed
    5. Ccleaner-Temp, Reg Cleaning, Startup, and Uninstalls
    6. Delete all old restore points and create clean restore point.

    The unhide utility is a great one if its a bad infection. Takes forever to run though. Just go to lunch while it runs.

    Here is a good one for you. This will fix .EXE file associations, which a lot of malware will mess with to prevent removal programs from running. Create a file called "FixEXE.reg". Then copy this script into there. Worked like a champ for me for a long time.

    "FixEXE.Reg" Script


    Windows Registry Editor Version 5.00

    [-HKEY_CLASSES_ROOT\.exe\shell]

    [-HKEY_CLASSES_ROOT\.exe\DefaultIcon]

    [HKEY_CLASSES_ROOT\.exe]
    @="exefile"

    [HKEY_CLASSES_ROOT\exefile]
    "Content Type"=-

    [HKEY_CLASSES_ROOT\exefile\shell\open\command]
    @="\"%1\" %*"
    "IsolatedCommand"=-

    [HKEY_CLASSES_ROOT\exefile\shell\runas\command]
    "IsolatedCommand"=-

    [HKEY_CLASSES_ROOT\.bat]
    @="batfile"

    [HKEY_CLASSES_ROOT\batfile\shell\open\command]
    @="\"%1\" %*"

    [-HKEY_CURRENT_USER\SOFTWARE\Classes\.exe]

    [-HKEY_CURRENT_USER\Software\Classes\exefile]

    [-HKEY_CLASSES_ROOT\secfile]

    [-HKEY_CURRENT_USER\Software\Classes\secfile]

    [-HKEY_CLASSES_ROOT\pezfile]

    [-HKEY_CURRENT_USER\Software\Classes\pezfile]

    [-HKEY_CLASSES_ROOT\sezfile]

    [-HKEY_CURRENT_USER\Software\Classes\sezfile]

    [-HKEY_CLASSES_ROOT\ah]

    [-HKEY_CURRENT_USER\Software\Classes\ah]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command]
    @="firefox.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command]
    @="firefox.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
    @="iexplore.exe"
     
  4. IndyGunFreak

    IndyGunFreak

    Joined:
    Jan 26, 2001
    Messages:
    26,457
    Likes Received:
    1,703
    Location:
    Indiana
    I would just say "Install Linux"... but I love reading "fix window" threads.. :)
     
  5. sappy13

    sappy13

    Joined:
    Sep 30, 2007
    Messages:
    2,666
    Likes Received:
    1
    Location:
    Bremen, GA
    /agree

    Can't remember a time when my Linux box had an issue after visiting any site or Downloading something.

    Sent from my LG-P925 using Tapatalk 2
     
  6. captainstormy

    captainstormy

    Joined:
    Jul 3, 2007
    Messages:
    4,935
    Likes Received:
    458
    Location:
    Columbus, Ohio
    I agree those other posts are crazy long about how ti fix a virus issue. Not sure why people still use windows myself.
     
  7. Bushflyr

    Bushflyr ʇno uıƃuɐɥ ʇsnɾ Millennium Member

    Joined:
    Mar 17, 1999
    Messages:
    3,532
    Likes Received:
    3
    Location:
    Western WA
    Because it keeps IT wonks in kibble and beer. :supergrin: 99% of them would be on the street if it weren't for Redmond turning out crap code.

    [​IMG]
     
  8. Brian12

    Brian12

    Joined:
    Apr 22, 2012
    Messages:
    6
    Likes Received:
    0
  9. captainstormy

    captainstormy

    Joined:
    Jul 3, 2007
    Messages:
    4,935
    Likes Received:
    458
    Location:
    Columbus, Ohio
    No doubt that it does keep a good number of guys employed. That's something I suppose. :cool:
     
  10. MySiK26

    MySiK26 ******

    Joined:
    May 5, 2008
    Messages:
    2,950
    Likes Received:
    0
    Location:
    Mulligan's Valley, CO
  11. Brian12

    Brian12

    Joined:
    Apr 22, 2012
    Messages:
    6
    Likes Received:
    0
  12. medman357

    medman357

    Joined:
    Aug 10, 2012
    Messages:
    8
    Likes Received:
    0
    Location:
    Palm Coast, FL
  13. GlockFanWA

    GlockFanWA

    Joined:
    Sep 9, 2012
    Messages:
    724
    Likes Received:
    12
    Location:
    Washington
    My advice to people is learn some common sense. Having been a heavy Windows user since 3.1 I have never had an infection of any type on my computer.
     
  14. IndyGunFreak

    IndyGunFreak

    Joined:
    Jan 26, 2001
    Messages:
    26,457
    Likes Received:
    1,703
    Location:
    Indiana
    I agree. I've never had a "major" issue on my Windows computers either (although I've cleared them for family numerous times).

    That said, I despise Windows.
     
  15. Brian12

    Brian12

    Joined:
    Apr 22, 2012
    Messages:
    6
    Likes Received:
    0
  16. NMGlocker

    NMGlocker BOOM headshot

    Joined:
    Jun 29, 2001
    Messages:
    2,014
    Likes Received:
    0
    Location:
    New Mexico
    Invasion of the Linux nerds.
    In one thread they say all computer problems would be solved if everyone was on Linux, in another thread they talk about Linux not being the best desktop OS/GUI.
    :rofl: