Virus/Malware Removal Guide for Windows

Brian12 · 08-21-2012, 09:22

Hi everyone,

I would like to share my malware removal guide with the forum community. It contains step-by-step instructions on how to remove malicious software from a computer. It's a work in progress. I would appreciate any feedback.

Guide: http://www.selectrealsecurity.com/ma...removal-guide/

Comments and Reviews: http://www.selectrealsecurity.com/comments-and-reviews/

Quote:

This guide will help you remove malicious software from your computer. If you think your computer might be infected with a virus or trojan, you may want to use this guide. It provides step-by-step instructions on how to remove malware from Windows operating system. It highlights free malware removal tools and resources that are necessary to clean your computer. You will quickly learn how to remove a virus, a rootkit, spyware, and other malware.

Brian12 · 08-23-2012, 21:01

Post.

sappy13 · 08-23-2012, 21:58

You hit the just about all the main stuff. My typical removal is
1. Rkill
2. TDSS
3. Malware Bytes
4. ComboFix ONLY if needed
5. Ccleaner-Temp, Reg Cleaning, Startup, and Uninstalls
6. Delete all old restore points and create clean restore point.

The unhide utility is a great one if its a bad infection. Takes forever to run though. Just go to lunch while it runs.

Here is a good one for you. This will fix .EXE file associations, which a lot of malware will mess with to prevent removal programs from running. Create a file called "FixEXE.reg". Then copy this script into there. Worked like a champ for me for a long time.

"FixEXE.Reg" Script

Windows Registry Editor Version 5.00

[-HKEY_CLASSES_ROOT\.exe\shell]

[-HKEY_CLASSES_ROOT\.exe\DefaultIcon]

[HKEY_CLASSES_ROOT\.exe]
@="exefile"

[HKEY_CLASSES_ROOT\exefile]
"Content Type"=-

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
"IsolatedCommand"=-

[HKEY_CLASSES_ROOT\exefile\shell\runas\command]
"IsolatedCommand"=-

[HKEY_CLASSES_ROOT\.bat]
@="batfile"

[HKEY_CLASSES_ROOT\batfile\shell\open\command]
@="\"%1\" %*"

[-HKEY_CURRENT_USER\SOFTWARE\Classes\.exe]

[-HKEY_CURRENT_USER\Software\Classes\exefile]

[-HKEY_CLASSES_ROOT\secfile]

[-HKEY_CURRENT_USER\Software\Classes\secfile]

[-HKEY_CLASSES_ROOT\pezfile]

[-HKEY_CURRENT_USER\Software\Classes\pezfile]

[-HKEY_CLASSES_ROOT\sezfile]

[-HKEY_CURRENT_USER\Software\Classes\sezfile]

[-HKEY_CLASSES_ROOT\ah]

[-HKEY_CURRENT_USER\Software\Classes\ah]

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command]
@="firefox.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command]
@="firefox.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
@="iexplore.exe"

IndyGunFreak · 08-23-2012, 22:31

I would just say "Install Linux"... but I love reading "fix window" threads..

sappy13 · 08-23-2012, 22:49

Quote:

Originally Posted by IndyGunFreak

I would just say "Install Linux"... but I love reading "fix window" threads..

/agree

Can't remember a time when my Linux box had an issue after visiting any site or Downloading something.

Sent from my LG-P925 using Tapatalk 2

captainstormy · 08-23-2012, 23:56

Quote:

Originally Posted by IndyGunFreak

I would just say "Install Linux"... but I love reading "fix window" threads..

I agree those other posts are crazy long about how ti fix a virus issue. Not sure why people still use windows myself.

Bushflyr · 08-24-2012, 00:39

Quote:

Originally Posted by captainstormy

I agree those other posts are crazy long about how ti fix a virus issue. Not sure why people still use windows myself.

Because it keeps IT wonks in kibble and beer.

99% of them would be on the street if it weren't for Redmond turning out crap code.

Brian12 · 08-24-2012, 09:28

Hi sappy13,

Thanks for your input. I have "FixEXE.Reg" in this guide: http://www.selectrealsecurity.com/st...ous-processes/

captainstormy · 08-24-2012, 12:05

Quote:

Originally Posted by Bushflyr

Because it keeps IT wonks in kibble and beer.

99% of them would be on the street if it weren't for Redmond turning out crap code.

No doubt that it does keep a good number of guys employed. That's something I suppose.

MySiK26 · 08-25-2012, 19:25

tagged.

Brian12 · 09-23-2012, 17:36

More opinions?

medman357 · 09-23-2012, 18:55

Buy a Mac LOL

GlockFanWA · 09-23-2012, 21:44

My advice to people is learn some common sense. Having been a heavy Windows user since 3.1 I have never had an infection of any type on my computer.

IndyGunFreak · 09-24-2012, 03:33

Quote:

Originally Posted by GlockFanWA

My advice to people is learn some common sense. Having been a heavy Windows user since 3.1 I have never had an infection of any type on my computer.

I agree. I've never had a "major" issue on my Windows computers either (although I've cleared them for family numerous times).

That said, I despise Windows.

Brian12 · 10-05-2012, 11:22

The guide has been updated: http://selectrealsecurity.blogspot.com/

NMGlocker · 10-10-2012, 10:24

Invasion of the Linux nerds.
In one thread they say all computer problems would be solved if everyone was on Linux, in another thread they talk about Linux not being the best desktop OS/GUI.