Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
ttam

Malware Removal Guide

Recommended Posts

Posted · Original PosterOP

This is my personal preference on removal or spyware and what I found to work the best. If you have a difference of opinion please keep it civil and don't post (while having a heartattack) to tell me how wrong I am. These are steps that I've done daily, for many years, while working in computer repair shops.

 

These are also great steps for those of us that are more computer savvy, because the junk files still accumulate up on our computers even if were extra cautious.

 

Step #1 -

I prefer a clean boot into Windows NORMAL mode.

You only need to boot into Safe Mode if there are things you want to avoid from opening at startup.

Disable your anti virus to make sure no conflicts happen.

 

Step #2 -

Program time. I run a few different programs depending on what I need. They are all small programs and live on my flash drive.

 

#0 RKill - http://www.bleepingcomputer.com/download/rkill/ - Mainly optional. It runs real quick and kills processes.

#1 AdwCleaner http://www.bleepingcomputer.com/download/adwcleaner/ - Run this, it's a pretty fast scan that will restart your computer.

#2 Hitman Prohttp://www.surfright.nl/en/downloads - Choose the 32 or 64 bit option. I run this as the second scan, it finds most of the things were searching for. I always enter a fake email for the 30 day trial version. Normally in a shop, I won't need to use it again.

#3 JRT http://www.bleepingcomputer.com/download/junkware-removal-tool/ - It's a basic command prompt tool, it's found things others have not and it made it's way into my tool kit.

#4 TDSSKiller http://www.bleepingcomputer.com/download/tdsskiller/ - Normal and quick rootkit scanner.

#5 Combofix http://www.bleepingcomputer.com/download/combofix/ - This is my last scan. It normally finds the rest and all of it. It's the longest scan and will also sometimes restart your computer. After it's done, press Windows Key + R and type combofix /uninstall

 

Not badly infected? Do just steps #1, 2 and run CCleaner

 

Ad Block Plus! This is a great browser extension that stops a lot of the ads, etc that lead to malware.

For Chromehttps://chrome.google.com/webstore/detail/adblock-plus/cfhdojbkjhnklbpkdaibdccddilifddb?hl=en-US

For Fireoxhttps://addons.mozilla.org/en-US/firefox/addon/adblock-plus/

For Internet Explorer > http://www.google.com/chrome Just install chrome already...

 

Step #3 -

Malwarebytes & Kapersky Rescue Disc @ Stubborn infections

This is a great step if you have a USB dock or able to hook up a drive as a secondary drive.

 

Malwarebytes Anti Malware

Thisis where Malwarebytes shines in my book.

Program can be found herehttp://www.malwarebytes.org

Being one of the few programs able to scan a chosen drive makes Malwarebytes a go to program when a drive is way to infected to even get into Safe Mode on.

 

By clicking "Perform Full Scan" it gives you the option to choose which drive. So if you have a drive hooked up as G: by usb, you can elect to scan only that drive. 

This scan does take a decent length of time, but it's worth the wait when you need access to the drive.

 

Kapersky Rescue Disc

This is another great program to have, and since it's a bootable enviroment, it's a great CD to have in your arsenal.

ISO can be found here > http://support.kaspersky.com/us/viruses/rescuedisk

 

This boots into a comfortable setting where you can scan the drive without having to boot into Windows. All you need to do is down the 500MB or so ISO and burn it to a CD.

 

Simply press F12 or your designated Boot select key, and boot to the CD.

Wait for it to boot into a friendly UI. 

Open up the program "Kaspersky Rescue Disc" on the Desktop and hit Scan Computer :)

 

Step #4 -

Clean up time. This is the fun part of removing junk programs, temp files and the such.

 

CCleaner https://www.piriform.com/ccleaner - Great basic file system cleaner. Removes the junk temp files.

Revo Uninstallerhttp://www.revouninstaller.com - Program uninstaller. Pretty self explanatory.

PCDecrapifier http://pcdecrapifier.com - Great and fast tool to remove trash programs.

 

 

 

Honorable mentions:

 

Autoruns (http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx) is another great tool to check the system auto runs as the name mentions. Lets you see some goodies :) Please do read up on how to use it before going and clicking on stuff.

Web of Trust (https://www.mywot.com) Recommended by brownninja97 - WOT is a browser extension based on a review system for bad websites that will give informed decisions about whether to trust a website

D7 (http://www.foolishit.com/d7/) is an all in one Windows malware/tweak tool that I've used like 3 times but it's still cool.

 

That's it. Nice and simple malware removal for the every day person. There really isn't much to the process, takes a whole 10 minutes, maybe more depending on the speed of the system and how much Combofix finds. 


X-10 - 7980XE - Gigabyte Aorous Gaming 9 - 128GB GSkill TridentZ RGB - SLI Asus GTX 1080 TI Strix
Easy Desk GuideMalware Removal Guide - New mobo, Same OS Guide

 

 

Link to post
Share on other sites

Nice little guide, I'll be trying this


CPU: 4670K / Cooler: H100i / RAM: 4x4GB Corsair Vengence Pro 1866MHz / Motherboard: MSI Z87-GD65 / GPU: MSI TF 780 Gaming Edition / Case: Corsair Vengence C70 / Storage: 250GB Samsung Evo & 2TB Seagate Barracuda / PSU: EVGA SuperNova NEX750G

Link to post
Share on other sites

Malwarebytes anyone?


In the grim darkness of the far future, there is only a GTX 1080, just a single 1080, where my glorious PC once stood....

For that is all I need, For the Emperor of Man, Jen-Hsun Huang, protects. We march for Nvidia, and we shall know no fear!

Link to post
Share on other sites

Definitely put malwarebytes on the list as well.


I don't work for Floatplane Media, so any Floatplane comments that I make are my own and may be incorrect or in conflict with the official view.

 

For Floatplane support, please use the wizard linked in this topic

Link to post
Share on other sites
Posted · Original PosterOP

Definitely put malwarebytes on the list as well.

 

 

Malwarebytes anyone?

 

Maybe as an honorable mention but the program just takes way to long to find anything when others find it within seconds. It's a great program for those who have time to wait or something I would recommend to a computer 'newbie'


X-10 - 7980XE - Gigabyte Aorous Gaming 9 - 128GB GSkill TridentZ RGB - SLI Asus GTX 1080 TI Strix
Easy Desk GuideMalware Removal Guide - New mobo, Same OS Guide

 

 

Link to post
Share on other sites

Maybe as an honorable mention but the program just takes way to long to find anything when others find it within seconds. It's a great program for those who have time to wait or something I would recommend to a computer 'newbie'

Run it in the background then. :)


In the grim darkness of the far future, there is only a GTX 1080, just a single 1080, where my glorious PC once stood....

For that is all I need, For the Emperor of Man, Jen-Hsun Huang, protects. We march for Nvidia, and we shall know no fear!

Link to post
Share on other sites

Maybe as an honorable mention but the program just takes way to long to find anything when others find it within seconds. It's a great program for those who have time to wait or something I would recommend to a computer 'newbie'

Well it does take a bit of time, but it's much better than a lot of alternative solutions at finding malware. There's no portable version (last time I looked) though, which is a bit of a problem for the context.


I don't work for Floatplane Media, so any Floatplane comments that I make are my own and may be incorrect or in conflict with the official view.

 

For Floatplane support, please use the wizard linked in this topic

Link to post
Share on other sites
Posted · Original PosterOP

Run it in the background then. :)

 

 

Well it does take a bit of time, but it's much better than a lot of alternative solutions at finding malware. There's no portable version (last time I looked) though, which is a bit of a problem for the context.

It's to slow lol. Adwcleaner and hitman find everything Malwarebytes finds and doesn't find in 2 minutes.

 

Just like the little exert from the end of the post

"Yes, I know there is no Malwarebytes. It's a great program but takes way to long and these programs do all the work and MB never finds anything but a tracking cookie afterwards."


X-10 - 7980XE - Gigabyte Aorous Gaming 9 - 128GB GSkill TridentZ RGB - SLI Asus GTX 1080 TI Strix
Easy Desk GuideMalware Removal Guide - New mobo, Same OS Guide

 

 

Link to post
Share on other sites

I only bust out combofix when shit gets serious, combofix is the big gun of the virus removal software.


cpu: intel i5 4670k @ 4.5ghz Ram: G skill ares 2x4gb 2166mhz cl10 Gpu: GTX 680 liquid cooled cpu cooler: Raijintek ereboss Mobo: gigabyte z87x ud5h psu: cm gx650 bronze Case: Zalman Z9 plus


Listen if you care.

Cpu: intel i7 4770k @ 4.2ghz Ram: G skill  ripjaws 2x4gb Gpu: nvidia gtx 970 cpu cooler: akasa venom voodoo Mobo: G1.Sniper Z6 Psu: XFX proseries 650w Case: Zalman H1

Link to post
Share on other sites
Posted · Original PosterOP

Well it does take a bit of time, but it's much better than a lot of alternative solutions at finding malware. There's no portable version (last time I looked) though, which is a bit of a problem for the context.

 

A portable, quicker scanning Malwarebytes would actually be nice to have.


X-10 - 7980XE - Gigabyte Aorous Gaming 9 - 128GB GSkill TridentZ RGB - SLI Asus GTX 1080 TI Strix
Easy Desk GuideMalware Removal Guide - New mobo, Same OS Guide

 

 

Link to post
Share on other sites

Maybe as an honorable mention but the program just takes way to long to find anything when others find it within seconds. It's a great program for those who have time to wait or something I would recommend to a computer 'newbie'

This isnt really virus removal but i recommend you put web of trust up there, it black lists bad websites, eg screamers or scam websites owned by Nigerian princes. Its community based where tech guys review the websites, its standard 1kb plugin for a browser and is pretty awesome, i know its prevented viruses because every now and then one of my customers calls me asking about a website it flagged up. Luckily its community is great, ive not seen any troll reviews as of yet and it works very well, my logic of this is why remove a virus when you can stop it from being downloaded in the first place.


cpu: intel i5 4670k @ 4.5ghz Ram: G skill ares 2x4gb 2166mhz cl10 Gpu: GTX 680 liquid cooled cpu cooler: Raijintek ereboss Mobo: gigabyte z87x ud5h psu: cm gx650 bronze Case: Zalman Z9 plus


Listen if you care.

Cpu: intel i7 4770k @ 4.2ghz Ram: G skill  ripjaws 2x4gb Gpu: nvidia gtx 970 cpu cooler: akasa venom voodoo Mobo: G1.Sniper Z6 Psu: XFX proseries 650w Case: Zalman H1

Link to post
Share on other sites
Posted · Original PosterOP

This isnt really virus removal but i recommend you put web of trust up there, it black lists bad websites, eg screamers or scam websites owned by Nigerian princes. Its community based where tech guys review the websites, its standard 1kb plugin for a browser and is pretty awesome, i know its prevented viruses because every now and then one of my customers calls me asking about a website it flagged up. Luckily its community is great, ive not seen any troll reviews as of yet and it works very well, my logic of this is why remove a virus when you can stop it from being downloaded in the first place.

Added it as a honorable mention.

I've heard of it here and there but have never looked into it.


X-10 - 7980XE - Gigabyte Aorous Gaming 9 - 128GB GSkill TridentZ RGB - SLI Asus GTX 1080 TI Strix
Easy Desk GuideMalware Removal Guide - New mobo, Same OS Guide

 

 

Link to post
Share on other sites

Added it as a honorable mention.

I've heard of it here and there but have never looked into it.

I recommend you install it on customers pc whether they like it or not they need it, the amount of support calls ive got has dropped by around 40% in the last two months which ive got into it. 


cpu: intel i5 4670k @ 4.5ghz Ram: G skill ares 2x4gb 2166mhz cl10 Gpu: GTX 680 liquid cooled cpu cooler: Raijintek ereboss Mobo: gigabyte z87x ud5h psu: cm gx650 bronze Case: Zalman Z9 plus


Listen if you care.

Cpu: intel i7 4770k @ 4.2ghz Ram: G skill  ripjaws 2x4gb Gpu: nvidia gtx 970 cpu cooler: akasa venom voodoo Mobo: G1.Sniper Z6 Psu: XFX proseries 650w Case: Zalman H1

Link to post
Share on other sites

I'll have to give AdwCleaner a try sometime


Intel i5 6600k~Asus Maximus VIII Hero~G.Skill Ripjaws 4 Series 8GB DDR4-3200 CL-16~Sapphire Radeon R9 Fury Tri-X~Phanteks Enthoo Pro M~Sandisk Extreme Pro 480GB~SeaSonic Snow Silent 750~BenQ XL2730Z QHD 144Hz FreeSync~Cooler Master Seidon 240M~Varmilo VA87M (Cherry MX Brown)~Corsair Vengeance M95~Oppo PM-3~Windows 10 Pro~http://pcpartpicker.com/p/ynmBnQ

Link to post
Share on other sites
Posted · Original PosterOP

add malware bytes to that list

It's in there as a honorable mention.

Adwcleaner finds everything Malwarebytes does and much more in just 1 minute.


X-10 - 7980XE - Gigabyte Aorous Gaming 9 - 128GB GSkill TridentZ RGB - SLI Asus GTX 1080 TI Strix
Easy Desk GuideMalware Removal Guide - New mobo, Same OS Guide

 

 

Link to post
Share on other sites

 

Malwarebytes (http://www.malwarebytes.org) Don't get me wrong, it's a great malware program. It takes a lot of time for a decent scan. Adwcleaner finds everything Malwarebytes does in 1/10th the time. This is what I recommend to a distant elderly relative to run themselves. 10, 20 minutes isn't to bad for a full system scan. If it was a portable file like the rest, it wouldn't be so bad.

 

This, Adwcleaner is used more often or not to remove Browser based Adware. It stretches beyond that and can actually be used for system wide Adware removal / detection, Malwarebytes goes beyond this and scans every file seperately, Malwarebytes detects Malware and Adware where as Adwcleaner only targets the Adware, hence the name. 


Cpu: i5-2500k @4.8Ghz, MB: Asus Maximus V Formula, CPU cooler: Be quiet! Dark rock pro 2, GPU: Evga Gtx660 FTW@1.24ghz. Ram: Corsair Vengeance 8GB 1866Mhz, PSU: Be quiet! 730w Semi modular, SSD: Corsair force 3 240Gb, HDD: WD Green 1TB, Case: Nzxt H2 with 4 Corsair SP120's, Win7

Link to post
Share on other sites

Thats a good guide.  I've dealt with some very bad infections since I have connections with AVG and am expected to deal with them.  I would add Kaspersky rescue disk.  You would be surprised at how much malware can hide once the system has started up.  

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×