Malware Removal Guide for Windows [Feedback]

I'm late coming to the party, but your guide is really cool. I have a friend who has two computers absolutely eaten up with malware. They ran them without any kind of protection and let the kids run wild on the internet. I was just going to reformat the machines. But I like your guide so I'm going to see if I can clean up the computers instead.

So obviously they're going to be guinea pigs. Is there any kind of test you'd like me to run? Compare one tool to another? They're running Windows 7 and Vista. You've got an opportunity if you're interested.

 

Hi Brandi,

Thank you. I appreciate your comments. If you have any questions about the instructions, just ask me.

Brian

 

Update:

- Removed unnecessary notes (Step 2)
- Revised instructions for running SuperAntiSpyware (Step 2)
- Removed tutorial links (Step 2)
- Changed the order of steps in After the Removal Process
- Added instructions on how to Repair Windows Update and Firewall (Fix Post-Disinfection Problems)

 

Update:

- Added a Comments and Reviews page (under the title)
- Created a PDF version of the guide (under the title)
- Added a link about disconnecting your Internet connection (Step 2)
- Added a link to Malwarebytes randomly named installer (Step 2)
- Combined steps: Get Expert Analysis and Further Help

I also created a Google+ page: https://plus.google.com/106459453799715716104/posts Please follow me.

 

Update:

- Added a new image (Introduction)
- Added a new page: Fix Internet Connection after Malware Removal (Removal Process)
- Added an important note - RKill (Step 2)
- Removed Malwarebytes offline database installer (isn't updated often)
- Removed SuperAntiSpyware (Step 2)
- Changed a few links
- Updated the PDF version

 

Hi everyone,

Recently, I've been getting questions about my recent update (particularly the part about removing SuperAntiSpyware). I would like share the reasons why I removed SAS.

I removed SuperAntiSpyware for the following main reasons:

1. SuperAntiSpyware has the lowest malware detection rates compared to Malwarebytes and HitmanPro.
2. The fact that HitmanPro uses 4 antivirus engines to detect malware.
3. Malwarebytes and HitmanPro provide adequate malware removal when used together.

SuperAntiSpyware is still an excellent product, and I will definitely keep an eye on it.

Brian

 

Update (1.1):

- Added a version number
- Added an important note about the time (Introduction)
- Revised the Fix Executable Files section (Preparation for Removal)
- Added an important note about broken Internet connection (Removal Process)
- Revised the Repair Windows Update and Firewall section (URLs)
- Updated file sizes (AV Rescue CDs)
- Added a few new links

 

Kaspersky Rescue Disk 10:

I suggest that you add the procedure for cleaning out Ransomware Windows Registry keys. The tool for doing this is called "WindowsUnlocker". I don't have any feedback/experience on how effective "WindowsUnlocker" is at cleaning out Ransomware Windows Registry Keys.

"The Kaspersky WindowsUnlocker utility to fight ransom malware":

http://support.kaspersky.com/viruses/solutions?qid=208285998

 

There is a video tutorial on using WindowsUnlocker here:

-http://www.youtube.com/watch?v=C5hvSlrOUlE

It looks like this tutorial used an older version of the Kaspersky Rescue Disk 10. He shows WindowsUnlocker as being in the Start Menu. You need to run the WindowsUnlocker command in the Terminal.

 

Update:

- Added a last updated date
- Revised the introduction
- Created a new page: Stop Malicious Processes
- Replaced FixNCR.reg with RKill
- Moved Safe Mode to the Preparation section
- Removed aswMBR
- Updated the PDF version

Hi Kid7,

I'll take a look at it. Thanks.

 

it is really a very interesting and important tutorial,should be pinned!

thanks for your great tutorial

 

[New] Stop Malicious Processes and Fix EXE Files

Hi guys,

I've created a new page: http://www.selectrealsecurity.com/stop-malicious-processes

I would appreciate any feedback.

 

Thanks, mantra.

Update:

- Revised the introduction
- Added an important note about the USB autorun file (Preparation for Removal)
- The guide is now officially copyrighted (added copyright notice).
- Changed the subheadings
- Revised page: Stop Malicious Processes and Fix EXE Files
- Revised Step 3
- Changed a few links
- Updated the PDF version

 

Update:

- Revised the preparation section
- Revised the conclusion
- Added Common Computer Malware section
- Changed a few important notes
- Changed a few links
- Updated the PDF version

I also wrote two new guides:

How to Remove Ransomware
How to Remove Fake Antivirus Software

 

Update:

- Revised introduction
- Changed Step 3 (Added ESET)
- Removed note about the Internet connection
- Replaced Exehelper with FixExe.reg
- Added instructions on how to clear the Java cache (Fix Post-Disinfection Problems)
- Updated download links
- Updated file sizes

 

Hi everyone,

I created a blog for the site: http://selectrealsecurity.blogspot.com/

It will provide you with all the latest updates, so please subscribe. I will no longer be posting updates to the forums.

Thanks.