Gizmos Freeware Reviews  

Go Back   Gizmo's Freeware Forum > Debating Chamber > Security
Malware Removal Guide for Windows Malware Removal Guide for Windows
FAQ Calendar Search Today's Posts Mark Forums Read

Reply
Page 1 of 4 1 234
 
Thread Tools Display Modes
Old 18. Oct 2010, 10:40 PM   #1 (permalink)
Full Member
 
geohac's Avatar
 
Join Date: Jan 2010
Location: USA
Posts: 49
Default Malware Removal Guide for Windows
I have made a step by step guide on how to remove malware from a computer. I would like to know what you think about it. I will be updating it as I go on. I would greatly appreciate any info on how to make it better.

Malware Removal Guide for Windows
__________________
"An ounce of prevention is worth a pound of cure"
Last edited by Anupam; 14. Aug 2011 at 07:48 PM. Reason: Updated the link to refer to new URL
geohac is offline   Reply With Quote
Old 18. Oct 2010, 11:52 PM   #2 (permalink)
Member
 
Join Date: Oct 2008
Location: The Robot Ark
Posts: 22
Default
Delicious guide, let's see what the experts say.
Overmann is offline   Reply With Quote
Old 19. Oct 2010, 02:37 PM   #3 (permalink)
Copy Editor
 
torres-no-tan-magnifico's Avatar
 
Join Date: Sep 2009
Posts: 622
Default
Had a quick glance at your site and I am certain it will prove very useful for PC users of all abilities.

I noticed that the Remove Malware page has a different background colour than the rest of the site- either make all the pages this colour or change it to the lighter one for consistency.

The PNG titles for both the Home page and Forum have far too much drop shadow on the font and therefore, make them look fuzzy and harder to read- the exact opposite of what you are trying to achieve.

These are just my initial thoughts, so please don't take them too harshly.

Anyway, well done for getting a website up and running!
__________________
Torres-no-tan-magnifico
torres-no-tan-magnifico is online now   Reply With Quote
Old 19. Oct 2010, 03:19 PM   #4 (permalink)
Moderator
 
Join Date: Jul 2008
Location: India
Posts: 9,484
Default
I will call it a good attempt, but still not adequate. Malware removal might not be such an easy process. For a mild infection, it would work though. Still, I found some deficiencies in above. I am by no means an expert, but still giving opinion by whatever I know.

Turning off the system restore should be done at the beginning, and not at the end. Reason is, malware tend to hide there, and can become active, even after your whole system has been cleaned. It can bring things back to square one. So, first thing in case of an infection should be to turn off system restore, and then scan the computer. It will also decrease the scan times.

As written, I found the uninstallation of antivirus before scanning, quite odd. If its a mediocre antivirus, then this advice might be good. But, what if the antivirus installed was Avira itself, or any other good antivirus like Avast, or Kaspersky? If that's the case, you are not making very good point when you uninstall Avira first, and then install it later again. Even if malware has got past the antivirus, still, the antivirus should be kept installed, because it can help in prevention of further infection, and can help in containing the malware. In some cases, the infection might prevent the re-installation of an antivirus.

If this guide is targeted at inexperienced users, then I wouldn't recommend the use of CCleaner Registry Cleaner mentioned later on. Although, its registry cleaner is considered very safe, still, a registry cleaner in the hands of novices is not good. It can create problems. That part can be left out. If the malware has been removed by an efficient malware remover, it would handle the registries installed by the malware too.

There might be case of infection, where exe files can get infected, or any antivirus won't be able to install, or the computer cannot boot into Safe Mode. For that cases, I think you should mention antivirus rescue CDs like Kaspersky, or Avira.

Malware removal is not an easy process to attempt, and there might be involved a myriad of steps depending on the severity of the infection.
__________________
Anupam
Anupam is online now   Reply With Quote
Old 19. Oct 2010, 04:31 PM   #5 (permalink)
Senior Member
 
Join Date: Feb 2009
Location: Wales, UK
Posts: 809
Default
Quote:
Originally Posted by Anupam View Post
As written, I found the uninstallation of antivirus before scanning, quite odd. If its a mediocre antivirus, then this advice might be good. But, what if the antivirus installed was Avira itself, or any other good antivirus like Avast, or Kaspersky? If that's the case, you are not making very good point when you uninstall Avira first, and then install it later again. Even if malware has got past the antivirus, still, the antivirus should be kept installed, because it can help in prevention of further infection, and can help in containing the malware. In some cases, the infection might prevent the re-installation of an antivirus.
I feel the same regarding this point. The installed AV may well be a perfectly good product, just that it has missed a zero day malware. No AV is perfect after all. Bad practice on behalf of the user may be a more significant factor in causing the infection. The PC owner may also have paid good money for a year subscription with plenty of time left to run. They may be better off discussing it with the developer than just dumping it straight away.

You've made a good start though (IMHO) and no doubt you intend to tweak the guide as time goes on.
Nice job
Last edited by Sope; 19. Oct 2010 at 04:33 PM. Reason: addition
Sope is online now   Reply With Quote
Old 19. Oct 2010, 07:03 PM   #6 (permalink)
Site Manager
 
MidnightCowboy's Avatar
 
Join Date: Aug 2008
Location: South American Banana Republic, third bunch from the left
Posts: 9,250
Default
Good effort and a lot of useful resources linked to if only folks would take the trouble to read some of them
__________________
Knows nothing and cares even less
MidnightCowboy is online now   Reply With Quote
Old 19. Oct 2010, 11:48 PM   #7 (permalink)
Full Member
 
geohac's Avatar
 
Join Date: Jan 2010
Location: USA
Posts: 49
Default
Torresmagnifico, thanks for the suggestions! I will get on those issues as soon as I can.

Quote:
Turning off the system restore should be done at the beginning, and not at the end. Reason is, malware tend to hide there, and can become active, even after your whole system has been cleaned. It can bring things back to square one. So, first thing in case of an infection should be to turn off system restore, and then scan the computer. It will also decrease the scan times.
Anupam, you are right about System Restore. I've changed it!
Quote:
Even if malware has got past the antivirus, still, the antivirus should be kept installed, because it can help in prevention of further infection, and can help in containing the malware.
You make a good point, but you are not completely correct. I have added the option to disable the anti-virus, so users can choose to uninstall or disable it.

Quote:
If this guide is targeted at inexperienced users, then I wouldn't recommend the use of CCleaner Registry Cleaner mentioned later on. Although, its registry cleaner is considered very safe, still, a registry cleaner in the hands of novices is not good. It can create problems.
CCleaner’s registry cleaner is very safe. I have not experienced any problems or side effects with it, nor have I heard of any.
Quote:
There might be case of infection, where exe files can get infected, or any antivirus won't be able to install, or the computer cannot boot into Safe Mode. For that cases, I think you should mention antivirus rescue CDs like Kaspersky, or Avira.
That’s a great idea! I will add that as soon as I can.


Thanks for all the suggestions everyone. Keep them coming!
__________________
"An ounce of prevention is worth a pound of cure"
Last edited by geohac; 19. Oct 2010 at 11:55 PM.
geohac is offline   Reply With Quote
Old 21. Oct 2010, 01:29 AM   #8 (permalink)
Full Member
 
geohac's Avatar
 
Join Date: Jan 2010
Location: USA
Posts: 49
Default
Anupam, I have moved the step of disabling system restore after the removal process rather than before. I think it's safer that way.
__________________
"An ounce of prevention is worth a pound of cure"
geohac is offline   Reply With Quote
Old 21. Oct 2010, 08:21 AM   #9 (permalink)
ako
Editor
 
ako's Avatar
 
Join Date: Jan 2010
Posts: 423
Default
Quote:
Originally Posted by geohac View Post
I have made a step by step guide on how to remove malware from a computer. I would like to know what you think about it. I will be updating it as I go on. I would greatly appreciate any info on how to make it better.

Malware Removal Guide for Windows
For some easy infections this looks quite OK. For more stubborn ones you might like to peek this

http://www.techsupportalert.com/cont...ld.htm#cleanup

I know, easier to reformat
__________________
"Si vis pacem, para bellum."
Last edited by ako; 21. Oct 2010 at 08:34 AM.
ako is offline   Reply With Quote
Old 21. Oct 2010, 01:56 PM   #10 (permalink)
Moderator
 
Join Date: Jul 2008
Location: India
Posts: 9,484
Default
Quote:
Originally Posted by geohac View Post
Anupam, I have moved the step of disabling system restore after the removal process rather than before. I think it's safer that way.
How is it safer that way? If a malware infection has occurred, there are a lot of chances that the infection must have got through to the system restore files too, and it may elude the security software.

I see in Ako's guide too, that the system restore was emptied later on towards the end.

Ako, shed some light on this?

I feel that since a stubborn malware infection has occurred, it will be spread to system restore too. So, why not empty it early on, and then scan the computer? Even if you want the system restore as a backup, but still, the files there are infected, and restoring them would get the system infected again.

One argument in your case might be that we can try scanning the computer and see if the infection is removed from the system restore too, and so, the restore points would still be safe, and good. In that case, its good. But, how can you be 100% sure, that the scan has cleared all the infection there, and the infection wont reappear.

The system restore is being emptied at the end of the removal steps anyway. So, why not do it earlier?

geohac, I still find it odd that you say to remove or disable the AV before starting the removal process. Even if the AV missed the malware, I think it should still be given the chance to boot into safe mode, and then scan the PC once again, after updating the definitions. Maybe, it will be able to deal with the infection in the safe mode. Just disabling, or removing the AV before the removal process without giving it a chance is really odd to me. It would be more odd, if the AV was top class like Avira, or Kaspersky, or Avast etc.
__________________
Anupam
Anupam is online now   Reply With Quote
Reply
Page 1 of 4 1 234

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


All times are GMT +1. The time now is 10:01 AM.

Contact Us - Gizmo's Freeware - Archive - Terms of Service - Top

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2012, vBulletin Solutions, Inc.
SEO by vBSEO 3.6.0 PL2