Jump to content
  • Sign Up
NeutralHatred

Malware Removal Guide

Recommended Posts

NeutralHatred

B1Ey1uz.jpgMalware Removal Guide

 

I have decided to put together a guide for everyone in case you are having some issues with malware/viruses and are unsure of how to handle it. It is worth noting these steps are effective at cleaning malware but, it is not guaranteed to remove all traces. Always remember if your system is very slow, to the point where it is almost unusable, you're at a point where a reinstall of the OS is the best route to get your PC up and running optimally again. Do not assume these steps will fix any and all malware infections; reinstalling the OS is always the best way to remove malware. 

 

 

What is malware?

Malware is an umbrella term used to refer to a variety of forms of hostile or intrusive software, including computer viruses, worms, trojan horses, ransomware, spyware, adware, scareware, and other malicious programs. It can take the form of executable code, scripts, active content, and other software. Malware can hide in anything on the internet, be it a popup window, a hyperlink, or an email. Note that a popup window is generally nothing more than that, especially if it claims you have a virus and to call a number. Any popup window that claims you have a virus can be safely closed out of, task killed, or simply restarting your machine. These are scare tactics to get you to call the number and pay them to "fix" your system when in actuality, there is nothing wrong with it. This is known as a tech scam.

 

 

Note that these steps can only help if your PC can boot up successfully and should remove most malware infections. Not all malware is the same and sometimes, it may be missed. If a problem persists, make a post here and I or someone will attempt to help further. Helping via a forum is going to be difficult so, if we are unable to help, make sure you find a trusted tech to aid you or go to a nearby trusted repair shop. If the shop is trusted but seems expensive, remember you are paying someone with the skills (and likely certifications) to repair your PC. When you get your car fixed, it is expensive not only because of parts but, the people doing it are skilled professionals.

 

Here I will explain a few tools you can use to remove a majority of malware and fix your PC yourself. These steps are recommendations only. Many machines I have worked on have not experienced any lost files but, there's always risk, depending on how far the malware has taken hold. Always maintain a proper backup, whether a cloud storage service or external device.

 

If you're infected with Crypto malware (Cryptowall, Cryptolocker, TeslaCrypt, etc), do not attempt to follow this guide; your files are at risk. Make a post here or on this Reddit page and see if anyone is able to help but, in most cases, a Crypto malware is very difficult to crack and is easier to simply write off the data and reinstall the OS.

 

Be sure you run all these steps in Normal Mode. Only use Safe Mode if the program fails to scan. All programs must be run on the Administrator account.

 

Step One: Manual Removals and rKill

Remove any suspicious browser extensions and toolbars. If you did not install it yourself, it's suspicious. Also, in my experience, there is no such thing as a useful toolbar. Remove any unusual homepages and default search providers (in most circumstances, you only really need Google and, at the very most, Bing)

 

Run rKill. It may take a few minutes for the scan to complete. Once it does, do not reboot the PC.

  • Kills running malicious processes
  • Removes Polices in the registry that prevent normal OS operation
  • Repairs file extension hijacks.

 

Step Two: Malwarebytes

Download and install Malwarebytes. Make sure it is updated and enable "Scan for Rootkits" in Settings under Detection and Protection. Start the scan. Scan can take up to (on average) 10-30 minutes, depending on the system.

  • Successfully removes a majority of any and all kinds of infections.
  • Has an industry-leading built-in rootkit/bootkit scanning.
  • Built-in repair tools to fix damage done by malware.

 

Step Three: Adware Cleaner

Download and run AdwCleaner. Scan your system with the corresponding button then hit Clean once the scan is finished. It will also want to reboot your system at this point. Allow it to do so. (I mean, you don't have a choice)

  • Removes majority of adware, PuPs (Potentially Unwanted Programs), Toolbars, and browser hijacks.
  • Fixes proxy settings changed by malware
  • Removes certain non-default browser settings.

 

If you are having issues connecting to the internet, try running NetAdapter Repair Tool with all options checked. All these tools can be downloaded elsewhere and placed on a USB Flash Drive and installed onto the infected machine.

 

Here's a few tools to help prevent any future problems:

 

Free Anti-Virus Recommendations:

 

Paid Anti-Virus Recommendations:

 

Helpful Tools:

  • Unchecky - Unchecks options in installers that install PuPs
  • uBlock Origin Browser Extension - Chrome and Firefox versions available. (Blocks ads. Adblock Plus has been known to unblock certain ads due to being paid)
  • CCleaner - Technically, not a tool for malware removal but, it is useful at cleaning up old registry errors and junk from you PC leftover from malware or just temporary files cluttering up your system. This is entirely optional and only my recommendation. People seem to differ on its usefulness. Avoid the registry cleaner on Windows 10. It is known to, sometimes, remove some registries that it shouldn't and even makes the login screen unstable and unable to log in.

 

Tip on avoid possible infections in the future: Use common sense. Many cases I get are as simple as they opened an email they weren't sure about or clicked on a link from a random site they googled. If it seems sketchy, don't do it. Many anti-viruses out there have a website scanner that can help you prevent malicious websites. The first line of defense at preventing malware infection is always the user. Enable User Access Controls, keep Windows up to date, and never download publisher software from a separate site; use their website.

 

 

(Original Reddit Post)

  • Like 6
  • Thanks 1
  • Haha 2

Share this post


Link to post
Share on other sites
ani-me

I'd like to add something:

 

If you ever download something but are unsure about opening the file/archive/exe, or anything like that, then you should get Sandboxie, it allows you to create a virtual space and run/open files in that virtual space. Any alteration done by the file can then deleted by deleting that virtual space. I am not how effective it can be against different types of malware though, as I haven't used it a lot, I rather use some

On 2/21/2019 at 11:18 PM, NeutralHatred said:

Use common sense

Also, I heard that Windows 10 is going to include a similar feature in-built into new update...

Share this post


Link to post
Share on other sites
Moodkiller

AHEM! Get that low quality Miku image out of here...

Spoiler

Click once for full screen, click again for eye-gasm.

Miku_Train.jpg

 

Also I would add the Malwarebytes browser extension (Chrome and Firefox) to your list of "Helpful Tools"

The paid version of that is also really good to have as a stand-alone, live monitor for your system.

Edited by Moodkiller
  • Like 1
  • Haha 2

Share this post


Link to post
Share on other sites
StardustNightwind
Posted (edited)

-

Edited by StardustNightwind

Share this post


Link to post
Share on other sites
badguys
4 hours ago, StardustNightwind said:

@NeutralHatred And how to prevent all those from removing KMSpico? I can barely get MBAM and Win Defender to exclude them, but even if in exclusions they still remove it.

  Reveal hidden contents

@Moodkiller Check out this eye-gasm.

Satisfaction-kz.jpg

 

>KMSpico

My answer would just to remove it and use HWIDgen to produce a license file instead.  It lasts so long that you don't even need to run it again for a good number of years.

  • Thanks 1

Share this post


Link to post
Share on other sites
NeutralHatred
4 hours ago, StardustNightwind said:

@NeutralHatred And how to prevent all those from removing KMSpico? I can barely get MBAM and Win Defender to exclude them, but even if in exclusions they still remove it.

  Reveal hidden contents

 

I buy my license keys. It's, like, ~$100 and it is permanent. And I have one computer. Hardly an investment.

Share this post


Link to post
Share on other sites
SpoonyBard
4 minutes ago, NeutralHatred said:

I buy my license keys. It's, like, ~$100 and it is permanent. And I have one computer. Hardly an investment.

Heh, I've never bought a license key to any piece of software, not even Windows.

Share this post


Link to post
Share on other sites
badguys
Posted (edited)
43 minutes ago, NeutralHatred said:

I buy my license keys. It's, like, ~$100 and it is permanent. And I have one computer. Hardly an investment.

>I buy my license keys.

Okay then, you do you.  Expect me to bring this up when Microsoft revokes your Windows license for making a "hateful" document in an office utility though.  Already happened to one 8chan user who bought another key after his keys for MS Office and Windows got revoked, then got laughed at by /pol/'s mod and everyone on the thread he made after his license had been revoked.

Also, I hope you aren't interested in making too many radical changes to your hardware too quickly.

 

39 minutes ago, SpoonyBard said:

Heh, I've never bought a license key to any piece of software, not even Windows.

Mah mothaf*ckin' ninja.

Edited by badguys

Share this post


Link to post
Share on other sites
Solaufein
5 hours ago, badguys said:

Expect me to bring this up when Microsoft revokes your Windows license for making a "hateful" document in an office utility though.  Already happened to one 8chan user who bought another key after his keys for MS Office and Windows got revoked, then got laughed at by /pol/'s mod and everyone on the thread he made after his license had been revoked.

Yeah... I don't think it's going to be too hard for most people to avoid 8channer behavior- currently best known for its nazi manifestos and plans for mass shootings. 🙄

  • Haha 1

Share this post


Link to post
Share on other sites
Cryptic
10 hours ago, badguys said:

use HWIDgen to produce a license file instead.  It lasts so long that you don't even need to run it again for a good number of years.

huh didn't even know this existed. thanks for the pointer

Share this post


Link to post
Share on other sites
NeutralHatred
10 hours ago, badguys said:

>I buy my license keys.

Okay then, you do you.  Expect me to bring this up when Microsoft revokes your Windows license for making a "hateful" document in an office utility though.  Already happened to one 8chan user who bought another key after his keys for MS Office and Windows got revoked, then got laughed at by /pol/'s mod and everyone on the thread he made after his license had been revoked.

Also, I hope you aren't interested in making too many radical changes to your hardware too quickly.

I'm barely on this forum. I doubt I'll lose a license key for any "hateful" documents on a forum or website in general. Also, I barely create documents or anything in Office. I think all I have is, like, a resume. 

 

I can make all the radical changes to my hardware that I want; I have the physical key on the back of my tower and stored on my Microsoft account. Aside from that, who makes "radical" changes to their hardware so frequently, they risk hitting the maximum activation limit? Sounds like the idiot's fault at that point and not Microsoft.

 

Anyway, this is hardly on topic of my original post. If you have problems with license key activator or some other nonsense not related to malware removal/prevention, make a different post.

Share this post


Link to post
Share on other sites
badguys
4 hours ago, Solaufein said:

Yeah... I don't think it's going to be too hard for most people to avoid 8channer behavior- currently best known for its nazi manifestos and plans for mass shootings. 🙄

Again, you can still lose your license by changing too many things on your PC too quickly.  It's part of Microsoft's license terms.

On Windows systems prior to 7, the license loss can be mitigated through the help of Technet (that was a subscription service that guaranteed volume licenses) or the activation hotline.  Technet was shut down sometime in 2013.

Nowadays, the "Activation Troubleshooter" is supposed to fix that, but there are several usage cases (test benches, remote admins) that violate Microsoft's license terms and even then, you could only reactivate a license so many times through the hotline before they just tell you to "buy another license" and won't reactivate your old license (like we all have $100 burning holes in our pockets, but then Americans think that their citizenry is made on money.  Just look at the "tipping culture" in foodservice).

Share this post


Link to post
Share on other sites
SpoonyBard

 

Share this post


Link to post
Share on other sites
Solaufein
12 minutes ago, SpoonyBard said:

*snip*

I wonder why he didn't just get an MSDN license after TechNet went away, which comes with VLs for unlimited activations. Can personally confirm this works great. <_<

Share this post


Link to post
Share on other sites
StardustNightwind
Posted (edited)

-

Edited by StardustNightwind

Share this post


Link to post
Share on other sites
NeutralHatred
2 hours ago, StardustNightwind said:

Bravo. Then you could consider buying anime BD discs too, they are also permanent and hardly an investment.

BTW I have a collection of hardware that I often swap. Normal license does not tolerate motherboard swaps, I.m sure.

Are you stupid? A single Windows 10 Home key is ~$100, and that's it. Anime BD discs are endless. You have different shows to buy. Every anime ever created isn't on the K-On! BD discs.

 

I swapped motherboards all the time at my last job. Windows 10 is a lot more resilient and doesn't always require reactivation. Keeping the physical key handy allows you to reactive it when it doesn't automatically.

 

I hope you're finished derailing my topic. I'm going to have Spoony start removing comments that aren't part of this topic.

Share this post


Link to post
Share on other sites
SpoonyBard
3 hours ago, StardustNightwind said:

buying anime BD discs too, they are also permanent and hardly an investment.

Eh, I would disagree. As with any form of media, BD/DVD/CD are just as acceptible to a thing known as disc-rot. You can leave brand new discs sealed for 20 years and then decide to open them and find out that they're unplayable. So I certainly wouldn't agree they are permanent. Nothing mankind makes seems to be permanent.

Share this post


Link to post
Share on other sites
LastReaction
On 8/21/2019 at 1:08 AM, NeutralHatred said:

I buy my license keys. It's, like, ~$100 and it is permanent. And I have one computer. Hardly an investment.

Damn son... what if I told you that you can get that same key for $2? 😮

 

Microsoft got you with the good old 1-2-knockout!

Share this post


Link to post
Share on other sites
StardustNightwind
Posted (edited)

-

Edited by StardustNightwind

Share this post


Link to post
Share on other sites
NeutralHatred
Posted (edited)
5 hours ago, StardustNightwind said:

I believe my question was clearly related to the thread topic. The other is a no-discussion matter. I buy all the anime I have watched. If NeutralHatred thinks that I have an "incorrect mindset" and that I am "stupid" because of that, that just speaks about him. Plentiful-ness of anime does not justify not buying the anime you are pirating. I firmly believe I did not derail the thread in any way, NeutralHatred tried to make it look like I derailed it with indirect pinching and trying to provoke me to go off topic. Thanks.

Telling you how to prevent your antivirus from removing your license key activator is not part of this guide. If your AV is considering it a threat and removing it, this guide is not required for you, as  you already have protection doing its job.

 

Therefore, your request is not related to this topic.

 

As far as your point about buying anime BDs, I would absolutely love to buy all the shows I have seen and loved. However, my bills, car payments, and other necessities that aren't so easily pirated take precedence over something I can stream or download.

Edited by NeutralHatred

Share this post


Link to post
Share on other sites

×
×
  • Create New...