Page 1 of 2 12 LastLast
Results 1 to 10 of 20

Thread: TGS Complete Malware/Virus Removal

  1. #1
    50 Custom PC's in 10 Years! TheGreatSatan's Avatar
    Join Date
    Apr 2005
    Location
    Southern IL
    Posts
    6,629

    Default TGS Complete Malware/Virus Removal

    Complete Malware/Virus Removal Guide


    For this and future removals ONLY USE A DISK! Put all of these programs on a CD from a clean system before you start. Flash drives can easily become comprimised by the infected PC.



    Malware isn't detected by spyware programs or your anti-virus. It sneaks in and disables your Anti-Virus. It then creates a virus building center and pumps out viruses. Vundo is the most common of the fake alert viruses. It tells you that you have a virus and that their software is the cure, when actually they are the virus! Usually, it just an effort to get you to buy their software. What you get is more of the same headaches and now they have your credit card number too!



    Every day I deal with viruses head on and usually win. Worst case computers are usually easier to wipe and then reload Windows. I'm going to show you how to easily remove malware and viruses and the best part is it'll all be FREE! When you are victim to Malware take these steps to be rid of it once and for all.

    1.

    Do not use an Anti-Spyware programs. Spybot, AdAware, and SuperAnti-Spyware are useless for malware removal. Even Anti-Virus programs won't help here. When you run your Anti-Virus program or if the Malware even lets you do so, you'll only be removing the viruses. It sounds like a good idea, but once you reboot, the Malware will detect the absense of the viruses and make more. The Malware MUST be dealt with first!

    2.

    First, let's use the system configuration utility to disable it and anything else we don't need running. Be sure to check the inside startup and services tab. Even if you use an iPod, you do not need the software running during this removal. You may even have to boot into Safe Mode (continuously pressing F8 on boot up) to get MSConfig to open.

    RUN, msconfig



    Disable anything that doesn't look like it belongs



    Sometimes the malware is just a blank entry or one with random letters and numbers. Uncheck it and anything else you don't actually need running.

    Press OK and reboot.

    3.

    Install Malwarebytes, make sure it's updated, then run a quick scan. You may even have to run this program in safe mode on the first try because the Malware programs aren't stupid. They will try to stop you! If it doesn't let you install it, just drag the executable to the desktop and rename it anything: XYZ is just fine.

    Some versions of these Fake Alerts are clever enough to delete the launching icon for Malwarebytes in your Program Files folder. Your desktop shortcut then becomes an orphan and totally useless.



    In this case, install Malwarebytes on any other computer. Then open its Program Files and copy the launcher that you're missing on the infected PC. Burn it to a CD, NOT A FLASH DRIVE!! Put the CD in the infected computer and drag the launcher into the Malwarebytes folder where it belongs.

    If you had used a flash drive then the Malware would delete it again and infect the flash drive. Then you would try to recopy the link again and infect the other system too!



    If the infection doesn't let you install Malwarebytes at all, then you need RKill. This is a program that will kill all Malware programs from running. It will not delete the malware itself, just the active processes.



    Malwarebytes will take anywhere from 5 minutes to an hour to run, it just depends how many total files are on the system.



    When Malwarebytes finishes scanning click Show Results.

    On the next screen it will show all of the infections and automatically place a check mark next to each entry. Just click Remove Selected and it will do so.

    You will probably be asked to reboot once this is done



    4.

    After a fresh restart, hopefully all of the obvious Malware is gone. Now it's time to deal with the left over viruses.

    I've used dozens of Anti-Virus programs over the years and I've had the best of luck with Avira. The free version is actually just as effective as the paid one. Install and run Avira. It's preferred that you update it before running, but it's been known to find a lot with old definitions.



    5.

    If you have a 64-bit system, skip to step 6.

    On 32 bit OS's run ComboFix to unscrew all the windows problems left by the infection. On this screen, right click combofix.exe and choose Save Target As. If you just made the CD before the infection you'll be fine. ComboFix expires at least every month, so you always need to make sure that you have the latest copy.

    If you don't, but at least have an active internet connection it may update itself before starting. I've seen where it doesn't too. ComboFix will delete all of your old restore points, so at the end you'll need to make a new one.



    6.

    Install Advanced System Care and run it to clean up all the remaining junk.



    All you have to do is click the blue circle that says Care! The program will scan for and automatically fix:

    Spyware
    Registry
    Privacy
    Junk Files
    System Optimization
    Security Defense
    Disk Defragmentation

    It will also perform a security analysis that gives you a report of the running programs. You can use this information to kill rogue programs, similiar to Hi-Jack This. The problem is, if you are not sure what you are doing, you can easily damage Windows.

    I would advise against using this feature unless you are an expert.

    We just covered removal of Malware and Viruses. We used Malwarebytes, ComboFix, Avira, RKill and Advanced System Care. All of these programs are FREE and are available at CNet, with the exception of Combofix. There are plenty of bogus websites that claim they have ComboFix, but I only recommend that you get it from the link above.

    Once you are done, it's the best time to create a new restore point.

    If you've done all of the above and still have the same problems, I suggest you wipe your system and start over. If you can recover your files, burn them to CDs or DVDs. After you have a clean install with Malwarebytes and Anti-Virus software on the new system, scan each backup disk separately to ensure there is no Malware hiding on the disks.
    ----------------------------------------
    ----------------------------------------
    NEW GENESIS
    *******************************
    Modified Azza Genesis with an Intel i7 2600K, Gigabyte Z68X-UD3H, 32GB (8GB x 4) Corsair XMS3, 960GB Crucial M500, 240GB Sandisk Extreme, 1275 Watt Thermaltake 80 Platinum Modular PSU, Gigabyte GTX 780 OC 3GB, and a Corsair H60

  2. #2
    Wait, What? knowledgegranted's Avatar
    Join Date
    Feb 2009
    Location
    USA
    Posts
    569

    Default Re: TGS Complete Malware/Virus Removal

    Thank you so much for this guide. Recently I have been brought to some random sites when clicking links off of google. This no longer happens, I think it was probably malware designed to direct traffic somewhere so someone could make some money.

    Thanks again!
    It's like JFK announcing the moon mission. He had no expertise in space travel, and no way of knowing if it would work. He just announced "we're going to the moon" and then they made it happen because everyone was on the same page and working towards the same goal. If he had said "well, let's get some people in space, and we'll see how far out we can get, and if I find someone to make a rocket strong enough, we could possibly approach the moon's orbit and maybe land" it wouldn't have happened.

  3. #3
    rawrnomnom diluzio91's Avatar
    Join Date
    Jan 2010
    Posts
    2,471

    Default Re: TGS Complete Malware/Virus Removal

    Nice guide, i work in the IT office, another good tool to have in your arsenel is rkill.com files... they help with self replicating viruses. +rep
    Not dead yet

  4. #4
    baaah. billygoat333's Avatar
    Join Date
    Aug 2007
    Location
    Idaho
    Posts
    3,331

    Default Re: TGS Complete Malware/Virus Removal

    good guide.
    Quote Originally Posted by Omega
    ber is id elicous
    Centurion 5 Mod <<--- ON HOLD FOR THE WINTER

  5. #5
    AARGH dr.walrus's Avatar
    Join Date
    Mar 2008
    Location
    Ho Chi Minh City
    Posts
    993

    Default Re: TGS Complete Malware/Virus Removal

    Quote Originally Posted by TheGreatSatan View Post
    Malware isn't detected by spyware programs or your anti-virus. It sneaks in and disables your Anti-Virus.
    What definition of the term 'malware' are you using? Malware is any class of software that is deliberately harmful, including viruses, trojans, worms, spyware, keyloggers etc, and these can quite certainly be picked up by anti-virus software and by no means do they all disable anti-virus software...

  6. #6
    50 Custom PC's in 10 Years! TheGreatSatan's Avatar
    Join Date
    Apr 2005
    Location
    Southern IL
    Posts
    6,629

    Default Re: TGS Complete Malware/Virus Removal

    Uh no, not usually. Nearly every case I've ever dealt with (We're talking hundreds), the malware comes in undetected by your Anti-virus. It then disables your AV's ability to remove it and then wreaks havoc. It usually fools Windows into thinking that it is legit and then even Windows recommends you use their software.

    Sure once in a great while AV does work. It'll remove the virus/malware, but never all of the malware in the system. Because 99% of AV's are not designed to look/detect them.

    Thanks for the reps everyone.
    ----------------------------------------
    ----------------------------------------
    NEW GENESIS
    *******************************
    Modified Azza Genesis with an Intel i7 2600K, Gigabyte Z68X-UD3H, 32GB (8GB x 4) Corsair XMS3, 960GB Crucial M500, 240GB Sandisk Extreme, 1275 Watt Thermaltake 80 Platinum Modular PSU, Gigabyte GTX 780 OC 3GB, and a Corsair H60

  7. #7
    rawrnomnom diluzio91's Avatar
    Join Date
    Jan 2010
    Posts
    2,471

    Default Re: TGS Complete Malware/Virus Removal

    ill second tgs, when we have computers come into the shop with something like xp antivirus 2010 or vista security, ect ect, the antivirus hasnt even blinked at it, we have symantec, some avg, and some mcaffee, and all of them get hoodwinked by something that an enduser wants to click on. i have seen some that actually show the antivirus's .exe file as being infected. lol... makes me laugh.
    Not dead yet

  8. #8
    AARGH dr.walrus's Avatar
    Join Date
    Mar 2008
    Location
    Ho Chi Minh City
    Posts
    993

    Default Re: TGS Complete Malware/Virus Removal

    Quote Originally Posted by TheGreatSatan View Post
    99% of AV's are not designed to look/detect them.
    A virus is a form of malware. Anti-viruses are designed to detect viruses, surely?

  9. #9
    rawrnomnom diluzio91's Avatar
    Join Date
    Jan 2010
    Posts
    2,471

    Default Re: TGS Complete Malware/Virus Removal

    an anti virus is normally made to stop viruses from infiltrating the system, and to catch viruses that are piggy backed onto another program, cookies, ect, but when malware is installed it is an actual program that performs the function that is virus like. and many anti viruses cant handle them or remove them once they are installed. so yes, they detect viruses, but they unfortunately cant detect end user ignorance (not being used in a condescending manner, just expressing lack of knowledge) . except mcaffee, which knows that merely booting your computer is a threat to your security...
    Not dead yet

  10. #10
    AARGH dr.walrus's Avatar
    Join Date
    Mar 2008
    Location
    Ho Chi Minh City
    Posts
    993

    Default Re: TGS Complete Malware/Virus Removal

    Quote Originally Posted by diluzio91 View Post
    when malware is installed it is an actual program that performs the function that is virus like.
    Basically, no. You're using the term malware incorrectly.

    Malware is a 'catch-all' term used to describe all forms of malicious software. A virus is malware, A trojan is malware. A worm is malware. The original post keeps drawing a distinction between 'malware' and 'viruses'. This isn't correct.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •