8.17.2010

Remove malware in Windows

In my adventures around the Internet looking for good tips on ridding my users of the various pieces of malware they pick up, I came across this checklist at TTC Shelbyville. Possibly one of the best guides I've seen for your typical end user/college student.

Since I work in a AD domain environment, a lot of the tips don't apply to me. For example, registry cleaners won't pick up something locked in to HKCU unless you're logged in as that user. And most of us don't allow our user to have administrative privileges to run the software or edit the registry. Below are my modifications to the Shelbyville list I'm finding pretty effective. Because, as much as we want to, re-imaging the machine isn't always an option.

General tips in addition to the revised list
Do not add Start menu items, desktop shortcuts or taskbar processes when installing any of the below.

Do not add any Toolbars to IE. Stupidly, many free software manufacturer's make their money from Ask.com, Yahoo! or Google toolbars.

Remove any and all software at the end and clean up the registry.


Malware today can be removed using SuperAntiSpyware Portable, A-Squared, and other utilities such as Malwarebytes.

What is the order to remove viruses and malware? It varies. Start here-

Start the computer in Safe Mode (Press F8 when starting it) and login with an administrative account
Delete all restore points
Disable AV software
If working in a Active Directory environment copy the user's My Documents folder to a separate location on the drive
Delete the user's profile
Empty the Recycle Bin
Run MSConfig and deselect all Startup items
Run CCleaner, DiskMax or FCleaner
Run Kill.com or Kill.exe
Run SuperAntispyware Portable
Run Malwarebytes
Boot into regular mode
Run Kill.com or Kill.exe
Run A-Squared
Run A-Squared Portable As far as I can tell, this is now pay software.
Run SuperAntispyware Portable
Run Malwarebytes
Run A-Squared
Run MV-RegClean
Run Windows Update
Remove all software installed during this process
Run MV-RegClean
Use the Windows Disk Cleanup tool to get rid of temp and log files. (Or do a search on the drive for *.tmp, *.00 and *.log)
Defrag your computer.
Run Disk Check
Reenable your antivirus and other startup items you know are safe.


To reiterate the above, be patient during this process. The scans and utilities will take a very long time.
Posted by Tiffany Craig at 5:40 PM

1 comments:

anti spam service said...

Those are excellent suggestions for malware suggestion. A lot of them are free too and they update regularly. You only need one running and installed to be protected.

2:32 AM

Post a Comment

Subscribe to: Post Comments (Atom)

Share it