I felt like sharing my actual process for cleaning up malware on a computer, so here it is. This process will work for 90% of the viruses and malware that affects Microsoft Windows. Sadly, there are still occasions when I still need to wipe out a hard drive and reinstall Windows due to a really bad virus infection. Be sure to check out for detailed guides on how to clean up specific malware problems! Lets get to the process...
First, have a USB flash drive with the following files\apps on it:
RKILL -
UNHIDE -
TDSSKiller -
Malwarebytes -
Microsoft Security Essentials -
Steps to perform in order:
- Reboot the computer into Safe Mode with Networking.
- Run RKILL.EXE.
- Run TDSSKiller.EXE
- Delete ALL FILES in %TEMP%
- Delete all Internet Explorer cache data from the Internet Options applet.
- Delete all Firefox cache data.
- Delete all Google Chrome cache data.
- Install Malwarebytes and update if prompted. Run a full system scan.
- Delete all EXE files in C:\Documents and Programs\All Users\Application Data\
- Launch the anti-virus program, update virus definitions, then run a full virus scan. Install Microsoft Security Essentials if there is no anti-virus app installed.
- Open Internet Options. Verify that the Proxy settings are not set. "Auto detect network settings". Do the same in Firefox.
- Open Add\Remove Programs. Remove all unncecessary software and toolbars.
**STOP HERE! Only continue to the next steps if you are missing Start Menu shortcuts or are missing all files in My Documents.
- Reset NTFS permissions for the entire C: drive. - Run this command from the command line: secedit /configure /cfg %windir%\repair\secsetup.inf /db secsetup.sdb /verbose
http://www.microsoft.com/security_essentials