Spyware/Adware/Virus/Trojan/Rootkit/Keylogger Removal Guide

Discussion in 'Computer Software and Operating Systems' started by Rydian, Feb 14, 2010.

  1. Rydian
    OP

    Rydian Resident Furvert™

    Member
    27,883
    8,103
    Feb 4, 2010
    United States
    Cave Entrance, Watching Cyan Write Letters
    <div align="center"><!--sizeo:5--><span style="font-size:18pt;line-height:100%"><!--/sizeo--><u>Spyware/Adware/Virus/Trojan/Rootkit/Keylogger Removal Guide</u><!--sizec--></span><!--/sizec-->

    So, you're obviously here because your computer has some sort of problem.
    We're gonna fix you up, and, with a little effort, prevent problems from occurring in the future.</div>

    <div align="center"><!--sizeo:3--><span style="font-size:12pt;line-height:100%"><!--/sizeo--><b><!--coloro:#990000--><span style="color:#990000"><!--/coloro-->FORMATTING IS A LAST RESORT ONLY!<!--colorc--></span><!--/colorc--></b><!--sizec--></span><!--/sizec--></div><!--sizeo:1--><span style="font-size:8pt;line-height:100%"><!--/sizeo-->Please note that a (re)format (when you wipe the computer and reinstall windows) is rarely needed to get rid of a computer infection. A worst case scenario is that an infection infects and changes critical system files, but those can be replaced with clean copies off any install CD with a simple command. Some people may have 50 gigabytes of personal files on their computer, and some people have their computers set up a very specific way that would take hours or days to restore to working order after a format. Just because formatting is <i>your</i> choice does not mean it should be the first suggestion to <i>somebody else</i>.<!--sizec--></span><!--/sizec-->



    <!--sizeo:4--><span style="font-size:14pt;line-height:100%"><!--/sizeo--><div align="center">Basic, Advanced, or Super removal?</div><!--sizec--></span><!--/sizec-->
    Warning: Spoilers inside!



    <!--sizeo:4--><span style="font-size:14pt;line-height:100%"><!--/sizeo--><div align="center">Setup</div><!--sizec--></span><!--/sizec-->
    Warning: Spoilers inside!



    <!--sizeo:4--><span style="font-size:14pt;line-height:100%"><!--/sizeo--><div align="center">Programs List</div><!--sizec--></span><!--/sizec-->
    Warning: Spoilers inside!



    <div align="center"><!--sizeo:4--><span style="font-size:14pt;line-height:100%"><!--/sizeo-->Basic Removal<!--sizec--></span><!--/sizec--></div>
    Warning: Spoilers inside!



    <!--sizeo:4--><span style="font-size:14pt;line-height:100%"><!--/sizeo--><div align="center">Advanced Removal</div><!--sizec--></span><!--/sizec-->
    Warning: Spoilers inside!



    <!--sizeo:4--><span style="font-size:14pt;line-height:100%"><!--/sizeo--><div align="center">Super Removal</div><!--sizec--></span><!--/sizec-->
    Warning: Spoilers inside!



    <!--sizeo:4--><span style="font-size:14pt;line-height:100%"><!--/sizeo--><div align="center">After Scanning</div><!--sizec--></span><!--/sizec-->
    Warning: Spoilers inside!



    <!--sizeo:4--><span style="font-size:14pt;line-height:100%"><!--/sizeo--><div align="center">Cleanup</div><!--sizec--></span><!--/sizec-->
    Warning: Spoilers inside!



    <!--sizeo:4--><span style="font-size:14pt;line-height:100%"><!--/sizeo--><div align="center">Future Prevention</div><!--sizec--></span><!--/sizec-->
    Warning: Spoilers inside!



    <!--sizeo:4--><span style="font-size:14pt;line-height:100%"><!--/sizeo--><div align="center">F.A.Q.</div><!--sizec--></span><!--/sizec-->
    Warning: Spoilers inside!
     


  2. Thoob

    Thoob LOLmonade.

    Member
    1,126
    0
    May 28, 2009
    Scotland
    Dude... You copied this thread from Gaia?!
     
  3. Rydian
    OP

    Rydian Resident Furvert™

    Member
    27,883
    8,103
    Feb 4, 2010
    United States
    Cave Entrance, Watching Cyan Write Letters
    I made this thread for there originally, and figured since there was no guide here on infection removal, this forum could use the info.

    Thanks for pointing that out, I must have missed that when I was formatting it for this board, it was originally a multi-post thing/
     
  4. Law

    Law rip ninjacat that zarcon made me

    Member
    4,132
    217
    Aug 14, 2007
    ‭jerkland
    This + multiple mentions of internet explorer = useless thread

    thanks for playing, though.


    Oh not to mention the formatting is terrible and the thread is a giant pain to read.
     
  5. Rydian
    OP

    Rydian Resident Furvert™

    Member
    27,883
    8,103
    Feb 4, 2010
    United States
    Cave Entrance, Watching Cyan Write Letters
    If you have suggestions on the proper way to format this thread, please post them, as I have had a bit of an issue getting all this information readable, the spoiler tags help with that but I think the guide itself may need some color-coding or something...

    But if you're just here to troll, I will go get a moderator to stop it.
    I was told by wildwon that if I had a guide, I could just post it right in this section.
     
  6. Demonbart

    Demonbart GBATemp's guitar hero

    Member
    1,623
    42
    Mar 14, 2009
    Netherlands
    Lazytown, yarr
    Bookmark'd. I've got the feeling that this thread will save my sorry ass someday.
     
  7. Law

    Law rip ninjacat that zarcon made me

    Member
    4,132
    217
    Aug 14, 2007
    ‭jerkland
    Get rid of the spoiler tags, they're part of the problem

    make a proper Index/Contents with something to ctrl+f to or use the anchor point bbtag

    Stop centering shit
     
  8. Rydian
    OP

    Rydian Resident Furvert™

    Member
    27,883
    8,103
    Feb 4, 2010
    United States
    Cave Entrance, Watching Cyan Write Letters
    Yeah, it's harder to read on a wider forum, thanks.
     
  9. Hakoda

    Hakoda GBAtemp Addict

    Member
    2,133
    2
    Feb 2, 2008
    United States
    San Jose, CA
    Thank you, this was very much needed. Mods sticky this, its instruction & format is worthy of stickiness. [​IMG]

    I liked the three levels of removal as well as easy to understand setup for noobies. The best part was prolly the spoilers, imagine all that without spoilers. Holy crap. That and the word "Norton" was not found on this thread at all. Very well done Rydian

    For anyone using this guide in the future, FOLLOW IT TO THE VERY END. Just because the infection is gone does not mean your system is stable. The "After Scanning", "Cleanup", & "Future Prevention" steps are CRITICAL.
     
  10. Elritha

    Elritha GBAtemp Addict

    Member
    2,037
    1
    Jan 24, 2006
    Canada
    Layout doesn't seem that bad to me. Spoiler tags prevent it from being just one wall of text. Useful guide to have.
     
  11. triassic911

    triassic911 Burst Mode

    Member
    2,743
    344
    May 9, 2007
    United States
    NYC, USA
    This thread is pure gold. Thanks.
     
  12. steve-p

    steve-p GBAtemp Advanced Fan

    Member
    503
    0
    Apr 13, 2009
    this whole thread makes me glad i dont use windoze anymore,

    and it's a joke that if you go to any torernt index site the top searches other than media are damned security apps.
    [​IMG] [​IMG]
     
  13. Cermage

    Cermage GBAtemp Advanced Maniac

    Member
    1,702
    0
    Dec 2, 2007
    srsly. safe mode, a program like malware bytes and an online scanner will solve most of your problems.
     
  14. Rydian
    OP

    Rydian Resident Furvert™

    Member
    27,883
    8,103
    Feb 4, 2010
    United States
    Cave Entrance, Watching Cyan Write Letters
    And that's what the basic instructions are, however there's infections that will modify all sorts of things in order to prevent that. Some will remove or modify files causing a STOP error when you try to go into safe mode, some will hook into windows in order to kill any process it recognizes as capable of removing it (originally they went by just filename, but not anymore), some will entry fake DNS entries in the hosts file to block known malware removal sites or redirect to fake sites, others will set up a proxy so they can update the blocks and redirects from their end, or just set your connection up to use a fake DNS server itself...

    There's plenty modern infections (especially those fake virus removers) can do to prevent you from just running a scanner, that's why this guide is as long as it is.
     
  15. Sephi

    Sephi fool

    Member
    1,850
    4
    Jan 21, 2008
    United States
    Rhode Island
  16. CyrusBlue

    CyrusBlue GBAtemp Fan

    Member
    338
    0
    Mar 15, 2009
    United States
    New York
    Why is everyone being an asshole? This is some useful information right here. I don't care where it came from.
     
  17. Rydian
    OP

    Rydian Resident Furvert™

    Member
    27,883
    8,103
    Feb 4, 2010
    United States
    Cave Entrance, Watching Cyan Write Letters
    Don't remember you. D:
     
  18. antwill

    antwill Better Than You

    Member
    1,024
    0
    Dec 24, 2006
    Australia
    Why not mention 'common sense' in the prevention section as well? It's not that hard to avoid all of these problems with a bit of common sense after all.
     
  19. NoSmokingBandit

    NoSmokingBandit GBAtemp Fan

    Member
    411
    138
    Jan 17, 2009
    United States
    You cant expect people on the internet to have common sense.
     
  20. Rydian
    OP

    Rydian Resident Furvert™

    Member
    27,883
    8,103
    Feb 4, 2010
    United States
    Cave Entrance, Watching Cyan Write Letters
    I don't want to encourage piracy!

    [​IMG]

    See?