Windows 8 and 8.1 Forums


My process for removing infections

  1. #1


    Posts : 11
    Win 8.1

    My process for removing infections


    This is under the presumption that the PC can boot into Windows...or at least into safe mode.

    I have a USB drive and I download the install files of the following onto it from a clean PC:
    rkill
    TDSSKiller
    SuperAntiSpyware (free)
    Malwarebytes (free)
    Combofix
    Either IObit Uninstaller or REVOuninstaller
    AVAST (free)
    Windows Repair (All in One)

    The majority of these can be found for download on CNET or Bleepingcomputer.
    The Windows Repair Tool is at tweaking.com.

    If I can make it into Windows on the infected PC, I insert the USB drive. I then drag and drop the programs from the USB drive onto the desktop.
    First I run rkill.
    Rkill runs a scan and tries to stop (not remove) any malicious processes it may find.
    Then I update and run TDSSKiller.
    After it gets through, I install and run SuperAntiSpyware and Malwarebytes...full scans.
    If there is any anti-virus program, I stop any active protection in order to run Combofix.
    After Combofix, I install and run an uninstaller (IOBit, etc) program to find and completely remove junk and unwanted programs.
    After this, I install and update AVAST free, and then I run a PRE-BOOT scan.
    The final step I normally use is running the Windows All in One Repair Tool. It takes you step by step through a process (including check disk and system file check) and a final process that corrects and restores Windows settings.
    Depending on the existing anti-virus on the machine, I may or may not uninstall AVAST.
    Last edited by Countryside; 23 Jan 2015 at 09:00.

      My System SpecsSystem Spec

  2. #2


    United Kingdom
    Posts : 39
    Windows 8 Pro With Media Centre


    Format C:\ works every time in my experience, needless to say that a good back up strategy is also a must!
    Last edited by acer54; 24 Jan 2015 at 07:15.
      My System SpecsSystem Spec

  3. #3


    Posts : 1,875
    Windows 10 Pro Prieview x64


    Quote Originally Posted by acer54 View Post
    Format C:\ works every time in my experience, needless a good back up strategy is also a must!
    That is insufficient. Leaving aside hidden partitions, even physically replacing your drive with a new one may not be enough if your keys are compromised.

    New vicious UEFI bootkit vuln found for Windows 8

    World
      My System SpecsSystem Spec

  4. #4


    Georgia
    Posts : 110
    Windows 7 Home Premium x64 / Windows 8.1 Pro x64 Dual Boot


    Quote Originally Posted by acer54 View Post
    Format C:\ works every time in my experience, needless a good back up strategy is also a must!
    I'm right there with ya

    99.5% after cleaning an infection depending on what it is, the OS is just never the same again, best just to reformat / reinstall.
      My System SpecsSystem Spec

  5. #5


    Posts : 1,875
    Windows 10 Pro Prieview x64


    Quote Originally Posted by edee View Post
    Quote Originally Posted by acer54 View Post
    Format C:\ works every time in my experience, needless a good back up strategy is also a must!
    I'm right there with ya

    99.5% after cleaning an infection depending on what it is, the OS is just never the same again, best just to reformat / reinstall.
    Unless the infection isn't on your disk of course.
      My System SpecsSystem Spec

  6. #6


    Posts : 11
    Win 8.1


    The suggestions are fine if it is your own computer and if you have a restore partition and/or restore media and all your important files have been backed up.
    I was mainly talking about how I do PCs that others bring me. The majority of them will not have backup, may not have a restore partition, and very few have restore media. Gotta work with what ya got.
      My System SpecsSystem Spec

  7. #7



    Trying to Sith things out
    Bamberg Germany
    Posts : 2,290
    Windows 10 Pro 64 bit


    Personally I never had an infection(half luck/half good security practice, safe surfing) but one should also look in firewall after to see if any ports are left open from sloppy uninstalled programs and any changes due to an infection. Go to Windows Firewall and click Restore Defaults:
    Attachment 56930
      My System SpecsSystem Spec

  8. #8


    United Kingdom
    Posts : 39
    Windows 8 Pro With Media Centre


    Quote Originally Posted by adamf View Post
    Quote Originally Posted by acer54 View Post
    Format C:\ works every time in my experience, needless a good back up strategy is also a must!
    That is insufficient. Leaving aside hidden partitions, even physically replacing your drive with a new one may not be enough if your keys are compromised.

    New vicious UEFI bootkit vuln found for Windows 8

    World
    Always worked for me and computers I've sorted for friends or family.
      My System SpecsSystem Spec

  9. #9


    United Kingdom
    Posts : 39
    Windows 8 Pro With Media Centre


    Quote Originally Posted by Countryside View Post
    The suggestions are fine if it is your own computer and if you have a restore partition and/or restore media and all your important files have been backed up.
    I was mainly talking about how I do PCs that others bring me. The majority of them will not have backup, may not have a restore partition, and very few have restore media. Gotta work with what ya got.
    I usually save photo's emails, documents etc to another drive and after checking them restore to the formatted drive, again potentially not a 100% cure but has always worked for me, you have to know the likely places where infections will be lurking.
      My System SpecsSystem Spec

  10. #10



    Trying to Sith things out
    Bamberg Germany
    Posts : 2,290
    Windows 10 Pro 64 bit


    Quote Originally Posted by adamf View Post
    Quote Originally Posted by edee View Post
    Quote Originally Posted by acer54 View Post
    Format C:\ works every time in my experience, needless a good back up strategy is also a must!
    I'm right there with ya

    99.5% after cleaning an infection depending on what it is, the OS is just never the same again, best just to reformat / reinstall.
    Unless the infection isn't on your disk of course.
    We get the point. there is also something that delivers malware over an air gap called BadBIOS. When we worry to much about such things we might as well put our PCs away and just use paper and pencils again(oh and an abacus too)
      My System SpecsSystem Spec

Page 1 of 2 12 LastLast
My process for removing infections
Related Threads
Solved Removing Old OS Partition in Installation & Setup
good day folks, in a nutshell. my roommate did a thorough wipe of his c drive, then installed 7 then 8.1.1. for some reason he cannot boot in to the win 7 partition. after building up and getting 8.1.1 setup just the way he wants it he doesn't care about the 7 partition any more. i know i can...
Solved Have process run before DWM in Software and Apps
So I'm trying to have an .exe file run before desktop windows manager loads. I know how to make it load at start but I don't know how to make it run before DWM, since this could be dangerous stuff I'm asking first. Thank you.
Removing Setup from the MBR in Installation & Setup
Good morning, I was casually wondering how to remove the failed Windows Setup that shows up on the Boot screen along with the still functional Windows 7 Ultimate. Funny that the Setup didn't move past the first Reset screen, yet shows up above Windows 7 and, if ya don't arrow down within ONE...
Solved Removing a VHD in Virtualization
Hello, as the title states, I am wondering how I could remove, or possible delete a VHD created as a partition of my C drive. I recently partitioned it to install Windows 7 on it, though I don't need anymore, so I decided I'd remove it, my problem now is I don't know how. Thanks in advance.
Solved removing windows 8 in Installation & Setup
I want to remove windows 8 and go back to windows 7 Can I just insert the disc and enter the key? or how do I uninstall windows 8 first as it was a downloaded app?
Eight Forums Android App Eight Forums IOS App Follow us on Facebook