mhsbrian

UPDATED GUIDE October 15, 2009!

Removed ad-aware 2007 because the trial version is crap now and replaced links with updated versions of the newest software. Much luck guys

Has your machine been running rather slow lately ? A few popups maybe ? You could be a victim of Mal-ware, Spyware, Hijacking, or even viruses. Most people believe that having virus protection protects them from everything when it does not.



The truth is nothing is 100% at removing Viruses, Spyware, etc. In this tutorial I will have many applications listed with available download links that I use on work machines and my personal machines. The steps I go through 99.98% of the time cleans a machine completely.


**GUIDE UPDATE**

This guide is a bit old I will completely redo it soon, the steps are a bit out of order so I will say now that if your computer can boot into safe mode the best thing to do first is run Combo fix FIRST!



Restart your computer, upon the boot screen type F8 simultaneously until you have a black screen with many options. It should look like this or similar.
Safe Mode Screen Shot
After you have gotten to this screen choose safe mode with networking.
Once you are at the Windows login screen, choose Administrator as the user to log on as. Windows will prompt you with a box that has a yes and no option, choose yes.


Okay, now that your successfully logged in as the administrator of your computer you can now proceed. Click Start->Run->in the run box, type "%temp%" without the quotations. Once the window open you will see many junk files that you will not recognize. Delete all these files, in some cases windows will not allow you to delete certain files, do not worry; this is normal. None of these files are important and the machine does not depend on any of them. This is deleting possible virus or spyware files that you may have gotten via html encoding or other web based applets such as java or flash.

Now that you have cleared up your temp files. While still having the temp folder open navigate to the tools menu option at the top of the windows explorer bar. Choose Tools-> Folder Options, once the box is open, click the view tab. Navigate into the inside box with the options listed for selection with check marks. Look for the option "Hidden Files and Folders". Once you have located it, check the option "Show hidden files". After doing so apply the settings and click ok and close it out.

Open My computer, navigate to your Hard drive with your windows installation that your currently trying to clean up. Now navigate My Computer->Local Disk C:-> Documents and Settings->"The User account that you log onto"[Take note this part of the tutorial will have to be done to every user account]->Local Settings->Temporary Internet Files. Delete everything in these folders/folder. These are garbage files that windows is not dependent on. Once deleted close the window, proceed to the next step.

After removing all the files that will slow down the scanning processes of the applications we will now run some of the best bits of software I've ever came across.

To install AVG you must be in booted in normal mode, once you have have installed AVG and update it in normal mode restart and boot back into safe mode with networking.

A-squared is simply freaking amazing. Just make an account with an email and you have a 30 day free trial to use their product and it's really fantastic, I absolutely recommend it!

Only do this step if AVG could not remove a file/files in the virus scan. If AVG successfully removed all threats, then skip the kill box section of this tutorial .

Kill Box

This program is dedicated to removing files that can absolutely not be removed by normal applications or manual deletion. After you have downloaded kill box run it and search for the file that AVG anti-virus could not remove. If you took note of the exact file location that AVG gave you you can simply copy and paste or retype that link in the kill box browser. Once you have kill box linked to the file choose the option "Replace on Reboot" Then select the below options "Use Dummy". After you have selected the options click the Red button with the white X next to the browser bar to start the process. Don't forget to back into safe mode with networking after the reboot.

After your back under the administrator account in safe mode open kill box again and find the file you replaced with a dummy and and choose to delete it this time and go delete it.


Install the program, follow the easy steps when installing. Once installed make sure the program is up to date and then Hit "Scan My Pc". After clicking that, check to the right in the options and choose "Perform a Full System Scan", do not let it perform the quick scan.

Once it has finished scanning it will prompt you with the infections it found. Sometimes upon removing the infections it will prompt you for a restart, do it; then restart back into safe mode with networking afterwards.

I recommend uninstalling Super Anti-Spyware after you have cleaned the computer with it because it slows the PC at startup.

Smitfraud Fix

This DOS based application is somewhat a genius tool. It removes the nasty hijackers that literally take over your machine.

Once you download this file, place it on your desktop. Double click the Smitfraud.exe and wait while the DOS windows initializes then press any key to continue to the main menu of the application. It will extract a folder onto the desktop called "Smitfraud" during this process. Once you are at the main menu there are 5 options for hijack removal. First start off by updating the program by selection option number 4. Simply type "4" then click enter. After the program updates go in the order as the list goes. Search, Clean, Delete Trusted Zones.

After you have completed all 3 steps using this program restart your computer and yet again boot into Safe mode with networking.

SD FIX

SD Fix is a tool that works very similar to smitfraud fix. You must be in safe mode to use it and you must use it on every account on the computer(in the case of a imbeded spyware object in the taskbar/wallpaper etc.) the tool takes longer than the smitfraud fix but it is a great tool! You must unzip it to a location then open the "Runthis.cmd" Then press "Y" to start.

Combo Fix!

Very similar to SD Fix, seems to really tackle things that attack very imporant Windows files such as dll's and such. Download and run in safe mode, if it asks to update choose the yes option, then it will ask you to install the recovery console, you can choose either yes or no from then on let it run and it is automated.

WinSock Fix

In some cases hijackers attack your HOST file and connect you to IP's and domains that have malicious intent of attacking your system. This utility resets the HOSTS file back to its default format.** WARNING** IF YOU HAVE A VPN SETUP AND HAVE A CUSTOM HOSTS COMMAND LINE ADDED FOR THE SETUP YOU WILL LOSE IT!!!! AFTER RUNNING THIS UTILITY ON THE NEXT REBOOT YOU MUST RE-IMMUNIZE WITH SPYBOT SEARCH AND DESTROY!!!.
This utility requires a restart after its finished

Step 4

After completing all scans restart the computer and boot normally. After running all these scans, you may have missing icons, a missing wallpaper, and even missing programs you thought were legit programs but really they were forms of spyware. These bits of software people don't realize that get on their machine can be harmful and eat up memory and processes without a user knowing.

The last thing you can simply do to organize your computer is to run Windows Defrag after windows has been literally raped by scanners.


OCN Rulez,
Brian D.

__________________
█▄ █▄█ █▄ ▀█▄
Remove Viruses & Spyware Without Failure FAQ!

StickyFingaz

is there an easier way without downloading all those programs?

mhsbrian

Using all these programs just narrows the chance down that the problem your having won't come back.

__________________
█▄ █▄█ █▄ ▀█▄
Remove Viruses & Spyware Without Failure FAQ!

Antolen

bookmarked it! happens a lot to my friends! (i wonder why ) this will help instead of reinstalling the whole windows! +Rep

__________________
iPhone Club

17360 3Dmark06

P12530 3Dmark Vantage

Xbox Gamertag BOMBngurVillage

repo_man

Thread revival! Some new members can definitely use this!

__________________

Case Mod Comp '09 Intermediate Winner:
Chlokwork Orange - FOR SALE

Current Projects --Sanguineus Cinis Cineris
Completed Build Log's -- Hinges for Syrillian's Silentium // Project: Phoenix // Flip this Tower

PizzaMan

Some other great apps. .

ATF Cleaner: cleans temp folders http://www.majorgeeks.com/ATF_Cleaner_d4949.html
Only cleans IE based browsers. Will have to do FireFox and Opera browsers manually.

MalwareBytes Anti-malware: http://www.majorgeeks.com/Malwarebyt...are_d5756.html



Prevention:

Comodo BOClean:
http://www.comodo.com/boclean/CBO_download.html

Spyware Blaster:
http://www.javacoolsoftware.com/spywareblaster.html
.
I also like AVG free. It's very good.

__________________

GTL testing and tweaking for all 7 series nVidia boards

Phalanx1

THanks! Bookmarked

__________________

mhsbrian

Updated Guide !

__________________
█▄ █▄█ █▄ ▀█▄
Remove Viruses & Spyware Without Failure FAQ!

noobdown

probably quicker to reinstall windows

nice guide

__________________

ATi 4830 Club

mhsbrian

This is really a guide for people that don't want to or can't reinstall Windows.

I work with a lot of businesses and comptuer that contain special software and clients setup it cant be veryannoying formatting and reloading someones computer and having to re-setup all their software again.

If your like me and keep everything on a server in your home then yes, format and reload. :P

__________________
█▄ █▄█ █▄ ▀█▄
Remove Viruses & Spyware Without Failure FAQ!