mhsbrian

UPDATED GUIDE July 18, 2008!

Removed ad-aware 2007 because the trial version is crap now and replaced links with updated versions of the newest software. Much luck guys

Has your machine been running rather slow lately ? A few popups maybe ? You could be a victim of Mal-ware, Spyware, Hijacking, or even viruses. Most people believe that having virus protection protects them from everything when it does not.



The truth is nothing is 100% at removing Viruses, Spyware, etc. In this tutorial I will have many applications listed with available download links that I use on work machines and my personal machines. The steps I go through 99.98% of the time cleans a machine completely.


Restart your computer, upon the boot screen type F8 simultaneously until you have a black screen with many options. It should look like this or similar.
Safe Mode Screen Shot
After you have gotten to this screen choose safe mode with networking.
Once you are at the Windows login screen, choose Administrator as the user to log on as. Windows will prompt you with a box that has a yes and no option, choose yes.


Okay, now that your successfully logged in as the administrator of your computer you can now proceed. Click Start->Run->in the run box, type "%temp%" without the quotations. Once the window open you will see many junk files that you will not recognize. Delete all these files, in some cases windows will not allow you to delete certain files, do not worry; this is normal. None of these files are important and the machine does not depend on any of them. This is deleting possible virus or spyware files that you may have gotten via html encoding or other web based applets such as java or flash.

Now that you have cleared up your temp files. While still having the temp folder open navigate to the tools menu option at the top of the windows explorer bar. Choose Tools-> Folder Options, once the box is open, click the view tab. Navigate into the inside box with the options listed for selection with check marks. Look for the option "Hidden Files and Folders". Once you have located it, check the option "Show hidden files". After doing so apply the settings and click ok and close it out.

Open My computer, navigate to your Hard drive with your windows installation that your currently trying to clean up. Now navigate My Computer->Local Disk C:-> Documents and Settings->"The User account that you log onto"[Take note this part of the tutorial will have to be done to every user account]->Local Settings->Temporary Internet Files. Delete everything in these folders/folder. These are garbage files that windows is not dependent on. Once deleted close the window, proceed to the next step.

After removing all the files that will slow down the scanning processes of the applications we will now run some of the best bits of software I've ever came across.

To install AVG you must be in booted in normal mode, once you have have installed AVG and update it in normal mode restart and boot back into safe mode with networking.

I use AVG on my machine and my work machines and it always seems to out due all other forms of virus protection that I've used.
Once you have the machine booted under Administrator open AVG and then update it. Once it is completely up to date click "Scan My Computer".

Once AVG finishes scanning if it found viruses it should have removed them or sent them to the vault. Every now and then AVG can't remove viruses, if this happens you will have to do it manually. Make sure to take note of the virus location and the EXACT name of the virus it listed and the file name.

Only do this step if AVG could not remove a file/files in the virus scan. If AVG successfully removed all threats, then skip the kill box section of this tutorial .

Kill Box

This program is dedicated to removing files that can absolutely not be removed by normal applications or manual deletion. After you have downloaded kill box run it and search for the file that AVG anti-virus could not remove. If you took note of the exact file location that AVG gave you you can simply copy and paste or retype that link in the kill box browser. Once you have kill box linked to the file choose the option "Replace on Reboot" Then select the below options "Use Dummy". After you have selected the options click the Red button with the white X next to the browser bar to start the process. Don't forget to back into safe mode with networking after the reboot.

After your back under the administrator account in safe mode open kill box again and find the file you replaced with a dummy and and choose to delete it this time and go delete it.


Install the program, follow the easy steps when installing. Once installed make sure the program is up to date and then Hit "Scan My Pc". After clicking that, check to the right in the options and choose "Perform a Full System Scan", do not let it perform the quick scan.

Once it has finished scanning it will prompt you with the infections it found. Sometimes upon removing the infections it will prompt you for a restart, do it; then restart back into safe mode with networking afterwards.

I recommend uninstalling Super Anti-Spyware after you have cleaned the computer with it because it slows the PC at startup.

Smitfraud Fix

This DOS based application is somewhat a genius tool. It removes the nasty hijackers that literally take over your machine.

Once you download this file, place it on your desktop. Double click the Smitfraud.exe and wait while the DOS windows initializes then press any key to continue to the main menu of the application. It will extract a folder onto the desktop called "Smitfraud" during this process. Once you are at the main menu there are 5 options for hijack removal. First start off by updating the program by selection option number 4. Simply type "4" then click enter. After the program updates go in the order as the list goes. Search, Clean, Delete Trusted Zones.

After you have completed all 3 steps using this program restart your computer and yet again boot into Safe mode with networking.

SD FIX

SD Fix is a tool that works very similar to smitfraud fix. You must be in safe mode to use it and you must use it on every account on the computer(in the case of a imbeded spyware object in the taskbar/wallpaper etc.) the tool takes longer than the smitfraud fix but it is a great tool! You must unzip it to a location then open the "Runthis.cmd" Then press "Y" to start.

Spybot Search & Destroy

Spybot is simply one of the best adware and spyware removers out there. It removes and protects against many IE based spyware. The program is very simple to install. Simply download, run the install, go through the steps. I recommend choosing to uncheck the box for "Tea Timer" because it is a background based protection that is VERY annoying and I never use it.

When the program starts for the first time go threw the simple steps. Backup registry->Update->Immunize. After you have completed the steps Click the button "Check for problems". Spybot will take a good while to scan the PC usually around 30-45 minutes depending on the speed of the machine.

Once spybot finished scanning the PC click "Fix Problems". Sometimes it will ask allow spybot to scan on system startup, click yes(it will scan the next time your computer boots in normal mode).

WinSock Fix

In some cases hijackers attack your HOST file and connect you to IP's and domains that have malicious intent of attacking your system. This utility resets the HOSTS file back to its default format.** WARNING** IF YOU HAVE A VPN SETUP AND HAVE A CUSTOM HOSTS COMMAND LINE ADDED FOR THE SETUP YOU WILL LOSE IT!!!! AFTER RUNNING THIS UTILITY ON THE NEXT REBOOT YOU MUST RE-IMMUNIZE WITH SPYBOT SEARCH AND DESTROY!!!.
This utility requires a restart after its finished

Step 4

After completing all scans restart the computer and boot normally. After running all these scans, you may have missing icons, a missing wallpaper, and even missing programs you thought were legit programs but really they were forms of spyware. These bits of software people don't realize that get on their machine can be harmful and eat up memory and processes without a user knowing.

The last thing you can simply do to organize your computer is to run Windows Defrag after windows has been literally raped by scanners.


OCN Rulez,
Brian D.

__________________

StickyFingaz

is there an easier way without downloading all those programs?

mhsbrian

Using all these programs just narrows the chance down that the problem your having won't come back.

__________________

Antolen

bookmarked it! happens a lot to my friends! (i wonder why ) this will help instead of reinstalling the whole windows! +Rep

__________________
10,635 3Dmark06

repo_man

Thread revival! Some new members can definitely use this!

__________________


Current Projects - Sanguineus Cinis Cineris Hinges for Syrillian's Silentium

Completed Build Log's Project: Phoenix Flip this Tower
My guides and How-to'sBondo Q & A Rivets!

PizzaMan

Some other great apps. .

ATF Cleaner: cleans temp folders http://www.majorgeeks.com/ATF_Cleaner_d4949.html
Only cleans IE based browsers. Will have to do FireFox and Opera browsers manually.

MalwareBytes Anti-malware: http://www.majorgeeks.com/Malwarebyt...are_d5756.html



Prevention:

Comodo BOClean:
http://www.comodo.com/boclean/CBO_download.html

Spyware Blaster:
http://www.javacoolsoftware.com/spywareblaster.html
.
I also like AVG free. It's very good.

__________________

Phalanx1

THanks! Bookmarked

__________________

mhsbrian

Updated Guide !

__________________

noobdown

probably quicker to reinstall windows

nice guide

__________________

mhsbrian

This is really a guide for people that don't want to or can't reinstall Windows.

I work with a lot of businesses and comptuer that contain special software and clients setup it cant be veryannoying formatting and reloading someones computer and having to re-setup all their software again.

If your like me and keep everything on a server in your home then yes, format and reload. :P

__________________