bledd Posted January 12, 2006 Posted January 12, 2006 (edited) Ok, so your pc is running a bit slow, or you've got a load of popus or annoying software that you just CAN'T get rid of!Always make a backup before you start fiddling with software that has (badly) infected the system you're working on - it's not funny when you get asked to rescue a PC and then it gets messed up even more!First off, do add/remove programs, it works for the really badly made spyware (yes its out there!)Next, download the following..All these are freeware besides Nod32 (30 day trial)CCleanerSpywareBlasterNod32 Antivirus 30day Trial VERY good, i reccomend paying for -requires restartCWShredder standalone exeLavasoft AdawareSpybot S&DHijackthis standalone exe and Log analyserNow turn OFF System Restore, it was usefull when it first was released, now it just stores spyware and viruses if your pc gets infected, and takes up hard drive space. Microsoft really should remove this and just keep the driver side of it, that works really wellRun the programs doing their updates (if they have them) in this order and follow my picturesCCleanerWhen installing it, you might want to untick "add Run and Open CCleaner to recycle bin context menu"This is personal preference, i like to keep my context menu's clean.If you click Options, Cookies you can choose which cookies to keep so you don't lose your passwords/preferencesIt also has a registry cleaner in the 'Issues' part, easy to use, so do itif you want to make this your default windows Disk Cleanup tool download and run this regfile -saveashttp://bleddyn.co.uk/guides/spyware/ccleaner.reg-----Spyware Blasterdon't have screenshots of this, its simple though, run update, then enable all protections!-----Nod32 AntivirusYou'll be asked to restart after installing this, just click Restart Now.When Windows comes back, do the following..Click update and follow the screen on the right when it changes, the rest is simple.Terminate any warnings you get, set the options to 'Clean' then 'Delete' if can't be cleaned-----CWshredderSimple!-----AdawareStraight forward really.. good to run once a week or soAfter a scan, select all, Fix-----Spybot S&DA bit more fiddly than adaware, but still like pie.. run just as often!Open it, update it, close it, open it, Immunize, Scan, select all, Fix-----Hijackthis (never google it with spaces, only use the majorgeeks or merjin links)Don't be clicker happy, this shows ALL startup dll's and programsCopy the contents of the log file into this http://www.hijackthis.de/ its a VERY useful analyser that has a large ammount of blacklisted filesRemove the obviously bad ones, and maybe ask on this forum (or preferably google the remaining ones!). liutilities is good too, try googling "liutilities explorer.exe" and it gives you info about the process-----Reboot.Still got problems?Try Microsoft Antispyware, its free and works well, its throws a bit of a fit each time you change a system setting so i uninstall it after a scan..If you've still got problems, then consider a format; nothing works better than that.-----Good ways of avoiding it in the first place? Ditch Internet Explorer and use ALWAYS use a firewall, the XPSP2 one does a fine job, it just doesn't monitor outgoing connections, I use it and have never had a problem, its also a good idea to use a router between you and the internet, they're quite cheap for basic ones -£25 -$40? ish.Use windowsupdate, its your friend let it at least tell you when you've got new things to downloadHave a password on ALL of your xp accounts, and if possible don't use an account with administrative rights to browse the internet (this way a lot of spyware cannot install unless you physically install it yourself!)Over and out! Edited January 27, 2006 by bledd
CptMurphy Posted January 12, 2006 Posted January 12, 2006 That's not bad but a family member of mine had this seriously bad CWS malware that would not for the life of anyone, leave. I eventually needed to reinstall the OS from scratch. I used S&D, Ad-Aware, CWS Shredder, Hijack This!, Norton Antivirus, Avast!, and AVG. Near the end I did a system replace. That damned virus did not leave. The best way to clear your system is to do a clean re-install. If you are worried about having to reactivate your system, make a back up of the wpa.dbl, and wpa.bak(if it's there. Reboot the system in Safe Mode after installing the new OS and replace the two, or one, file(s). The files are found in system32 of your %systemroot% directory.
atomizer Posted January 12, 2006 Posted January 12, 2006 (edited) hiya bledd good tutorial!edited by atomizer because he had his mouth open before his brain started working... again i used to use AVAST for the longest time, going back to its beta days when it was still fully free. i still think it's a very good AV, but even that has become to bloated for my taste. AVG is **** good from what i hear, though i've never used it much (both have a free version BTW). personally though, i like ClamWin. ClamWin is totally free and open source. it's still in beta, but it's been running absolutely fine on my box. updates are pumped out faster than many of the commercial packages as well (there's an option to check for updates hourly). it's also an on-demand scanner only, which is exactly what i want, but i wouldn't really recommended it for novices, especially if using IE, OE, WMP, etc., as it's not going to auto-scan all the crap that stuff downloads. i nLite all that stuff out, so i don't feel the need for having an AV scanning every file that is downloaded, modified, opened, etc.. Edited January 12, 2006 by atomizer
bledd Posted January 12, 2006 Author Posted January 12, 2006 nod32 is NOT norton!lol, download the trial, its lightware like avast
atomizer Posted January 12, 2006 Posted January 12, 2006 (edited) oh jeeze!excuse me while pull my head out of...i edited the post. still, i wanted to make people aware of Clam, so i left that in. i never used NOD, but i know it's been around a LONG time and scores consistently well in the virus bulletin tests.you know, your tutorial along with some more general security stuff would make a good sticky. Edited January 12, 2006 by atomizer
bledd Posted January 12, 2006 Author Posted January 12, 2006 added some for you atomizer (i'm sure you don't need it yourself)
Tarun Posted January 13, 2006 Posted January 13, 2006 Nice guide, but a strange order.Check this out.Also, shouldn't this be in the Malware Prevention section? Only conflict that I would see is that there's already an Introduction To Anti-Malware And Cleaning topic.You always want to run SpywareBlaster first, as it can stop even disable a majority of malware from working.Next you'd run CCleaner, as it can remove malware from several locations where malicious files tend to hide. In TEMP and other locations.After that, CWShredder to get any traces (if any). Then routine scans with Microsoft Anti-Spyware, Ad-Aware SE Personal, Spybot S&D, and ewido Anti-Malware.A user should then finish up with running HijackThis and they can post on a number of forums. Those automatic log analyzers can return a ton of false positives.
Takeshi Posted January 16, 2006 Posted January 16, 2006 Spybot S&D also has immunize tool so use it alongside with Spyware Blaster.There's nothing wrong with System Restore per se in a clean computer.I've said it before, user vigilence is the most important factor among all of these measures.
Synapse Posted January 16, 2006 Posted January 16, 2006 There's nothing wrong with System Restore per se in a clean computer.agree, theres nothing wrong with it IF the computer is CLEAN.. if the computer has been infected with a virus/worm/spyware then the after getting clean the user does a restore of a previous date then it just undoes what we just fixed (my ex-gf did this after i cleaned her computer of the elite toolbar... meaning i spent another 4 hours or so fixin it.
suryad Posted January 16, 2006 Posted January 16, 2006 I think there is a coolwebshredder or some kind of a tool like that speicifcally geared to get rid of that spyware. Maybe if you used that you wont have to reinsta. But great guide. I vote to sticky it.
ZenLord Posted January 17, 2006 Posted January 17, 2006 (edited) Ok, so your pc is running a bit slow, or you've got a load of popus or annoying software that you just CAN'T get rid of!Great guide! I think I go through about the same when I get a call like this from a friend/relative, but I have 2 suggestions:1. Always make a backup before you start fiddling with software that has (badly) infected the system you're working on - it's not funny when you get asked to rescue a PC and then f*ck it up even worse 2. manually go through (at least) the 2 software-sections of the registry and the run- and runonce-section of the current windows-entries in the registry to search for obvious threads, delete them and reboot in safe mode to delete left files and folders.The second one will of course be of less importance after using all the software you mention, but the first is to important to be left out of a guide like yours. Sticky++Zl. Edited January 17, 2006 by ZenLord
bledd Posted January 27, 2006 Author Posted January 27, 2006 Ok, so your pc is running a bit slow, or you've got a load of popus or annoying software that you just CAN'T get rid of!Great guide! I think I go through about the same when I get a call like this from a friend/relative, but I have 2 suggestions:1. Always make a backup before you start fiddling with software that has (badly) infected the system you're working on - it's not funny when you get asked to rescue a PC and then f*ck it up even worse 2. manually go through (at least) the 2 software-sections of the registry and the run- and runonce-section of the current windows-entries in the registry to search for obvious threads, delete them and reboot in safe mode to delete left files and folders.The second one will of course be of less importance after using all the software you mention, but the first is to important to be left out of a guide like yours. Sticky++Zl.added
ZileXa Posted June 24, 2006 Posted June 24, 2006 Your guide is exactly what HITMAN PRO does http://www.hitmanpro.nl/Install, you can deselect the trial apps and Nod32 (cos I assume everyone already has an anti-virus program).And you can select to accept all License Agreements, making a full scan COMPLETELY without user input
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now