G
Guest
Guest
Archived from groups: comp.security.firewalls (More info?)
The first step in ridding your system of unwanted intruders is to
protect it from them in the first place.
Reminder – If your system is simply too infested to effectively clean,
or has too many problems related to past infestations or other
problems, it may be better to back up all your data, format and install
Windows again, so you can have a fresh, clean start.
In order to view some of the files and folders mentioned here, you will
need to set your system up accordingly. Open Windows Explorer, go to
Tools, and in Folder Options, select Show hidden files and folders, and
uncheck Hide protected operating system fileS.
You may also need to boot into Safe Mode, the most common way to do
this is to reboot your computer, and then repeatedly hit F8 while it's
booting up. A menu will be displayed which will give you several
options. Select Safe Mode, and press Enter.
Another way to get into Safe Mode is to go to Start, Run, type in
msconfig, and then click OK. When the System Configuration Utility
window comes up, click the BOOT.INI tab, select SAFEBOOT, and then OK.
You will be asked to reboot, and when you do, your system will come up
in Safe Mode. When you're finished in Safe Mode, go back to msconfig
and remove the checkmark from SAFEBOOT.
A combination of the utilities listed may be required to successfully
clean a heavily infested system; if the ones you are using don’t seem
to be doing the job, try some of the others. You should also try
running them from Safe Mode.
In order to effectively clean your PC:
1.) Follow all the instructions in the Temporary Files section.
2.) Empty the Prefetch folder as explained.
3.) From the Malware section, run both Ad-Aware and Spybot.
4.) Also from the Malware section, run either CounterSpy or Ewido (or
both if you like).
5.) In the Free Online Scans section, run at least two of the suggested
scans.
6.) If you are still experiencing problems after taking these steps,
please go to the thread concerning specific infections.
Temporary Files
Depending on your Operating System, you may, or may not, have all of
the folders listed. Please complete the instructions for the ones you
do have.
Delete the entire contents of your C:\Windows\Temp folder.
Delete the entire contents of your C:\Temp folder.
Do a search for *.tmp and delete all entries found.
For every User listed under C:\Documents and Settings, delete the
entire contents of these folders (not the folders themselves):
Local Settings\Temp
Cookies
History
Local Settings\Temporary Internet Files\Content.IE5
If you have Firefox, open it and go to Tools, Options, and then click
on Privacy (padlock icon on the left); click on the Clear All button.
If you use any other browser, clear the History, Cookies, and Cache.
Go to Start, Run, type in cleanmgr, and then click OK. Select the drive
your operating system is on (usually C), and check the boxes for
Downloaded Program Files (move any files you wish to keep out of this
folder first), Temporary Internet Files, Recycle Bin, Temporary Files,
Temporary Offline Files, Offline Files, (and Compress old files &
Catalog files for the Content Indexer if you wish), and then click OK.
Click Yes to confirm you want these files deleted. It may take awhile
for this to run, please be patient.
Note: if any of these temporary files cannot be deleted while in normal
mode, try Safe Mode. If any still cannot be deleted, use the Pocket
Killbox (link below). Please ask for instructions before using this
tool!
Prefetch
To increase the startup time of your applications, Windows pre-loads
portions of programs in a folder called Prefetch. Malware sometimes
imbeds itself in this folder and uses that as their ‘autostart’
mechanism each time you boot.
Since Windows will automatically repopulate the Prefetch folder with
valid program entries, emptying the entire contents of the folder won’t
do any harm. You can do this by going to C:\Windows\Prefetch; open the
Prefetch folder, click on Edit, Select All, and then hit the Delete
key.
Utility to help with cleanup:
CCleaner – Removes unused and temporary files from your system.
http://www.filehippo.com/download/l...h/download.html
Malware
There are several free (or free-to-try) utilities available to help rid
your system of unwanted intruders. Always be sure you have the latest
versions and update them immediately before scanning. Also, go through
their configuration options and make sure they are set to properly scan
your system. If you have any questions about these settings, feel free
to ask us.
Must have these:
Ad-Aware SE Personal Edition – Removes ad-supported software components
from your system.
http://www.download.com/Ad-Aware-SE...tml?tag=lst-0-2
Spybot - Search & Destroy – Removes threats to your security and
privacy from your hard disk and Registry.
http://www.download.com/Spybot-Sear...tml?tag=lst-0-1
Pocket Killbox – Use to delete files that refuse to be deleted
normally.
http://bleepingcomputer.com/files/spyware/KillBox.zip
Should have at least one of theses:
CounterSpy – Detects and deletes malicious software from your PC.
http://www.download.com/CounterSpy/...tml?tag=lst-0-1
Ewido (XP users only) – Protects your computer from various threats and
hackers.
http://www.download.com/Ewido-Secur...tml?tag=lst-0-1
Other helpful utilities:
Stinger – Scans data for viruses and objectionable content.
http://www.download.com/Stinger/300...tml?tag=lst-0-1
TrojanHunter – Examines your files, registry, open ports and running
processes to protect against Trojans.
http://trojanhunter.com/
Trojan Remover – Aids in the removal of Trojan Horses and Worms.
http://www.simplysup.com/
Free Online Scans
http://www.kaspersky.com/scanforvirus.html
http://housecall.trendmicro.com/
http://us.mcafee.com/root/mfs/default.asp?cid=9914
http://www.ravantivirus.com/scan/
http://www.bitdefender.com/scan/licence.php
--
dr.nil
------------------------------------------------------------------------
dr.nil's Profile: http://forums.techarena.in/member.php?userid=4402
View this thread: http://forums.techarena.in/showthread.php?t=340571
Visit - http://www.techarena.in | http://forums.techarena.in | http://gallery.techarena.in
The first step in ridding your system of unwanted intruders is to
protect it from them in the first place.
Reminder – If your system is simply too infested to effectively clean,
or has too many problems related to past infestations or other
problems, it may be better to back up all your data, format and install
Windows again, so you can have a fresh, clean start.
In order to view some of the files and folders mentioned here, you will
need to set your system up accordingly. Open Windows Explorer, go to
Tools, and in Folder Options, select Show hidden files and folders, and
uncheck Hide protected operating system fileS.
You may also need to boot into Safe Mode, the most common way to do
this is to reboot your computer, and then repeatedly hit F8 while it's
booting up. A menu will be displayed which will give you several
options. Select Safe Mode, and press Enter.
Another way to get into Safe Mode is to go to Start, Run, type in
msconfig, and then click OK. When the System Configuration Utility
window comes up, click the BOOT.INI tab, select SAFEBOOT, and then OK.
You will be asked to reboot, and when you do, your system will come up
in Safe Mode. When you're finished in Safe Mode, go back to msconfig
and remove the checkmark from SAFEBOOT.
A combination of the utilities listed may be required to successfully
clean a heavily infested system; if the ones you are using don’t seem
to be doing the job, try some of the others. You should also try
running them from Safe Mode.
In order to effectively clean your PC:
1.) Follow all the instructions in the Temporary Files section.
2.) Empty the Prefetch folder as explained.
3.) From the Malware section, run both Ad-Aware and Spybot.
4.) Also from the Malware section, run either CounterSpy or Ewido (or
both if you like).
5.) In the Free Online Scans section, run at least two of the suggested
scans.
6.) If you are still experiencing problems after taking these steps,
please go to the thread concerning specific infections.
Temporary Files
Depending on your Operating System, you may, or may not, have all of
the folders listed. Please complete the instructions for the ones you
do have.
Delete the entire contents of your C:\Windows\Temp folder.
Delete the entire contents of your C:\Temp folder.
Do a search for *.tmp and delete all entries found.
For every User listed under C:\Documents and Settings, delete the
entire contents of these folders (not the folders themselves):
Local Settings\Temp
Cookies
History
Local Settings\Temporary Internet Files\Content.IE5
If you have Firefox, open it and go to Tools, Options, and then click
on Privacy (padlock icon on the left); click on the Clear All button.
If you use any other browser, clear the History, Cookies, and Cache.
Go to Start, Run, type in cleanmgr, and then click OK. Select the drive
your operating system is on (usually C), and check the boxes for
Downloaded Program Files (move any files you wish to keep out of this
folder first), Temporary Internet Files, Recycle Bin, Temporary Files,
Temporary Offline Files, Offline Files, (and Compress old files &
Catalog files for the Content Indexer if you wish), and then click OK.
Click Yes to confirm you want these files deleted. It may take awhile
for this to run, please be patient.
Note: if any of these temporary files cannot be deleted while in normal
mode, try Safe Mode. If any still cannot be deleted, use the Pocket
Killbox (link below). Please ask for instructions before using this
tool!
Prefetch
To increase the startup time of your applications, Windows pre-loads
portions of programs in a folder called Prefetch. Malware sometimes
imbeds itself in this folder and uses that as their ‘autostart’
mechanism each time you boot.
Since Windows will automatically repopulate the Prefetch folder with
valid program entries, emptying the entire contents of the folder won’t
do any harm. You can do this by going to C:\Windows\Prefetch; open the
Prefetch folder, click on Edit, Select All, and then hit the Delete
key.
Utility to help with cleanup:
CCleaner – Removes unused and temporary files from your system.
http://www.filehippo.com/download/l...h/download.html
Malware
There are several free (or free-to-try) utilities available to help rid
your system of unwanted intruders. Always be sure you have the latest
versions and update them immediately before scanning. Also, go through
their configuration options and make sure they are set to properly scan
your system. If you have any questions about these settings, feel free
to ask us.
Must have these:
Ad-Aware SE Personal Edition – Removes ad-supported software components
from your system.
http://www.download.com/Ad-Aware-SE...tml?tag=lst-0-2
Spybot - Search & Destroy – Removes threats to your security and
privacy from your hard disk and Registry.
http://www.download.com/Spybot-Sear...tml?tag=lst-0-1
Pocket Killbox – Use to delete files that refuse to be deleted
normally.
http://bleepingcomputer.com/files/spyware/KillBox.zip
Should have at least one of theses:
CounterSpy – Detects and deletes malicious software from your PC.
http://www.download.com/CounterSpy/...tml?tag=lst-0-1
Ewido (XP users only) – Protects your computer from various threats and
hackers.
http://www.download.com/Ewido-Secur...tml?tag=lst-0-1
Other helpful utilities:
Stinger – Scans data for viruses and objectionable content.
http://www.download.com/Stinger/300...tml?tag=lst-0-1
TrojanHunter – Examines your files, registry, open ports and running
processes to protect against Trojans.
http://trojanhunter.com/
Trojan Remover – Aids in the removal of Trojan Horses and Worms.
http://www.simplysup.com/
Free Online Scans
http://www.kaspersky.com/scanforvirus.html
http://housecall.trendmicro.com/
http://us.mcafee.com/root/mfs/default.asp?cid=9914
http://www.ravantivirus.com/scan/
http://www.bitdefender.com/scan/licence.php
--
dr.nil
------------------------------------------------------------------------
dr.nil's Profile: http://forums.techarena.in/member.php?userid=4402
View this thread: http://forums.techarena.in/showthread.php?t=340571
Visit - http://www.techarena.in | http://forums.techarena.in | http://gallery.techarena.in