Hey there! Just an old tech passing along some good information I made a few years back for the beginner to mid-level. We have used this guide for years with much success in stabilizing XP systems and removing various types of viruses, Trojans, and spyware. I hope the admins will allow this post, I have requested permission from the right people. I just don't know how to make this nice as I am not a web person. Just a PC tech. Hope you find this helpful....
Ultimate Malware Removal Guide
Windows XP Edition
Table of Contents
Page 1 How to determine if you have Malware in your computer?
Page 4 Step One starting your computer in Safe Mode
Page 7 Step Two Disabling Startup Programs and Hidden Processes
Page 10 Step Three Deleting Hidden Cookies and Temporary Internet Files
Page 19 Step Four Scanning for and Removing Malware
Page 20 Closing
One of the secrets of the computer repair industry are virus removals, otherwise known as malware removal, spyware removal, adware removal, malicious software removal and an entire caveat of other variations to that theme. What happens when you bring your computer into a professional computer repair establishment, and how to save money by doing it yourself. Realistically though, which ever strategy you choose there are only a few things you can do once your computer has been infected with a virus, and that is what we will teach you here.
How to determine if you have Malware in your computer?
There are literally thousands of virus variants in the World Wide Web, yet there are a few simple and more importantly FREE techniques you can use to determine if your computer has a virus. With the first being initiate a virus scan in your computer. If you have Norton’s Anti Virus software or some other type of software already installed in your computer, there is a good chance that the virus has mutated upon detection and is now using your computer as a Host. Like a common cold or flu in us humans except with computers, you may notice diminishing performance, unusual behavior, pop-ups or nothing at all.
Nonetheless, what you must do is use another antivirus software program to detect the present threat and begin the process of removing it upon detection. Please keep in mind that there is a great deal of Scareware programs, if you have never heard of these types of programs here is a brief Wikipedia description:
Scareware comprises several classes of scam software, often with limited or no benefit, sold to consumers via certain unethical marketing practices. The selling approach is designed by whom? to cause shock, anxiety, or the perception of a threat, generally directed at an unsuspecting user. Some forms of spyware and adware who? also use Scareware tactics.
A frequently used tactic involves convincing users that a virus has infected their computer, then suggesting that they download (and pay for) antivirus software to remove it. Usually the virus is entirely fictional and the software is non-functional or malware. According to the Anti-Phishing Working Group, the number of scareware packages in circulation rose from 2,850 to 9,287 in the second half of 2008.
Here are a few pictures of common Scareware variants in the wild:
As you can see these programs have the look feel and sound of real antivirus programs, but their primary purpose is to scare you into providing your credit card information and taking your money. If you have a program like these on your computer, you definitely have Malware in your computer.
Other less obvious symptoms include but are not limited to:
Slow or Sluggish performing computer
Unusual un-prompted Pop-ups
Unrequested Web pages Suddenly appearing
Nothing at all
Yes, you read that last one correctly nothing at all Some of the more sophisticated Malware variants are able reside in your computer without showing any obvious signs of infections whatsoever. What you must do to reveal the infection is scan your computer with an antivirus program that is new to your computer, sort of like introducing your body to medication if you are sick. The unsuspecting Malware has a better chance of being detected. Or if you have a more advanced variant, it will disable any antivirus program you try to install (another unfortunate sign of infection)
The objective of this ebook is to show you how to remove Malware the way the professionals do it. Some of the resources the professionals use are readily available to you. As such, let us build a quick tool box of utilities to use:
A really great essential tool to have in removing Malware is to have a Boot CD or DVD. (I prefer a CD as it is more backward compatible with legacy hardware). You can find many on the internet, but the most recommended are:
Two very popular and powerful boot disc utilities that you can use to perform the steps we are about to initiate. Please keep in mind, you may attempt perform the following steps in standard “normal” windows mode. But the results of your scans may not be accurate. Booting to a CD allows you to access your computer’s hard drive with very minimal footprint, while at the same time not activating any Malware that may be residing on your hard drive, triggered by the boot process of Windows.
Our objective here, and throughout this lesson, is to teach you how to suspend and remove this type of malicious software and stabilize your computer so you can get your data backed up and return to your daily computing activities.
We will go into Safe Mode, then the System Configuration Utility and Windows Explorer. These steps are critical in removing Malware, let us begin. Step One starting your computer in Safe Mode
To begin unplug your computer from the internet if you are using a wired internet connection, if you are using wireless; switch your wireless antenna off.
Next if you are in standard mode, you may notice that some of the cookies and temp files will not allow you to delete them. The reason for this is those files are most likely attached to a running process or malicious software program. You will then need to restart your computer in Safe Mode and attempt to delete the undeletable files here is how to boot into Safe Mode.
Completely turn off your computer by whatever method you commonly do. Once your computer is powered off restart it, and tap F8 just <strong>before you see the Windows startup screen:
There are many other steps, programs, methods...etc, that can be included into a malware guide. I designed mine to be as simple, effective, and straight forward as possible. For the most part, it will remove most any infection. If not, then other steps can be taken, but aren't usually necessary. I take no issue with people posting other guides. Though I stand by mine as the most simple and effective.
I respect both of your opinions, but I thought long and hard before posting this guide here. I even asked for permission from Jpishgar prior to posting here.
Just a headsup, this guide was initially not created to compete with any other guides or even for posting. We had used the steps outlined with much success for some time. Although it is a sit down read in length, once you have done each step a few times, the process is fast, effective and thorough to run through. Whether or not the community decides what they think is better or not is of no concern to me as I am in agreement with Aford10 that there are many other ways to accomplish the same goal.
If I wanted to be the most effective and simple I would have made a guide like the following:
1.) Back Up Your Data
2.) Using Recovery Partition or Recovery Disk Restore Your Computer Back to Factory Settings
3.) Run Updates and Intall an Internet Security Suite (Microsoft Security Essentials is Free)
4.) Put Your Data Back into Your Computer
Four simple steps to accomplish the same goal just like Aford10 said.
Nonetheless, as I told jpishgar, I felt it was time to start giving back to the TomsHardware community after gaining so much from it over the years.
If the guide is helpful to you, fantastic.
If it isn't not to worry, there is always an abundant supply of information sources to learn from here.
I can recommend Microsoft Standalone System Sweeper Tool http://connect.microsoft.com/systemsweeper
This software can create a bootable CD/DVD or Flash-Drive with an antivirus solution.
It helps especially when you can no longer boot windows because of malware.