www.comprxomaha.com

We Keep Computers Healthy, CompRx Computer Services, Omaha Nebraska, we provide computer repair, network support, training/tutoring, programming, and website design. Help My Pc Computer Service Omaha

 
 

Malware Removal Guide

Posted on Sunday, April 12th, 2009

     Malware (Spyware, Adware, Trojans, Viruses) are every increasing in their frequency, and abilities to disguise themselves. The Following is a guide that will help you to remove many of the most common problems, and allow us to help you most efficiently. It may look daunting, but shouldn’t take long to complete.

     Please follow these instructions to the end. If you fail to complete these instructions fully, your system may not be completely clean, and it may be vulnerable to future infections.

Preparation :

ATF Cleaner – Download

     This will remove unneeded temporary files from your system, make automated scans that follow run faster, and save you time.

  1. Double-click ATF-Cleaner.exe to run the program.
  2. Under Main choose: Select All
  3. Click the Empty Selected button.
    1. If you use the Firefox browser
      • Click Firefox at the top and choose: Select All
      • Click the Empty Selected button.
        NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.

System Restore (Windows Vista, XP and ME)

     This ensures there’s a valid system restore point, in case it’s needed.

    Create a New System Restore Point:

    1. Download http://www.dougknox.com/xp/utils/SysRestorePoint_v13.zip to your desktop and unzip it to it’s own folder.
    2. Double click SysRestorePoint.exe so that we can make a new system restore point.
    3. A box will pop up after it has made a new point, usually after a few seconds. Close that window and exit the program.

ERUNT -Download

     This ensures we have a valid registry backup. http://www.geekstogo.com/forum/Backing-Up-Registry-Using-ERUNT-t208859.html (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore if needed. Removing modern malware infections often requires making changes to the registry, and a corrupt registry can prevent a system from booting. Compatible with Windows NT, 2000, 2003, XP, Vista, 32 & 64-bit versions.

  1. Download
  2. Double-click erunt_setup.exe to run.
  3. Follow the prompts and install using the default configuration (setup language, install location, shortcuts…).
  4. Say No to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later.
  5. Start ERUNT
  6. Choose a location for the backup
    The default location C:\WINDOWS\ERDNT\[today's date] is preferred
  7. The first two check boxes are ticked by default (System registry and Current user registry).
  8. Press OK
  9. When prompted, click YES to create a new folder.
  10. Progress bars will show backup status.
  11. A confirmation window will popup when complete. Click OK to close.

System Settings

     If you have anything disabled by MSConfig or any other startup manager, please re-enable them before running any scans.

Windows Notepad will be used to view logs, and copy/paste the results. By default “Word Wrap” is disabled. However, since Word Wrap interferes with the formatting of the logs, please be sure it’s disabled. When notepad is open, click “Format” on menu bar, and ensure “Word Wrap” is NOT ticked by a checkmark.

Step One: Scan for Spyware/Adware

Malwarebytes’ Anti-Malware Download (for Windows 2000, XP, Vista ONLY)

     Malwarebytes’ Anti-Malware is very good at removing the zlob trojan, virtumonde, and most other current infections. This single tool has replaced multiple tools that have been required in the past.

  1. Double-click mbam-setup.exe and follow the prompts to install the program.
  2. At the end, confirm a checkmark is placed next to the following:
    • Update Malwarebytes’ Anti-Malware
    • Launch Malwarebytes’ Anti-Malware
  3. Then click Finish.
  4. If an update is found, it will download and install the latest version.
  5. Once the program has loaded, select Perform quick scan, then click Scan.
  6. When the scan is complete, click OK, then Show Results to view the results.
  7. Be sure that everything is checked, and click Remove Selected.
  8. When completed, a log will open in Notepad. The rogue applications should now be gone.

Step Two: Viruses/Trojans

     Even the best antispyware programs are only able to remove about 70% of infections. Also, the line between spyware and viruses/trojans is getting blurred. Everyone should have an antivirus application installed on their system. If you don’t have an antivirus installed, or if the subscription for yours has expired, see our recommendations for replacement at our downloads page.

If you install an antivirus application, please run a full system scan immediately.
Important note: CompRx highly recommends uninstalling any existing antivirus software BEFORE installing another antivirus application. Antivirus programs often conflict and can cause system slowdowns, crashes, or even leave you unprotected. Only ONE should be installed on a system at any time.

Step Three: Windows Updates

Windows Update – http://www.windowsupdate.com/

An unprotected, unpatched Windows XP installation will get infected within minutes of connecting to the Internet.

Step Four: Reboot – Test

The steps above will completely clear malware from the majority of systems. Test your system to see how it’s working.

If you are still having issues Contact Us

Share/Save This:

Leave a Reply