Home
Windows XP Cleaning Procedure - Removal of Spyware PDF Print E-mail
User Rating: / 0
PoorBest 
Written by David Noel-Davies   

This is a brief guide to spyware, malware and adware removal as well as some

basics on how to speed up a potentially slow Windows XP machines

Windows XP Cleaning Procedure


Note: Some programs (like MGtools mentioned later and maybe other tools too) may not run on restricted user accounts so you may need to temporarily change the user account to an admin type account and then complete the scans.



Step 1: Downloading Tools

In this section we are going to download tools we will use. We will install and configure the programs and then run scans at a later point so please only download right now.

Make sure you download the tools to the exact locations specified below in the procedures to avoid problems later. It is not a good idea to download them to any folder within C:\Documents and Settings.) It is also a bad idea to download and save anything you need into any kind of Temp folder. Malware hides in Temp folders and standard cleaning practices will delete everything from Temp folders.


Now download the below tools:

  • combofix.exe
    • Important Notes:
      • you MUST save this to your Desktop
      • If you are running Kaspersky antivirus, it may popup warnings about combofix.exe and catchme.exe being infected as Heur.Invader. These are false indications. You must tell Kaspersky to Skip or Ignore these and let ComboFix run.
  • SpyBot - Search & Destroy
  • AVG Anti-Spyware
  • MGtools.exe - DO NOT DOWNLOAD THIS TO YOUR DESKTOP! It is critical that you save this file to the root folder of the drive where you have installed Windows (Typically this would be C:\ and thus you would have a C:\MGtools.exe file after downloading)

Step 2: Installing Tools and Running Scans

  • Now run ComboFix by double clicking the combofix.exe & follow the prompts.
    • When finished, it will produce a log ( C:\combofix.txt ) for you.
    • Note: Do not mouseclick combofix's window while it is running. That may cause it to stall.
  • Now follow the directions in the below link for running MGtools It also explains possible reasons for not being able to run MGtools

Step 3: Toggle System Restore

  • You only need to Toggle system restore if malware had been found during the cleaning procedures. If no malware was found, there are no infected restore points to worry about, thus you can skip to the next step.
  • Once you are sure all malware problems have been removed follow the below steps:
    • Disable System Restore
    • Now reboot your PC
    • Now Enable System Restore using the same link as above

Why we toggle System Restore!

If you have been infected with any trojans, spyware, etc, they could have been saved in System Restore and are waiting to re-infect you. Since System Restore is a protected directory, your tools can not access it to delete files that may contain viruses. Even though your tools may say they are deleting them, they are not! The reason for doing this after your system has been completely cleaned of problems, is so we can remove possible infected restore points. When you disable system restore, it removes restore points!

 

We only toggle System Restore after you are clean because keeping even infected restore points around while we are fixing things may prove useful if something goes wrong during the process. An infected restore point could be better than none at all!

 

Comments
Add New Search RSS
Write comment
Name:
Email:
 
Website:
Title:
UBBCode:
[b] [i] [u] [url] [quote] [code] [img] 
 
 
:angry::0:confused::cheer:B):evil::silly::dry::lol::kiss::D:pinch:
:(:shock::X:side::):P:unsure::woohoo::huh::whistle:;):s
:!::?::idea::arrow:
 
Please input the anti-spam code that you can read in the image.

3.26 Copyright (C) 2008 Compojoom.com / Copyright (C) 2007 Alain Georgette / Copyright (C) 2006 Frantisek Hliva. All rights reserved."
 
< Prev   Next >
[ Back ]

Sections

Site Statistics

Visitors: 50529

Who's Online

We have 2 guests online
Your Ad Here