Thread: PC Cleaning Procedures & Detection Tools
View Single Post
Join Date: Jul 2004
Posts: 2,964
Reputation: dlh6213 is on a distinguished road 
Solved Threads: 209
Team Colleague
dlh6213 dlh6213 is offline Offline
Posting Maven

PC Cleaning Procedures & Detection Tools

 
0
  #1
Jul 7th, 2005
The first step in ridding your system of unwanted intruders is to protect it from them in the first place. If you haven’t already done so, please review this thread and follow all of the recommended procedures before continuing here:
http://www.daniweb.com/techtalkforums/thread27519.html

Reminder – If your system is simply too infested to effectively clean, or has too many problems related to past infestations or other problems, it may be better to back up all your data, format and install Windows again, so you can have a fresh, clean start.

If you are still having problems with your computer after following the suggestions in this thread, please go to this one to continue the cleanup process:
http://www.daniweb.com/techtalkforums/thread28196.html

In order to view some of the files and folders mentioned here, you will need to set your system up accordingly. Open Windows Explorer, go to Tools, and in Folder Options, select Show hidden files and folders, and uncheck Hide protected operating system files.

You may also need to boot into Safe Mode, the most common way to do this is to reboot your computer, and then repeatedly hit F8 while it's booting up. A menu will be displayed which will give you several options. Select Safe Mode, and press Enter.

Another way to get into Safe Mode is to go to Start, Run, type in msconfig, and then click OK. When the System Configuration Utility window comes up, click the BOOT.INI tab, select SAFEBOOT, and then OK. You will be asked to reboot, and when you do, your system will come up in Safe Mode. When you're finished in Safe Mode, go back to msconfig and remove the checkmark from SAFEBOOT.

A combination of the utilities listed may be required to successfully clean a heavily infested system; if the ones you are using don’t seem to be doing the job, try some of the others. You should also try running them from Safe Mode.

In order to effectively clean your PC:

1.) Follow all the instructions in the Temporary Files section.
2.) Empty the Prefetch folder as explained.
3.) From the Malware section, run both Ad-Aware and Spybot.
4.) Also from the Malware section, run either CounterSpy or Ewido (or both if you like).
5.) In the Free Online Scans section, run at least two of the suggested scans.
6.) If you are still experiencing problems after taking these steps, please go to the thread concerning specific infections.

Temporary Files

Depending on your Operating System, you may, or may not, have all of the folders listed. Please complete the instructions for the ones you do have.

Delete the entire contents of your C:\Windows\Temp folder.

Delete the entire contents of your C:\Temp folder.

Do a search for *.tmp and delete all entries found.

For every User listed under C:\Documents and Settings, delete the entire contents of these folders (not the folders themselves):
Local Settings\Temp
Cookies
History
Local Settings\Temporary Internet Files\Content.IE5

If you have Firefox, open it and go to Tools, Options, and then click on Privacy (padlock icon on the left); click on the Clear All button.

If you use any other browser, clear the History, Cookies, and Cache.

Go to Start, Run, type in cleanmgr, and then click OK. Select the drive your operating system is on (usually C), and check the boxes for Downloaded Program Files (move any files you wish to keep out of this folder first), Temporary Internet Files, Recycle Bin, Temporary Files, Temporary Offline Files, Offline Files, (and Compress old files & Catalog files for the Content Indexer if you wish), and then click OK. Click Yes to confirm you want these files deleted. It may take awhile for this to run, please be patient.

Note: if any of these temporary files cannot be deleted while in normal mode, try Safe Mode. If any still cannot be deleted, use the Pocket Killbox (link below). Please ask for instructions before using this tool!

Prefetch

To increase the startup time of your applications, Windows pre-loads portions of programs in a folder called Prefetch. Malware sometimes imbeds itself in this folder and uses that as their ‘autostart’ mechanism each time you boot.

Since Windows will automatically repopulate the Prefetch folder with valid program entries, emptying the entire contents of the folder won’t do any harm. You can do this by going to C:\Windows\Prefetch; open the Prefetch folder, click on Edit, Select All, and then hit the Delete key.

Utility to help with cleanup:

CCleaner – Removes unused and temporary files from your system.
http://www.filehippo.com/download/51.../download.html

ATF-Cleaner - http://www.atribune.org/content/view/19/2/

CleanUp! - http://www.stevengould.org/software/cleanup/

Malware

There are several free (or free-to-try) utilities available to help rid your system of unwanted intruders. Always be sure you have the latest versions and update them immediately before scanning. Also, go through their configuration options and make sure they are set to properly scan your system. If you have any questions about these settings, feel free to ask us.

Must have these:

Ad-Aware SE Personal Edition – Removes ad-supported software components from your system.
http://www.download.com/Ad-Aware-SE-...ml?tag=lst-0-2

Spybot - Search & Destroy – Removes threats to your security and privacy from your hard disk and Registry.
http://www.download.com/Spybot-Searc...ml?tag=lst-0-1

Windows Defender - Don't laugh, it actually works fairly well. For Windows XP and 2000 systems only.
[URL=http://www.microsoft.com/windows/products/winfamily/defender/default.mspx[/URL]

Pocket Killbox – Use to delete files that refuse to be deleted normally.
http://bleepingcomputer.com/files/spyware/KillBox.zip

Should have at least one of theses:

Spyware Doctor - Very effective antispyware program; fully-functioning free trial version available.
http://www.pctools.com/spyware-doctor/?ref=trial_mgsd

Spy Sweeper - Another very good antispyware package; free trial available.
http://www.webroot.com/consumer/prod...&wt.mcid=mgsdr

CounterSpy – Detects and deletes malicious software from your PC.
http://www.download.com/CounterSpy/3...ml?tag=lst-0-1

Other helpful utilities:

Stinger – Scans data for viruses and objectionable content.
http://www.download.com/Stinger/3000...ml?tag=lst-0-1

TrojanHunter – Examines your files, registry, open ports and running processes to protect against Trojans.
http://trojanhunter.com/

Trojan Remover – Aids in the removal of Trojan Horses and Worms.
http://www.simplysup.com/

Free Online Scans

http://www.kaspersky.com/scanforvirus.html
http://housecall.trendmicro.com/
http://us.mcafee.com/root/mfs/default.asp?cid=9914
http://www.ravantivirus.com/scan/
http://www.bitdefender.com/scan/licence.php
Last edited by crunchie; Jul 4th, 2008 at 7:11 am. Reason: Removed AVG antispyware