Effective Spyware removal procedures?
I need working solutions that can get the job done in the fastest time.
So far I've come up with the following - and want to know if anyone has other spyware prevention / removal software (freeware), or procedures that you use to rid a seriously infected PC of all the garbage?
1) Backup the registry
2) Disable System Restore
3) Install Spybot, Ad-Aware, and AVG Anti-virus
(If you can get to the Internet - do the following)
a) Run Windows Updates for all critical updates
b) Run the updates for Spybot , Ad-Aware and AVG
4) Look through the Add/Remove Programs list to see what 'known' apps should be uninstalled (sometimes not possible without Internet access).
Note:
If there are a 'lot' of junk programs:
a) Change 'folder options' to 'show hidden files'
b) Turn off 'Hide protected operating system files'
c) Get rid of whatever is in the Windows Temp directory
d) Go through all users' 'Local Settings' directories to clean out the 'Temp' & 'Internet Files' including History
5) Run msconfig and disable all 'startup' options
6) Reboot to Safe Mode
7) Run Ad-Aware and Spybot with advanced features and remove whatever is found (run again on startup)
Use regedit to look in the 'Run' section and clean it up if necessary.
9) Reboot to Normal
- if not already available, establish an Internet connection
- get updates if not already done
- reboot to Safe mode and rerun each program again
10) Run AVG
11) Run Trend Micro's free 'Housecall' scan
12) Restore msconfig to it's previous state
13) Turn on System Restore and create a new restore point
14) Clean up the computer with Symantec's System Works
15) Run defrag
It takes me 2 - 3 hours, just to complete this procedure... but I think it's necessary. On the other hand, I wonder if $130 to $200 for this thorough of a job is really necessary - when they'll probably have it gunked up again in less than a month (without some software / education)
Any recommendations, additions, comments or suggestions :
ps: thanks RussS for your input!
I have a lab machine with a very long IDE & power cables that I use to hook up to the drive of the infected machine without needing to remove it from its case. On my lab machine I run NAV as the main one, but also have several others installed in case I have issues that I can't resolve.
So far I've come up with the following - and want to know if anyone has other spyware prevention / removal software (freeware), or procedures that you use to rid a seriously infected PC of all the garbage?
1) Backup the registry
2) Disable System Restore
3) Install Spybot, Ad-Aware, and AVG Anti-virus
(If you can get to the Internet - do the following)
a) Run Windows Updates for all critical updates
b) Run the updates for Spybot , Ad-Aware and AVG
4) Look through the Add/Remove Programs list to see what 'known' apps should be uninstalled (sometimes not possible without Internet access).
Note:
If there are a 'lot' of junk programs:
a) Change 'folder options' to 'show hidden files'
b) Turn off 'Hide protected operating system files'
c) Get rid of whatever is in the Windows Temp directory
d) Go through all users' 'Local Settings' directories to clean out the 'Temp' & 'Internet Files' including History
5) Run msconfig and disable all 'startup' options
6) Reboot to Safe Mode
7) Run Ad-Aware and Spybot with advanced features and remove whatever is found (run again on startup)
Use regedit to look in the 'Run' section and clean it up if necessary.
9) Reboot to Normal
- if not already available, establish an Internet connection
- get updates if not already done
- reboot to Safe mode and rerun each program again
10) Run AVG
11) Run Trend Micro's free 'Housecall' scan
12) Restore msconfig to it's previous state
13) Turn on System Restore and create a new restore point
14) Clean up the computer with Symantec's System Works
15) Run defrag
It takes me 2 - 3 hours, just to complete this procedure... but I think it's necessary. On the other hand, I wonder if $130 to $200 for this thorough of a job is really necessary - when they'll probably have it gunked up again in less than a month (without some software / education)
Any recommendations, additions, comments or suggestions :
ps: thanks RussS for your input!
I have a lab machine with a very long IDE & power cables that I use to hook up to the drive of the infected machine without needing to remove it from its case. On my lab machine I run NAV as the main one, but also have several others installed in case I have issues that I can't resolve.
Give me courage to change the things I can
Serenity to accept the things I can't
The wisdom to know the difference
(and if all else fails - FDISK! it)
Serenity to accept the things I can't
The wisdom to know the difference
(and if all else fails - FDISK! it)
Comments
-
RussS Member Posts: 2,068 ■■■□□□□□□□I should have also mentioned that I keep programs and update files on both a menory stick and also a CDR so that if I do not have internet access I can install the tools I need - I update both weekly.
As you get a little more sorted with this you will find 1 - 1.5 hrs is enough to do the job (that includes multiple scans).www.supercross.com
FIM website of the year 2007 -
Ghent Member Posts: 310Do a google search for a free app called Procexp. It show's every process currently active on your system, allows you terminate it (system process or not, it's going to die..), and has the added bonus of showing you every reg key, and program file associated with that process. This is the only way to go for those really nasty spyware apps that have a locked actively running copy that re-installs the files prior to shutdown after you've removed it.Prais'd be the fathomless universe, for life and joy, and for objects and knowledge curious.' Whalt Whitman
-
skully93 Member Posts: 323 ■■■□□□□□□□Ghent wrote:Do a google search for a free app called Procexp. It show's every process currently active on your system, allows you terminate it (system process or not, it's going to die..), and has the added bonus of showing you every reg key, and program file associated with that process. This is the only way to go for those really nasty spyware apps that have a locked actively running copy that re-installs the files prior to shutdown after you've removed it.
Hrmm....I think that will have to be added to my utilities CD. Those REG keys will get you every darn time.I do not have a psychiatrist and I do not want one, for the simple reason that if he listened to me long enough, he might become disturbed.
-- James Thurber -
sab4you Member Posts: 66 ■■□□□□□□□□1) Install ActiveX spyware blocking as prevention
http://www.spywareguide.com/blockfile.php
2) Run Spyware software spybot, ad-aware, whatever you like or multiple
3) check "windows\downloaded program files" for unknown browser add-ons (BSO)
4) add/remove software
This shouldnt even be a step:
5) Always be running up to date antivirus and software firewall.