How to Properly Clean your PC

How to Properly Clean your PC

By Richard Young and Wayne Liggan

 

 

Table of Contents

 

1.      Understanding the problem                             (pg 3)

2.      How the infections happen                               (pg 4)

3.      Symptoms                                                           (pg 6)

4.      What is a Virus                                                   (pg 7)

5.      What is Spy ware                                               (pg 8)

6.      Identity theft and Fraud                                   (pg 11)      

7.      What is Ad-ware                                                (pg 12)

8.      What is a Desktop Hi-jack                                (pg 14)

9.      What is a Browser Hi-jack                               (pg 14)

10.    Where to begin for all computers                   (pg 15)

11.    Preparing Windows XP and Vista                 (pg 16)

12.    Safe Mode for windows XP                             (pg 17)

13.    Safe Mode for Windows Vista                        (pg 19)

14.    List of Spyware/Malware Applications         (pg 21)

15.    Add/Remove Programs Windows XP           (pg 25)

16.    Add/Remove Programs Windows Vista       (pg 30)

17.    Enable Administrator Account in Vista        (pg 35)

18.    Disabling the UAC in Vista                             (pg 37)

19.    Using MSConfig in Windows XP                    (pg 39)

20.    Using MSConfig in Windows Vista                (pg 40)

21.    Disabling System Restore Windows XP        (pg 44)

22.    Disabling System Restore Windows Vista    (pg 46)

23.    Taking Ownership of Windows Vista             (pg 48)

24.    Preparing XP to remove Hidden files            (pg 55)

25.    Preparing Vista to remove Hidden files        (pg 59)

26.    Removing Hidden Temp Files in XP             (pg 62)

27.    Removing Hidden Temp Files in Vista          (pg 67)

28.    Remove additional common Hidden files     (pg 70)

29.    Resetting Internet Explorer 6 and 7              (pg 76)

30.    Software tools to clean your computer         (pg 80)               

31.    Using ATF                                                          (pg 81)

32.    Using Stinger                                                     (pg 83)

33.    Using Rouge Remover                                     (pg 84)

34.    Using RNIS                                                        (pg 89)

35.    Using Fix_IE_DEF                                           (pg 90)

36.    Using Alexa                                                        (pg 91)

37.    Using MSN Cleaner                                          (pg 92)      

38.    Flash and USB Drive Disinfector                   (pg 94)

39.    Using SpyBlaster                                              (pg 95)

40.    Using SmitFraud FIX                                       (pg 101)

41.    Using Xcleaner                                                  (pg 106)

42.    Using Malware Bytes                                        (pg 113)

43.    Using CCleaner                                                 (pg 122)

44.    Using CWShredder                                           (pg 127)

45.    Using Spybot S&D                                            (pg 129)

46.    Using VundoFix                                                (pg 139)

47.    Using Hijack This                                              (pg 141)

48.    Using SD-Fix                                                     (pg 143)

49.    Using Windows Defender                                (pg 146)

50.    Using AD-Aware SE Free                               (pg 150)

51.    Using AVG Free 8.0                                         (pg 160)

52.    Using Fix Ware                                                  (pg 171)

53.    Using Combo Fix                                               (pg 174)

54.    Using Anti_Malware by A2_                 ____ (pg 178)

55.    Using BO_Clean_____________________ (pg 191)

56.__Using_Decrapifier____________________ (pg 209)

 

Legal Disclaimer: This guide is intended to guide you through a system cleaning of your computer. By use of this guide I am not responsible for any user of this guide for any lost or missing data due to miss-clicks or hardware failure, I further more assume no responsibility for the inexperience of any user when it come to understanding or the proper use of this guide.  I have created this guide so you as the user would have a process to use to remove any unwanted infections from your computer and I have taken every step to try to make this as accurate as possible.

 

 

 

 

Understanding the Problem

 

          Here is the problem, with today’s technology and the combination of hi-speed Internet access you are being overwhelmed with Viruses, Spyware, Adware, desktop and browser hijacks. These types of infection will cause your computer to run slow and sometimes become unusable. This is obviously a problem because it can lead to costly repairs, data loss; file corruption, Identity theft, popup, and much more. I have seen in many cases where people literally throw away perfectly fine computers just to be infected again.

Another problem is that many of these infections are just vicious ways to get you to buy some software that promises to alleviate your problems and keep your system free from infections. Sadly this is not the case; in most instances these programs will cause more problems. People will spend hours upon hours calling various technical support help lines and end up with nothing but a distained taste in there mouth and no resolution. I have also seen where a person will talk to the computer manufacturer helpdesk and will blindly follow the instructions given to them, (by someone reading from a manual) usually by someone who is not a computer technician, just to end up having there computer formatted and restored to original factory setup. This is also a problem because now that person has just lost ALL of the programs, data files, financial records, music, and most importantly family pictures.

There are ways to protect you and yet not many people do. So what are people to do? They search the Internet for a solution. I will say that there is quite a bit of help online and most of the help is by technicians who just like the satisfaction a being able to fix hard to resolve issues. There is also a lot of misinformation out there as well. When you do a search and find a link to a web page that promises to get rid of a problem well, what you get is someone wanting you to download a program. Fine, you download the program and when it finishes a popup comes up telling you it will cost 29.95 to remove the 500 items it found. Guess what, you are still infected with 2000 more types of infections. Where does it end? It doesn’t. In this guide, I will tell you how to remove all of the computer infections and how to prevent them from happening again.

 

 

 

How the infections happen

         

          The most common question I get is “How did this Happen”? I just smile and start to explain. There are 6 ways you get the infections in your computer.

 

1st

 

          The first way is through E-Mail. This I am sure has happened to just about everyone. You receive an E-Mail with some cool, unique title or familiar subject and you are enticed to open it. That did it. You are now infected. It may sound like it cannot be that easy to get infected but it is. I am sure that you have a friend that sends you crazy and wacky E-Mails because he or she finds it amusing and forwards it on to you. That E-Mail redirects you to a website and you view the animation or listen to the funny songs and close out. Well, while you were viewing the show, a program was being downloaded to your computer in the background and next time you restart your computer the popups start pouring in. You should refrain from opening any E-Mails that, either, you are not expecting, or you don’t know who the sender is.

 

          A brief note about SPAM, if you are already getting 400 E-Mails a day, well, get a new E-Mail Address. One of the best ways to stop and prevent SPAM is to consult with your ISP (Internet Service Provider) and get help setting up a SPAM filter. If you are starting to get SPAM and you do open it usually, at the bottom, there is a link that says “ If you no longer wish to receive future Emails Click Here” guess what, no more E-Mail from them, but now you receive ten from other sources. This is because you have just verified that the E-Mail Address you have is active, this means the company that you have unregistered with just sold your E-Mail and you will start to receive more SPAM. The other way to help prevent SPAM is JUST DELETE any unwanted E-Mail. By deleting unopened and unwanted E-Mail you will dramatically reduce your SPAM and computer infections. A very good way to limit your SPAM is have two E-Mail Addresses, the 1st E-Mail for your Family and friends and a 2nd that you use to register on websites with. Having an E-Mail Address for the sole purpose of registering with websites will save you many headaches.

 

 

 

2nd

 

          The second most common way is visiting Adult sites. These sites without a doubt are the most common sites viewed. Like any other sites out there many of them are reputable (as far as Adult sites go) but, the majority of them are filled with viruses just waiting to be download because someone wants to view the latest movie star naked. Avoiding these sites is always a good idea.

 

3rd

 

          Music sites and Music sharing software is a very big issue. Many people have downloaded a song or two from the web, who hasn’t. Well here it is, what happens is attached to the song or movie file that you just downloaded is a virus. I cannot say for sure but I believe that one of the ways the entertainment industry is fighting piracy is backdoor deals where they will pay someone to attach a virus to a song and up load it to a computer for sharing. This is most commonly done through Programs like Kazaa, Napster, Bear share, and Emule. This software after it is installed will open up a port on your computer that allows other people to connect to your computer and copy music or video you have stored on your computer. This is illegal according to US copy write laws; also having an open port opens the doors to your computer for hackers. Because you now have an open port on your computer this port can be used to gain access to your computer, which can also lead to Identity theft.

 

4th

 

          Game cheat code sites a very popular with the teenagers. These sites are geared to unsuspecting kids who don’t know any better. These sites will offer cheat codes for the Sony Play station or XBOX games. The kids may be able to defeat the galaxy in god mode or unlock all the racing cars but have just totally infested you computer with viruses and Spyware. Definitely stay away from the sites.

 

 

 

 

 

5th

Gambling Sites, although mostly legitimate, are very popular and are a breading ground for Adware, Malware, and Viruses. Those pop-ups that everybody hates can usually be attributed to these sites.

                                     

6th

          The last common way is just simply browsing the Internet. How many times have you typed in a web address incorrectly and have been brought to something different than what you expected. Many of the Internets advertising companies will purchase web sites similar to popular sites knowing the www.eba.com will be typed instead of www.ebay.com. This brings you to the never-ending web page and 100’s of popups. If you have favorite sites use the favorites feature built into your browser this will help you in the end from the mistypes.

 

Symptoms of Infection

 

          Remember the day you had gotten your new computer?  How everything worked perfectly and all of the programs opened up fast. Today it takes ten minutes just to start up the computer and if you click on a program you leave, do the wash, make the bed, have a cup of coffee just to find you are still 5minutes away from being able to use that program. That is a symptom.

 

          If your computer:

1.       Take’s more than a couple of minutes to boot up

2.       In the bottom right corner of your screen you see more than 5 or 10 icons

3.       You get popups

4.       The computer is slow

5.       Programs stop working

6.       You cannot get online

7.       The homepage you use to have is something else

8.       The Desktop wall paper has changed to some sort of security warning

9.       You have toolbars that you don’t know where they came from

10.     Icons on your desktop for either adult or gambling sites

11.     Cannot boot into Windows normally and only goes into safe mode

 

These are signs that your computer is infected and needs to be cleaned!!!!

         

 

What is a virus?

 

A virus is a type of program that can replicate itself by making (possibly modified) copies of itself. The main criterion for classifying a piece of executable code as a virus is that it spreads itself by means of 'hosts'. A virus can only spread from one computer to another when its host is taken to the uninfected computer, for instance by a user sending it over a network or carrying it on a removable medium. Additionally, viruses can spread to other computers by infecting files on a network file system or a file system that is accessed by another computer. Viruses are sometimes confused with worms. A worm, however, can spread itself to other computers without needing to be transferred as part of a host. Many personal computers are now connected to the Internet and to local-area networks, facilitating their spread. Today's viruses may also take advantage of network services such as the World Wide Web, e-mail, and file sharing systems to spread, blurring the line between viruses and worms.

Viruses can infect different types of hosts. The most common targets are executable files that contain application software or parts of the operating system. Viruses have also infected the executable boot sectors of floppy disks, script files of application programs, and documents that can contain macro scripts. Additionally, viruses can infect files in other ways than simply inserting a copy of their code into the code of the host program. For example, a virus can overwrite its host with the virus code, or it can use a trick to ensure that the virus program is executed when the user wants to execute the (unmodified) host program. Viruses have existed for many different operating systems, including MS-DOS, AmigaOS, Mac OS and even Linux; however, the vast majority of viruses affect Microsoft Windows.

A legitimate application program that can copy itself as a side-effect of its normal function (e.g. backup software) is not considered a virus. Some programs that were apparently intended as viruses cannot self-replicate, because the infection routine contains bugs. For example, a buggy virus can insert copies of itself into host programs, but these copies never get executed and are thus unable to spread the virus. As long as at least some of the copies are able to make copies of themselves, they are still considered viruses; otherwise they are referred to as intended viruses.

 

 

 

 

What is Spyware / Malware

 

Malicious websites may attempt to install spyware on readers' computers. Here, a spam blog triggers a pop-up that offers spyware in the disguise of a security upgrade.

Spyware is a broad category of malicious software designed to intercept or take partial control of a computer's operation without the informed consent of that machine's owner or legitimate user. While the term taken literally suggests software that surreptitiously monitors the user, it has come to refer more broadly to software that subverts the computer's operation for the benefit of a third party.

Spyware differs from viruses and worms in that it does not usually self-replicate. Like many recent viruses, however, spyware is designed to exploit infected computers for commercial gain. Typical tactics furthering this goal include delivery of unsolicited pop-up advertisements; theft of personal information (including financial information such as credit card numbers); monitoring of Web-browsing activity for marketing purposes; or routing of HTTP requests to advertising sites.

As of 2005, spyware has become one of the pre-eminent security threats for computers running Microsoft Windows operating systems. Some malware on the Linux and Mac OS X platforms has behavior similar to Windows spyware, but to date has not become anywhere near as widespread.

Spyware, "adware", and tracking

The term adware frequently refers to any software which displays advertisements, whether or not it does so with the user's consent. Programs such as the Eudora mail client display advertisements as an alternative to shareware registration fees. These classify as "adware" in the sense of advertising-supported software, but not as spyware. They do not operate surreptitiously or mislead the user.

Many of the programs frequently classified as spyware function as adware in a different sense: their chief observed behavior consists of displaying advertising. Clarian Corporation's Gator Software provides an example of this sort of program. Visited Web sites frequently install Gator on client machines in a surreptitious manner, and it directs revenue to the installing site and to Claria by displaying advertisements to the user. The user's experience is that their computer begins displaying a large number of pop-up advertisements.

 

 

Other spyware behaviors, such as reporting on websites the user visits, frequently accompany the displaying of advertisements. Monitoring web activity aims at building up a marketing profile on users in order to sell "targeted" advertisement impressions. The prevalence of spyware has cast suspicion upon other programs that track Web browsing, even for statistical or research purposes. Some observers describe the Alexa Toolbar, an Internet Explorer plug-in published by Amazon.com, as spyware (and some anti-spyware programs report it as such) although many users choose to install it!

Effects and behaviors

 

Spyware rarely comes alone: an affected computer can rapidly become infected with large numbers of spyware components. Users frequently notice unwanted behavior and degradation of system performance. A spyware infestation can create significant unwanted CPU activity, disk usage, and network traffic -- slowing down legitimate uses of these resources. Stability issues -- application or system crashes -- are also common. Spyware which interferes with the networking software commonly causes difficulty connecting to the Internet.

When Microsoft Windows users seek technical support -- whether from computer manufacturers, Internet service providers, or other sources -- spyware infection emerges as the most common cause. In many cases, the user has no awareness of spyware and assumes that the system performance, stability, and/or connectivity issues relate to hardware, to Microsoft Windows installation problems, or to a virus. Some owners of badly infected systems resort to buying an entire new computer system because the existing system "has become too slow". For badly infected systems, a clean reinstall may be required to restore the system to a working order; a time-consuming project even for experienced users.

Only rarely does a single piece of software render a computer unusable. Rather, a computer rarely has only one infection. As the 2004 AOL study noted, if a computer has any spyware at all, it typically has dozens of different pieces installed. The cumulative effect, and the interactions between spyware components, typically causes the stereotypical symptoms reported by users; a computer which slows to a crawl, overwhelmed by the many parasitic processes running on it. Moreover, some types of spyware disable software firewalls and anti-virus software, and reduce browser security settings, opening the system to further opportunistic infections, much like an immune deficiency disease. There are also documented cases where a spyware program disabled other spyware programs created by the competitors.

 

Some other types of spyware (Targetsoft, for example) modify system files to make themselves harder to remove. (Targetsoft modifies the Winsock (Windows Sockets) files. The deletion of the spyware-infected file "inetadpt.dll" will interrupt normal networking usage.) Unlike many other operating systems, a typical Windows user has administrator-level privileges on the system, mostly for the sake of convenience. Because of this, any program which the user runs, intentionally or not, has unrestricted access to the system. Spyware, along with other threats, has led some Windows users to move to other platforms such as Linux or Apple Macintosh, which such malware targets far less frequently.

"Stealware" and affiliate fraud

A few spyware vendors, notably When and 180 Solutions, have written what the New York Times has dubbed "Stealware", and what spyware-researcher Ben Edelman terms affiliate fraud, also known as click fraud. These redirect the payment of affiliate marketing revenues from the legitimate affiliate to the spyware vendor.

Affiliate marketing networks work by tracking users who follow an advertisement from an "affiliate" and subsequently purchase something from the advertised Web site. Online merchants such as eBay and Dell are among the larger companies which use affiliate marketing. In order for affiliate marketing to work, the affiliate places a tag such as a cookie or a session variable on the user's request, which the merchant associates with any purchases made. The affiliate then receives a small commission.

Spyware which attacks affiliate networks does so by placing the spyware operator's affiliate tag on the user's activity -- replacing any other tag, if there is one. This harms just about everyone involved in the transaction other than the spyware operator. The user is harmed by having their choices thwarted. A legitimate affiliate is harmed by having their earned income redirected to the spyware operator. Affiliate marketing networks are harmed by the degradation of their reputation. Vendors are harmed by having to pay out affiliate revenues to an "affiliate" who did not earn them according to contract.

Affiliate fraud is a violation of the terms of service of most affiliate marketing networks. As a result, spyware operators such as WhenU and 180 Solutions have been terminated from affiliate networks including Link Share and Share Sale.

 

Identity theft and fraud

 

In one case, spyware has been closely associated with identity theft. In August 2005, researchers from security software firm Sunbelt Software believed that the makers of the common CoolWebSearch spyware had used it to transmit "chat sessions, user names, passwords, bank information, etc.", but it turned out that "it actually is its own sophisticated criminal little Trojan that’s independent of CWS." This case is currently under investigation by the FBI.

Spyware-makers may perpetrate another sort of fraud with dialer program spyware: wire fraud. Dialers cause a computer with a modem to dial up a long-distance telephone number instead of the usual ISP. Connecting to the number in question involves long-distance or overseas charges, this can result in massive telephone bills, which the user must either pay or contest with the telephone company. Dialers are somewhat less effective today, now that fewer Internet users use modems.

Spyware and cookies

Anti-spyware programs often report Web advertisers' HTTP cookies as spyware. Web sites (including advertisers) set cookies — small pieces of data rather than software — to track Web-browsing activity: for instance to maintain a "shopping cart" for an online store or to maintain consistent user settings on a search engine.

Only the Web site that sets a cookie can access it. In the case of cookies associated with advertisements, the user generally does not intend to visit the Web site which sets the cookies, but gets redirected to a cookie-setting third-party site referenced by a banner ad image. Some Web browsers and privacy tools offer to reject cookies from sites other than the one that the user requested.

Advertisers use cookies to track people's browsing among various sites carrying ads from the same firm and thus to build up a marketing profile of the person or family using the computer. For this reason many users object to such cookies, and anti-spyware programs offer to remove them.

 

What is Adware?

 

Adware or advertising-supported software is any software package which automatically plays, displays, or downloads advertising material to a computer after the software is installed on it or while the application is being used.

          Many spyware programs reveal themselves visibly by displaying advertisements. Some programs simply display pop-up ads on a regular basis -- for instance, one every several minutes, or one when the user opens a new browser window. Others display ads in response to specific sites that the user visits. Spyware operators present this feature as desirable to advertisers, who may buy ad placement in pop-ups displayed when the user visits a particular site. It is also one of the purposes for which spyware programs gather information on user behavior.

Pop-up advertisements lead to some of users' most common complaints about spyware. The first is simply that the computer can become overwhelmed downloading or displaying ads. An infected computer rarely has only one spyware component installed -- they more often number in the dozens -- and so while a single program might display ads only infrequently, the cumulative effect is overwhelming.

Many users complain about irritating or offensive advertisements as well. As with many banner ads, many spyware advertisements are animated, flickering banners designed to catch the eye -- that is, they are highly visually distracting. Pop-up ads for pornography are often displayed indiscriminately, including when children are using the computer -- possibly in violation of laws on the subject.

A further issue in the case of some spyware programs has to do with the replacement of banner ads on viewed web sites. Spyware which acts as a web proxy or a Browser Helper Object can replace references to a site's own advertisements (which fund the site) with advertisements which instead fund the spyware operator. This cuts into the margins of advertising-funded Web sites.

Application

Adware is software integrated into or bundled with a program. It is usually seen by the programmer as a way to recover programming development costs, and in some cases it may allow the program to be provided to the user free of charge or at a reduced price. The advertising income may allow or motivate the programmer to continue to write, maintain and upgrade the software product.

 

Some adware is also shareware, and so the word may be used as term of distinction to differentiate between types of shareware software. What differentiates adware from other shareware is that it is primarily advertising-supported. Users may also be given the option to pay for a "registered" or "licensed" copy to do away with the advertisements.

 

There are concerns about adware because it often takes the form of spyware, in which information about the user's activity is tracked, reported, and often re-sold, often without the knowledge or consent of the user. Of even greater concern is malware, which may interfere with the function of other software applications, in order to force users to visit a particular web site.

It is not uncommon for people to confuse "adware" with "spyware" and "malware", especially since these concepts overlap. For example, if one user installs "adware" on a computer, and consents to a tracking feature, the "adware" becomes "spyware" when another user visits that computer, and interacts with and is tracked by the "adware" without their consent.

Spyware has prompted an outcry from computer security and privacy advocates, including the Electronic Privacy Information Center. Often, spyware applications send the user's browsing habits to an adserving company, which then targets adverts at the user based on their interests. Kazaa and eXeem are popular programs which incorporate software of this type.

Adware programs other than spyware do not invisibly collect and upload this activity record or personal information when the user of the computer has not expected or approved of the transfer, but some vendors of adware maintain that their application which does this is not also spyware, due to disclosure of program activities: for example, a product vendor may indicate that since somewhere in the product's Terms of Use there is a clause that third-party software will be included that may collect and may report on computer use, that this Terms of Use disclosure means the product is just adware.

A number of software applications are available to help computer users search for and modify adware programs to block the presentation of advertisements and to remove spyware modules. To avoid a backlash, as with the advertising industry in general, creators of adware must balance their attempts to generate revenue with users' desire to be left alone.

 

 

What is a Desktop Hijack?

 

          A desktop Hijack is program usually hidden in your active desktop as either a screen background Image or web image. The problem with this is that once you are infected, the script to use this function disables the ability to adjust your desktop appearance and settings.

 

 

What is a Browser Hijack?

 

A Browser Helper Object (BHO) is a DLL module designed as a plugin for Microsoft's Internet Explorer web browser to provide added functionality. BHOs were introduced in October 1997 with the release of version 4 of Internet Explorer. Most BHOs are loaded once by each new instance of Internet Explorer. However, in the case of the Windows File Explorer, a new instance is launched for each window.

Some modules enable the display of different file formats not ordinarily interpretable by the browser. The Adobe Acrobat plugin that allows Internet Explorer users to read PDF files within their browser is a BHO.

Other modules add toolbars to Internet Explorer, such as the Alexa Toolbar that provides a list of web sites related to the one you are currently browsing, or the Google Toolbar that adds a toolbar with a Google search box to the browser user interface.

 

However, the BHO API exposes hooks that allow the BHO to access the Document Object Model (DOM) of the current page and to control navigation. Because BHOs have unrestricted access to the Internet Explorer event model, some forms of malware have also been created as BHOs. For example, the Download.ject exploit installed a BHO that would activate upon detecting a secure HTTP connection to a financial institution, record the user's keystrokes (intending to capture passwords) and transmit the information to a website used by Russian computer criminals. Other BHOs such as the MyWay Searchbar track users browsing patterns and pass the information they record to third-parties.

In response to the problems associated with BHOs and similar extensions to Internet Explorer, Microsoft added an Add-on Manager to Internet Explorer with the release of Service Pack 2 for Windows XP. This displays a list of all installed BHOs, Browser Extensions and ActiveX controls, and allows the user to enable or disable them at will.

For users that are not using Windows XP, there exist free tools (such as BHODemon) that list installed BHOs and allow the user to disable malicious extensions.

 

Where to begin for all computers?

 

            On all Windows based computers some steps need to be taken to ensure that the computer cleaning goes as well as possible. The way to do this is to manually remove Any programs that may be installed on the computer, Removal of the start up programs that execute when your first start your computer, Removal of temporary files and temporary internet files, cookies, history, and hidden temporary files. Disabling of the Windows System Restore, and resetting your internet explorer options to default. To properly clean a pc you need to follow the steps outlined in this guide. If you connect to the internet Via AOL or DSL there will be some additional steps. If you have or had a Lexmark Printer there will be some Additional steps as well.

 

Before we begin please download programs you will need. These programs will help you clean your computer. Hold the CTRL and click on the program in the list. If this is the E version, click on the name and download the file. If this is the book version, the links are published on the last page of the guide.

 

 

 

 

 

 

Preparing Windows Xp and Vista

 

For All Computers

                       

                        Boot your computer into SAFE MODE.

 

A.   To boot your computer into SAFE MODE do the following:

B.    Assuming the computer is off, turn it on and start pressing the F8 key on your keyboard.

C.   This will bring up a menu that will look like the image on the next page. using the arrow keys on your keyboard, Highlight SAFEMODE and hit the enter key

D.   For windows XP you will have to hit Enter Twice

E.    Your computer should boot and you will see your desktop with the words SAFE MODE located in the corners and the video quality will not be as good as you are used to.  Go to Step 2

F.    If the computer booted normally shut the computer down and repeat Step B

 

See the screen shots on the next page.

 

          The purpose of going into safe mode is that the minimal sets of drivers get installed and startup applications do not start. This is good because if you are infected with Spyware, Malware, or Viruses you will be more likely to get rid of them in safe mode. With all of the software that you are going to install, it will always be best to install the programs I suggest, and then run those programs in Safe mode.

 

 

Windows XP Safe Mode Screen Shots!!

 

 

 

 

 

 

 

 

 

 

Continue to step 2

 

 

Step 1

Windows Vista Safe Mode

 

 

 

 

Continue to step 2

Step 2

 

 Removing Software, Here is a list of some programs you should Un-Install. These programs are major causes of Computer problems. See the steps after the list to learn how to un-install these programs.

 

#1 Spyware Killer

Morpheus (any version)

SearchExe

100 Percent Anti-Spyware

Morpheus Toolbar

SeekmoToolbar

1-2-3 Spyware Free

Mr.AntiSpy

SelectRebates

1 Click Spy Clean

My Global Search Bar

ShopperReports by Hotbar

1stAntiVirus

MySidesearch Search Assistant

Sidefind

180ClientStubInstall

MySPyProtector

SideSearch

180 Search Assistant

MyWay

Slotchbar

180Solutions

MyWayBar

SmileyDistrict Optimizer

1stAntiVirus

MyWaySpeed

SmileyDistrict

888Bar

MyWaySearchBar 

Soap or Soap Pro

Acoona Toolbar

My Web Search Bar

Software Update Manager

Active alert

MyWebSearch

SpamBlockerUtility Browser

Ad Armor

My Web Search

SpamBlockerUtility Email Toolbar

Ad Behavior

MyWay Search Assistant

Spy Analyst

Ad Destroyer

NavExcel Search Toolbar

Spy Defence

AdDriller

NavHelper

SpyAdvanced

Ad-Eliminator

NaviSearch

SpyAway

AdProtector

ncase

SpyAxe

Ads Alert

Need2Find

SpyBan

ADS Adware Remover

Need2Find Bar

SpyBuster

Ad Service

NeoSpace

SpyCleaner

Ad-Purge Adware

Network Monitor

SpyContra

AdTools

NewDotNet

SpyCut

AdTools Service

Notification Utility

SpyCrush

AdwareFilter

Oemji Toolbar

SpyDawn

AdwarePunisher

Oin

SpyDeface

Adware Remover

OnWebMedia

SpyFalcon

Adware Sheriff

Open Site

SpyLocked

Alexa toolbar

Outerinfo

SpyMarshal

AlfaCleaner

OuterInfoAdSponsor

Spy Officer

ALOT eMusic Toolbar

P2P Networking

SpyOnThis

AlwaysUpdatedNews

p2pnetworks

Spy Reaper

AntiSpy Advanced

Paltalk

SpyShield

AntiSpyPro

PCODEC 6.0

Spy-Shield

AntiSpyZone

PerfectCleaner

SpySoldier

AntiVermins

PestCapture

SpyiBlock

AntiVirusAdvance

PestTrap

SpyiKiller

Antivirus-Golden

PestWiper

SpySheriff

AntivirusGold

Preview AdService

SpyShield

AntiVirusPCSuite

Privacy Champion

Spy-Shield

Anti Virus Pro

Privacy Crusader

SpySpotter

AntiVirus Protector

PrivacyScanner

SpyVampire

Antivirus Solution

PSGuard

Spyware & Adware Removal

AUN

Quick

SpywareBot

AutoUpdate

QuickSearch

Spyware Disinfector

AVSystemCare

QuickSearch Toolbar

Spyware IT

AzeSearch

RazeSpyware

Spyware Knight

BargainBuddy

rdso

Spyware Quake

BearShare

Red Swoosh EDN Client

Spyware Remover

BearShare Accelerator

RelevantKnowledge

SpyWare Secure

BestGuardPlatinum

Safety Alert 2006

Spyware Scrapper

BestOffers or BestOffers

Safety Bar

Spyware Sheriff

Bullseye Networks

SaveNow

Spyware Sledgehammer

Brave Sentry

Scan & Repair Utilities 2006

Spyware-Stop

BreakSpyware

screensaver_rp Screen Saver

SpywareStrike

Browser Optimizer Dcads

Screensavers Installer Version 2

SpywareXP

BrowserPal

Search and Destroy 

SSK

Browser Protection Volume

SearchAssist

StartGuard

CAS

Search Assistant Adssite

StarWare

CasStub

Search Assistant - My Web SearchBar

StopGuard

Casino Client

Search Assistant - My Way

SurfAccuracy

CashBack

Search Maid

SurfSideKick 

CC2KUI or Comet Cursor Plus

Search Relevancy

Super Codec 6.0

CleanX

Search Toolbar

Sysnet

ClearSearch

Security IGuard

System Alert Popup

ClockSync

Security Messenger

System Soap Pro

CNSMin

SearchExe

Upspiral Toolbar

Command

SeekmoToolbar

The Spyware Shield

ContraVirus

SelectRebates

TargetSaver

Copperhead AntiSpyware

ShopperReports by Hotbar

Think-Adz Search Assistant removal

cosmi

Sidefind

ToolBar

CurePCSolution

SideSearch

Top Search

Delfin

Slotchbar

TopSpyware

DIARemover

SmileyDistrict Optimizer

TurboDownload

DMVlite

SmileyDistrict

TV Media

DownloadWare

Soap or Soap Pro

UnSpyPC

E2Give or e2Give

Software Update Manager

Utility Notification

EasySearchBar

SpamBlockerUtility Browser

Ultimate Defender

eGroup

SpamBlockerUtility Email Toolbar

Ultimate-Spyware Adware Remover

Elite Bar

Spy Analyst

VBouncer

Elite Sidebar

Spy Defence

VCClient

Elite Toolbar

SpyAdvanced

vidctrl

Elitum

SpyAway

Video ActiveX Solution

Enhancement Browser Tools

SpyAxe

Viewpoint

ExpertAntivirus

SpyBan

Viewpoint Manager

Fixer AntiSpy

SpyBuster

Viewpoint Media Player

Froggie Scan

SpyCleaner

Viewpoint Toolbar or Viewpoint Toolbar

Frontier Browser Assistant

SpyContra

Virtual Bouncer or Vbouncer

Frontier Search Helper

SpyCut

Virtual Maid

GAIN

SpyCrush

VirusBursters

Gator

SpyDawn

VirusBurst

Grokster or Grokster Wiseupdt

SpyDeface

VirusGuard

Hotbar Browser

SpyFalcon

VisFx

Hotbar Outlook Tools

SpyLocked

VSAdd-in

Hotbar Web Tools

SpyMarshal

VSAdd-in for Internet Explorer

HuntBar

Spy Officer

VSToolbar

IEDefender

SpyOnThis

VSToolbar for Internet Explorer

IExplorer Security Plug-in

Spy Reaper

WareOut

IE Host

SpyShield

WareOut Spyware Remover

iMesh

Spy-Shield

Warez P2P Client

IncrediMail

SpySoldier

WeatherBug

Internet Explorer Security Plugin 2006

SpyiBlock

Weather Check

Internet Explorer Secure Bar

SpyiKiller

Weather and Wowpapers Tools

Internet Explorer Secure Plug-in

SpySheriff

Weather Services

Internet Optimizer

SpyShield

Web Nexus Network

Internet Security Add-On

Spy-Shield

Web Offer

InternetShield

SpySpotter

Web Rebates

ISTbar

SpyVampire

Web Savings from Ebates

ISTSvc

Spyware & Adware Removal

Web Search Toolbar

Kazaa

SpywareBot

WebSearch Toolbar

Kazaa Lite

Spyware Disinfector

WebHancer

Kazaa Media Desktop 2.1

Spyware IT

WebHance Customer Companion

MalwareAlarm

Spyware Knight

WeirdOnTheWeb

MalwareScanner

Spyware Quake

WhenU (any entry)

Malware Stopper

Spyware Remover

WeirdOnTheWeb

MalwareWiped

SpyWare Secure

WildTangent

MalwareWipe

Spyware Scrapper

Win-dh

MalwareWiper

Spyware Sheriff

Window Active

MaxiFiles

Spyware Sledgehammer

WinAntiSpy 2005

Media Access

Spyware-Stop

WinAntiSpyware 2005

Media Gateway 

SpywareStrike

WinAntiVirus 2005

MediaGateway

SpywareXP

WinAntiSpyware 2006

Media-Codec 

SSK

WinAntiVirus 2006

MediaCodec 

StartGuard

WinFixer

MMediaCodec

StarWare

WinFixer

MediaLoads Installer

StopGuard

Winhound Spyware Remover

MediaPipe P2P Loader

SurfAccuracy

winupdates

MediaTickets

SurfSideKick 

Windows AdService

MediaTickets by OIN

Super Codec 6.0

Windows AdStatus

Messenger Service

Sysnet

Windows Safety Alert

Middadle

System Alert Popup

Windows ServeAd

Morpheus 5.3

System Soap Pro

Windows SR 2.0

 

 

Step 2 Windows XP

 

 

A.   Click on START, settings, control panel

 

 

 

 

 

 

B.     Click on Add/Remove programs. If you have Windows XP please Select Switch to classic view. Then Add/Remove programs.

 

 

 

 

C.     Remove any unwanted software. This is completely discretionary. As a rule of thumb if you find a program that is shown to be very small in size, example; .09MB it is probably safe to remove. If your computer asks you to restart please wait until a later time or until all programs you want to un-install are done Un-Installing. If You Re-Start, please restart back into SAFE MODE. If you unsure that you want to uninstall, play it safe and leave the program installed. Use the List provided in the beginning of Step2 as a guide on what you should Un-Install.

 

 

 

 

 

 

 

D.    Close the control Panel

 

 

Right mouse click on the Recycle Bin Icon on your desktop and click Empty the recycle Bin

 

 

 

 

 

Windows XP ------Continue to step 4

 

 

WINDOWS VISTA STEP 2

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Continue to step 3

 

 

Step 3 Vista Only

 

Enabling the Hidden Administrator Account

 

 

 

 

 

 

 

 

Next we are going to turn off the UAC- the UAC is the User Access Control which is what prompts you to click Allow every time you want to either install or change something on you vista PC.

 

 

 

 

 

 

 

 

 

 

 

Continue to Step 4

 

 

Step 4

 

WINDOWS XP

 

 

 

 

 

 

 

WINDOWS VISTA Step 4

 

 

 

 

 

 

IMPORTANT READ NEXT STEP TWICE!!!!!

 

 

 

 

 

 

CONTINUE TO STEP 5

Step 5

 

Disable your system Restore Windows XP

 

 

 

 

 

 

Continue to Step 7

 

 

Disable your system Restore Windows Vista

 

 

 

 

 

 

 

 

STEP 6 Vista Only

               

Step 6

 

Next I am going show how to take ownership of your files in Vista.

 You will need to download the following file.

 

http://www.howtogeek.com/downloads/TakeOwnership.zip

 

Save this file to Your Desktop

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Continue to Step 7

 

 

Step 7

 

Now it’s time to clean out the temporary files. To do this properly we need to be able to view some hidden files. The next steps are to help you to prepare the computer for this.

 

WINDOWS XP

 

 

 

 

 

 

 

 

 

 

 

Windows XP Continue to STEP 8

 

 

STEP 7

 

WINDOWS VISTA

 

 

 

 

 

 

 

 

 

 

Continue To Step 8

 

 

STEP 8

 

WINDOWS XP

 

 

START

 

 

 



 

 

 

 

 

 

 

 

 

 

 

 

 

Windowx XP Continue to Step 9

 

 

 

 

Step 8

 

WINDOWS VISTA

 

 

 

 

 

 

 

 

 

 

 

 

Continue to Step 9

 

 

 

 

Step 9

 

WINDOWS XP and VISTA

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

OR

 

 

 

 

 

 

 

 

 

 

 

 

Continue to Step 10

 

 

 

 

 

 

STEP 10

 

Resetting Internet Explorer 6

 

 

 

 

 

Internet Explorer 7

 

 

 

 

 

 

 

 

Continue to Step 10

Step 10

 

1. Restart your computer in Normal Mode.

2. Be sure to download the tools your are going to need before you start your Cleaning. You may not need all of these tools

3. The Cleaning tools that I consider the most important are AVG, AD-Aware, CCleaner, WinsockXPFix, Malware Bytes, HiJackThis, ComboFix, and SD_Fix

4. I am going to show you how to install and Run each of these programs.

 

 

AdAware Free

 

CW Shredder

Rogue Remover

SpyBot S&D

XCleaner

 

AVG 8.0 Free

 

CCleaner

RNIS

SD FIX

Processor Manager

ATF Cleaner

Fixware

Hijack This

Super Anti Malware

KillBOX

Alexa Remover

Fix IE Def

Stinger

USB Flash Drive Check

File Asassin

BO_Clean

MSN Cleaner

Spyware Blaster

Windows Defender

BHO List

Combo Fix

Malware Bytes

Smitfruad Fix

VundoFix

PC Decrapifier

 

 

******* Just Click on the name of the program and the download should start immediately *********

 

 

 

 

Step 11:

 

ATF Cleaner

 

Save the File to Your Desktop.

 

 

 

 

 




 

 

 

 

 

 

 

Step 12:

 

Stinger

 

 

 

 

 


Step 13:

 

 

Rogue Remover

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

STEP 14

RNIS

 

 

Remove Norton Internet Security is very useful even if you are you do not have Norton Internet security installed. This file will help reset your IE setting and host file to help get rid of browser hijacks.

 

 

 

 

 

STEP 15

 

Fix IE Def

 

 

 

 

 

 

 

 

Step 16

 

Alexa Remover

 

 

 

 

 

 

 

 

Step 17

 

MSN Cleaner

 

 

 

 

 

 

 

 

Step 18

 

USB Flash Drive Check

 

 

 

 

 

 

SpyBlaster

 

Spyware Blaster

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Step 20

 

Smitfruad Fix

 

It is recommended that this tool is run while In Safe Mode. Please follow the earlier instructions on how to get into Safe Mode.

If you find this tool useful please donate to the author of this tool at;

http://siri.geekstogo.com/SmitfraudFix.php#donation

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Step 21

 

XCleaner

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Step 22

 

Malware Bytes

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Step 23

 

CCleaner

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Step 24

 

CW Shredder

 

 

 

 

 

 

 

Step 25

 

SpyBot S&D

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Step 26

 

VundoFix

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Step 27

 

Hijack This

 

 

 

 

 

 

 

 

 

 

 

 

Step 28

 

SD FIX

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Step 29

 

Windows Defender

 

 

 

 

 

 

 

 

 

 

Step 30

 

AdAware Free

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Step 29

 

AVG 8.0 Free

 

(my personal preference)

 

 

 

 

 

 

 

 

 

 

 

 

 </