The Cleaning Guide

Legal Disclaimer: This guide is intended to guide you through a system cleaning of your computer. By use of this guide I am not responsible for any user of this guide for any lost or missing data due to miss-clicks or hardware failure, I further more assume no responsibility for the inexperience of any user when it come to understanding or the proper use of this guide. I have created this guide so you as the user would have a process to use to remove any unwanted infections from your computer and I have taken every step to try to make this as accurate as possible.

Understanding the Problem

Here is the problem, with today’s technology and the combination of hi-speed Internet access you are being overwhelmed with Viruses, Spyware, Adware, desktop and browser hijacks. These types of infection will cause your computer to run slow and sometimes become unusable. This is obviously a problem because it can lead to costly repairs, data loss; file corruption, Identity theft, popup, and much more. I have seen in many cases where people literally throw away perfectly fine computers just to be infected again.

Another problem is that many of these infections are just vicious ways to get you to buy some software that promises to alleviate your problems and keep your system free from infections. Sadly this is not the case; in most instances these programs will cause more problems. People will spend hours upon hours calling various technical support help lines and end up with nothing but a distained taste in there mouth and no resolution. I have also seen where a person will talk to the computer manufacturer helpdesk and will blindly follow the instructions given to them, (by someone reading from a manual) usually by someone who is not a computer technician, just to end up having there computer formatted and restored to original factory setup. This is also a problem because now that person has just lost ALL of the programs, data files, financial records, music, and most importantly family pictures.

There are ways to protect you and yet not many people do. So what are people to do? They search the Internet for a solution. I will say that there is quite a bit of help online and most of the help is by technicians who just like the satisfaction a being able to fix hard to resolve issues. There is also a lot of misinformation out there as well. When you do a search and find a link to a web page that promises to get rid of a problem well, what you get is someone wanting you to download a program. Fine, you download the program and when it finishes a popup comes up telling you it will cost 29.95 to remove the 500 items it found. Guess what, you are still infected with 2000 more types of infections. Where does it end? It doesn’t. In this guide, I will tell you how to remove all of the computer infections and how to prevent them from happening again.

How the infections happen

The most common question I get is “How did this Happen”? I just smile and start to explain. There are 6 ways you get the infections in your computer.

1st

The first way is through E-Mail. This I am sure has happened to just about everyone. You receive an E-Mail with some cool, unique title or familiar subject and you are enticed to open it. That did it. You are now infected. It may sound like it cannot be that easy to get infected but it is. I am sure that you have a friend that sends you crazy and wacky E-Mails because he or she finds it amusing and forwards it on to you. That E-Mail redirects you to a website and you view the animation or listen to the funny songs and close out. Well, while you were viewing the show, a program was being downloaded to your computer in the background and next time you restart your computer the popups start pouring in. You should refrain from opening any E-Mails that, either, you are not expecting, or you don’t know who the sender is.

A brief note about SPAM, if you are already getting 400 E-Mails a day, well, get a new E-Mail Address. One of the best ways to stop and prevent SPAM is to consult with your ISP (Internet Service Provider) and get help setting up a SPAM filter. If you are starting to get SPAM and you do open it usually, at the bottom, there is a link that says “ If you no longer wish to receive future Emails Click Here” guess what, no more E-Mail from them, but now you receive ten from other sources. This is because you have just verified that the E-Mail Address you have is active, this means the company that you have unregistered with just sold your E-Mail and you will start to receive more SPAM. The other way to help prevent SPAM is JUST DELETE any unwanted E-Mail. By deleting unopened and unwanted E-Mail you will dramatically reduce your SPAM and computer infections. A very good way to limit your SPAM is have two E-Mail Addresses, the 1st E-Mail for your Family and friends and a 2nd that you use to register on websites with. Having an E-Mail Address for the sole purpose of registering with websites will save you many headaches.

2nd

The second most common way is visiting Adult sites. These sites without a doubt are the most common sites viewed. Like any other sites out there many of them are reputable (as far as Adult sites go) but, the majority of them are filled with viruses just waiting to be download because someone wants to view the latest movie star naked. Avoiding these sites is always a good idea.

3rd

Music sites and Music sharing software is a very big issue. Many people have downloaded a song or two from the web, who hasn’t. Well here it is, what happens is attached to the song or movie file that you just downloaded is a virus. I cannot say for sure but I believe that one of the ways the entertainment industry is fighting piracy is backdoor deals where they will pay someone to attach a virus to a song and up load it to a computer for sharing. This is most commonly done through Programs like Kazaa, Napster, Bear share, and Emule. This software after it is installed will open up a port on your computer that allows other people to connect to your computer and copy music or video you have stored on your computer. This is illegal according to US copy write laws; also having an open port opens the doors to your computer for hackers. Because you now have an open port on your computer this port can be used to gain access to your computer, which can also lead to Identity theft.

4th

Game cheat code sites a very popular with the teenagers. These sites are geared to unsuspecting kids who don’t know any better. These sites will offer cheat codes for the Sony Play station or XBOX games. The kids may be able to defeat the galaxy in god mode or unlock all the racing cars but have just totally infested you computer with viruses and Spyware. Definitely stay away from the sites.

5th

Gambling Sites, although mostly legitimate, are very popular and are a breading ground for Adware, Malware, and Viruses. Those pop-ups that everybody hates can usually be attributed to these sites.

6th

The last common way is just simply browsing the Internet. How many times have you typed in a web address incorrectly and have been brought to something different than what you expected. Many of the Internets advertising companies will purchase web sites similar to popular sites knowing the www.eba.com will be typed instead of www.ebay.com. This brings you to the never-ending web page and 100’s of popups. If you have favorite sites use the favorites feature built into your browser this will help you in the end from the mistypes.

Symptoms of Infection

Remember the day you had gotten your new computer? How everything worked perfectly and all of the programs opened up fast. Today it takes ten minutes just to start up the computer and if you click on a program you leave, do the wash, make the bed, have a cup of coffee just to find you are still 5minutes away from being able to use that program. That is a symptom.

If your computer:

1. Take’s more than a couple of minutes to boot up

2. In the bottom right corner of your screen you see more than 5 or 10 icons

3. You get popups

4. The computer is slow

5. Programs stop working

6. You cannot get online

7. The homepage you use to have is something else

8. The Desktop wall paper has changed to some sort of security warning

9. You have toolbars that you don’t know where they came from

10. Icons on your desktop for either adult or gambling sites

11. Cannot boot into Windows normally and only goes into safe mode

These are signs that your computer is infected and needs to be cleaned!!!!

What is a virus?

A virus is a type of program that can replicate itself by making (possibly modified) copies of itself. The main criterion for classifying a piece of executable code as a virus is that it spreads itself by means of 'hosts'. A virus can only spread from one computer to another when its host is taken to the uninfected computer, for instance by a user sending it over a network or carrying it on a removable medium. Additionally, viruses can spread to other computers by infecting files on a network file system or a file system that is accessed by another computer. Viruses are sometimes confused with worms. A worm, however, can spread itself to other computers without needing to be transferred as part of a host. Many personal computers are now connected to the Internet and to local-area networks, facilitating their spread. Today's viruses may also take advantage of network services such as the World Wide Web, e-mail, and file sharing systems to spread, blurring the line between viruses and worms.

Viruses can infect different types of hosts. The most common targets are executable files that contain application software or parts of the operating system. Viruses have also infected the executable boot sectors of floppy disks, script files of application programs, and documents that can contain macro scripts. Additionally, viruses can infect files in other ways than simply inserting a copy of their code into the code of the host program. For example, a virus can overwrite its host with the virus code, or it can use a trick to ensure that the virus program is executed when the user wants to execute the (unmodified) host program. Viruses have existed for many different operating systems, including MS-DOS, AmigaOS, Mac OS and even Linux; however, the vast majority of viruses affect Microsoft Windows.

A legitimate application program that can copy itself as a side-effect of its normal function (e.g. backup software) is not considered a virus. Some programs that were apparently intended as viruses cannot self-replicate, because the infection routine contains bugs. For example, a buggy virus can insert copies of itself into host programs, but these copies never get executed and are thus unable to spread the virus. As long as at least some of the copies are able to make copies of themselves, they are still considered viruses; otherwise they are referred to as intended viruses.

What is Spyware / Malware

Malicious websites may attempt to install spyware on readers' computers. Here, a spam blog triggers a pop-up that offers spyware in the disguise of a security upgrade.

Spyware is a broad category of malicious software designed to intercept or take partial control of a computer's operation without the informed consent of that machine's owner or legitimate user. While the term taken literally suggests software that surreptitiously monitors the user, it has come to refer more broadly to software that subverts the computer's operation for the benefit of a third party.

Spyware differs from viruses and worms in that it does not usually self-replicate. Like many recent viruses, however, spyware is designed to exploit infected computers for commercial gain. Typical tactics furthering this goal include delivery of unsolicited pop-up advertisements; theft of personal information (including financial information such as credit card numbers); monitoring of Web-browsing activity for marketing purposes; or routing of HTTP requests to advertising sites.

As of 2005, spyware has become one of the pre-eminent security threats for computers running Microsoft Windows operating systems. Some malware on the Linux and Mac OS X platforms has behavior similar to Windows spyware, but to date has not become anywhere near as widespread.

Spyware, "adware", and tracking

The term adware frequently refers to any software which displays advertisements, whether or not it does so with the user's consent. Programs such as the Eudora mail client display advertisements as an alternative to shareware registration fees. These classify as "adware" in the sense of advertising-supported software, but not as spyware. They do not operate surreptitiously or mislead the user.

Many of the programs frequently classified as spyware function as adware in a different sense: their chief observed behavior consists of displaying advertising. Clarian Corporation's Gator Software provides an example of this sort of program. Visited Web sites frequently install Gator on client machines in a surreptitious manner, and it directs revenue to the installing site and to Claria by displaying advertisements to the user. The user's experience is that their computer begins displaying a large number of pop-up advertisements.

Other spyware behaviors, such as reporting on websites the user visits, frequently accompany the displaying of advertisements. Monitoring web activity aims at building up a marketing profile on users in order to sell "targeted" advertisement impressions. The prevalence of spyware has cast suspicion upon other programs that track Web browsing, even for statistical or research purposes. Some observers describe the Alexa Toolbar, an Internet Explorer plug-in published by Amazon.com, as spyware (and some anti-spyware programs report it as such) although many users choose to install it!

Effects and behaviors

Spyware rarely comes alone: an affected computer can rapidly become infected with large numbers of spyware components. Users frequently notice unwanted behavior and degradation of system performance. A spyware infestation can create significant unwanted CPU activity, disk usage, and network traffic -- slowing down legitimate uses of these resources. Stability issues -- application or system crashes -- are also common. Spyware which interferes with the networking software commonly causes difficulty connecting to the Internet.

When Microsoft Windows users seek technical support -- whether from computer manufacturers, Internet service providers, or other sources -- spyware infection emerges as the most common cause. In many cases, the user has no awareness of spyware and assumes that the system performance, stability, and/or connectivity issues relate to hardware, to Microsoft Windows installation problems, or to a virus. Some owners of badly infected systems resort to buying an entire new computer system because the existing system "has become too slow". For badly infected systems, a clean reinstall may be required to restore the system to a working order; a time-consuming project even for experienced users.

Only rarely does a single piece of software render a computer unusable. Rather, a computer rarely has only one infection. As the 2004 AOL study noted, if a computer has any spyware at all, it typically has dozens of different pieces installed. The cumulative effect, and the interactions between spyware components, typically causes the stereotypical symptoms reported by users; a computer which slows to a crawl, overwhelmed by the many parasitic processes running on it. Moreover, some types of spyware disable software firewalls and anti-virus software, and reduce browser security settings, opening the system to further opportunistic infections, much like an immune deficiency disease. There are also documented cases where a spyware program disabled other spyware programs created by the competitors.

Some other types of spyware (Targetsoft, for example) modify system files to make themselves harder to remove. (Targetsoft modifies the Winsock (Windows Sockets) files. The deletion of the spyware-infected file "inetadpt.dll" will interrupt normal networking usage.) Unlike many other operating systems, a typical Windows user has administrator-level privileges on the system, mostly for the sake of convenience. Because of this, any program which the user runs, intentionally or not, has unrestricted access to the system. Spyware, along with other threats, has led some Windows users to move to other platforms such as Linux or Apple Macintosh, which such malware targets far less frequently.

"Stealware" and affiliate fraud

A few spyware vendors, notably When and 180 Solutions, have written what the New York Times has dubbed "Stealware", and what spyware-researcher Ben Edelman terms affiliate fraud, also known as click fraud. These redirect the payment of affiliate marketing revenues from the legitimate affiliate to the spyware vendor.

Affiliate marketing networks work by tracking users who follow an advertisement from an "affiliate" and subsequently purchase something from the advertised Web site. Online merchants such as eBay and Dell are among the larger companies which use affiliate marketing. In order for affiliate marketing to work, the affiliate places a tag such as a cookie or a session variable on the user's request, which the merchant associates with any purchases made. The affiliate then receives a small commission.

Spyware which attacks affiliate networks does so by placing the spyware operator's affiliate tag on the user's activity -- replacing any other tag, if there is one. This harms just about everyone involved in the transaction other than the spyware operator. The user is harmed by having their choices thwarted. A legitimate affiliate is harmed by having their earned income redirected to the spyware operator. Affiliate marketing networks are harmed by the degradation of their reputation. Vendors are harmed by having to pay out affiliate revenues to an "affiliate" who did not earn them according to contract.

Affiliate fraud is a violation of the terms of service of most affiliate marketing networks. As a result, spyware operators such as WhenU and 180 Solutions have been terminated from affiliate networks including Link Share and Share Sale.

Identity theft and fraud

In one case, spyware has been closely associated with identity theft. In August 2005, researchers from security software firm Sunbelt Software believed that the makers of the common CoolWebSearch spyware had used it to transmit "chat sessions, user names, passwords, bank information, etc.", but it turned out that "it actually is its own sophisticated criminal little Trojan that’s independent of CWS." This case is currently under investigation by the FBI.

Spyware-makers may perpetrate another sort of fraud with dialer program spyware: wire fraud. Dialers cause a computer with a modem to dial up a long-distance telephone number instead of the usual ISP. Connecting to the number in question involves long-distance or overseas charges, this can result in massive telephone bills, which the user must either pay or contest with the telephone company. Dialers are somewhat less effective today, now that fewer Internet users use modems.

Spyware and cookies

Anti-spyware programs often report Web advertisers' HTTP cookies as spyware. Web sites (including advertisers) set cookies — small pieces of data rather than software — to track Web-browsing activity: for instance to maintain a "shopping cart" for an online store or to maintain consistent user settings on a search engine.

Only the Web site that sets a cookie can access it. In the case of cookies associated with advertisements, the user generally does not intend to visit the Web site which sets the cookies, but gets redirected to a cookie-setting third-party site referenced by a banner ad image. Some Web browsers and privacy tools offer to reject cookies from sites other than the one that the user requested.

Advertisers use cookies to track people's browsing among various sites carrying ads from the same firm and thus to build up a marketing profile of the person or family using the computer. For this reason many users object to such cookies, and anti-spyware programs offer to remove them.

What is Adware?

Adware or advertising-supported software is any software package which automatically plays, displays, or downloads advertising material to a computer after the software is installed on it or while the application is being used.

Many spyware programs reveal themselves visibly by displaying advertisements. Some programs simply display pop-up ads on a regular basis -- for instance, one every several minutes, or one when the user opens a new browser window. Others display ads in response to specific sites that the user visits. Spyware operators present this feature as desirable to advertisers, who may buy ad placement in pop-ups displayed when the user visits a particular site. It is also one of the purposes for which spyware programs gather information on user behavior.

Pop-up advertisements lead to some of users' most common complaints about spyware. The first is simply that the computer can become overwhelmed downloading or displaying ads. An infected computer rarely has only one spyware component installed -- they more often number in the dozens -- and so while a single program might display ads only infrequently, the cumulative effect is overwhelming.

Many users complain about irritating or offensive advertisements as well. As with many banner ads, many spyware advertisements are animated, flickering banners designed to catch the eye -- that is, they are highly visually distracting. Pop-up ads for pornography are often displayed indiscriminately, including when children are using the computer -- possibly in violation of laws on the subject.

A further issue in the case of some spyware programs has to do with the replacement of banner ads on viewed web sites. Spyware which acts as a web proxy or a Browser Helper Object can replace references to a site's own advertisements (which fund the site) with advertisements which instead fund the spyware operator. This cuts into the margins of advertising-funded Web sites.

Application

Adware is software integrated into or bundled with a program. It is usually seen by the programmer as a way to recover programming development costs, and in some cases it may allow the program to be provided to the user free of charge or at a reduced price. The advertising income may allow or motivate the programmer to continue to write, maintain and upgrade the software product.

Some adware is also shareware, and so the word may be used as term of distinction to differentiate between types of shareware software. What differentiates adware from other shareware is that it is primarily advertising-supported. Users may also be given the option to pay for a "registered" or "licensed" copy to do away with the advertisements.

There are concerns about adware because it often takes the form of spyware, in which information about the user's activity is tracked, reported, and often re-sold, often without the knowledge or consent of the user. Of even greater concern is malware, which may interfere with the function of other software applications, in order to force users to visit a particular web site.

It is not uncommon for people to confuse "adware" with "spyware" and "malware", especially since these concepts overlap. For example, if one user installs "adware" on a computer, and consents to a tracking feature, the "adware" becomes "spyware" when another user visits that computer, and interacts with and is tracked by the "adware" without their consent.

Spyware has prompted an outcry from computer security and privacy advocates, including the Electronic Privacy Information Center. Often, spyware applications send the user's browsing habits to an adserving company, which then targets adverts at the user based on their interests. Kazaa and eXeem are popular programs which incorporate software of this type.

Adware programs other than spyware do not invisibly collect and upload this activity record or personal information when the user of the computer has not expected or approved of the transfer, but some vendors of adware maintain that their application which does this is not also spyware, due to disclosure of program activities: for example, a product vendor may indicate that since somewhere in the product's Terms of Use there is a clause that third-party software will be included that may collect and may report on computer use, that this Terms of Use disclosure means the product is just adware.

A number of software applications are available to help computer users search for and modify adware programs to block the presentation of advertisements and to remove spyware modules. To avoid a backlash, as with the advertising industry in general, creators of adware must balance their attempts to generate revenue with users' desire to be left alone.

What is a Desktop Hijack?

A desktop Hijack is program usually hidden in your active desktop as either a screen background Image or web image. The problem with this is that once you are infected, the script to use this function disables the ability to adjust your desktop appearance and settings.

What is a Browser Hijack?

A Browser Helper Object (BHO) is a DLL module designed as a plugin for Microsoft's Internet Explorer web browser to provide added functionality. BHOs were introduced in October 1997 with the release of version 4 of Internet Explorer. Most BHOs are loaded once by each new instance of Internet Explorer. However, in the case of the Windows File Explorer, a new instance is launched for each window.

Some modules enable the display of different file formats not ordinarily interpretable by the browser. The Adobe Acrobat plugin that allows Internet Explorer users to read PDF files within their browser is a BHO.

Other modules add toolbars to Internet Explorer, such as the Alexa Toolbar that provides a list of web sites related to the one you are currently browsing, or the Google Toolbar that adds a toolbar with a Google search box to the browser user interface.

However, the BHO API exposes hooks that allow the BHO to access the Document Object Model (DOM) of the current page and to control navigation. Because BHOs have unrestricted access to the Internet Explorer event model, some forms of malware have also been created as BHOs. For example, the Download.ject exploit installed a BHO that would activate upon detecting a secure HTTP connection to a financial institution, record the user's keystrokes (intending to capture passwords) and transmit the information to a website used by Russian computer criminals. Other BHOs such as the MyWay Searchbar track users browsing patterns and pass the information they record to third-parties.

In response to the problems associated with BHOs and similar extensions to Internet Explorer, Microsoft added an Add-on Manager to Internet Explorer with the release of Service Pack 2 for Windows XP. This displays a list of all installed BHOs, Browser Extensions and ActiveX controls, and allows the user to enable or disable them at will.

For users that are not using Windows XP, there exist free tools (such as BHODemon) that list installed BHOs and allow the user to disable malicious extensions.

Where to begin for all computers?

On all Windows based computers some steps need to be taken to ensure that the computer cleaning goes as well as possible. The way to do this is to manually remove Any programs that may be installed on the computer, Removal of the start up programs that execute when your first start your computer, Removal of temporary files and temporary internet files, cookies, history, and hidden temporary files. Disabling of the Windows System Restore, and resetting your internet explorer options to default. To properly clean a pc you need to follow the steps outlined in this guide. If you connect to the internet Via AOL or DSL there will be some additional steps. If you have or had a Lexmark Printer there will be some Additional steps as well.

Before we begin please download programs you will need. These programs will help you clean your computer. Hold the CTRL and click on the program in the list. If this is the E version, click on the name and download the file. If this is the book version, the links are published on the last page of the guide.

Preparing Windows Xp and Vista

For All Computers

Boot your computer into SAFE MODE.

A. To boot your computer into SAFE MODE do the following:

B. Assuming the computer is off, turn it on and start pressing the F8 key on your keyboard.

C. This will bring up a menu that will look like the image on the next page. using the arrow keys on your keyboard, Highlight SAFEMODE and hit the enter key

D. For windows XP you will have to hit Enter Twice

E. Your computer should boot and you will see your desktop with the words SAFE MODE located in the corners and the video quality will not be as good as you are used to. Go to Step 2

F. If the computer booted normally shut the computer down and repeat Step B

See the screen shots on the next page.

The purpose of going into safe mode is that the minimal sets of drivers get installed and startup applications do not start. This is good because if you are infected with Spyware, Malware, or Viruses you will be more likely to get rid of them in safe mode. With all of the software that you are going to install, it will always be best to install the programs I suggest, and then run those programs in Safe mode.

Windows XP Safe Mode Screen Shots!!

Continue to step 2

Step 1

Windows Vista Safe Mode

Continue to step 2

Step 2

Removing Software, Here is a list of some programs you should Un-Install. These programs are major causes of Computer problems. See the steps after the list to learn how to un-install these programs.

#1 Spyware Killer	Morpheus (any version)	SearchExe
100 Percent Anti-Spyware	Morpheus Toolbar	SeekmoToolbar
1-2-3 Spyware Free	Mr.AntiSpy	SelectRebates
1 Click Spy Clean	My Global Search Bar	ShopperReports by Hotbar
1stAntiVirus	MySidesearch Search Assistant	Sidefind
180ClientStubInstall	MySPyProtector	SideSearch
180 Search Assistant	MyWay	Slotchbar
180Solutions	MyWayBar	SmileyDistrict Optimizer
1stAntiVirus	MyWaySpeed	SmileyDistrict
888Bar	MyWaySearchBar	Soap or Soap Pro
Acoona Toolbar	My Web Search Bar	Software Update Manager
Active alert	MyWebSearch	SpamBlockerUtility Browser
Ad Armor	My Web Search	SpamBlockerUtility Email Toolbar
Ad Behavior	MyWay Search Assistant	Spy Analyst
Ad Destroyer	NavExcel Search Toolbar	Spy Defence
AdDriller	NavHelper	SpyAdvanced
Ad-Eliminator	NaviSearch	SpyAway
AdProtector	ncase	SpyAxe
Ads Alert	Need2Find	SpyBan
ADS Adware Remover	Need2Find Bar	SpyBuster
Ad Service	NeoSpace	SpyCleaner
Ad-Purge Adware	Network Monitor	SpyContra
AdTools	NewDotNet	SpyCut
AdTools Service	Notification Utility	SpyCrush
AdwareFilter	Oemji Toolbar	SpyDawn
AdwarePunisher	Oin	SpyDeface
Adware Remover	OnWebMedia	SpyFalcon
Adware Sheriff	Open Site	SpyLocked
Alexa toolbar	Outerinfo	SpyMarshal
AlfaCleaner	OuterInfoAdSponsor	Spy Officer
ALOT eMusic Toolbar	P2P Networking	SpyOnThis
AlwaysUpdatedNews	p2pnetworks	Spy Reaper
AntiSpy Advanced	Paltalk	SpyShield
AntiSpyPro	PCODEC 6.0	Spy-Shield
AntiSpyZone	PerfectCleaner	SpySoldier
AntiVermins	PestCapture	SpyiBlock
AntiVirusAdvance	PestTrap	SpyiKiller
Antivirus-Golden	PestWiper	SpySheriff
AntivirusGold	Preview AdService	SpyShield
AntiVirusPCSuite	Privacy Champion	Spy-Shield
Anti Virus Pro	Privacy Crusader	SpySpotter
AntiVirus Protector	PrivacyScanner	SpyVampire
Antivirus Solution	PSGuard	Spyware & Adware Removal
AUN	Quick	SpywareBot
AutoUpdate	QuickSearch	Spyware Disinfector
AVSystemCare	QuickSearch Toolbar	Spyware IT
AzeSearch	RazeSpyware	Spyware Knight
BargainBuddy	rdso	Spyware Quake
BearShare	Red Swoosh EDN Client	Spyware Remover
BearShare Accelerator	RelevantKnowledge	SpyWare Secure
BestGuardPlatinum	Safety Alert 2006	Spyware Scrapper
BestOffers or BestOffers	Safety Bar	Spyware Sheriff
Bullseye Networks	SaveNow	Spyware Sledgehammer
Brave Sentry	Scan & Repair Utilities 2006	Spyware-Stop
BreakSpyware	screensaver_rp Screen Saver	SpywareStrike
Browser Optimizer Dcads	Screensavers Installer Version 2	SpywareXP
BrowserPal	Search and Destroy	SSK
Browser Protection Volume	SearchAssist	StartGuard
CAS	Search Assistant Adssite	StarWare
CasStub	Search Assistant - My Web SearchBar	StopGuard
Casino Client	Search Assistant - My Way	SurfAccuracy
CashBack	Search Maid	SurfSideKick
CC2KUI or Comet Cursor Plus	Search Relevancy	Super Codec 6.0
CleanX	Search Toolbar	Sysnet
ClearSearch	Security IGuard	System Alert Popup
ClockSync	Security Messenger	System Soap Pro
CNSMin	SearchExe	Upspiral Toolbar
Command	SeekmoToolbar	The Spyware Shield
ContraVirus	SelectRebates	TargetSaver
Copperhead AntiSpyware	ShopperReports by Hotbar	Think-Adz Search Assistant removal
cosmi	Sidefind	ToolBar
CurePCSolution	SideSearch	Top Search
Delfin	Slotchbar	TopSpyware
DIARemover	SmileyDistrict Optimizer	TurboDownload
DMVlite	SmileyDistrict	TV Media
DownloadWare	Soap or Soap Pro	UnSpyPC
E2Give or e2Give	Software Update Manager	Utility Notification
EasySearchBar	SpamBlockerUtility Browser	Ultimate Defender
eGroup	SpamBlockerUtility Email Toolbar	Ultimate-Spyware Adware Remover
Elite Bar	Spy Analyst	VBouncer
Elite Sidebar	Spy Defence	VCClient
Elite Toolbar	SpyAdvanced	vidctrl
Elitum	SpyAway	Video ActiveX Solution
Enhancement Browser Tools	SpyAxe	Viewpoint
ExpertAntivirus	SpyBan	Viewpoint Manager
Fixer AntiSpy	SpyBuster	Viewpoint Media Player
Froggie Scan	SpyCleaner	Viewpoint Toolbar or Viewpoint Toolbar
Frontier Browser Assistant	SpyContra	Virtual Bouncer or Vbouncer
Frontier Search Helper	SpyCut	Virtual Maid
GAIN	SpyCrush	VirusBursters
Gator	SpyDawn	VirusBurst
Grokster or Grokster Wiseupdt	SpyDeface	VirusGuard
Hotbar Browser	SpyFalcon	VisFx
Hotbar Outlook Tools	SpyLocked	VSAdd-in
Hotbar Web Tools	SpyMarshal	VSAdd-in for Internet Explorer
HuntBar	Spy Officer	VSToolbar
IEDefender	SpyOnThis	VSToolbar for Internet Explorer
IExplorer Security Plug-in	Spy Reaper	WareOut
IE Host	SpyShield	WareOut Spyware Remover
iMesh	Spy-Shield	Warez P2P Client
IncrediMail	SpySoldier	WeatherBug
Internet Explorer Security Plugin 2006	SpyiBlock	Weather Check
Internet Explorer Secure Bar	SpyiKiller	Weather and Wowpapers Tools
Internet Explorer Secure Plug-in	SpySheriff	Weather Services
Internet Optimizer	SpyShield	Web Nexus Network
Internet Security Add-On	Spy-Shield	Web Offer
InternetShield	SpySpotter	Web Rebates
ISTbar	SpyVampire	Web Savings from Ebates
ISTSvc	Spyware & Adware Removal	Web Search Toolbar
Kazaa	SpywareBot	WebSearch Toolbar
Kazaa Lite	Spyware Disinfector	WebHancer
Kazaa Media Desktop 2.1	Spyware IT	WebHance Customer Companion
MalwareAlarm	Spyware Knight	WeirdOnTheWeb
MalwareScanner	Spyware Quake	WhenU (any entry)
Malware Stopper	Spyware Remover	WeirdOnTheWeb
MalwareWiped	SpyWare Secure	WildTangent
MalwareWipe	Spyware Scrapper	Win-dh
MalwareWiper	Spyware Sheriff	Window Active
MaxiFiles	Spyware Sledgehammer	WinAntiSpy 2005
Media Access	Spyware-Stop	WinAntiSpyware 2005
Media Gateway	SpywareStrike	WinAntiVirus 2005
MediaGateway	SpywareXP	WinAntiSpyware 2006
Media-Codec	SSK	WinAntiVirus 2006
MediaCodec	StartGuard	WinFixer
MMediaCodec	StarWare	WinFixer
MediaLoads Installer	StopGuard	Winhound Spyware Remover
MediaPipe P2P Loader	SurfAccuracy	winupdates
MediaTickets	SurfSideKick	Windows AdService
MediaTickets by OIN	Super Codec 6.0	Windows AdStatus
Messenger Service	Sysnet	Windows Safety Alert
Middadle	System Alert Popup	Windows ServeAd
Morpheus 5.3	System Soap Pro	Windows SR 2.0

Step 2 Windows XP

A. Click on START, settings, control panel

B. Click on Add/Remove programs. If you have Windows XP please Select Switch to classic view. Then Add/Remove programs.

C. Remove any unwanted software. This is completely discretionary. As a rule of thumb if you find a program that is shown to be very small in size, example; .09MB it is probably safe to remove. If your computer asks you to restart please wait until a later time or until all programs you want to un-install are done Un-Installing. If You Re-Start, please restart back into SAFE MODE. If you unsure that you want to uninstall, play it safe and leave the program installed. Use the List provided in the beginning of Step2 as a guide on what you should Un-Install.

D. Close the control Panel

Right mouse click on the Recycle Bin Icon on your desktop and click Empty the recycle Bin

Windows XP ------Continue to step 4

WINDOWS VISTA STEP 2

Continue to step 3

Step 3 Vista Only

Enabling the Hidden Administrator Account

Next we are going to turn off the UAC- the UAC is the User Access Control which is what prompts you to click Allow every time you want to either install or change something on you vista PC.

Continue to Step 4

Step 4

WINDOWS XP

WINDOWS VISTA Step 4

IMPORTANT READ NEXT STEP TWICE!!!!!

CONTINUE TO STEP 5

Step 5

Disable your system Restore Windows XP

Continue to Step 7

Disable your system Restore Windows Vista

STEP 6 Vista Only

Step 6

Next I am going show how to take ownership of your files in Vista.

You will need to download the following file.

http://www.howtogeek.com/downloads/TakeOwnership.zip

Save this file to Your Desktop

Continue to Step 7

Step 7

Now it’s time to clean out the temporary files. To do this properly we need to be able to view some hidden files. The next steps are to help you to prepare the computer for this.

WINDOWS XP

Windows XP Continue to STEP 8

STEP 7

WINDOWS VISTA

Continue To Step 8

STEP 8

WINDOWS XP

START

Windowx XP Continue to Step 9

Step 8

WINDOWS VISTA

Continue to Step 9

Step 9

WINDOWS XP and VISTA

Continue to Step 10

STEP 10

Resetting Internet Explorer 6

Internet Explorer 7

Continue to Step 10

Step 10

1. Restart your computer in Normal Mode.

2. Be sure to download the tools your are going to need before you start your Cleaning. You may not need all of these tools

3. The Cleaning tools that I consider the most important are AVG, AD-Aware, CCleaner, WinsockXPFix, Malware Bytes, HiJackThis, ComboFix, and SD_Fix

4. I am going to show you how to install and Run each of these programs.

******* Just Click on the name of the program and the download should start immediately *********

Step 11:

ATF Cleaner

Save the File to Your Desktop.

Step 12:

Stinger

Step 13:

Rogue Remover

STEP 14

RNIS

Remove Norton Internet Security is very useful even if you are you do not have Norton Internet security installed. This file will help reset your IE setting and host file to help get rid of browser hijacks.