More and more, I am being asked to clean up people’s computers which/who’s:

• become horribly slow
• display pop-up
• won’t boot
• web browsers take them to pages they didn’t ask to go to
• etc…

Now a days, it is becoming impossible to perform a cleanup of an infected computer with a single solitary tool.  But which tools are trustworthy?!  That is the real issue.  Sadly, one has to be VERY careful about which tools you use to scan and remove such elements from your computer.  The sad truth of the matter is that many free software available online actually infect your computer with the exact type of threat that you are trying to eliminate.  These companies exploit people who are already in a mess of a situation.  To what end you may ask, it is always the same goal, to collect personal information (credit card number, account information, etc…) or make you buy their PRO version of their software ($$$).  It’s always about information and money!

Regardless.  Below are a few tools (in no particular order) that I have used and trust.

• RKill
• RogueKiller
• Malwarebytes Anti-Malware
• ESET Online Scanner
• SpywareBlaster
• Implementing a Host File, such as (there are others):
  • https://github.com/Ultimate-Hosts-Blacklist/Ultimate.Hosts.Blacklist
  • https://github.com/StevenBlack/hosts
  • https://github.com/anudeepND/blacklist
• SUPERAntiSpyware – I can no longer promote this application, refer to Why I Stopped Using SUPERAntiSpyware – Hidden Processes Revealed
• http://www.safer-networking.org/ – Spybot – Search and Destroy
• http://www.microsoft.com/security/scanner/en-us/default.aspx – Microsoft Safety Scanner
• http://www.mcafee.com/ca/downloads/free-tools/stinger.asp – McAfee Stinger
• http://usa.kaspersky.com/downloads/tdsskiller – Kaspersky Lab’s TDSSKiller

I typically would start using RKill, SpywareBlaster and install the MVPs Host file, before running the other programs for a couple of reasons, but mainly because they are very quick to run. I’d also verify the Windows StartUp items (Task Manager → Startup apps) and running processes from the Task Manager, review the list of installed programs, clear browser cache, check the installed browser extensions, delete temp folder content, …  Then I move on running applications such as: MalwareBytes, RogueKiller, … knowing that these processes will possibly take hours!

Once I get a system back up and running, I remove shortcuts, links, etc. to Microsoft Internet Explorer and install the latest version of Mozilla Firefox, Brave or LibreWolf (there are a whole slew of alternate browser see: http://en.wikipedia.org/wiki/Comparison_of_web_browsers but carefully review all the elements, especially the security and vulnerabilities).  Internet Explorer is known to have more security issues and vulnerabilities and as such I try to avoid it as much as possible.  I also avoid browsers such as Google Chrome because of their privacy statements.  Remember, if you do install a new browser, be sure to re-immunize your system with Spyware Blaster.

Lastly, remember to scan your PC on a regular basis (ideally on a weekly basis, or as a bare minimum at least once a month).
 

Important Notes:

• Always ensure you are using the latest version of each application.
• Always perform an update of the tools (definitions) before running them!
• Remember.  Always rerun each tool until no more threats are identified!  This may mean running certain tools a number of times.

Also, don’t be afraid of a format/fresh install of Windows. Sometime this is the most time efficient and best way to ensure a proper cleanup.

Lastly, SERIOUSLY consider setting up the PC user as a plain Windows User account, rather than the default administrator account. This can greatly hinder the damage that can be caused by such software and/or hackers.
 

For the specific case in which a WinXP computer is in a continuous login loop (brings up the loading windows and then restarts, over and over and over again), please look at Dan’s website and follow the detailed instruction very carefully!  Once you manage to get back into your system thanks to his SaveMe utility, then proceed to run the aforementioned programs to clean it.