Tried Method of virus and spyware removal for Windows XP users

Hi,

For many years now I have helped others in removing virus, spyware, Malware, pups, adware, browser redirectors, keyloggers and such from their Windows XP based PC's.

I feel there are many out there capable of doing these steps but not everyone...know your limits..if you are novice then do not try this.

***Warning*** these instructions are for users familiar and comfortable with making changes to their computer and should not be attempted by those who are not experienced making changes. Proceed at your own risk.

I will share my most common method that works for me. You must be patient and follow steps carefully. Please do not skip ahead or run programs out of order, it might cause a reboot that will take you out of safe mode

If you have access to another computer that you can save files to and copy to the infected machine that will be useful.

1.) backup any important information prior to beginning if you can.
2.) work quickly, some virus will stop your ability to navigate
3.)Re-boot computer and during boot hit F5 and or F8 keys to get you into safe mode with networking option for boot.
4.) Once booted in safe mode with networking you will need to clear the contents of several file folders but not delete the folders, only clear the contents.
5.) Right Click on the "Start" button on the bottom left of your desktop, go-to properties, click the "start menu" tab at the top right of dialog box, choose classic start menu. Click apply then click OK. This step will allow you to have the same "my computer" icon on your desktop and more closely simulate the instructions written in this message and avoid differences that cause confusion.
6.)Now double click on "My Computer" icon on desktop. then double click on Local Disk (c then "Documents and Settings" then choose the folder that identifies the user name you use for this computer such as your name or way you signed on to windows at log in. now you will see approximately 6 or so folders but we need more so go to top of displayed window and click "tools" scroll down to "folder options" find view tab at top and click on it, next check the following two boxes:
1.) Display the contents of system folders
2.) Show hidden files and folders
then find the boxed that is checked that says: "Hide protected operating system files. uncheck it it...you will get a warning message...click OK and then click "apply" and OK then close the folder option window.
Now you might see approximately 16 or so icons in your user window.
7.)Now choose local settings folder
8.) Double click on the "temp" folder and choose edit at the top, then select all, then file, then delete...clear everything out of this folder...some items may not delete...that is OK..
9.) now choose temporary internet files...clear out the contents of this folder
10.) now choose history and clear out contents of that folder.
11.)now click "back" arrow in upper left explorer window one time.
12.) find "application data" folder and double click..then find "macromedia" and double click, then "flash player" then double click, then "#Shared Objects" and double click, then you will see a numbered folder, double click, now hit edit at the top and select all, then file and delete all.
13.)Now close out of all windows open and then double click on my computer again
14.) double click on Local disk (c then double click on windows, maximize your view and find folder named "prefetch" double click on this folder and clear the contents.
15.) also clear the temp folder in the windows folder
16.) Close all open windows
17.) empty your recycle bin
18.) using another computer know to be virus free, download two applications from the internet: Spybot Search and destroy from safer networking...also download Malwarebytes and save these two downloads to CD.
19.) put the Cd into the "infected" computer and load both programs
20.) Now we "configure" spybot search and destroy....you must take all updates available...this will update the program, now we have to apply these updates...click on "immunize" to do this...once you click on immunize, you will see three number columns at the top right...1.) Unprotected
2.) Protected
3.) total
click on immunize and let run until progress meter completes then immunize again until "protected" column matches "total" column, this might take three runs of immunization.
Once this is complete you need to click on "Mode" at the top left, choose advance mode and click yes.
now along the lower left side choose "settings" ,
now in the large white area of screen choose "file sets ", make sure all boxes are checked, this requires scrolling down to reveal last box called user tracks, be sure ALL boxes are checked. once done then move curser over to upper left area and choose settings,
scroll down to "program start" heading and find box that says "immunize on program start if program has been updated" be sure the box is checked
now look down a few columns to find "web update" check the box that says: "search the web for new versions at each program start.
Now your are ready to click on top left button that says Spybot-S&D
Now click box that says check for problems
You might get a message asking permission to clear temporary folder, choose yes and let it run until complete.
takes around 10 -20 minutes to run depending on speed and size of your hard drive.
When complete you will see many boxes appear with red and green type, check all boxes that appear and then click "fix selected Problems" at the top
The red boxes are malicious and green are user tracks...deleting them all when your system is infected is best so you start fresh.
Close Spybot search and destroy and install Malwarebytes, update it and run "quick scan" when it is finished then click on "show results "now on lower left choose remove selected...then close the big box, you will find a smaller box now asking you to reboot your computer, click yes.

I find that these two programs find most all problems
if problems persist after running both then re open spybot search and destroy
after it opens (be patient please, it looks for updates..then applies them to be sure you are getting up to date protection)
now click on Tools at lower left of application
now choose "system startup "
this shows all application and process that will launch at system boot.
look through this list of anything in color (usually in yellow or red) and look carefully to see if you know the process or see under the command line that process is from Microsoft or java or flash or something you clearly know about, uncheck box of any suspect process and reboot.

This Process of unchecking a suspicious process can be undone and can be the most valuable tool in making your system truly virus free....if after a few boots and computing cycles you find your machine is working good with no problems, then go back to this area and delete the unchecked boxes, note where they are in the command line and delete them yourself.

I hope this detailed tutorial provides freedom from plagues to your system.

Please purchase Malwarebytes and donate to Spybot Search and destroy, they are very useful and greatly deserve our support.

Final step is defragment your Local Disk (C drive about 5 times....be patient...but do it
steps for this are:
Click on "my computer "
right click on Local Disk (C
scroll down to "properties "
select tab at top that says: 'tools "
choose defragmentation

run it a few times...you want blue to cluster tightly on left with as few spaces as possible, the more you run it the faster it will run because it has fewer files to move...
After you complete final defragment then check your drive for errors
choose "my computer "
then Local Disk (c
then top tab "tools "
choose "error checking" click on "check now "
check box boxes and click start reboot if asked and then reboot again.

***important***
now correct your file viewing back to default by doing the following:
a.) double click on "my computer "
b.) click "tools" at the top
c.)scroll down to folder options
d.) choose "restore defaults" or customize to your preference

Spybot Search and destroy should be run often...it has a "scheduler" option that you can program to run each day or night...is useful

Happy computing