Skip to content

Malware Removal and Tune-Up

STEP 1: Remove Malware

  1. Run rkill.exe – this will kill several known Spyware processes
  2. Malwarebytes Anti-Malware
  3. Kaspersky
  4. Spy Sweeper
  5. Adaware
  6. SpyBod Search & Destroy
  7. CWShredder
  8. McAfee Avert Stinger

Specific Malware removal:

STEP 2: Applications Tune-Up

  1. Uninstall unused applications
  2. Run HijackThis and parse it at http://www.hijackthis.de
  3. Run Auto-Runs to identify applications that do not need to be ran during start up

STEP 3: HDD Tune-Up

  1. Run CCleaner to remove any unnecessary temporary files and registry entries
  2. Run Defraggler to defrag hard drive
  3. Run SpinRite v6 at Level 4 for hardware maintenance

STEP 4: Physical Cleaning

  1. Dust out inside of case (if working on machine locally)
  2. Wipe down screen and tower

STEP: Data Backup for OS Reinstall

  1. Review each installed application with the customer
  2. Backup any serial numbers, product codes or activation codes necessary to reinstall the software
    • Windows Product code
    • Microsoft Office Product codes
    • Other Microsoft Product codes
  3. Documents and Settings
    1. C:\Documents and Settings\USERNAME\Application Data
    2. C:\Documents and Settings\USERNAME\Desktop
    3. C:\Documents and Settings\USERNAME\Favorites
    4. C:\Documents and Settings\USERNAME\Local Settings
    5. C:\Documents and Settings\USERNAME\My Documents
  4. Intuit Quick books default data folder
    • C:\Documents and Settings\All Users\Documents\Intuit\QuickBooks\Company Files\
  5. Microsoft Outlook
    1. Outlook Settings:
      C:\Documents and Settings\USERNAME\Application Data\Microsoft\Outlook
    2. Outlook PST:
      C:\Documents and Settings\USERNAME\Local Settings\Application Data\Microsoft\Outlook
  6. Firefox Bookmarks and Add-ons
  7. Deauthorize iTuenes account if possible
  8. Drivers if already on C:, this can save alot of time finding and downloading drivers
  9. Anti-Virus\Anti-Spyware product codes in the event that the software is still active
http://www.bleepingcomputer.com/virus-removal/

By Bryan Luce 12:59 pm

0 Responses

Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.

You must be logged in to post a comment.