Someone at work asked me some advice about spyware removal, so heres some thoughts about how I remove spyware/viruses. I’ve been doing this for about 5 years, and the process I use removes all spyware/viruses about 90% of the time. Disclaimer: Use at your own risk. Don’t be stupid.
I use the following tools to scan computers, all of which can be downloaded free online. Run them in the order listed.
- Process Explorer: (Download here) Use this to kill any processes that you don’t know what they are. Especially kill ones that don’t have a company name/description by them. You cant hurt anything by killing the wrong process, so kill away. If a process you kill causes another one to pop up, then thats definitely a bad thing, and typically is virus behavior. Usually you can kill it by “Killing Process Tree”. If that doesn’t work either, then I find that if you ‘suspend’ a process and its descendants, then you can kill it after that.
- Autoruns: (Download here)This has an option to ‘Hide Microsoft Entries’ — use it. Deleting actual Microsoft programs is generally a bad idea, and shouldn’t be done unless you have a reason. The idea here is to kill anything (press the delete key, or uncheck it) that you don’t recognize, or something that doesn’t have a company name/description next to it. If you don’t recognize it, ask the computer owner/user whether or not they have heard of the program. If they don’t know what it is, then chances are its bad for the system. If in doubt, search for the item on google, and usually there will be some results with people saying whether it is good or not.
- HijackThis: (Download here) This does the same thing as Autoruns, but gets stuff that it misses. Once again, kill anything that you don’t recognize. If it doesn’t list a company name, thats also a warning sign as well. Anything that is misspelled can be a warning sign (like Mircosoft instead of Microsoft, etc.. ). You could just delete everything on the list, because anything that shows up here is non-essential to your computer. However, don’t do that. Things like antivirus (which is useless anyways) and special keyboard programs will break.
- Pocket Killbox: (Download here) This program is useful for a lot of things, but its primary usefulness if you don’t have any general needs is it can delete all tempory files. Its in one of the menu options, just select it, and run it. You’d be surprised at how many Windows bugs (especially Internet Exploiter) are caused by having too many temporary files. It also can signfically slow down your computer if you have too many of these. Pocket Killbox is useful for other things too, but chances are you’ll never use those capabilities. Just delete the temp files and you should be good.
- WinsockFix: (Download here) If the person is having network connectivity issues, then many times WinsockFix can solve them. Just run it, and reboot. If they’re not having network issues, it generally won’t hurt if you run it anyways. Usually I don’t because then you have to wait for the system to reboot.
Well, thats my guide. If you have any questions, then post a comment or contact me and I’ll try to answer it. Good luck!