Instructions to Clean Malware From Most Computers

The Preparation:

These steps will insure that your computer is ready to be cleaned and also help you from crashing you computer and not been able to come back up.

• Please make sure that you have all the latest Windows updates from http://windowsupdate.microsoft.com/. Follow the on screen instructions, and you may have to repeat the process more than once.
• Windows XP Users ONLY
  Please also make sure that you at least have Service Pack 1a on your computer. If not please download it from http://www.microsoft.com/windowsxp/downloa…p1/default.mspx
  Without this update, you’re wide open to re-infection, and we’re both just wasting our time.

Also DO NOT install Service Pack 3 until your system has been deemed clean. If you think you have any infection at all, do not install Service Pack 3.

Next lets run ATF Cleaner to clean out your temporary folders where malware and other issues like to hide.

• Download ATF Cleaner by Atribune. (You can also download this batch file that will clean your computer temporary files)
• Double-click ATF-Cleaner.exe to run the program.
  Under Main choose: Select All
  Click the Empty Selected button.
• If you use Firefox browser
• Click Firefox at the top and choose: Select All
  Click the Empty Selected button.
  NOTE: If you would like to keep your saved passwords, please click No at the prompt.
• If you use Opera browser
• Click Opera at the top and choose: Select All
  Click the Empty Selected button.
  NOTE: If you would like to keep your saved passwords, please click No at the prompt.
• Click Exit on the Main menu to close the program.
  For Technical Support, double-click the e-mail address located at the bottom of each menu.
  Now lets backup your registry for an extra safety precaution and so the registry can be restored to this point if we need it.

Backup you windows registry.

• Press Ctrl + r and type regedit or Start > Run and type regedit

• In the registry . . . on the leftside, click to highlight My Computer at the top.
• Go up to “File > Export” [list]Make sure in that window there is a tick next to “All” under Export Branch.
  Leave the “Save As Type” as “Registration Files”.
  Under “Filename” put backup
• Choose to save it to C: or somewhere else safe so that you will remember where you put it (don’t put it on the desktop!)
• Click save and then go to File > Exit.

Last, lets create a System Restore Point in case we need to restore you PC to an earlier state.

• When System Restore opens click Create A Restore Point then Next , Name it and press Create
• In Windows Vista or 7 just type “system restore” and select the system system restore and then you can create a restore point.

The Cleaning:

Now we begin the cleaning process to cure your system of most malware currently on it.

• Please download Malwarebytes’ Anti-Malware from Here or Here
• Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select “Perform Quick Scan”, then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Now lets run an excellent online scanner.

Please do the following to run an F-Secure online scan for Viruses, Spyware and RootKits

• Go to http://support.f-secure.com/enu/home/ols.shtml
• Scroll to the bottom of the page and click the Start scanning button. A window will pop up.
• Allow the Active X control to be installed on your computer, then click the Accept button
• Click Full System Scan and allow the components to download and the scan to complete.
• If malware is found, check Submit samples to F-Secure then select Automatic cleaning
• When cleaning has finished, click Show report (this will open an Internet Explorer window containing the report)
• Highlight and Copy (CTRL + C) the complete report, and Paste (CTRL + V) it in a notepad where you can save it to post later on if you create a malware topic

If Automatic cleaning with Submit samples hangs, click Cancel, then New Scan

• When the cleaning option is presented, Uncheck Submit samples to F-Secure
• Click Automatic cleaning

Notes:

• This scan will only work with Internet Explorer
• You must have administrator rights to run this scan
• This scan can take several hours, so please be patient

The Final Steps:

With these final few steps, you will be ready to post your log for review by one of our highly trained malware removal specialist’s.

Please make sure not to have any P2P programs, Cracks, Keygens, or Warez installed on your PC.

Downloading cracks and keygens from P2P programs (ex: Limewire, eMule, uTorrent, Kazaa ) is one of the most common ways to get infected. This is strictly forbidden providing that they are seen as illegal under British and American law. We highly recommend that ALL P2P programs, Cracks, Keygens, and/or Warez be removed before posting.

Finally, lets run the diagnostic tool which will give you a log that one of our staff members will be able to read and assist you with:

Click here to download HJTInstall.exe

• Save HJTInstall.exe to your desktop.
• Double click on the HJTInstall.exe icon on your desktop.
• A window will pop up, and simply click Install.
• By default it will install to C:Program FilesTrend MicroHijackThis.
• When it is completed installing HijackThis, it will automatically launch and you will be presented with the License Agreement. Click on the I Accept button.
• Once the license agreement is gone, click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
• Click on “Edit > Select All” then click on “Edit > Copy” to copy the entire contents of the log.