Trying to remove Nasties from your computer.
In Windows XP
If a scan by any security software produces results of any nasties being present on your computer, the first thing to do is write down the name of what has been detected and its whereabouts. Ensure you spell its name correctly.
You can then check what it is and what threat it is to your computer by looking on the PCTools Infection Database found here:PC Tools
Either browse or enter the infection name in the search box.
Or enter the name of the infection in Google.
If the security program that detected it cannot remove or quarantine it then you will have to use another program.
Download and install SuperAntiSpyware from: SuperAntiSpyware
Once installed, click Check For Updates. Do not run it yet.
Next, download and install Malwarebytes from: Malwarebytes
Once installed , check for updates. Do not run it yet
Finally, download and run ATF Cleaner from:ATF Cleaner
Follow the instructions on the download site to clear out temp files, but leaving your passwords.
Next, set a System Restore point.
Start -> All Programs -> Accessories -> System Tools -> System Restore -> Create a restore point.
Give it a name and click Next.
Having installed and updated those programs it is now time to start trying to clean your computer.
Double click to open Malwarebytes
and run a quick scan. Let it remove anything it finds.
It is better to run some security scans in Safe-mode to prevent any running programs from obstructing the scan and also to prevent any virus hiding in programs.
To start in Safe-mode either :
1. Turn off the PC and when restarting keep tapping the F8 key as soon as the computer begins to start. Once you have got it to stay on the black screen use the arrow keys to select Safe-mode and hit the Enter key.
As you may miss the short time that you have to hit the F8 key there is another way that gets the computer to start in Safe-mode itself:
2. Instead of shutting down the computer as in 1 above;
Start -> Run type msconfig
in the box and click OK
In the System Configuration window select the BOOT.INI Tab
In this page tick Safeboot and ensure there is a dot in Minimal.
Click Apply -> OK
You will be asked to restart, click the button.
When your computer restarts in safe mode you can select SuperAntiSpyware
and in the scan option select FULL scan or words to that effect and run the scan. Let the program either quarantine or remove anything it finds, it may offer to make a backup or restore point, let it.
A word of warning, it will take a long time in full scan mode, but keep checking the progress so that you can make any decisions that are needed. Once completed and everything has been dealt with, run the security program that initially found the nasties. If it does not find any traces now, you have done a good job.
If you used method 1 to get into Safe Mode, Turn off the PC and start it again, it will start in normal mode.
If you used Method 2 to get into Safe Mode, repeat the instructions above, but remove the tick in Safeboot. Click Apply and Restart. When it restarts after using Method 2 the windows configuration warning will appear, just tick the box - “Do not show this message again”.
Then use the computer for a couple of hours.
If everything is OK and you are happy with it, now is the time to dump the System Restore Point that you made before the cleanup (and all others) because it will have a snapshot of the infection. It cannot pose any threat to your PC unless you have to do a System Restore.
Please be assured that System Restore Points on an infected computer cannot cause any threat unless you have to do a restore, BUT it is better to have a restore point that shows the infection than no restore point at all.
To remove all SR Points thus removing any contaminated ones:
Start -> Control Panel -> Performance & Maint. -> System -> System Restore tab
Tick Turn Off System Restore -> Apply -> OK. Then reboot your computer.
Follow the instructions above but this time untick the Turn Off SR box. No need to reboot this time.
Then set a new Restore Point as detailed just after the download instructions above.
If after all the above work you now have a clean computer system, try to keep it clean by using the above security programs to run regular weekly scans and also download and install Windows Defender Spybot Search & Destroy Spyware Blaster
Other Security and Housekeeping FREE software is listed in this thread
Here's hoping you never have to use this, But . . .