Step 1: Put Computer in Safe Mode
Which in the picture above is the monitor with the power symbol next to it. All you need to do is click the icon and select “Boot in safe mode with Networking”.
If you can’t connect with Bomgar you can use the guide located here at https://community.shaw.ca/docs/DOC-1017 to lear how to start computers into safe mode with networking.
Step 2: Run Temp File Cleaner
Make sure that the C drive is selected in the top left hand corner of the software as in the picture above and click clean to start the process. This cleans out the temp files making the virus scans finish faster.
Once this is completed proceed to step 3.
Step 3: CCleaner
Once this software is open click the registry icon on the left hand side and then you should see the menu pictured below.
Once on this screen make sure all the options are selected as in the above picture and click scan for issues. Once the scan is complete select fix selected issues. After running CCleaner for the first time backup the registry when prompted. Runs after this no longer need to be saved. Delete the selected items, and repeat this step until no issues can be found.
Once no issues are found, proceed to step 4.
Step 4: Malwarebytes
First download and install the free version of Malwarebytes found at www.malwarebytes.org. Make sure during the install to not activate the free trial of Malwarebytes Pro. This will cause messages to pop up after the trial has expired.
Once the software is installed, click the scan icon in the top middle of the application and select custom scan. You will need to select the hard drives that need to be scanned and set it to “scan for root kits”. If it is setup correctly it will appear as in the picture below.
Click “scan now” to start the scan, once the scan has finished remove all malware that was found on the PC.
Proceed to step 5.
Step 5: SuperAntiSpyware
Download and install SuperAntiSpyware at http://www.superantispyware.com/download.html.
AS in the picture above, click “Complete Scan”. Once teh scan is completed, follow the on-screen prompts to remove any found threats.
Proceed to step 6.
Step 6: Extended Cleaning
Now repeat the scans from steps 4 & 5 until both Malwarebytes and SuperAntiSpyware come back with no threats detected.
If ther is a virus that can’t be removed proceed to step 7.
Step 7: Case by Case Removal
This procedure will work to remove most viruses, though if there is a virus that is not removed the best course of action is to find a specialty software designed at removing it. Software such as AVG Antiviurs Remover, Combo Fix, etc., though you will need to determine the software required for these cases as they are needed on a case by case basis.
Step 8: Uninstall Software
In this step uninstall any software you installed to clean the machine, such as Malwarebytes, SuperAntiSpyware, and any case by case removal.
Be careful not to start the trial of Malwarebytes as this will cause pop ups on the user’s computer a week later about the trial ending.
Also when running CCleaner be careful with the registry files since this software is cleaning out unneeded files and it can cause problems if it deletes a needed registry file.
Final and most important consideration, is that if the cleaning of the computer appears that it will take an unreasonable amount of time, such as 3+ hours, re-imaging the PC may be more cost effective. Discuss this with the client and decide what the best course of action will be for the client in situations such as these.