I've worked in a small computer shop for several years and we do anywhere from 30-60 virus removals per week. Here is the step-by-step process that I've refined after working on countless customer computers. I've included links and several how-to's for those with additional questions. I hope it helps out!
Boot to safe mode using F8 key at boot (before windows load screen) -How To-[1]
Run Combofix[2] (this is a surgical malware removal tool with 50 steps. Don't download the windows recovery when prompted to do so) -How To-[3] It helps to RENAME the Combofix[4] file to something other than the default as some malware looks to block it from running. If combofix wants to restart, ensure it restarts back into safe mode)
Run TDSSKiller[5] , remove anything found -How To-[6]
Restart in normal mode
Run Revo Uninstaller[7] (this program is used to uninstall programs that are highly malicious in nature which may leave un-wanted pieces of themselves behind using the normal uninstall process. (Uniblue Registry, Crawler Toolbar, Ask Toolbar, Registry Mechanic, Frowstwire, Limewire, Smilebox, Gamevance, Playsushi are just a few examples) -How To-[8]
Run CCleaner[9] -Uninstall unneeded but non-malicious installs (ie Google toolbar, HP Games, etc) -Adjust startup (delete all startup entries that are not required for normal use) -Clean registry (remove all bad entries found. There is no need to do a backup) -Clean temp files (remove all temp files using the stock CCleaner[10] settings)
Run TFC[11] (this will probably reboot the PC) -How To-[12]
Turn off system restore. XP users: -How To-[13] Vista or Windows 7 Users: -How To-[14]
Install Malwarebytes[15] --make sure you decline the offer
Install Microsoft Security Essentials[16] (OR antivirus of your choice)
Install Spybot Search and Destroy[17] uncheck *ALL** additional settings for Spybot.
Ensure all of these are UPDATED TO THE THEIR LATEST DEFINITIONS!!!!
Run Malwarebytes[18] (ENSURE THAT Microsoft Security Essentials[19] IS already INSTALLED, UPDATED, and READY TO GO) --Remove any and all entries found (reboot will most likely be required) --Microsoft Security Essentials[20] (or your antivirus) will likely find infections as Malwarebytes[21] scans. Remove these findings as well
Run a quick Microsoft Security Essentials[22] Scan or quick scan of your antivirus (long scan if you like overkill) --Remove any infections found
Run Spybot Search and Destroy[23] (will require another round of updates most likely once started) --Remove any infections found
---At this point your PC should be virus free. The following steps help to ensure it stays that way:
Check browser settings --Homepage (
Google[24] , make this the default search as well) --Delete any malicious search engines (Crawler Search, MyWebSearch)
Check firewall is on (located in security center) -How To-[25]
Ensure all drivers are installed (check device manager) -How To-[26]
Install any service packs as necessary (use standalone's when possible but you can use windows update) ---XP is up to Service Pack 3[27] ---Vista is up to Service Pack 2 (32-bit)[28] (64-bit)[29] ---Windows7 is up to Service Pack 1[30]
Install any Internet Explorer browser updates (again, upgrade to max supported using stand-alone installers when possible) --XP can use Internet Explorer 8[31] --Vista and Windows 7 can use Internet Explorer 9[32]
Install all windows updates (except windows search and live essentials) -How To-[33]
Install software updates (iTunes, Adobe Reader, Java, Flash, etc.) ---USE THE HIPPO[34] TO MAKE SURE YOU GOT IT ALL. It is also a good idea to install more browsers than just Internet Explorer like Firefox and Chrome. Make sure all browsers have Google search and homepages are google.com)
Immunize (must have opened up all browsers at some point or the immunization will not take properly.) ---Spywareblaster[35] (make sure manual updating is selected) Download any updates. Immunize all. ---Spybot[36] Run the immunization tool
Re-run CCleaner[37] --registry + temp file cleaner
Defrag as necessary (I like Defraggler[38] )
Here is a condensed section of tools for easy download:
Combofix[39]
TDSSKiller[40]
Revo Uninstaller[41]
TFC[42]
CCleaner[43]
Malwarebytes[44]
Microsoft Security Essentials[45]
Spybot Search and Destroy[46]
Spywareblaster[47]
File Hippo Update Checker[48]
Defraggler[49]
