This tutorial is for spyware, adware, and malware removal. Before proceeding, please read through this entire tutorial. Please proceed with caution, incorrect handling may cause damage to your computer.

In this tutorial I will ask you to place all of your downloads and extractions on your Desktop for easy access. You may clean them up after we have completed everything.

Estimated time to complete tutorial: 4 – 6 hours
Level of difficulty: Intermediate

I request that during the scanning procedures please do not run any other applications to prevent slow scanning and possible interference.


Tools needed:
roguescanfix_setup.exe
Ad-Aware SE Personal
Spybot - Search & Destroy 1.4
ewido anti-malware
SmitRem
KillBox

***Warning and Disclaimer***
This is a guide created to help you get rid of the annoying spyware, adware, and malware that lurks on your computer. I have done this many times and it works fine, but if anything goes wrong I will not be held responsible. However, if you would like help, you may post it here and I may be able to help you.
Use at your own risk!!!


1.) Print and carefully read all the instructions, because you will need to close all programs later.

2.) To decrease the scanning time of unnecessary files, please do the following:

------a.) Delete Temporary Internet Files by:

------------i.) Load up Internet Explorer > Tools > Internet Options > (then click on Delete Cookies, Delete Files, and Clear History)
Note: Deleting the cookies, files and clearing the history may take a while, please wait patiently.

------------ii.) Do this in addition to the above if you use Mozilla FireFox. Load up FireFox > Tools > Clear Private Data > check all of the boxes except Saved Passwords > click on Clear Private Data Now.

------b.) Empty Recycle Bin.

3.) Download roguescanfix_setup.exe and place it on your desktop.

4.) Click on roguescanfix_setup.exe found on your desktop.

------a.) Select your language and click OK.

------b.) At the Setup Screen click Next.

------c.) Select I accept the agreement and Click Next.

------d.) Click Next two times.

------e.) Click Install.

------f.) It will begin to install the files and after it finishes you will see Completing the Roguescanfix Setup Wizard. Do not deselect Launch Roguescanfix, leave the box checked. Click Finish to complete installation.

5.) Roguescanfix will start and Command Prompt will be loaded, the credits screen will be shown. Press Enter to continue. Type the number 1 in and click Enter. At this time, please close all windows and exit all programs except the Command Prompt and click Enter to continue.
*This process will require internet access, if your firewall blocks it, please allow it to continue.*

-- The process will begin and the Desktop Icons and Taskbar will disappear and then reappear. This is normal, so please do not be concerned.

-- A window called BFU will pop up with the message ‘Completed script execution’. Notepad will also open, just exit notepad and press OK to the BFU.

-- After you have clicked on OK, it will now open The Brute Force Uninstaller, just close it by clicking Exit.

6.) Download Ad-Aware SE Personal and place it on your Desktop.

7.) Click on aawsepersonal.exe and the Setup will begin.

------a.) Click Next.

------b.) Select I accept the license agreement and click Next.

------c.) Click Next three more times. It will begin installing Ad-Aware onto your computer.

------d.) Uncheck all three boxes and click Finish.

------e.) Click on the shortcut of Ad-Aware SE Personal located on your Desktop.

------f.) A window will open saying that your definitions are out of day and asks you to check for updates. Click OK.

------g.) Click Connect. Then click OK. The definitions will download and when it finishes click Finished.
*Updating the definitions will require Internet access, if your Anti-Virus program blocks it, please allow it to continue.*

-- Do NOT click Start. We will be doing this later.

8.) Download Spybot - Search & Destroy 1.4

9.) Under Download, download the following on to your Desktop:

------a.) Spybot - Search & Destroy 1.4
------b.) Detection updates
------c.) Tool update

10.) Click on spybot14.exe located on your Desktop.

------a.) Select your language and click OK.

------b.) Click Next.

------c.) Select I accept the agreement and click Next.

------d.) Click Next four times and click Install.

------e.) Spybot will begin it’s installation and a confirmation setup screen will appear after installation was successful.

------f.) Click Finish.

------g.) Spybot will start and a window will appear. Check the Don’t show this message again box and click OK.

------h.) Spybot Wizard will begin and just click Next three times. After you have done that exit Spybot.

11.) Locate spybotsd_includes.exe on your Desktop. Double-click on it and click Install and then Close.

12.) Locate spybotsd_tools.exe on your Desktop. Double-click on it and click Install and then Close.

13.) Download ewido anti-malware (this is a trial version, it will only be available for 14 days) onto your Desktop.

14.) Click on ewido-setup.exe to start the setup.

------a.) Select your language and click OK.

------b.)Setup will begin to load, click Next when you see the Setup Wizard.

------c.) Click I Agree.

------d.)Click Next two times.

------e.)Uncheck ‘Install background guard’ and ‘Install scan via context menu’ then click Install. It will then begin to install ewido.

------f.) Wait for the Completing the ewido anti-malware Setup Wizard... screen and click Finish to complete the installation.

------g.) Load ewido anti-malware shortcut from your Dekstop.

------h.) From the side Menu, click on update and then click on Start update. It will need an internet connection, so let it through if a firewall blocks it.

------i.) After the update completes (the very bottom of the window will have Update successful) exit ewido.

15.) Then go Here. Scroll down and click on Smitrem.exe to download, save the downloaded file to your Desktop.

16.) Click on Smitrem.exe to begin load Self-extracting Archive. Please extract the folder to your Desktop for your convenience, then click on Start to begin extracting.

--You will receive confirmation that the files have been successful extracted, simply click OK. On your Desktop, you should see a folder called smitRem.

17.) Then Restart your computer and boot into Safe Mode. Here is how to do it:

------a.) Restart your computer. (Start > Turn Off Computer > Restart)

------b.) Windows will log off.

------c.) Continue to click on F8 until you are presented with Windows Advanced Options Menu.
*On some computers if you begin click on F8 too soon, a error message with Keyboard Error will arise. Just Restart your computer and try again.*

------d.) Select Safe Mode and click Enter.

------e.) Select the operating system you were currently using (usually there is only one option) and click Enter to continue onto Safe Mode.

------f.) You will see a lot of multi(0)disk(0)rdisk(0)partition(1)\, this is normal.

------g.) At the Log In Screen, chose the User that you normally use (it is usually not Administrator).

------h.) You will then see a Window labeled as Desktop, press Yes to continue on to Safe Mode.

18.) On your Desktop, find a folder named smitRem and open that folder.

19.) Find a file named RunThis.bat with the details as MS-DOS Batch File, 519 KB.

------a.) Click on it to run that file.

------b.) Command Prompt will load once again, press Enter to continue.

------c.) Press Enter to continue.

------d.) Close all Windows and Programs running except the Command Prompt and then press Enter to begin the clean up.

------e.) It will then prompt you to progression of malware software. To allow it to uninstall if it the malware is found on your computer simply click Enter.

------f.) After it has prompt you to all the different malware softwares, SmitRem will begin to remove all the bad files. Press Enter to begin the process. During this time the Desktop Icons and Taskbar will disappear and Command Prompt will begin to scroll through a long list of files.

------g.) Once it has completed, press Enter to continue to do a Disk Cleanup.

------h.) Press OK.

------i.) Disk Cleanup will begin and it will remove all files that are left behind from the malware removal process.
*This process may take up to 1 hour to complete depending on how much trash you have on your computer.*

--When this process is completed, it will automatically exit. A text document will be created where you partition your hard drive (usually C:\). You can view this file

20.) Now run Spybot – Search & Destroy.

------a.) Click on Check for problems.

------b.) Spybot will begin its search, please wait patiently for this process may take a while.

------c.) When it is done, click on Fix selected problems. There will be a confirmation pop-up, click Yes.

------d.) The repair will begin and when it is completed, click OK.

------e.) Then click on Immunized located on the Menu on the left. It will run its check for protection.

------f.) At the top click on Immunize (not from the side menu, click on the one that has a green plus sign). After it has immunized, exit the program.

21.) Run Ad-Adware SE Personal.

------a.) Click Next. Select Perform full system scan and click on the circle with the ‘X’ mark to make it search for low-risk threats as well.

------b.) Click Next.

------c.) When the scan is finished, click on Next.

------d.) Right-click somewhere on the list and select Select All Objects. All the items on the list should have a check mark in the box.

------e.) Click Next.

------f.) It will ask if you want to continue, click OK. It will then remove all the objects.

------g.) Click Startto begin the scan once more, but this time select Perform smart system scan.

------h.) Select and delete all the items on the list.

22.) Open ewido, click on scanner on the left Menu.

------a.) Click on Complete System Scan, the scan will begin. This process will take a while, please be patient.

--If ewido finds anything, there will be a pop-up saying Infected object found!. Just click on OK, and the file will be deleted.
*There will be quite a few so you have fun strengthen your finger*

------b.) After the scan completes, it will tell you how many items it found.

------c.) Go to quarantine from the side Menu. Click on the first item, it should be highlighted now. Then scroll down the to end of the list and hold down Shift on your keyboard. With Shift still held down, click on the last item on the list with your mouse. All the items should be selected now. You may let go of the Shift key.

------d.) Click on Remove Finally and click Yes to remove all the items and exit ewido.

23.) Restart your computer back into Normal Mode.
*Your Desktop will be changed back into ‘None’ which will be blue. This is normal, no need to be alarmed.*

24.) Open Internet Explorer (not Mozilla FireFox or Opera).

25.) Go to BitDefender to do an online scan.

------a.) Click on I Agree to continue.
*You may need ActiveX to run the online scan, just let it download and install.*

------b.) Then click on Click here to scan.

------c.) You will see a pop-up, it is receiving updates on the latest signatures. It will close after it is finished.

------d.) The scan will begin, you can click More Details to see what it finds. Again, this will take a while, so be patient.
*This will take a minimum of 1 and half hour.*

------e.) After the scan is completed just exit it. BitDefender automatically tries to disinfect the file and if that fails, it deletes it.

------f.) It will ask you if you want to send a report to the company and you can select Yes or No.

26.) Then perform a Panda Online Scan.

------a.) Click on Scan your PC. It will open up a new window.

------b.) Enter your Country, State/Province, and Email Address and then click on Send.

------c.) Select Home User or Company and then click Scan Now.
Note: It may require you to download ActiveX Control, in which case you just allow it to download and then install (this may take a few minutes depending on your connection).

------d.) Select Local Disks and the scan will begin.

------e.) After the scan has completed, click on See Report and save a copy of it by clicking on Save Report and save it to your Desktop.

------f.) Exit Panda Online Scan.

27.) Download KillBox.

28.) Open KillBox.exe.

------a.) Select the option Delete on Reboot.

------b.) Open the text document you just saved labeled Activescan

------c.) Copy and Paste one address at a time onto the Full Path of File to Delete and click on the red circle with a white ‘X’

------d.) It will say ‘File will be Removed on Reboot, Do you want to reboot now?’ Click on No and continue copying and pasting the full address onto KillBox and clicking the red circle.
*The more infected files you have, the longer it will take.*

------e.) After you have completed putting all the files on KillBox, Restart your computer.

29.) You can now delete all the applications, shortcuts, and extractions that have been placed on your Dekstop.

--Change your Background back if you haven’t already done so.

This tutorial must of taken a long time for you to write up. For Malware there isn't really much for it. Mostly it is Spaywares and Adwares.

Those two softwares are good. There is another which is also good. Spysweeper.

Very well written and very indepth.

Suggestion, maybe you could list all the softwares involve on the top before starting, so a person will just download all of them first then install when you say.

PINNED.

it took about an hour and a half to type it up and make sure everything was correct.

thanks for the suggestion lonely, i will do that.

I shall try that too when i am free. 4-6 hours? That definitely will take some time...