How to remove malware from your computer.

Some of my friends are having malware problems. I think it may be easiest to post the process I use at work. This will clean the computer most of the time. One thing I need to say is that removing malware may cause data loss and/or your operating system to become unusable. However, leaving the malware on your computer is unacceptable for most people.

First thing I will note is the definition of malware, so you have an idea what you are dealing with.

Virus malware effects your computer as a whole and includes:
viruses - malware that propagates (infects) only with user intervention.
worms - malware that propagates (infects) without user intervention.
rootkits - malware that uses Windows rootkit technology to infect computers. Very dangerous.

Spyware malware attaches itself to your browser and includes:
Spyware - malware which either lifts your keystrokes or records your activity.
Adware - displays pop-ups, re-directs webpages, and changes ads on webpages.
Greyware - programs that are not intentionally malicious, but is generally not considered good to have on your computer either because of performance or instability.

Now just listing a step by step process would not be practical since each infection is different and there are many different ways to remove malware. Instead, I will give you guidelines and leave the specifics to you. You may have to google certain processes, since I don't want to use up too much space explaining details. Also, all links for programs are at the bottom.

* If a virus scan detects viruses in the restore, turn it off. It means all your restore points are gone, but that is the only way to get rid of viruses there.

* Use online scanners unless you have a good virus scanner installed (ie: NOD32, bitdefender, or kaspersky). The virus scans should be ran first thing in the removal process so you can get an idea what you are up against, and to get rid of the easy malware. If it detects restore viruses, turn restore off. Virus scans should also be run at the end of the virus removal process, to pick up any malware the other malware removers didn't remove.

* Use hijack-this early on to remove registry keys and other values to help remove the malware later. A guide to using HijackThis I've included with the link to the program. I would recommend removing any program from startup that isn't necessary or wanted, as this will also help speed up you computer later.

* Run CCleaners file remover and registry cleaner. Not only will this help speed up future scans, but it may take out some malware in temporary files.

* ComboFix and SDfix: These programs remove some of the more nastier rootkits and viruses. It should be run if anything serious is on your computer. They should be ran after using Hijack-this and CCleaner. Download Combofix to your desktop and rename it something like deleteStuff.exe. Download SDfix, extract it, and then run "runthis.bat" and press u to update. Afterwards it will extract itself again. then run combofix and SDfix (runthis.bat) in safemode.

After running an online scan, hi-jackthis, ccleaner, combofix and sdfix, most of the malware should be gone. Install ad-aware and spybot S&D to start removing spyware. In the "tools" section of spybot, you will see the activeX and BHO's section. You should remove all of them (you can re-install anything you remove later). After than, run the basic scans.
If you see a BHO that keeps popping up again after deletion, or any other file that seems like it just won't go away, you will have to boot the recovery console using the windows cd and remove it there. Use the command del [file path]. Example: del c:\windows\system32\badBHO.bat.

Keep running anti-spyware and anti-virus scans until they all come up clean. If anything won't go away after the first scan, then you will need to remove them manually as the last paragraph explained. Afterwards, if your computer does not run well (viruses can damage your OS) try a repair install. If that doesn't help, you may end up having to wipe/reload windows anyway.

links:
Eset - has an online virus scanner
Bitdefender's online scanner - another online virus scanner
Kaspersy - has a online virus scanner based on java (ie: doesn't need IE)
HijackThis
CCleaner
Combofix guide & DL - sometimes their DL link does not work
SDfix
Safer Networking - home of spybot S&D
lavasoft - creators of adaware

edit: apparently blogger.com does not want to post a href to the hijackthis tutorial. Here it is http://forums.majorgeeks.com/showthread.php?t="38752"