So you have a computer system you infected by a virus your current anti-virus software can’t eliminate. You try downloading other software, but that doesn’t help. You final hope is going to the local geek shop and having them repair your system for more money than you’d like to spend, right? Wrong. In this very, very brief tutorial, I’m going to show you were you need to look in order to pluck those wily suckers from your system, to delouse it and bing it back to usable condition. Sort of.
See, what I’m about to show you can be done by just about everyone, but it will require some guidance, particularly from Google. Come to think of it, here are your requirements:
- Access to the Internet.
- A second computer, since the first SHOULD be off the Internet. In theory.
- A thumbdrive.
- HijackThis.You may also want to print this tutorial on HujackThis.
- A printout of the following websites. (If you have access to the web on a safe computer then you don’t have to pint these, though you may still want to.)
- A tutorial on looking for and clearing trojans: http://www.governmentsecurity.org/places_viruses_trojans_hide_startup
- A tutorial on MSConfig: http://netsquirrel.com/msconfig
- This tutorial you’re reading right now. This very one.
Note: This tutorial comes with no guarantees expressed or implied. If you screw up, you’re on your own. Sorry to be so blunt. I’m a Mac and Linux guy. I’m just putting this up because it might be helpful to some who read this. If what you read here scares you or you don’t have the patience, just pay someone to do what I’m about to describe.
Alright, here we go:
- Disconnect your infected computer from the Internet if you can, if you have access to another system. If you can’t that’s fine, but you run a few risks. Sorry.
- Go to another computer and download “HijackThis” to a USB stick. You’ll need this tool AND you need to do this from another computer in order not to run the risk of infecting your thumbdrive.
- Start your computer in Safe Mode. Reboot then when the very first system screen comes up (whether it be the “Dell” or “HP” splash logos, or whether it be the motherboard running through a system check) start pressing F8 fast and repeatedly until you get the Safe Mode prompt, a text-only screen that should come up before “Windows” shows up.
- When you’re finally logged into safe mode (it usually looks like crap because all the drivers that make everything look nice are turned off), go to Start > Run and in the window that appears type “msconfig” (without the quotation marks).
- In the MSConfig you can tweak a lot of stuff, so you may want to read the tutorial on MSConfig you were supposed to have printed if you plan to mess around with it extensively. For now all you’re doing is going through the Startup tab and unchecking everything you don’t recognize. (You may still want to read the tutorial, just in case.) To be safe, though, you will want to search for information on everything you’re about to uncheck.
- With Notepad, open C:\Autoexec.bat. This file should be empty. If it’s not, delete everything here. (Backup the file, just in case. Call it… “Autoexec.bak” or something.)
- With Notepad, open C:\Windows\system32\drivers\etc\hosts. This file should also be empty unless you’ve put something in here. If it’s not, delete everything here, but back up the file just in case.
- Read the tutorial you were supposed to print on trojans. Do everything in that tutorial.
- Install and run the HijackThis tool. (For any questions, refer to the tutorial I asked you to print on HijackThis.) Post your results to a HijackThis forum. You can (and should) also research each result using a reputable search engine.
And that’s pretty much it. Yeah, I know, it sounds hard. It’s kind of annoying, that’s for sure. It’s why people charge $80 to do this. But if you have the time and are short of funds, then this is a great way to learn about the ins and outs of your computer. Good luck.
(Thanks go out to RoboNick for this info.)