Dear fellow forum members,
Sometimes a machine may be so badly infected, a complete reinstall is all that is left to perform, otherwise clean a machine in the following fashion. Disable system restore, install CWShredder, install Ad-aware + updates & run this, also install Spybot S&D + updates, and run it. IN regular mode: Install MS Antispyware + updates, install firefox, Safemode with networking, run MSAS, install HijackThis and run it, run msconfig and remove all start-up entries except MSAS and antivirus and anything else the user may need or has requested to leave. Shift + delete HijackThis and remove it from the program file list. Shift + delete CWShredder.exe. Remove any spyware programs, still in add/remove programs delete leftover icons, shortcuts, and favorites, etc.
Optional is to run ipfix if need be, or run winsock fixing if necessary. Your client now feels as hug as a bug in a rug, but needs to update his or hers virus definitions, need a firewall install, leave Ad-aware, Spybot S&D & MSAS on the machine. Instruct the owner to use Firefox, install firewall entries for them, else you get a lot of OMG!'s every time the firewall pops up, and ask them something. This might be an approved method. What kind of routines do you guys follow.
Have a nice virus-free day,
polonus