Posted by: Nathan Simon
IT professional, Microsoft Windows, Security
Once again I saved the day…. Win Antispyware, we’ve all seen it, we’ve all tried to clean it, but how successful can you be with automatic removal tools that never seem to do the job? Well today I used two very important tools, one was process explorer and the other was an application called autoruns, both can be found over at http://live.sysinternals.com/.
First I used Autoruns to find the rogue apps that were loading, if you are a veteran you will know which apps are the bad ones, just remove them one by one, if you have downloaded and placed process explorer into the same folder, you can right click on the name and it will pinpoint the process in process explorer.
Process Explorer can then stop or suspend the application that is responsible for the adaware you are trying to remove. Once it is stopped or suspended you locate the file in the command prompt or windows explorer and delete it. Once you have cornered all the processes responsible and gotten rid of them, remove any system restore points and create a nice new and clean one.
Process explorer can be found here
Autoruns can be found here
Each link will give you a more detailed description on the apps discussed in my blog.