1) As soon as you notice you are infected, unplug your internet connection or turn off your wireless.  This will prevent the infection from spreading, and will isolate the offending program from its source.

2) Boot into Safe Mode

3) Run your favorite antivirus/anti-malware program.

This post is really about Safe Mode – how do you get there?  There are a couple of ways depending on the operating system you are using.  Here’s the Microsoft Page on the topic.

Windows XP

If XP is the only operating system installed on your computer, boot into Safe Mode with these instructions.

• If the computer is running, shut down Windows, and then turn off the power
• Wait 30 seconds, and then turn the computer on.
• Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a “keyboard error” message.  If this happens, resstart the computer and try again.
• Ensure that the Safe mode option is selected.  If you are trying to clean a machine that is virus laden, choose Safe Mode Without Networking.
• Press Enter. The computer then begins to start in Safe mode.
• When you are finished with all troubleshooting, close all programs and restart the computer as you normally would.

If you don’t want to bother with function keys, you can use the System Configuration Utility method.

• Close all open programs.
• Click Start, Run and type MSCONFIG in the box and click OK
• The System Configuration Utility appears, On the BOOT.INI tab, Check the “/SAFEBOOT” option, and then click OK and Restart your computer when prompted.
• The computer restarts in Safe mode.
• Perform the troubleshooting steps for which you are using Safe Mode.
• When you are finished with troubleshooting in Safe mode, open MSCONFIG again, on the BOOT.INI tab,  uncheck “/SAFEBOOT” and click OK to restart your computer.  THIS STEP IS CRITICAL.  If you don’t change this back, then the computer will continue to boot in Safe Mode until you do.

Windows 7

Safe Mode in Windows 7 is basically the same as XP – use F8 to get to the Safe Mode startup screen.  MSCONFIG is slightly different – Safe Mode is called Safe Boot, but otherwise the process is the same.

• Well that didn't take long - iPhone 3Gs jailbreak is released Independence day for iPhone 3GS users is here.  George Hotz has released an application that will unlock the 3GS so that you can install whatever applications you want, not just what Apple wants you to have.  The blog post with instructions is here.  You need Windows (but not windows 7),......
• Growl for Windows Growl v2.0 beta 18 was recently released for Windows - should you care?  If you are like most people, it is getting harder and harder to keep up with everything happening around you on the web.  Twitter, facebook, email, calendar, IM - the draws on your attention are almost overwhelming. ......
• 10 Windows 7 Tips So far, Windows 7 is the bee's knees.  The more I find out, the more I like, which is saying a lot - with operating systems, it's usually the other way around! Here are a few things that make Windows 7 neat.  Big thanks to Tim Sneath for most of......
• iPhone Tips - 10 things you may not know Here are 10 things you may not know how to do on the iPhone. Web Clips:You can create a short cut to a web page as an icon on your iPhone.  To do this, tap the "+"  when on a web page, then tap "Add to Home Screen."  This will......
• Remote reboot from MMC Have you ever needed to reboot a machine remotely? This is easy to do via MMC, the Microsoft Management Console. In XP, do the following. 1) Right click the My Computer icon and choose manage to bring up the MMC. 2) From there, go to the Action menu and choose......

• How to Remove BlockDefense | Block Defense Removal Blockdefense is yet another of these wolves in sheep clothing that make some computer users lives so miserable these days. It is from the same group of malware that includes Trustninja, save soldier, and savedefense. These are part of a group of rogue antivirus programs that are part of the......
• Washing Windows 101 Washing windows is one of those household chores that no really looks forward to. But cleaned windows can really give the appearance of your home, both inside and out, a boost. If you've been spraying window cleaner and rubbing away with paper towels, or hosing off those upper floor windows,......
• Zero-day ( 0-day) Microsoft Word exploit There was some news on this last night at Incidents.org, today F-secure has some details as well on the trojan that's dropped in this circulating, exploit. It seems as though the initial attack was very targetted against a specific organization. Antivirus packages did not recognize the trojan that the exploit......
• How to Remove Windows PC Defender | Windows PC Defender Removal Windows PC Defender is a rogue antivirus application that resembles the legitimate antispyware known as Windows Defender from Microsoft. Their intent apparently is to mimic the look an theming of that application to trick potential customers into trusting and downloading (and paying for) their product. It is a clone of......
• Windows lost administrator password rundown.... I've done one or two mentions in the past of ways to recover/reset lost windows passwords and thought it was probably time for another "brain dump/web research dump" of things that I've run across. This is not just for lost administrator passwords, but could apply to a lost user account......

Windows update was not working at all – one if the viruses had put in their own DNS entries so that when you click on Windows Update, you got sent to Google.  It had also removed DNS entries for all of the update sites for the major anti-virus and anti-spy-ware sites.  Once that was corrected I was able to run several virus and malware scans with updated software.  There were some viruses (50 or so) that were cleaned, several reg hacks that were fixed and the drives were de-fraged, but I’m still having issues.

Right now, there are two problems left.  First, some of the recent windows updates won’t install (sp3 for example).  The installation starts, goes for a few minutes then I get a pop up that says “installation cancelled”.  Frustrating, but I’m assuming this is a virus I have not eradicated completely yet.  The second problem is that the machine will randomly freeze.  I don’t know if this is hardware related (heat? disk? memory?) or part of a virus.  This was the initial complaint from the owner, by the way – that the machine would randomly freeze.

I’m using Zone Alarm, Ad-Aware, IO-Bit, and malwarebytes.  Next up, McAfee.

• Windows 7 - First impressions So far so good - I installed the beta on a couple of laptops in the last month, and so far I like what I see.  It's very much Vista centric, but without the sllllloooooowwwwwness.  Boot time is much improved (under a minute) and there are some added features that......
• Growl for Windows Growl v2.0 beta 18 was recently released for Windows - should you care?  If you are like most people, it is getting harder and harder to keep up with everything happening around you on the web.  Twitter, facebook, email, calendar, IM - the draws on your attention are almost overwhelming. ......
• WEP vs WPA Another question I get asked a lot is on Wireless security.  People get very confused by the security options out there, and the industry doesn't help by adding acronym after acronym.  So what do you do?  The answer is fairly simple - secure your network with WPA!! There are lots......
• 10 Windows 7 Tips So far, Windows 7 is the bee's knees.  The more I find out, the more I like, which is saying a lot - with operating systems, it's usually the other way around! Here are a few things that make Windows 7 neat.  Big thanks to Tim Sneath for most of......
• Dual core processors for mobile devices? ARM dual core chips for iPhone, Palm Pre next year CNET is reporting that ARM, the company responsible for designing the architecture behind most mobile comuting CPU's said  that mobile phone makers will be delivering devices that run on ARM"s latest dual core CPU's as early as next year. They are referring to the ARM Cortex-A9 MPCore application processor.  According......

• How to Update Bathroom Cabinetry Whether you have only a little bathroom cabinetry or a large vanity and other cabinets throughout the room, updating the cabinetry can refresh your bathroom in the absence of a total remodel. Bathroom cabinets can start looking worn prematurely, usually much faster than kitchen cabinets, because of all the moisture......
• Antique Singer Sewing Machine Antiques -> Sewing -> Machines and Machine Parts If you love sewing collectibles and are trying to build up your collection, one of the best additions you can find is an antique Singer sewing machine. These machines can enhance any personal collection and may even be the focal point in......
• Low Cost Computing for a Baby Boomer Lifestyle I rely heavily on personal computers for work and home activities. So do you. One of my objectives over the past couple of years has been to reduce the cost of computing in the one area where cost-control is easiest: software. I have found many free software applications that work......
• My Take on Windows Vista When I bought my laptop (my first and only laptop by the way...), it came pre-installed with Windows Vista Home Premium. And being a Windows user all my life, I had my qualms and doubts. You probably know of BSOD (blue screen of death) and the many viruses directed at......
• How to Remove Anti-Virus Elite | Anti-Virus Elite Removal Guide Anti-Virus Elite is a rogue antivirus application. These rogue antivirus applications pose as a legitimate security application, but in reality is a scam to try to trick you out of money. They will find and claim that there are multiple security problems with your computer. They will claim that you......