It is best to have the windows xp computer in "Safe Mode with Networking"
before doing the Free Online Virus Scan by pressing "F8" when
turning on the computer and selecting:
"Safe Mode with Networking".
|MalwareBytes AntiMalware||Good at removing Trojan.FakeAlert, WindAntivirusXP WinAntivirus Pro||http://www.malwarebytes.org/||http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html|
|Dr Web CureIt||Good at search redirects in Internet Explorer. Good at removing rootkit Bakcdoor.TDSS on sys32\drivers\atapi.sys.||http://www.freedrweb.com/cureit/?lng=en||http://majorgeeks.com/Dr.Web_CureIT_d4783.html|
|TDSSKiller by Kaspersky||Another TDSS Remover for browser redirects||http://support.kaspersky.com/viruses/solutions?qid=208280684|
|Kaspersky Virus Removal Tool||Stand Alone virus scanner||>http://avptool.virusinfo.info/en/|
|ComboFix||Installs Windows Recovery Console and removes some malware and spyware||http://www.bleepingcomputer.com/download/combofix/||http://www.bleepingcomputer.com/combofix/how-to-use-combofix|
|SmitFraud Fix||Removes some rogue anti-spyware with fake taskbar security alerts and changed backgrounds to scare you into buying.||http://siri.geekstogo.com/SmitfraudFix.php||http://www.bleepingcomputer.com/files/smitfraudfix.php|
|LSP-Fix||Fixes Network Winsock2 registry due to Internet not working after removal of NewDotNet and other spyware||http://www.cexx.org/lspfix.htm||http://www.bleepingcomputer.com/files/lspfix.php|
|ATF Cleaner||Cleans TEMP folder and TEMPORY INTERNET folder and other temp files, including java cache, history and cookies||http://www.atribune.org/index.php?option=com_content&task=view&id=25&Itemid=25|
|Gmer||Detects and removes some rootkits. (Hidden processes and files)||http://www.gmer.net/||Sysinternals Autoruns||Remove stubborn IE toolbars. View all programs starting with PC||http://technet.microsoft.com/en-us/sysinternals/bb963902|
VundoFix (Winfixer Popups)
View IE History
Microsoft: Regedit - Load Hive
Microsoft: Recovery Registry from System Restore Point
folder is not accessible. Access is denied
OUTPUT batch results and errors:
delvirus.bat > results.txt 2>&1
Explain: test.bat 1> results.txt --> outputs results (dont need 1)
Explain: test.bat 2> errors.txt --> outputs errors
Password Recovery Tools
Get Product Key of Office and Windows
ShareWatch - See who is using what shares on your computer
CurrPorts - See all network ports that are open and by what process. So you can see why your network light is flashing
CurrProcess - List all current processes and their DLLs
Winlister - List all windows that are open and their programs
View all open files and which process opened it. Close so you can delete the file if needed.
Reg Scanner - Open reg key by key name. Search for all results at once instead of pressing F3
InjectedDLLs - View DLLS that may be trojans
ZipInstaller - For programs that don't install. It puts in a folder and creates a program shortcut. Also create self-Install EXE files
Roadkil.Net - Free Roadkil's Undelete, Unstoppable Copier (Copy damaged Hard Drives), Disk Wipe, Raw Copy (Transfer sector by sector so you don't have to reinstall OS)
TestDisk - Recover Lost Partitions, Fix FAT Tables, Undelte Files
Aida32 - Detect System Devices
Hard Drive Diagnostic Tools
WD Data Lifeguard Diagnostics
Seagate SeaTools for Windows
Use MSINFO32 to Print out (printout) Startup (MsCONFIG) items:
Clcik on Software Environment -> Startup Programs.
Then click on File -> Export. Type in a filename such as "startup". The startup items are saved as a text file so you can print them.
net use X: \\Hostname\Share /user:machinename\username password /savecred /p:yes
echo Copying Data to External Hard Drive
echo %date%, %time% > N:\lastlog.txt
xcopy "\\Jeff-PC\QB\" "X:\Backup\QB" /e /y /c /i /h /r /k /d /g >> N:\lastlog.txt 2>&1
type N:\lastlog.txt >> N:\netlog.txt
Could replace /d with /m instead.
/E Copies directories and subdirectories, including empty ones.
/Y Suppresses prompting to confirm you want to overwrite existing destination file.
/C Continues copying even if errors occur.
/I If destination does not exist and copying more than one file, assumes that destination must be a directory.
/R Overwrites read-only files.
/H Copies hidden and system files also.
/K Copies attributes. Normal Xcopy will reset read-only attributes.
/D:m-d-y Copies files changed on or after the specified date. If no date is given, copies only those files whose source time is newer than the destination time.
/G Allows the copying of encrypted files to destination that does not support encryption.
/M Copies only files with the archive attribute set, turns off the archive attribute.
Settings -> Stop Task if it runs longer than: 1 day
If the task is already running then the following rule applies: Stop the existing instance
schtasks /create /tn "Batch Backup" /tr "backup.bat" /sc onstart /rl highest
Run task every time Windows starts
schtasks /create /tn "Batch Backup" /tr "backup.bat" /sc daily /st 20:00:00 /rl highest
Run task every day at 8pm
schtasks /create /tn "Batch Backup" /tr "backup.bat" /sc hourly /rl highest
Run task every hour
schtasks /create /tn "Batch Backup" /tr "backup.bat" /sc minute /mo 30 /rl highest
Run task every 30 minutes
schtasks /run /tn "Batch Backup"
Run the task immediately
You have to Run command Prompt As Administrator or you get "Error: Access is denied" for schtasks /create
Add /ru "system" to have batch file run in background without popping up
for /f %%a in ('wmic path win32_localtime get dayofweek /format:list ^|findstr "="') do (set %%a) echo %dayofweek% for /f %%a in ('wmic path win32_localtime get day /format:list ^| findstr "="') do (set %%a) echo %day% set drive=E: set folder=batbackup md "%drive%\%folder%" md "%drive%\%folder%\%dayofweek%" pause
Should I try PTPDrive to get a drive letter for the iPhone?
Get Windows Product Key or Office Product Key from Registry
produkey.exe /regfile "F:\WINNT\system32\config\software"
http://registry-finder.com/- Great registry editor with find and replace
Secure Delete files
Built into windows: cipher /w:C (Wipes all files with 3 wipes in free space on C: drive)
sDelete -c C: (Cleans hard drive free space with 3 passes (DoD 5220.22-M Method. Pass 1: Write 0s, Pass 2: Write 1s, Pass 3: Write random characters)
sDelete -z C: (Writes zeros on free space (faster) 1 pass)
How to delete personal data to sell computer
To Sea Breeze Computers Main Page These two start a scan but don't download active x first: http://security.symantec.com/sscv6/vc_scan.asp?pdisc=1&vc_prescan=1&ax=1&vc_scanstate=2&langid=ie&venid=sym&plfid=23&pkj=XVWFLSIVFWMFKPXKBQW http://security.symantec.com/sscv6/vc_scan.asp?pdisc=1&vc_prescan=1&ax=1&vc_scanstate=2&langid=ie&venid=sym&plfid=23&pkj=IOYFPJUIYCZRWEJGSSK This one starts a neat scan in Europe (does it do activex?) http://security.symantec.com/ssc/vc_scan.asp?langid=in&venid=sym&plfid=23&pkj=XFYFPJUIYCZRWEJGSSK This one does the US scan and downloads activex: http://security.symantec.com/sscv6/vc_prescan.asp?langid=ie&venid=sym&plfid=23&pkj=JMIFESLHFEPGEVVSDUX&vc_scanstate=2