How to Thoroughly Clean Your PC
clear out the sludge !!
This is the most important page on this entire website !!
remove Viruses, Spyware. and Malware (Malware is a loose term, that includes spyware, adware, trojans, worms, auto-dialers, and keyloggers.) - and secure it from attacks at the same time !!
remove "Bloat" (excessive startups, unnecessary files, etc)
*** for Microsoft tech details on security, see TechNet Windows XP Security Guide (warning - this is dry reading)
Here we list the six steps necessary to clean your PC of Disk Errors, missing and Corrupted shortcuts-files-folders, Viruses, Spyware, unwanted Startups and IE Toolbars, and excess Files. Follow all steps once a month or so.
Utilities you will Need
Have the following 6 antivirus/antispyware utilities installed :
Norton Antivirus ($) or McAfee Antivirus ($) or Trend Micro PC-cillin ($) or Grisoft AVG Antivirus Free (Free)
Norton Utilities ($)
Spybot Search and Destroy (Free)
Ad-Aware by LavaSoft (Free)
Bazooka (Free)
Hijack This (Free)
Norton Antivirus should be loaded, with Auto-Protect running in the system tray ALWAYS, and set to automatically scan your hard drives. It should also be set to remind you to run Live Update periodically.
You can use any other similar utility in place of Norton Antivirus and Utilities - but bottom line, they are the best and have a wonderful Live Update utility with a reminder, to keep your Virus definitions up-to-date. Also, there really is nothing like Norton Utilities' "Win Doctor", which typically finds hundreds of errors on most machines, the first time it is executed.
Free Method
Grisoft AVG Antivirus (Free - very good - but not quite as good as the paid versions)
Microsoft Disk Utilities (Chkdsk and Disk Defragmenter) (Free - very good - but no Win Doctor!!)
Spybot Search and Destroy (Free)
Ad-Aware by LavaSoft (Free)
Bazooka (Free)
Hijack This (Free)
Step 1) Check for and Clean Viruses
Install and run your Antivirus program - either the preferred pay method using one of the 3 utilities mentioned, or the free method using GriSoft's AVG utility. Either way, make sure to set the "Auto-Protect" to stay on, although that is the default setting typically.
Initially, scan your MBR (Master Boot Records), which is where most harmful viruses reside. Then do a full scan of your hard drives (all files). This can take hours in some cases, but should be done periodically.
Step 2) Remove unwanted Auto-Startups
*** also see Win95-98 Autostart, WinXP Autostart, and expecially *** Process and Services that you Do NOT Need
a) Startup Folder - Open the Windows startup folder - and remove everything you don't want:
Win98-98: c:\windows\Start Menu\Programs\Startup
Win2000-XP: C:\Documents and Settings\your_User-ID\Start Menu\Programs\Startup
b) Win.ini - Click Start/Run . . . win.ini and look for the Run= and Load= lines. Remove any unwanted startup programs
c) Registry - you can run MSconfig and uncheck Startup items - but it is much better to remove them from the registry (they have a way of getting re-checked in MSconfig all on their own). Open Regedit, and look in the following locations (for WinXP you can add these location as "Favorites"):.
for all versions of Windows:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
- has the folders Run, RunOnce, RunOnceEx, RunServices, and RunServicesOnce
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
- has the folders Run and RunOnce. Remove any startups you don't want
for WinXP only:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg
- has both values and Keys (subfolders). Remove any startups you don't want
Step 3) Uninstall Programs you do not Use
Control Panel/Add-Remove Programs. Uninstall all programs that you will never use. Also look for any spyware programs such as "Viewpoint", etc and uninstall them.
*** for each spyware utility you find, uninstall it, then go into Windows Explorer and find the folder (usually under Program Files") and then delete it. Also, in general look at all folders under Program Files that are unfamiliar. If unsure but you think they may be spyware - rename them with a -test after the the original name, run your PC for a few days, and if all is fine - delete them.
*** also look in c:\Documents and Settings\your_ID\Application Data - look for folders and files that are unfamiliar. There is a good chance they are spyware. If unsure but you think they may be spyware - rename them with a -test after the the original name, run your PC for a few days, and if all is fine - delete them.
*** repeat the previous step with all of the User Account folders under "Documents and Settings" - especially the "All Users" folder !!!
Step 4) Cleanup your Hard Drive every Month with a simple Batch File and ATF Cleaner
**** if all you want is the tool to do this - skip down to my batch file section, Download the two files and run them !!!
Here we use three methods :
batch file to clean out the Temp and TIF folders (TIF - Temporary Internet Files)
Window's own "Clean Manager"
ATF Cleaner
ATF Cleaner
Download from http://www.atribune.org/content/view/25/1/ and then run - check ALL boxes to do a thorough cleaning:
Windows XP included Cleaning Tool, "CleanMgr" Explained - "Cleanmgr" is a disk-cleanup manager included in all Windows from Win98 onward. It doesn't do a lot in Win98, but has gained power in succeeding releases. In Win2K and XP, it's actually a decent little tool that has the potential to clean quite a bit from your system, and can even automatically compress little-used files to make them occupy less disk space. Oddly, simply running Cleanmgr does NOT normally give you access to its full power: But it is very easy to run it with full, aggressice cleaning. Simply do the following to cause the CleanMgr components (SEGESET and SEGERUN) to work together for an excellent full cleanup of your drive:
Run Once to Configure Settings Run Regularly
Start/Run . . .
cleanmgr /sageset:99 Start/Run . . .
cleanmgr /sagerun:99
NOTE: the number "99" just identifies that this is a special configuration of cleanup - you could use any number, really. The Disk Cleanup Tool will now run in a special mode that offers you an expanded selection of cleanup choices. Most importantly, it will remember whatever choices you make now, and re-use those same choices when you use a matching "sagerun" command with the identifier number "99" later on. When you first run "segeset", step through all the choices that the Disk Cleanup Tool offered you, and make whatever choices you wish. Note that some of the offered items may have additional options or advanced settings that become visible when you click or check the item. In general, select everything that's offered, since you are looking for maximum cleaning, so just check everything !! Of course you can select any, all, or none of the offered choices: It's up to you. And don't worry. If you want to change your mind later, you can. Just re-run the command "cleanmgr /sageset:99" and make a new set of choices.
Surprisingly, "CleanMgr" does NOT do a good job of cleaning out the two main space hogs on XP:
C:\Documents and Settings\"username"\Local Settings\Temp
C:\Documents and Settings\"username"\Local Settings\Temporary Internet Files
These two folders always become tremendously bloated, and therefore should be cleaned regularly.
The commonly recommended command - (DO NOT USE) - for windows XP, there is no longer a "Deltree" command (although you can copy the file deltree.exe from Win98 and it works perfectly). The following is the most commonly recommended DOS command:
del /q /s /f *.*
/q - "quiet" mode - do not ask if it is OK to delete files. Just go ahead and delete them
/s - "subdirectories" - delete files in all subdirectories below the target directory
/f - "force" - delete read-only files
The Problem: this command will NOT delete the subdirectories themselves - just their files. This command will completely blow away and recreate the folders - BUT if any files are locked (which they often are) - it will not work for those.
My Recommendation and Batch File
The WinXP version of Win 98's "Deltree" command is the "rd" command, and it works PERFECTLY - deletes files AND folders !!! The only thing you need to do it recreate the main folder . . . but with "Temporary Internet Files", you have no permission to delete the folder, so "rd" deletes everything else, except for a few protected sub-folders and also leaves the main folder intact. For each folder you want to clean, add the following two commands to your batch file:
rd /q /s "PATH AND FOLDERNAME" (do not add *.* to the end)
md "PATH AND FOLDERNAME"
/q - "quiet" mode - do not ask if it is OK to delete files. Just go ahead and delete them
/s - "subdirectories" - delete files in all subdirectories below the target directory
CAUTION: if you are not in the correct folder, these commands will delete "EVERYTHING". For example, if you issue a "cd" command that fails and you stay in the root of C - then your Windows folders and files will be the first to go !! So, in every batch file that you use this command - make sure you first add two commands, while testing the batch file:
dir (to make sure you are in the right folder) and then "pause" (to stop the batch file and give you a chance to CTRL-Break out of the batch file if you are not in the correct folder). Once the batch file is tested and working OK, you can delete those commands.
Adding the other Accounts to the batch file - there are other accounts under "C:\Documents and Settings", and you might as well include them all by adding additional lines to your batch file for the "Temp" and "Temporary Internet Files" cleanup
Finally - here is my Own Clean Batch file - here is my recommended version. It includes a "Before" and "After" listing of the amount of space the Temp Files take - so you can see how much was removed. I do that with the "dir /s" command, which at the end of the files listingJust copy the text to Notepad and save it as an "*.bat" file such as "Clean-User-Temps.bat". The bat file uses folder locations that are specific to your username - so make sure you replace "your-user-name" with the account name that you used for your machine. Just look at the actual folder name if you can't remember.
Clean.zip - Download this File, edit "Your-User-Name", and run
*** includes two batch files
CleanSet.bat (run once only to setup the parameters)
Clean-XP.bat (run this every month or so to stay clean)
@echo off
REM Batch File to Clean out all the Crap upon Reboot
REM Check the total Files "Before" the Clean
REM and make a note of the total amount in Bytes
pause
REM the following line can take a couple of minutes to run -
REM so REM it out if you do not care about the "Before" and "After" snapshots
dir /s "\Documents and Settings"
echo BEFORE Snapshot of all Files in "Documents and Settings" !!
echo make a mental note of the total number of Bytes
echo to compare against the "After"
pause
cls
echo Now we will clean out the "Temp" and "Temporary Internet Files" Folders
echo for all accounts on this machine . . .
pause
c:
cd\
rd /q/s "\Documents and Settings\All Users\Local Settings\Temp"
rd /q/s "\Documents and Settings\All Users\Local Settings\Temporary Internet Files"
rd /q/s "\Documents and Settings\Default User\Local Settings\Temp"
rd /q/s "\Documents and Settings\Default User\Local Settings\Temporary Internet Files"
rd /q/s "\Documents and Settings\"your-user-name"\Local Settings\Temp"
rd /q/s "\Documents and Settings\"your-user-name"\Local Settings\Temporary Internet Files"
rd /q/s "\Documents and Settings\Video\Local Settings\Temp"
rd /q/s "\Documents and Settings\Video\Local Settings\Temporary Internet Files"
cls
echo Folders removed - we will now recreate the folders
pause
md "\Documents and Settings\All Users\Local Settings\Temp"
md "\Documents and Settings\All Users\Local Settings\Temporary Internet Files"
md "\Documents and Settings\Default User\Local Settings\Temp"
md "\Documents and Settings\Default User\Local Settings\Temporary Internet Files"
md "\Documents and Settings\"your-user-name"\Local Settings\Temp"
md "\Documents and Settings\"your-user-name"\Local Settings\Temporary Internet Files"
md "\Documents and Settings\Video\Local Settings\Temp"
md "\Documents and Settings\Video\Local Settings\Temporary Internet Files"
cls
REM the following line can take a couple of minutes to run -
REM so REM it out if you do not care about the "Before" and "After" snapshots
dir /s "\Documents and Settings"
echo AFTER Snapshot of all Files in "Documents and Settings" !!
echo Using your mental note from before, the total amount removed is:
echo Total Removed = After Bytes - Before Bytes
pause
cls
echo We will now run Windows CleanMgr
echo Make sure you have already ran CleanSet" before running this part of the "Clean" routine.
echo If not - the CTRL-Break out of this, run CleanSet.bat, then re-run this bat file
pause
cleanmgr /sagerun:99
exit
Other folders/files that can be cleared out
C:\WINDOWS\Downloaded Installations
C: WINDOWS\SoftwareDistribution\Download
C:\WINDOWS\Temp
C:\Windows\pchealth\helpctr\Datacoll
C:\Windows\Prefetch
Remove your Hotfix Uninstalls - We all have installed numerous Hotfixes. Have you known anyone who actually "uninstalled" a hotfix ?? NO !! So, you'll have a lot of folders in this Windows directory. So long as you've no intention of uninstalling any of those Hotfixes/updates, you can safely delete these: $NtUninstall KBxxxxxx$ (They'll likely be in blue) They take up a lot of space. If you do not see them in Explorer, you need to unhide all files and folders.
NOTE: it's usually advised NOT to delete their associated folders in this directory: C:\WINDOWS\$hf_mig$.
Reduce Space Dedicated to "System Restore" and the space for the "Recycle Bin" - If you have System Restore enabled, have you set a limit on the amount of space it uses? If not, the default size is 12% of your disk space! Set it way down to a minimum. Also, the default amount of space the Recyle bin's set for is outrageous. Set that at 1%, or 2 at most. Finally - empty your Recycle Bin !!
Remove your own Personal Files/Folders that you no longer need - open Windows Explorer, and manually remove any files and folder that you do not need. You may want to invest in "ShowSize", which will pinpoint the folders taking up the most space on your drive - it is an excellent utility and cheap.
Step 5) Remove Spyware
*** first read the Viruses and Spyware page for links and instructions on the 4 anti-spyware utilities
Run the 4 spyware scanners in this order. You will need to run ALL of these to get rid of as much spyware as possible. Also, make sure to update them as much as possible, since new spyware is always coming out on the web.
Spybot - remove all spyware it lists, keep the optional stuff such as cookies
Adaware - review what it finds and be careful as it sometimes lists important utilities and IE Favorites as spyware - BUT you can usually check all boxes to remove everything
NOTE: you may want to pay, and get "AdAware SE Pro" - it has "AdWatch" which continually monitors you system and blocks a lot of spyware from ever coming in
Bazooka (and follow the directions to remove everything it finds)
HiJack This - specializes in finding unwanted IE toolbars and buttons. Be very careful in checking the boxes, because this utility will list some useful programs !!
IMPORTANT - none of these utilities find all Spyware - not even close - for example, recently, Spybot found "AdBureau, Avenue, DoubleClick, MediaPlex, and HitBox" on my PC. AdAware found none of those !! But AdAware found a number of Spyware entries that Spybot missed. The same is true of Bazooka and HiJack This.
Here is the list - download all of them and use all of them. Once a month is enough usually, but if you notice a lot of odd problems, run them again. IMPORTNAT - make sure to run their "Check for Updates" each time before scanning for spyware:
Spybot Search & Destroy - FREE - runs a bit slow because it checks so much. Also has a great "Immunize" feature, so that it not only removes Spyware - but it blocks that same Spyware from re-infecting your PC. This is very important because several versions of Spyware will keep re-appearing as soon as you remove them.
*** Lavasoft's Ad-Aware *** - this is the best by far . . . well, it is the best if you get the paid SE Pro version - which not only scans, but PROTECTS against spyware. For the FREE version, click on "Ad-Aware Personal". You need to ask yourself, is it worth 39 bucks to prevent you from having to continually dig around your PC for hours, trying to rid it of Spyware?? Because that's what you will go through - Spyware has EXPLODED !! It is everywhere now, and it is not uncommon to find hundreds of bits and pieces of spyware on any given system. Go for the $39 version, SE Pro !!! Like Spybot, it also misses some Spyware programs, but not many. But there is an even worse problem - it sometimes lists important utilities that you may need and use as spyware !!! It is absolutely necessary to run - but be VERY CAREFUL and make sure to scan the list of items it finds and uncheck anything you need - so it won't remove them. Luckily it does allow you to undo, in case you miss something and allow it to be removed. Two personal usage examples:
Example - I had an Internet Explorer Favorites folder called "Internet", with bookmarks that have taken me years to save. Ad-Aware wrongly identified numerous Favotites that I use all the time as being "Cool Web Search" spyware. So I removed all the "spyware" and lost many of my Favorites !!! I then had to re-instate them.
Bazooka" - it will not remove the spyware for you, but lists simple instructions on how to remove each threat that it finds. Bazooka finds a couple of spyware programs that neither Spybot nor Ad-Aware can find.
Hijack This - BE CAREFUL !! Hijack may find a lot of "false positives", which are valid program files. This is why it has no default checking of items to be removed - there is an option for that in the Config, but leave it as is, so you have to manually check items. Nevertheless this is a very important utility - because it can get rid of unwanted Internet Explorer buttons, toolbars, and pages that popup when you start IE. No other utility can do this !!! Download: HijackThis 1.98.2 [freeware] from: [author] [site1] [site2] [site3]
*** Make sure to Look for Leftover Spyware - open Explorer and go to Program Files - spyware loves this folder. Look for suspicious folders, check their contents in Google Groups to see if they are spyware, and delete them. Also look in the c:\temp folder and delete any suspicious files.
Step 6) Check and Defragment your Hard Drive
The Pay Method
Open Norton Utilities and run these in this order:
1) Disk Doctor (fixes errors on your hard drive)
2) Win Doctor (fixes errors with your Operating System - usually Win98 or WinXP)
3) Speed Disk** or Windows Defrag Utility - see below:
FAT32 drives (Win98 or WinXP) - run Speed Disk
NTFS drives (WinXP) - use the built-in Windows Defragmenter, which is a slimmed down version of "Diskeeper". For NTFS, Diskeeper is much better than Speed Disk. It is recommended to run Diskeeper's defragment 2 to 3 times, as it does not fully defragment on one pass.
**IMPORTANT: for step 3, every several months, run the Norton Optimization Wizard - and check all options. This will optimize your registry, place the swap file on your fastest drive, and defrag your swap file. It will reboot your PC and should then start Speed Disk automatically, and defrag your drive. If it does not start Speed Disk then start it manually.
OR with the Free Method :
These Microsoft hard drive utilities are included with WinXP.
1) Chkdsk (fixes errors on your hard drive) - see instructions below . . .
2) Disk Defragmenter - a slimmed down version of "Diskeeper". You can run it as follows::
Start/Run . . . dfrg.msc (the file is located at \windows\system32\dfrg.msc)
How to run ChkDsk (Check Disk)
Chkdsk is similar to Norton's Disk Doctor, and must be run during bootup to fix errors. You can run it within Windows to check for errors, however, to fix any errors that are found it must run during bootup. To check your current drive with WinXP on it, simply click Start/Run . . . chkdsk. To check for AND FIX errors, go to My Computer, right-click on the drive you wish to repair, and select "Properties", click the "Tools" tab, and click the "Check now . . ." button. This will bring up the following box:
Select "Automatically fix file system errors", and you will receive this message:
Click Yes and then reboot. The famous blue screen (from when you lockup and have to do a hard reboot) will show up and chkdsk will run and fix any errors it finds.
Step 6) Reboot - and you're DONE !!!
How to Keep the Spyware Away
This is impossible in many cases, but in some cases you can succeed. Spybot has the "Immunize" feature. If you get the "pay" version of AdAware (AdAware SE or SE Pro) it comes with "AdWatch" which also immunizaes your computer against certain types of Spyware. But nothing can keep them all away !!
You can also goto the folders on your PC that contain Spyware, write down the folder and filenames - remove the spyware, create dummy text files with Notepad and save them as the EXACT same filenames - then right-click on each one, goto properties, and make the Read-Only so that the spyware cannot reside there.
