Fix Windows after a virus attack with Automatic System Cleaner
You have two basic choices when it comes to deciding what to do after a successful virus attack on your system. You can try and repair the damage after you have made sure the virus is gone for good and has not left any nasty bits behind, or you format everything and start anew.
If you select the first option, you may need to spend quite some time fixing and repairing things, depending on what damage the malicious code caused on your system.
While it is certainly possible to repair Windows manually, it is sometimes better to use a program for that, especially if you are not really sure what needs to be done.
Automatic System Cleaner is a free program for Windows that you can use for that purpose. The portable program provides you with action lists that you can customize to your needs.
The program displays options in the first tab, and the various scanning, repair and reset options in the five other tabs it makes available.
It is set to create a restore point and to backup the Windows Registry by default, and will reboot the PC when it has run all operations. You can modify the behavior here if you like, but it is highly suggested to create a backup of sorts before you click on the execute button.
The Actions
The security tab offers integration for CCleaner, Malwarebytes and Vipre, that you can use to scan the system, or perform a rescue scan in the case of Vipre.
What this means is that the selected programs will be run one after the other by Automatic System Cleaner. The documentation confirms that the required programs will be downloaded by the program, even if they are already installed on the system.
Here you can also update the host file, which will replace it with the MVPS hosts file, remove installed toolbars, and disable security notifications which turns off UAC and the security center during program run.
The performance tab contains actions to prune the autoruns using an internal list of programs that do not need to be run on start up.
Services will be reset to their default values if the action is selected. The author notes that this should not be used if the system is connected to a domain.
Here you can also enable various other performance related optimizations, such as optimizing the system's resource usage (by applying various tweaks such as enabling large system cache, disabling page zeroing or paging executive.
The maintenance tab schedules system file defragmentation, hard drive defragmentation using Defraggler, and a Checkdisk run on the next start up.
In addition, it is set to reset file and Registry permissions on the system.
The last two tabs contain various fixes that reset ir repair Windows features such as Windows update, Network Interfaces, Windows Installer, file associations, the Task Manager, or printer install errors.
Verdict
The majority of actions are selected by default which is not necessary in most cases. It is recommended that you go through each tab manually to uncheck actions that you do not want to run.
The program displays a help icon next to each action that you can click on for additional information. This loads a documentation page on the author's website where everything is explained in detail.
Tip: Click on the uncheck all button under Options to deselect all actions.
Automatic System Cleaner is a useful program for Windows users who need to repair the operating system after a virus attack. While part of the options that it makes available are not linked to the recovery, they may prove useful nevertheless.
Advertisement
So I was just most curious about the HOSTS file auto-updates (which I have on my phone). Downloaded, unchecked everything except HOSTS, and it basically didn’t work (win 8.1). That’s cool: I just went and copied the hosts file contents myself (thank you), but I noticed the autoclean site itself wasn’t completely updated (the latest version is 2.5, the blog lists only 2.4; some pages were blank). Mere curiosity had me search the filename to see if the dev had a twitter or a newer website, but the results of THAT search reminded me of what I’d LOVE to see you cover: all these effing “security blogs” that falsely report every single file on your system as “suspicious” (not after a scan or anything, but because they know people search either trojan names that mbam reported, or maybe filenames they’re curious about, and I think these bloggers just want pageviews; maybe they’re deploying malware, IDK).
That greatis.com site is fishy to me, and it was one of many BS sites that reported “autoclean.exe” was actually, TADA, Trojan.Muldrop3. (http://greatis.com/blog/how-to-remove-malware/autoclean-exe.htm) —And greatis.com’s blogger goes the extra mile to make THEIR “unhack me now.exe” (made up filename, but something like that) look all official. Then they have a guaranteed rootkit remover because, you know, rootkits are the scariest.
I think you should do an article about all these crap security sites. Hell **I’ve** named exes “autoclean” before; there was no information from greatis about where one might pick up autoclean… I’m just super-annoyed. I mean, to make NORTON look good somehow is an accomplishment.
And you know, I’ll throw in that bleepingcomputer.com site, too, not because they’re malware promoters or anything, but because they’re SO CAREFUL that they’re useless. They make people with the most obvious problems ever (“I downloaded from cnet and have this toolbar now…”) post about 2 BILLION LOG FILES (all printed on the damned forum at the request of the forum people) before saying, “okay run mbam and reboot.” (I’m oversimplifying I know, but damn is it frustrating. In fact I think I put bleepingcomputer in my HOSTS).
I just don’t see anyone talking about these self-styled sec experts running blogs that try to look like c. 1995 Norton “important security updates” which, IIRC, just told you why you needed to d/l their updates. And ANY SITE that bills itself as a security site, but sends someone to cnet for a download, should be ripped from the annals of web history. There are so many (oh, some with those domains with-the-thousand-dashes-in-them.com), and while I think most people KNOW to stay TF off such sites, I can’t be the only one with friends/family who DON’T know, and who WILL ruin our Sunday afternoons by “getting infected” because of these menace to society sites. Why Google and Bing and DDG don’t BAN these assholes is beyond me, but someone should do an exposé so hopefully THAT will come up in a web search. (Or we can copy/paste/email the article to our relatives and friends). Even ZDNet is a virus now (after a fashion: they tell you to buy two or three AVs and a few extra firewalls because if you have to ask, you need it; then they tell you to buy more crap to speed up your strangely slow computer.)
Awesome, but understated. Tell us what you really feel.
And as the one the family turns to, “ditto.”
LOL, yes I do get upset. The issue is exactly why I’m no longer mad at MS (or a few distros of Linux, or even Apple ) for “dumbing down” the OSes. In fact, I think the next versions of all the big web browsers should have a parameter where ANY search for filenames or trojan names gets the user happy cat pictures (unless you turn that option off in the “Advanced/This Will Make Your Computer Explode and give you Cancer” tab) —oh yes, the bliss I feel already just thinking of such a thing.
just curious, why vipre?
You will have to ask the developer that question. No idea really.
The application hasn’t been updated since 2010 and it’s only 32 bit.
It does run on 64-bit systems though. Did you run into any issues using it?
Just checked. Didn’t run as I don’t believe in these “Windows fixing apps” (and I have nothing to fix).
In the worse case just run Windows repair.
Oh. Well maybe that’s why it threw an error (and force closed) when I tried to change the hosts. It’s older than win8, and win8 is stricter with who edits the hosts file.
Okay then! I just ran it for a few simple things (64bit Win 8.1) as admin — set a restore point and backed up the registry. That worked, and even the hosts file worked (I checked, and app dumps nice, readable logs files in app’s home directory too). I’m not letting it do all that other stuff, but I’d feel comfortable telling someone to go to that page and download the version, uncheck stuff, re-check the basics. Most ppl I have to help are still on XP and shouldn’t get the FC (whatever win8 calls force closed) that I got.
If you really want to repair virus damage, run Windows Repair All-In-One available from http://www.tweaking.com. That program has a huge list of things that can be reset to defaults or otherwise repaired – stuff that viruses actually do screw up. The program reviewed here doesn’t seem designed for virus repair, but more for general “fixes”. Some of it does seem to duplicate what Windows Repair All-In-One does, but I think the latter is better (and with a better interface as well.)