Update your links! An easy-to-remember address for this site is http://windows.dontexist.com. The -.org and -.net addresses are no longer valid.
A tinyURL to this site is http://tinyurl.com/4mcfn

So the internet is slow, your applications are crashing and popups constantly keep popping up. What's happening? You're probably worried you might have a virus or malware installed on your computer. Don't worry, pretty much everyone has that problem on Windows. You have several options: fix and secure Windows, get a Mac, or use Linux. Read on to learn how to do these things.

1. Regain control now!
2. What can I do?
3. How can I avoid these problems?
4. I am advanced and confident.
5. I'm sick of Windows. Really I am.

If you've lost or overwritten some files and you want them back, The Data Recovery Howto will point you in the right direction.

The first goal of this site is to help you quickly by showing you how you can help yourself, however you must understand that you won't get very far if you're not willing to learn a little bit.

Most of the tips on this page unfortunately do not apply to Windows Vista. Get a Mac, or use Linux.

• I need my computer back now - what should I do?

  Relax.

  If your computer is crashing on startup, you may be able to boot into Safe Mode. If you're able to boot you may still benefit from doing what's described below to uproot any malware that may be lurking on your computer system.

  • Hit the F8 key while booting (just as it says "Now booting Windows...")
  • Choose "Safe Mode with Networking" in the menu that appears.

  Because most programs and drivers aren't loaded in Safe Mode, you may be able load Windows, then identify and remove what's causing the problem.

  1. Once you've entered Safe Mode as described above, download and run the Norman Malware Cleaner to rid yourself of any potential viruses.
  2. Combofix will help you now.
  3. Still in Safe Mode, download and run SDFix.It's updated daily and will search for and remove many of the nastiest malware out there. After running SDFix.exe go to C:\SDFix and double-click on RunThis, which will scan and remove what it finds.
     
  4. If the malware cleaners found anything, they'll usually need you to reboot to fix the issues. You should now boot into regular Windows and continue securing windows.
  5. If you still can't boot ordinarily, the problem could be related to an unintentionally misbehaving piece of software or driver. You'll need to troubleshoot to find out the cause of the problem. There's plenty of people that will do this for you, if you give them something of value in return for their valuable time.
  If you can't boot into Safe Mode, there are still things you can do:
  • You may want to get knoppix, then perform Computer First Aid Using Knoppix.
  • The Windows Administration Console, accessed from the same F8 boot menu where you found Safe Mode, may help you out by letting you run ScanDisk and rewriting the boot sector. This will involve typing commands and requires that you or your helpful geek understands what a boot sector is.

  Note: what I have just described are first aid techniques, which you shouldn't have to repeat unless shit really hit the fan. Once you've removed the malware causing the problem you should go on to securing windows.

• What can I do to make my Windows computer work properly again?

  1. Make sure you don't have virii: download and run SDFix:
     • Follow the on-screen instructions.
     • Try all three different scanners, but start with the 3rd option (Sophos).
     • In the Sophos menu, run a full disinfect scan, a quick remove scan, a reboot and then a full remove scan, in that order. Yes some things really are that nasty.
     • Watch the screen from time to time to see if anything nasty was found.
     • Have some tea, take a nap or go surf the web while the scans finish. It takes a while.
  2. Download, install and run Spybot Search & Destroy
     Spybot search and Destroy searches for nasties and immunizes your system. Update and run it twice a week.
  3. Download, install and run CWShredder.
     "Cool Web Search" is a nasty program that installs iself on your computer that, amongst other things, hijacks your browser and forces you to look at stupid ads. CWShredder will get rid of it for you.
  4. Download, install and use Firefox or Opera
     Firefox and Opera are internet browsers with a lot of cool features, but their main advantage is that they are far more secure. Internet Explorer has a whole slew of security problems that cannot be easily fixed. One of its biggest problems is that Internet Explorer allows people to start programs on your computer without your knowledge. I suggest you always use Firefox for browsing. Internet Explorer should only be used for Windows Update (which we will come to in a second). Really. I have friends that do nothing all day but fix Internet Explorer bugs, and they expect to be doing the same thing for years.

     If you're still not convinced that Internet Explorer is dangerous, the topic has been discussed before.

  5. Always run a good, up-to-date anti-virus program.
     
     • AVG Anti-Virus Free Edition is a good, free virus scanner.
     • Norman Virus Control is good, paid-subscription anti-virus program.
     • There are many more anti-virus programs, like Norton, McAfee, Kaspersky and Sophos. If you already have one installed, be sure to check if it's up to date. Not all anti-virus solutions are good, but even the best aren't worth a damn if you don't update every day! You only need one anti-virus program! They don't play nice with each other, so you could end up in trouble if you have more than one installed at the same time.
  6. Get CCleaner
     and clean your registry and your harddrive with it from time to time.
  7. Run Windows Update once a week!
     It is important to keep your Windows up to date. You'll need to point Internet Explorer to http://windowsupdate.microsoft.com, and then install all the "critical" updates. The first time you do this on your computer, run it repeatedly until there are no more critical updates. Remember that this is the only thing you need Internet Explorer for. Even better: set up XP to download and install updates automatically - that way you won't have to bother with it.
     Notes: If you can't access http://windowsupdate.microsoft.com nor http://www.windowsupdate.com your Internet Explorer might already be comprimized with a browser hijacker. Use Spybot S&D to get rid of it. Furthermore, if you are running a pirated version of Windows XP, you will not be able to install XP Service Pack 2, even though you may be able to download it. If this is the case, ask a savvy friend to help you out.
  8. Download, set up, run and learn to use a personal firewall product.
     One such product is Zone Alarm Personal Firewall, however the anti-virus companies mentioned earlier also sell similar software.
     Understand that there are many, many people on the web that would like nothing more than getting full control over your computer. Furthermore, keep in mind that these people will find it easy to break into your computer. A personal firewall will protect you against such people. ZoneAlarm is an easy to set up and use personal firewall that all Windows users should run to protect themselves.
  9. If you're still experiencing instability, you may have something that is not stricly speaking malware, spyware or a virus, rather an over-zealous copy protection program find out how check if you have, and how to get rid of Starforce. This crap will still make your computer run slower and be less stable, and Starforce may cause hardware damage!

• Okay, I've done all of the above. How can I avoid ending up here again?

  1. Be careful! Investigate the source of a file before opening it! The origin may appear trustworthy, but web sites and emails can be faked to trick you into opening a program or divulging information that can later be used against you.
  2. Browse safely - websites that offer dodgy things like free games or porn, and gambling sites often have a higher interest in breaking into your computer. Yes, in some cases just clicking a link is enough to become infected.
  3. Stay away from search toolbars, "cute icon sets" and other probrams that don't seem to have much purpose. You usually get more than advertized.
  4. Disable Client for Microsoft Networks for your internet connection.
     To verify: Start -> Control Panel -> Internet and Network Connections -> Network Connection -> select your network connection
  5. Disable File and Printer sharing for your internet connection.
     verify using the same dialog as "Client for Microsoft Networks"
  6. Enable Internet Connection Firewall.
     same dialog as "Client for Microsoft Networks". Select "Advanced" tab.
  7. Set up a secure administrator password, and never log in as administrator unless you really need to.
  8. If you're using Outlook or Outlook Express for your e-mail, I strongly suggest you use Mozilla Thunderbird, an excellent e-mail application with good spam filtering abilities. You can even import your existing mail into Thunderbird.
  9. Use Pidgin instead of MSN, AIM, Gadu-Gadu, ICQ and other IM clients. Pidgin will allow you to keep your buddy list and chat with your friends more securely.

• I am advanced and confident (and I won't blame Kacper if something goes wrong).

  1. Download, install and run HijackThis.
     HijackThis lists the contents of key areas of the registry and hard drive--areas that are used by both legitimate programmers and hijackers. You could easily get false positives with this program, so consult with knowledgable folks before deleting anything. Geeks prefer email. Ideally, find out How to Ask Questions The Smart Way, and if you're still having trouble, find out Why Questions Go Unanswered.
  2. Run msconfig.exe (Start -> Run -> msconfig.exe) and clear all suspicious or even borderline suspicious entries from startup. An added bonus will be that Windows will boot up faster.
  3. Even better than msconfig, the Autoruns program will let you examine and remove anything that gets started automatically at boot time.
  4. Remove any programs you don't recognise from your computer (Start -> Control Panel -> Add/Remove Programs).
  5. Check running processes for suspicious entries (CTRL+ALT+DEL -> Task manager). Looking at the running processes often makes you familiar with what should be there and what shouldn't. Stuff like WhatsUp.exe or WJLHOWPDMNW.exe is usually bad. Processes that use a lot of CPU without a good reason are usually good to kill, too.
     AnswersThatWork has a process name reference, and keeps an alphabetical list of programs that might appear in your tasklist, and what these programs usually do. Useful resource.
     Try to kill the processes, and then locate and delete those files. If you cannot delete them or end the processes, write them down and boot into safe mode to delete those files.
  6. Check C:\Program Files for suspicious folders. That's where much of spyware hides. Apoint2K and search bars and anything you don't recognise is bad! It's also a good idea to remove things that you installed but never use. Do this through Control Panel -> Add/Remove Programs.
  7. Sysinterals, however unfortunately recently aquired by Microsoft, has a lot of real good tools for getting back control over your computer. Among others, they have tools to monitor processes, network connections and file operations, and a pretty clever rootkit revealer. Windows won't let you delete a file? These guys have a tool to let you do that, too.

• I'm sick of this shit. Is this the only way I can get my work done in peace?

  No. There's a full-featured, easy to use and free operating system out there called GNU/Linux. You might have heard about it before. It's very good, but don't take my word for it. Try it out! In fact, you can try out linux without installing it.
  

  Mainstream alternative: Ubuntu USB the easy way

  How? You will need an empty USB stick, and a computer connected to the internet. The outline for this simple process is:
  1. Download Unetbootin
  2. Create bootable USB using unetbootin
  3. Boot from USB
  For more details take a look at Creating a bootable USB the easy way.

  Alternative x: boot into knoppix

  How? You'll need a CD burner, a blank cd and a fast internet connection. If you don't have these things, ask a friend who does! Here's what you need to do:
  1. Head over to knoppix.net and download the latest knoppix image from your closest country. You want the file that is marked with the latest date, and ends with "-EN.iso", so for example, to get the newest version of knoppix as of writing, download the file named KNOPPIX_V5.1.1CD-2007-01-04-EN.iso. If you want to verify that your download went well without wasting a disc and a whole lotta time, also get the corresponding ".md5" file.
     The ISO file is a large download. Even with a broadband internet connection, downloading knoppix could take hours. There are many sources for the file, and your speed may increase significantly if you choose a server closer to you.
  2. (Optional, but a good idea) Verify that your knoppix image is complete.
     Get md5summer and open the ".md5" file with it to make sure that nothing went wrong with your download.
  3. Burn the Knoppix image onto a CD with your favorite burning program (Nero, Adaptec Easy CD Creator, CloneCD, Alcohol 120% etc etc). It's not a regular file - it's an exact copy, bit for bit, of a CD, so there's a trick to burning it onto a CD. Look for "Burn an ISO image" in your burning program.
  4. Pop the CD you just made into your CD-ROM drive and reboot your computer. Now, one of two things can happen:
     • If windows boots as normal, reboot your computer again and enter the BIOS by pressing F1, DEL, INS or whatever key takes you to the BIOS Setup screen. Now, look for "boot options" or "boot order" and set up your system to boot from CD-ROM. If you're not sure about this step, call up a friend who knows these things. Once you've done this, save your changes and reboot again.
     • If you get a logo that says "KNOPPIX", just press [ENTER]. This will start up the KNOPPIX Live CD Linux system.
  5. After a short while, you should be running KNOPPIX. Try it out a bit, get familiar. Nothing you do here can damage your computer in any way, so feel free to explore- try pushing as many buttons as you can! I suggest you try:
     • Connecting to the internet.
     • Checking your email.
     • Writing a document.
     • Accessing and viewing documents and files on your Windows harddrive.
     • Listening to music and watching movies you may have on your harddrive.
     • Playing around with all the cool things KNOPPIX has to offer!

Further reading: TeMerc Internet Countermeasures Forum

If all else fails, get a cup of tea. Call up a friend you haven't spoken with in a while. Start reading one of those books you've been meaning to look at. Life without computers is simpler.

Comments and suggestions to this page are always welcome, drop me a line at kacperw-AT-online-DOT-no.

Written by Kacper Wysocki, ©2004 onwards.
This page is licensed under a Creative Commons License.