safemode with lan
install d7ii - set autologon, do audit & screenshot system info
backup reg hives, create restore point (to make sure it works), purge all restore points, then re-create one.
auto-profile the malware tab:
most but not all of the pre-removal tab
then run these... Ccleaner auto, MBAR, TDSSKiller, adw cleaner, combifix (read the log), JRT, hitman pro, rogue killer, GMER, super anti spyware, malwarebytes v2, tweaking aio repair.
I'll then reset browser settings
use Ccleaner to delete browser extensions and scheduled tasks & visual aide for installed nasties
would have ran dUninstaller in pre-removal but will run geek uninstaller and/or revo depending on what ccleaner showed. If system is really bad i may also do stinger and emsisoft.
open each browser and check homepage, add-ons, extensions, etc.
-- When happy system is clean --
run a ninite installer for run-times, adobe reader, sumatraPDF, codecs, auslogics & MalwareBytesV2 (d7ii version gets deleted on end session).
install unchecky, adblocker for installed browsers and full install of Ccleaner (again d7ii version gets deleted). will also install our dSS app AfterCare.
will leave ninite installer for classic shell if win8/.1 on desktop for customer if not already installed.
complete Win updates via wsus server (WSUS offline good choice if server unavailable).
will check event viewer for errors and act accordingly.
other things get done on a customised per customer basis, but generally the above gets done on most machines.
I can walk on water, but I can’t perform miracles.