The reason is because the 8 steps don't deal with a few key issues regarding infections.
The biggest issue not addressed is rootkits. We experimented with this today at the office, using the tools mentioned. At the end, we installed Kaspersky Internet Security 2009.
The second the computer rebooted after Kaspersky was updated, etc, it caught an infection. The infection was named Temp01.exe, buried deep in the folder tree, called from an entry point in the registry that absolutely none of the logs in the 8 steps pointed out.
What happens, then, is this. The rootkits, typically trojan downloaders, open up a back door to your computer. Just like the Trojan Horse in the War of Troy, they invite other infections. In no time whatsoever your computer will be infected all over again. Unless you are a professional well versed in rootkits and kernel hooks, chances are very, very high of rapid reinfestation.
If I may recommend some steps for you to effect a nearly fully automated process, it would be these:
1) Download
Combofix and
READ THE TUTORIAL BEFORE PROCEEDING.
2) Download
Malwarebytes
3) Download
Hijackthis
4) Download
Rootkit Hook Analyzer
5) Download
AVG 8 Free or
Avira. I used to love Avast, but this year we've seen numerous infections that Avast can't deal with effectively, failing to remove the key components.
6) Download
WinsockXP Fix
It is of utmost importance that you follow these steps precisely. If I incorporate it into a guide I will incorporate details from the 8 step guide. For now, use that guide as a reference for tips on how to use the programs mentioned.
Run
Combofix in Safe Mode (Press F8 repeatedly after the BIOS post screen).
Tutorial and current status is here It is important that you read the tutorial before proceeding!
Restart in normal mode and remove any old protections, including Spybot. Removal tools are available for
AVG,
Norton and
McAfee.
Install/update AVG8 or Avira. Preferably AVG8 due to it's superior antimalware/rootkit component. Avira Antivir Pro is the good one, but it's a paid product. The other two best paid products are Eset NOD32 and Kaspersky.
Install/update
Malwarebytes.
Do a full system scan with Malwarebytes. AVG 8 will pick up little pieces along the way with it's Resident Shield. Quarantine them. At the end of the scan, click "view results" and then "repair all unhealed infections".
Do a file cleanup and registry cleanup with CCleaner (uncheck the installer category before analyzing/repairing). Do NOT forget to save a backup of the registry before cleaning all entries (you will be prompted for this). The reason for doing the CCleaner registry cleanup now and not earlier is because it will remove broken registry entries left behind from the malware cleanup, especially in the case of removing infections called from abnormal entry points.
IMPORTANT NOTE!: It is absolutely
imperative that you save a backup. CCleaner can break your HP printer driver install, necessitating a reinstall of the driver disk. It can also break applications served up by a terminal server or installed from remote locations.
To avoid this, uncheck the "application paths" category. You can quickly recover the repairs by double clicking on the backup file and saving it back to the registry.
Do a scan with
Hijackthis and save the log. Do not edit any of the entries at this point.
Do a rootkit scan with
Rootkit Hook Analyzer (click on Analyze). When the scan is done, do NOTHING except click the Export button and export the log to a text file.
Finally, at the end, do all Windows updates, java, flash and shockwave to address key vulnerabilities. Be careful if you have an AMD based machine, especially HP and Compaq, in installing SP3. There is a file in the system32\drivers folder called intelppm.sys that will cause the computer to blue screen on reboot every time until you rename/remove it (this can be done from Safe Mode).
If, at the very end, you can't connect to the internet, run
WinsockXP Fix if you run Windows XP. If you run Vista, right click on the network connection and click diagnose/repair. Finally, restore your browser defaults (Under Tools > Options > Advanced)
Directions on how to use most of these tools is in the 8 step removal process thread.
Upon completion, post all logs in this thread and I'll take a look at them for you. As you may have been able to tell, I combat infections professionally, numerous times a day. 99 times out of 100, we do a complete repair without reformat. In other words, I'm very, very good at what I do.
Many moons ago I used to distribute infection code on a BBS. These infections were capable of totalling hard drives and even motherboards and modems. Fortunately I grew up and now fight for the other side.