Computers and the Internet are great productivity tools at work and great entertainment vehicles at home. But dealing with a PC that’s been infected by a virus, spyware, adware or other malicious program - all known as malware - can be very frustrating. If you know your machine has been infected then you have a bit of cleaning task in front you. Fortunately, there are some proven steps you can take to get your machine back to where it should be. If you are unsure if your machine is infected, but suspect so because of poor performance, unwanted pop-ups (even when you are not surfing), or other unusual behavior, then it will be wise for you to follow these steps as well.

1. Backup your Data. If you have a lot of data you need to save and your machine is functioning well enough for you to copy it to an external hard drive, memory stick or CD then you should do this first. If you don’t have an external hard drive then you should really consider one. I like the Western Digital Passports. If you are going to copy the data to another machine on your network, first make sure that machine has adequate anti-virus protection (see below) as some of your data files may be infected.

2. Upgrade your Virus Protection. In my opinion the easiest and best way to do this is to get rid of whatever other package you have and install AVG Anti-Virus Free Edition. It’s a very light weight, real-time AV scanner that works. Download the package and install it before removing your current AV package. It is usually not recommended to run two AV packages at the same time, but if you are infected you don’t want a gap in your coverage. As soon as AVG is installed, updated and running, uninstall your old AV protection. Don’t run a full scan yet, that could end up being a waste of time if you have a nasty root kit infection.

Note - If you don’t have a working Internet connection - not uncommon with infected machines - you will have to download it using another PC. Store the install file on a memory stick or external hard drive that you can hook up directly to the infected machine. While you are at it, you might as well download all of the software, identified below, that you will need to complete this job.

3. Check for Root Kits. Installing a Root Kit is one way for a nasty piece of malware to really get its hooks into you system. Essentially the malware embeds itself into some core operating system files where it is able to gain additional privileges that it usually would not have. It can use this position to fool anti-virus packages into thinking it’s not even there. This is why an initial full AV scan of an infected PC may not be worth the time. If you have a Root Kit, you need to find it and get rid of it first. To do so download and install AVG’s Anti-Rootkit Free Edition and run a full scan. If your PC comes up clean - or AVG finds something and is able to clean it - then great! Move on to the next step.

If AVG finds a root kit that it cannot clean, then you have serious issues. There are more things that you can try, but it can all get very time consuming and very frustrating. In my experience the best thing to do is to backup your data and reformat your system. You should be able to do this with the recovery disks that came with your system. If you don’t have them, you will have to track down some copies. Call the manufacturer and see if they can send you a set for your model PC. They will usually accommodate you in such situations although you may have to pay duplication and shipping fees.

4. Run a Full Virus Scan. OK, your machine is free of root kits. Now it’s time to run that full AV scan using AVG. Depending on how much info you have on your system, this can take a while, perhaps an hour or even hours. So start it up and let it go. Once it’s done, use AVG’s Heal feature to try to clean any infected files. If one or more can’t be healed, then delete them. If they can’t be deleted, then quarantine it to the Virus Vault (all options provided by AVG). The Virus Vault can be emptied after your next reboot. Once you are complete with this step, your machine should be virus free. But, your not done yet. There may still be spies lurking in your midst.

5. Purge the Spyware. Spyware is not necessarily a virus, and therefore is not always detected by AV packages. To protect against and clean infections of spyware you need a tool that is designed specifically to do that. AV packages typically look at files to see if they contain viruses. Anti Spyware packages may also do that, but they do something more. They also look for evidence that spyware leaves behind.

My choice for Anti Spyware changes as new threats evolve. I’ve always liked Spybot Search & Destroy. They had some serious issues with version 1.4, but version 1.5 seems to have corrected them and they are back on track. Spybot is definitely one worth having. Right now, however, I am liking MS Windows Defender. In every infected machine I’ve dealt with in the last couple of months, Windows Defender was able to find spyware that other packages could not. Download Windows Defender and install it with the recommended settings. Run a full scan of your system and purge anything that it finds.

6. Clean up the Mess. Once you have completed the first 5 steps your machine should be clean of malicious code. Of course there are still other things you should do to clean up the remains of this fiasco you’ve finally made it through. Spyware and Adware are often installed with other programs. Purging the malware doesn’t always remove the original program but can leave it broken. If you know which package may have been the culprit you should uninstall it. Also, spyware and adware often leave behind entries in the system registry. It’s a good idea to use a professional tool to help clean that up. To help with both of these tasks, I like CCleaner. It has a great uninstaller tool and a very effective registry cleaner. A full description of this tool is beyond the scope of this article - I’ll write more about it in a future post - but I believe it to be a must have for Windows users.

7. Monitor your System. In addition to CCleaner, another tool I like is WinPatrol. It gives you a look at all of your start up programs (where spyware and adware often launch themselves), Browser Helper Objects (a bastion for Adware) and more. When running, it also monitors and informs you of changes to sensitive parts of your system. This can help give you a heads up when malware is attempting to install itself and take over critical functions. When this does occur, WinPatrol gives you the chance to stop it dead in its tracks.

Hopefully this advice has helped you bring your machine back to full health. In my experience these steps will cure about 90% of all infections. If you’ve done all of this and you are still having infection issues you may have a root kit that went undetected. As I stated earlier, the most effective path will be to backup your data, reformat your system and reinstall your operating system and other software.

Related Reading:

• WinPatrol Added to the Free Software Catalog
• Securing your PC for Free

Safe Computing!!

Bookmark and Share This Post

Close Bookmark and Share This Page

Save to Browser Favorites / Bookmarks

Ask backflip blinklist BlogBookmark Bloglines BlogMarks Blogsvine BuddyMarks BUMPzee! CiteULike co.mments Connotea del.icio.us

Digg diigo DotNetKicks DropJack dzone Facebook Fark Faves Feed Me Links Friendsite folkd.com Furl Google

Hugg Jamespot Jeqq Kaboodle kirtsy linkaGoGo LinkedIn LinksMarker Ma.gnolia Mister Wong Mixx MySpace MyWeb

Netvouz Newsvine oneview OnlyWire PlugIM Propeller Reddit Rojo Segnalo Shoutwire Simpy Slashdot Sphere

Sphinn Spurl Squidoo StumbleUpon Technorati ThisNext Twitter Webride Windows Live Worlds Movies Yahoo!

Email This to a Friend

Copy HTML: 

 Permalink: 

 If you like this then please subscribe to the RSS Feed or Email Feed.

Powered by Bookmarkify™

More »

This entry was posted on Tuesday, February 12th, 2008 at 10:59 am and is filed under Security, Free Software, How To. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.