|
All Just simply about Computer VirusRecognizing a PC with Malware
by:
Ronald Merts
What can you do if you think your computer is affected by spyware or a virus or else malware? (Malware is short for malicious
software.) 1st let me assure you that you aren't in this alone. There are superior
resources and community sites dedicated to
helping dig folk out of the mess that malware can make. Many an of them are free and I'll point you to them in this column. I'll likewise
explain how to recognize if your computer has malware running on it and point you to antivirus programs and anti-spyware tools to
help you get rid of it. And I'll describe how to use recovery options that help get your PC back to working the way it's supposed
to. And, finally, I'll talk simply about "The Last Resort"-rebuilding your PC from scratch.
How to recognize malware
Malware is designed to run unseen
in the background. So how can you tell if you have undesirable computer code on your system? The
signs to look for include:
• Advertising pop-ups that appear every few seconds.
• Extra toolbars in your browser that won't go away.
• Browser going to sites you didn't tell it to go to.
• Browser settings dynamical
so your house page won't open.
• Unexplained system slowdowns.
• Fast rise in computer crashes.
If you're experiencing these kinds of problems, it's a nice idea to treat your PC as if it strength
be infected by checking it out
thoroughly. Though there are else reasons why your system strength
slow down or oft-times crash, if you're noticing these obvious
indications of malware, your system has probably been compromised. It's time to take defensive action.
Update antivirus programs
The 1st step in any attempt to repair or recover a compromised PC is to update your defensive tools. Your antivirus or
anti-spyware tools need to be updated to the absolute latest versions and the most recent definition files. If you can do this on
the PC that has the problem, then do it there. If not, you'll need to use another PC to transfer
the latest versions and put them on
a CD or USB driving that you can use to activity on the infected PC. I like the USB driving because it's extremely
portable and easy to update
if you need to. And everything you'll need wish fit easily on a 128-MB USB drive.
Gather your innovational computer code CDs and disks as well, including your innovational Windows CD and the Windows XP Service Pack 2 (SP2) CD.
You may need them before this is over, and it's nice to get everything organized and available before you start. Windows XP SP2 provides
better protection against viruses, hackers, and worms. If you don't have a copy of the Windows XP SP2 CD, you should borrow one from
a friend, order SP2 on a CD, or transfer
the Network Install and copy it to a CD.
If you don't already have an antivirus program running on your computer, you'll find a number of companies offering antivirus
software and firewall protection programs, among them:
• Computer Associates (http://www.ca.com)
• F-secure (http://www.f-secure.com/protectyourpc/)
• McAfee (http://www.mcafee.com)
• Panda Computer code (http://www.pandasoftware.com/microsoft/english.htm)
• Symantec (http://www.symantec.com)
• Trend Small
(http://www.trendmicro.com)
• Grisoft (free for house users - http://www.grisoft.com/doc/40/lng/us/tpl/tpl01)
Important: Uninstall any antivirus computer code you are presently
victimisation before commencement a new product; having two several programs
might cause problems on your computer.
Typically, these computer code companies do special offers of free trial versions of their antivirus and firewall packages, which
should be enough to get you through this process. But to help avoid being back in this mess again, you'll want to choose one of them
and get a full subscription to it so you stay up to date.
If you still have nice working Net
connectivity, you can likewise use one of the excellent, free, online virus scanners. My
favorite and one of the better is Panda Software's Panda Free Online Scanner
(http://www.pandasoftware.com/activescan/com/activescan_principal.htm).
One of the most annoying and difficult to move out pieces of unwanted computer code is Cool Web Search and its variants. To move out this,
you're better bet is CWShredder, a dedicated program that simply goes after this.
You'll likewise need a nice anti-spyware product that can help you with the detection and removal of spyware or else malware. Here, one
is nice and two or more are sometimes better. They don't interfere with each other, generally, and they each seem to have slightly
different strengths. The two I use on a regular basis
and recommend are Spybot search & destroy
(http://www.safer-networking.org/microsoft.en.html) and Computer Associates PestPatrol 5. There is new anti-spyware computer code from
Microsoft, which is in beta testing now and holds several promise as well. (Beta computer code is pre-release computer code that is distributed
for feedback and testing purposes.) The Microsoft product is a safety technology that helps you find and move out better-known spyware
from your PC. It likewise helps prevent spyware from effort on your computer in the 1st place. I've been victimisation it and actually like the
way it works, but because it's a beta version, it won't be the right choice for everyone until the final release. For one thing,
Microsoft doesn't provide technical keep for beta releases. Though formal keep is not offered for this beta, you can go to
the newsgroups to help get your questions answered.
Finally, it's a nice idea to have a couple of else programs available. LSPFix and WinSock XP Fix can help restore your Net
connection if the cleanup process messes that up.
Back up critical files
If you can, now would-be be a actually nice time to back up critical files you'd hate to lose. Don't try to back up programs or the
operating system-there's no point since they may be compromised and can be replaced. But those images of your daughter's wedding,
your résumé, and your degree thesis-those are irreplaceable. Please, copy them somewhere safe, since thing
you do to move out
this kind of malicious computer code is serious and could leave your PC in a state wherever
it strength
be difficult to recover or save your
critical files.
Where or what you copy them to doesn't actually more matter. A CD or DVD if you've got the hardware and computer code to do that, or a Zip
disk, or simply plain old floppy disks wish work. But whatsoever
medium you use, having a backup wish give you the confidence to attack
this malicious computer code without fear of losing thing
critical. Ed Bott's Windows XP Backup Ready-made Easy
(http://www.microsoft.com/windowsxp/using/setup/learnmore/bott_03july14.mspx) explains how to let Windows XP do most of the backup
work.
Scan and move out
Once you have your defensive programs ready, settled your innovational CDs and DVDs, and ready-made a backup of your critical data files, it's
time to start problem solving out exactly what you have on your system that shouldn't be there. But before you start, disable System
Restore. The last thing you'd want to do is restore to this point anyway, and this wish prevent versions of the deadly computer code
from being saved in the restore point.
To disable System Restore
1. Click Start, right-click My Computer, and then click Properties.
2. On the System Restore tab, choice the Turn off System Restore box, and click OK.
The 1st step should be to try the obvious. Use Add/Remove Programs in Control Panel for programs that shouldn't be there and try
to uninstall them first. Several of the annoying adware programs wish actually uninstall and stay uninstalled so you strength
as well get
rid of them first.
Next I scan for conventional viruses. Use the antivirus computer code that you downloaded and updated or one of the online scanners if
you're still online. Deal with thing
it finds, either by deleting or improvement
as appropriate. Microsoft offers a Malicious
Software Removal Tool (http://www.microsoft.com/security/malwareremove/default.mspx) that is updated on the 1st Tues of each
month. This tool checks computers running Windows XP, Windows 2000, and Windows Server 2003 for infections by specific, rife
malicious software-including Blaster, Sasser, and Mydoom-and helps move out any infection found. Once
you're done, it's time to
disconnect from the Internet. Disconnect the network connection or disconnect the modem.
Next, run CWShredder. Though it only deals with a single (but pervasive) problem, many an of the Cool Web Search variants can prevent
the else anti-spyware programs from doing their job correctly, so it's better to go after this one first.
Now it's time to run the anti-spyware scanners. It doesn't actually matter what order you run them in, but be prepared for a fairly
lengthy list of things to deal with. Initially, I'd ignore any that are represented
as cookies-they're low on our list of concerns for
now. But everything that looks like a program or that they report as a critical issue should be unintegrated
or deleted.
Running in safe mode
One recommendation that several experts do is to run your antivirus and anti-spyware scans and cleanup in safe mode. Several problems
that can hide from these programs in normal user mode are exposed in safe mode. Else experts disagree and suggest that there is
little difference. I'm of the school that thinks it can't hurt, so I suggest you try running your scans 1st from a normal boot,
but once
you've done all you can from there, start in safe mode and try running the scans again.
To start in safe mode
1. Click Start, click Shut Down, click Restart from the list, and then click OK.
2. Spell your computer is starting, press the F8 key until the Windows Advanced Options Menu appears.
3. Choice Safe Mode and press ENTER as needed.
For more on safe mode and the options accessible in the Windows Advanced Options Menu, see a Description of the Safe Mode Boot
Options in Windows XP at http://support.microsoft.com/default.aspx?scid=kb;en-us;315222.
Finally, once
you're done fixing everything and you think you've got it all, I think it's wise to install or put in Windows XP
Service Pack 2. Now turn on Windows Firewall, turn on System Restore, and you can connect your PC back to the Internet. Before you
do thing
else, go to the Windows Update site (http://update.microsoft.com) and transfer
all of the latest safety fixes. Then,
turn on Automatic Updates to do sure you stay up to date.
Getting help
Removing undesirable computer code can be a intimidating task. But as I same
in the beginning, you're not in this alone. There are a wealth
of resources accessible to you at every stage of the process. I can't begin to list them all, but several that I cognize simply about are the
following:
• Microsoft Safety Help and Support-the keep is free for safety problems and effort help removing malware is emphatically a
security problem: Settled at http://support.microsoft.com/default.aspx/gp/securityhome.
• Microsoft Safety House Users Newsgroup-good place to start, with a wealth of users and MVPs responding to your queries 24 hours a
day: Settled at
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx?dg=microsoft.public.security.homeusers&cat=en_us_d06efcb7-0e61-00
ed-6e0f-a86481b6aa20&lang=en&cr=us.
• Broadband Reports Online Safety Community Forum-an superior
resource for actually persistent and difficult problems, with help
from Microsoft MVPs and else users: Settled at http://www.broadbandreports.com/forum/security.
• SpywareInfo Forums-excellent help and fast responses: Settled at http://forums.spywareinfo.com/.
• AumHa Forums-a great resource for a wide variety of Windows problems, run and staffed by Microsoft MVPs: Settled at
http://forum.aumha.org/.
The last resort
Finally, I want to talk simply about the last resort, which is performing arts a clear installation of Windows XP. This is not thing
to do
casually, since you wish for sure lose data and have to re-install all your programs, but it is an option if all else fails.
For more information check out our articles at http://www.tornadocomputers.com/techie
Just simply about the author:
Vice-President and CIO for Tornado Computers in Sooner state
City. Specializing in small/medium businesses and home-users Ron has become their Information Safety specialist becoming more and more good in the removal and interference
of viruses, spyware and else threats to people's data.
Circulated by Article Emporium
| |
