|
|
|
|
| |
| GUIDE : Virus, Spyware, Malware Removal. |
| Windows being the most popular and used OS in the world, malware writers want to target it. As a result lot of viruses, adware, spyware, trojans, worms are written for it. After all, who would want to target an OS used by, say, just a few percent worldwide ! This makes people wrongly comment that Windows is not secure ! |
| Vista is quite secure ! But should your computer get infested with persistent malware, here are the general malware removal steps, you may have to follow : |
|
| 1) Disable System Restore. To turn off System Restore totally, Rt click Computer > Properties > Advanced System Settings > System Protection > Uncheck all the Drives > Apply > OK. |
| 2) Run a Junk Cleaner to clear your PC junk files. CCleaner is a good freeware ! Also run Vista's Disk Cleaner utility to remove past Restore Points. The Temperory Internet Files folder is a usual hidng place for for Virii, Trojan Downloaders and other malware downloaded from the internet. However Vista's Cache is now considered as a virtual folder with the same low privilege, to mitigate against these threats. Removing junk will also reduce the scan time. |
| 3) Update your anti virus and run a full system scan, opting for a scan with maximum intensity. A safe-mode or a boot-time scan is always the preferred way in case of a severe malware attack. So if your anti virus has an option to run scans at boot time, best to do so. Else try to run the scans in safe mode. Some anti virus may not run in Safe Mode. (To enter Safe Mode, you keep pressing the F8 Key when your computer is booting.) In such a case you have no choice but to run in normal mode. Remove all found infections. Incidentally, Avast, AntiVir and AVG are three good freeware. Should you wish to consider shareware, I'd go with NOD32 or Kaspersky. |
| 4) If you suspect spyware infection, then run your updated Windows Defender. I also recommend that you install, update, and use another anti spyware. Spybot, AdAware or a-squared Anti-Malware are some of the freeware I'd recommend. Again, SpywareDoctor and Webroots Spy Sweeper are good but shareware. Here too see if your program has an option to scan at boot time. Spybot is one, that I know has such an option. Else run the scan in Safe Mode with maximum intensity. Remove found infections. |
| 5) Reboot. You need to do this so that files locked for deletion on reboot, will be deleted. Now you should again run CCleaner, to clear residual Registry Keys and other junk. Don't forget to enable back System Restore ! |
| This basic, usually solves most cases. |
|
| But if it doesn't, here are a few more additional tips ! |
If your anti virus is unable to delete the virus or infected file, use Delete Doctor to delete the sticky infected file on reboot. This useful utility will delete the virus on reboot, before it gets a chance to load in the memory |
| If your anti virus does not detect a file to be a virus but you suspect that it may be so, or if you want a second opinion on whether a file is a virus, then I suggest that you get that particular file scanned with MULTIPLE anti virus engines at Jotti or VirusTotal. |
If problems persist run the HijackThis Tool scan, save its log file on your desktop and Analyze it. How to get it analyzed, has been mentioned below. . Based on the analysis, you may be able to identify the name of the virus / malware and consider the recommended actions.. |
| After you scan with HijackThis, place a check next to all the malware entries WHICH YOU ARE SURE OF ! Next, close all instances of Internet Explorer and click "Fix checked". |
| Malware can be named anything, and in fact virus writers love naming them after some legitimate Microsoft process. Check which folder it is situated in. If the familiar sounding process is situated in the System32 folder, it could be the legit MS folder. But if it situated in some other folder, it may well be malware trying to pass itself as a Windows process. So do a search for the file, rt click on it and check its properties / details. |
| You can also search for and use a good stand-alone virus removal tool for a PARTICULAR virus from Kaspersky or any other Anti Virus company and run its scan. G-Data is a good Worm Removal Tool. Sophos has a nice Anti-Rootkit Tool. Rogue Remover is good remover of rogue programs. a-squared anti-malware has good anti-trojan detection, apart from being a complete anti-malware solution. |
NOTE: Windows Live OneCare is easy to use! Three different colors quickly alert you to your computer’s present status: A green icon means your status is Good--everything is running smoothly and your computer is not due for a tune-up or backup. A yellow icon means your status if Fair, which may mean you need to run a tune-up or backup, but nothing is an immediate threat to your system. A red icon means your computer is At Risk, which may mean that an update cannot be made or OneCare is not on. Check out what Windows Live Onecare has to offer by downloading your FREE 90-day trial download today! |
| How To Analyze HijackThis Log Files. |
| Should you suspect that your Computer has been infected with Malware (Virus, Spyware, Trojans, Worms, etc), you should generate your HijackThis Log File. To do so, you need to Download and use the HijackThis Utility. |
| Analyzing the output is another question, however. One needs an expert to do so. You can always post the Logs at good Security Forums like Aumha and get them analyzed by resident experts. |
| Alternatively OR additionally, you can also get them auto-analyzed at the following websites: |
HijackThis.de
Prevx
NetworkTechs
Help2Go |
| Simply copy-paste the logs in the provided space and click on Analyze ! I recommend hijackthis.de ! |
| One can also download HijackThis Reader and use it. |
| Do remember that, ultimately, you need to make your own call, considering all recommendations. |
| |
Happy Malware Hunting !!!  |
| |
These Links may Interest You:
How To Plan Your Internet Defense System.
Troubleshooting : If You Are Unable to open a particular website. |
|
|
|
| |
| |
