Cleaning an Infected System
Ok, your system has been up for a while, you have personalized everything, have everything set the way you want it and suddenly it is running slow or is doing weird things. You have tried the standard file cleanup, defrag, etc., and nothing helps. Chances are you are infected with spyware or malware of some type - so what do you do?
Cleaning your system could be simple - use one program, find the culprit, remove it and go on about your way. 9 times out of 10, if you have one varmint on your system, you have multiple varmints on your system. Each spyware on your system has it's own agenda and and with multiples on your system - all trying to operate at the same time - your system slows to a crawl trying to make everybody happy.
When I clean a system, I use multiple programs. All these programs are good, but there is no way one program that can do it all.
I will list the programs I use here and the order I use them in. I will provide links for each program to pages that give more detail instructions on how to install and use them. All the programs are free for personal use, except SpywareBlaster - it is free for personal and educational use. SpyBot Search and Destroy had no restrictions I could find. If anyone knows different, please let me know.
NOTE: You will need to set aside several hours for cleaning an infected system the first time. This process involves using a minimum of 4 programs and it takes time for each one to scan your system. If will be time well spent. Also, I normally do not update any of these programs programs until after the system is clean and immunized. Make sure that you have downloaded the programs you need just before you clean your system, so that you will have almost the latest signature files. If you are unable to access the internet due to problems, ask a friend to download the programs for you and put them on a cd.When I finish cleaning the system I usually teach the person how to update each program, re-scan the system and re-immunize with the newly added signatures.
Now let's clean that computer -
The first thing to do before cleaning a system, is to turn off system restore. (ME and XP) You can find detailed instructions on how to do this at PCHell. System restore needs to be turned off because may spywares and viruses will hide there and restore themselves after rebooting the computer. By eliminating restore points, you will eliminate this problem.
The first program I use is Stinger from McAfee. Viruses are famous for disabling your AV program. Since this program does not install to the computer, it is a great too to use to get past a nasty virus. This is a standalone virus removal program that can be run from a floppy disk if necessary. This program will remove any of the 30 - 40 best known viruses from your computer. If you have problems running the program, such as a lockup or crash, you can run the program in SAFE Mode. When booting your system, press F8 as soon as Windows starts to get menu options, select SAFE mode from this list. when the boot finishes, rerun the program. You can find more details on the program and a download link here. Note: Stinger is not a replacement for a full fledge Antivirus program. It is a tool to be used when there may be a problem.
Stinger can be downloaded here
Instructions for using the Stinger
CWShredder does only one thing - it eliminates the infamous Cool Web Search spyware. Just double click on the downloaded program file and tell it to scan your system. It will search and eliminate anything Cool Web it find. Cool Web is a nasty little program that will hijack your web browser and this program is the best for removing it or just making sure it is not on your system.
Download CWShredder here.
Instructions for using CWShredder
Next I use AdawareSE. After installing, set it to do a full system scan. After it finishes the scan, in the first tab - the Summary Tab - make sure there are check marks next to everything it finds. Now click the second tab - The Critical Objects tab - and make sure there is check mark beside everything. The next tab - Negligible Objects - you can choose which ones you want to remove as these are usually not spywares but things like recently opened files list, etc. Now have it delete everything.
AdawareSE can be downloaded here.
Instructions for using AdawareSE.
Next I use the program SpyBot Search and Destroy.This program will immunize your system and scan for spywares. When it immunizes your system, it sets a killbit in the registry that will prevent certain spywares from ever installing and this type of immunization works well. As with the other programs, you will need to keep this updated as new signatures are added frequently, After updating, be sure to re-immunize your system.
Spybot Search and Destroy can be downloaded here.
Instructions for using the SpyBot.
The next program is SpywareBlaster. This program is for immunization and changing setting in Internet Explorer and Mozilla that can can be used to exploit your system. Be sure to check out all the extra tool in the program after you immunize. Also remember to update and re-immunize after updating.
SpywareBlaster can be downloaded here.
Instructions for using SpywareBlaster.
This should clean most if not all of the varmints from your system. If you feel there may be something left on the system, then try this program - A Squared. This program requires registration before using it, but it is a great little program. It removes Trojans, Worms, Dialers and Spyware. Kind of a mixed Antivirus/Spyware removal program.
I use this on systems after cleaning (if needed), because it involves going Internet to register for an account. I try to avoid using the Internet while cleaning a system. After cleaning, then I update all the programs.
After all of this your system should be fairly clean, and you should see a difference in the way your computer acts and the speed.
I f you have any questions, you can email me at :
gghelp at gammawgeek.us
Fran