Aug 29, 2010

How to Remove Viruses, Malware and Spyware

For those that are unfamiliar with installing and running various security tools, then a basic, but perhaps tedious procedure for removing virus, malware, spyware is to create a new folder and download various free security based and anti-virus programs in that folder. Often a computer is likely to be loaded with infections, if it’s running slow, switching off, redirecting at websites, prevention of entering usual programs, start up screen not displaying properly, or ads popping up in abundance - e.g. fake security software, and other seemingly strange occurrences. Then install, update, and run or scan the computer, with the security programs separately in full scan mode. This could take about an hour or so for each program.

Computer anti virus bug entering computerDo not use the quick scans for a suspect infected computer; quick scans are often used when everything is back to normal (i.e. when all or most viruses have been removed). Then optionally keep some of the programs active in the system tray (at the bottom of screen) near the task bar, to work in “residence” or background mode, of which they are installed in their respective folders (usually program files folders), or as short cuts on the desktop and start menu. Image of infection bug by ines.

Updates - Important to implement

It’s important to update them all before scanning. Updating installs the latest anti virus detection files, but the programs themselves will also update (or upgrade) less frequently. Any anti-virus program is only good to scan or run with its latest updates. Look in the anti virus programs for an update option, which might be in the help or about us tabs. You must check or set to auto update daily or at least every few days.

Downloads - Free Security and Anti-Virus Software

Start by downloading the following free versions into the new folder, and maybe give it a name, e.g. Security tools…

1. SuperAntispyware (at http://www.superantispyware.com/)
2. Malwarebytes (at http://www.malwarebytes.org/).
3. Trojan Remover (at http://www.simplysup.com/ or better at http://www.simplysup.com/tremover/download.html - free but a trial for 30 days)
4. Spybot Search and Destroy (at http://www.safer-networking.org/en/index.html or http://www.safer-networking.org/en/spybotsd/index.html).
5. Avast 5 Free Anti Virus (at http://www.avast.com/free-antivirus-download). This will also install in your system tray - but that’s OK. Leave it there - and set or check to allow automatic updates.
6. Microsoft Security Essentials (at http://www.microsoft.com/security_essentials/) Often called MSE or MSSE (Use XP version if that’s what you are using). This should install in the system tray, and if it does then deactivate real time protection. Open the program, and then click on settings tab to turn it off. That is, click on the arrow in real time protection (i.e. residence protection), and click on save changes to turn it off. If you don’t, it may conflict with Avast 5, which is what we want for real mode protection. MSE should turn from green to red in the system tray when turned off from residence activity. Or alternatively install MSSE and scan with MSSE, after scanning with Avast and then uninstalling Avast.

MSSE is now becoming a effective program for detections. You may decide to keep it activated in real time later, in preference to Avast 5, which should be uninstalled. I use both, with Avast in real time mode on the PC, and MSSE on “standby”, i.e. it's installer stored on a USB pen drive, ready if required, for full PC installation and then updated before scanning.
7. Hijack This (at http://free.antivirus.com/hijackthis/). This popular program helps to detect programs trying to “hijack” your computer.

Perhaps optionally include the following freeware utilities for optimization

8. CCleaner (at http://www.piriform.com/ccleaner) - Good program to clean out unused files, temporary files, missing references, etc.
9. Smart Defrag (at http://www.iobit.com/iobitsmartdefrag.html). This is a better free alternative to the standard XP defrag. Defragging reorders files that become scattered after intense use of programs. You should defrag your computer about once a month. Defraggler (Maybe visit my review) is another choice, for you can select individual files for defragging.
10. Private Firewall 7.0 (at http://privacyware.com/PF_support.html - This is the firewall (one that I use as it’s relatively simple and effective - there are many others, and Windows 7 has it's own firewall), and is important to keep active (i.e. don’t turn it off), to detect intrusions and programs starting up - when you open any program, or when browsing the Internet. It should install in the system tray, and dialog boxes will pop up when opening/installing programs, or when on the Internet. If it does, generally you can allow them, but you may want to read by clicking the details tab. I have found it’s OK to allow them. It will also display dialog boxes when starting up or turning on your computer, if you have previously removed or changed or updated any programs. Again, I generally allow or keep the settings, except if I have uninstalled programs previously.

Downloading sites - Make Sure it’s the Free Software

Be careful when you are at the above internet security sites - you only want to download free versions, and not pro, paid, or advertisements, etc. Some sites may be confusing, as to what or where are the free programs. So navigate the site carefully, and read before you click the free download program. If you can’t find the free programs at their sites, as sometimes they direct to other sites or mirror servers, for the actual downloads, then Google Search for them. The search terms will all drop down in the Google Suggest box, with slight search term variations, for quick retrieval from the Internet. All of the above programs are popular and trusted programs, used by millions of users worldwide. There are others, and more specialized utilities (e.g. root kit removers or targeted virus removers, e.g. tds killer, or the advanced combo fix) which you can find by searching Google with “best free Malware remover”, “best free spyware” or “root kit removers”.

If you cannot connect to the Internet to download the security programs, then use, or get someone to download the above installers to a removable USB drive, pen drive, or similar. Perhaps also install portable versions of anti-virus and spyware, such as Portable SuperAntispyware, which may be helpful for removing stubborn rogue malware such as Anti Virus Live (see link below for removing such malware). Then transfer or copy the programs to your new folder on your computer. The removable drive may become infected as well, so also scan the removable drive to remove any infections.

Uninstall Installed Different Anti Virus Programs

Also, you should uninstall anti-virus and spyware programs that are on your computer not related to the above downloaded programs. Otherwise, conflicts are likely to occur with the above programs. Some package anti-virus programs may not uninstall easily, e.g. the Norton’s trial security suite or related programs. In this scenario, download the free Revo uninstaller (http://www.revouninstaller.com/); Remember we want to use free tools! (Navigate their site carefully to find the free version, usually by clicking a download link to display the free version), and also download the Symantec Removal Tool at Norton's Web Site (http://www.symantec.com/), which may be version dependent. Again navigate carefully to try find the removal utility.

Uninstall Norton’s suite with Revo first, in advanced mode (be careful in the registry section later), and do not restart the computer when the Norton Uninstaller finishes, as Revo may not be able to remove the remaining fragments. Then run the Symantec removal tool, and maybe followed by CCleaner. Perhaps install and run a dedicated registry remover for extra measure, such as Reg Seeker (http://www.hoverdesk.net/freeware.htm), but exercise care, by backing up the registry within the program.

Security Diagram of Free Anti Virus, Malware, and Spyware Utilities

Free AntiVirus Software to Remove Viruses and Malware
Running the Anti Virus and Malware Scans

Once you have downloaded them in the new folder, then install them. Make sure to opt out from any other programs that they may want to install during installation. For example the Privacy firewall program might ask to also install a “vault” program, or Spybot may ask to install the Yahoo search bar, etc. Just click the boxes, or whatever, to not install them. Also, some of programs may not install, or run effectively, and for increased system security, unless the Windows Service Packs (e.g. Service Pack 2 or 3) are installed and are updated. Therefore turn on Windows update, to allow automatic downloads, or selective downloads for installation. For XP click on Start - Right Click My Computer - Properties - Automatic Updates Tab - and click on one of the download options (usually automatic).

Sequence of Running the above Downloaded Anti Virus and Related Programs

Unfortunately it could take a few hours, but you can run them at certain intervals. It is best to run in safe mode (with networking selected) for seriously compromised computers
But for now, try running in the standard normal mode. First turn off system restore, as the restore files are also likely to be infected. Click Start - Right click My Computer - Properties - Click System restore tab - then click the tick in the box for turn off system restore for all drives. Also remember to scan all disks, USB removable drives, that you have copied files from your computer. Again remember to boot scan with Avast and Trojan remover. Perhaps disconnect from the Internet, and any networked computer prior to scanning.

Open then run/scan with the programs separately in full mode in the sequence below. If any infections, virus, etc that are found, then delete them or at least “quarantine” them. The firewall should be on and left running. It’s likely to display multiple dialog boxes that will pop up when opening the programs, so allow them to run. Image of Spyware by arinas 74

Computer spyware warning software programAgain - Make Sure to Use Updated or Update all Programs before running them in Full Scan Mode and uninstall or close any unrelated Anti Virus, Spyware Programs already on your Computer



Run and Scan in Full Mode in this Order Separately


Super Anti Spyware
Trojan Remover (Perhaps optional to run Trojan Remover; Maybe include a boot scan)
Malwarebytes
Spybot Search and Destroy (Also consider and apply the immunize function, and note that it's "tea timer" function runs in the background to detect malicious processes trying to start)
Avast 5 (open from system tray to scan in full mode, and consider to also do a “boot” scan later as well - you may need to be at the computer, as some prompts or commands may display, asking for actions to perform)
MSSE (e.g. for XP) (open and run - but keep inactivated in the system tray, when it’s finished scanning, if Avast is your preferred choice)
CCleaner (Internet browsers need to be closed; To use: Open program - cleaner brush image should be highlighted/selected and click on the Analyze tab - then click on Run Cleaner tab - and click the OK tab to effect cleaning; Also click on the registry image - click on scan for issues - click on fix selected issues - then yes or no to back up; I have often clicked no, with no issues significant issues occurring
Hijack This Internet Browsers need to be closed. Click the main menu tab and click to do a system scan and save a log file - the generated files can be very confusing to beginners - see below for more details
Smart Defrag (Click analyze, then Go, and use fast optimize option, to fragment files) or perhaps Defraggler; Perhaps evaluate My Review of Defraggler.

Fake Anti Virus and Malware Activity Infection - Try the following processes in safe mode if the above normal security software tools won't run

Your computer may be acting strangely due to certain malware from rogue or fake anti virus malware listed as Anti-Virus Live or Advanced Virus Remover. There are many other credible but fake software titles. Such malware try to get you to buy their software, but not without preventing downloading, updating, or running your anti - virus software, displaying explicit warning alerts or infection messages, stalling certain commands, including internet browsers, and other undesirable activities. Drive-by Downloads often cause or create these rogue malware, by fooling PC users to click to download them, by displaying alert banners or warning pop ups. Or sometimes displaying banner ads to download free screen savers or music files, etc. Ignore them, and don't click such bold deceptive messages. Period.

Visit the tutorial at how to geek com to remove rogue and fake malware, if you are experiencing such activity. Also read the comments section to get other ideas. Perhaps also visit to download the free Remove Fake Anti Virus Utility to remove common rogue malware, which displays fake infection alerts on your computer. The site conveniently lists several fake anti virus software, e.g. Antivirus 8, Your PC Protector, Security Tool, and more.

Or perhaps download Rkill and save, then boot in to safe mode (often by pressing F8 per 2 seconds), then run RKill, then the above security/spyware programs (at least Malwarebytes, Spybot, Super Anti Spyware, etc). Then perhaps run the programs again in normal mode. RKill attempts to prevent or terminate any present malware processes from running, to allow the standard security/spyware programs to run properly. You may have to either alter the download name of RKill, or download substitutes from different servers as explained at the Bleeping Computer Site which details what it does, and how it works.


Computer Optimization Overview

Hopefully the computer should run better once infections are removed, and for good measure perform quick scans (if you feel like it!) and it’s best to do quick scans every few days, and a full scan, including smart defrag about once a month or more frequently depending on what Internet sites you visit. Peer to Peer sharing sites, such as Bear Share, Kazza, etc, I think are known for adware and spyware. There are almost daily updates for Avast 5, MSSE (XP), Super Anti Spyware, so you must check/allow those updates. Spybot generally has weekly updates.

I update Malwarebytes once a week, and check to update program upgrades for CCleaner, Private Firewall, and Hijack This every few weeks. For Hijack This, try to learn online by visiting forums to find what needs to be deleted or repaired. Best to sign up at a computer forum and post the log file and ask for someone to analyze and ask what files should be removed. This is done by clicking “fix checked”. Perhaps read this informative tutorial about how to apply Hijack This when dealing with computer system hijacks. Also once you think your computer is stable and infections are removed, then turn on system restore.

Summary

There maybe alternative procedures to removing a serious infected computer system, but the above sequence has proved adequate for me in optimization performance and removal of heavily infected computers. Often it’s due to inexperienced or inattentive PC users downloading files or software from certain web sites, display banners, and email messages. But it’s best to prevent or reduce the probability of viruses and infections infiltrating your computer in the first place. So it’s about being vigilant when browsing the Internet, or when adding files externally from USB drives or discs, opening unknown email attachments, or downloading and installing free software.

But it’s also important to run security programs in the system tray, i.e. in residence, and perform periodic automatic and manual regular quick scans. Also perform at least occasional full scans to remove viruses, malware, spyware, and Trojans, before they have a chance to reduce computer system performance. Not doing so, may well cause undue frustration to you as a user. It’s about being security conscious, and more importantly to implement the essential procedures. Train your computer to be secure and safe, so you and your computer are working seamlessly together. Prevention is the cure to reduce (and prevent) any infections in your computer, and a loss of satisfaction and control when using your computer.


My related articles:

How to Avoid Malware for Error Free Computer

Top Tips to Avoid DLL Errors
How to Keep Your Computer Safe From Harmful Viruses and Trojans
Troubleshooting PC Windows Errors
Fast Fixes For Computer File Type Errors
and...
Top Tips for PC Shutdown Issues



Share/Bookmark




9 comments:

alex said...

hi, its very informative, USB Protection , thanks

Lindasy Rosenwald said...

Nice blogging, My review is very good example.
Lindsay Rosenwald http://www.lindsayrosenwald.info/ Dr. Lindsay Rosenwald is one of the re-known venture capitalists and the hedge fund managers in the world.

John said...

Nice Blogging,
UTAH : Utah Web Design http://www.adaptivitypro.com/utah-web-design/

John said...

Very good blogging,
Utah SEO Adaptivity Pro premier seo services provider based in Utah.

Health Solutions said...

Once all cleaned up just watch this video and never have a virus again!
http://www.youtube.com/watch?v=ovoxIEkxA3Y

Health Solutions said...

Once all cleaned up just watch this video and never have a virus again!

http://www.youtube.com/watch?v=ovoxIEkxA3Y

David said...

Buck Reed Achievements and his vision and success http://www.buckreed.org/buckreedvision.html

James said...

Digeus I use it when windows works slow. I also use Windsty Tune Up Suite. It fixes registry errors which will speed up your computer.

endy smith said...

It has to be said that this post is really helpful, if you are computer user. The personal statement editing services - edit-ing.services is the best way to get writing help.