Help! I’ve Been Infected and I Can’t Boot Up!
Virii, mal-ware, spy-ware and trojans oh my! Not to mention the big nasty, root kits. More on root kits later in this post.
From the very instant that you connect your computer to the internet you are being bombarded by malicious scripts. If you’re on a PC; a PC is generally understood to be any computer with Microsoft Windows installed on it as the operating system; then you definitely need something to protect yourself against these intrusions. I have tried many products and many combinations of products and this is my current recommendation; notice I said current, this is because the world isn’t static. The digital world is in a constant state of flux and always evolving.
My recommendation is a combination of products and practices. They are in a particular order for a good reason; please follow it to avoid frustration during installations.
Step 1. If your system is running well enough and you have a CD/DVD/Blu-ray burner or external storage device with plenty of room, then do a backup of any important files you wouldn’t want to lose. Everyone should do this as a matter of standard practice. It is the golden rule of the digital age – Backup, backup, backup! If your system crashes then you will need to take your PC to a reputable shop and ask them if they can rescue your important files from the hard drive. Some shops will only rescue certain folders and not do a thorough search, be sure you ask what they will rescue before you give it to them.
Step 2. Download these three products and MAKE SURE you are on the site that provides the product;
- Spybot Search & Destroy – This is provided by Safer-Networking and is free of charge. Please donate something to them to help this product stay alive!
- Malwarebytes Anti-malware – This is another great product that helps pick up stuff that the other 2 in this list miss. This statement can be applied equally well to all 3 products. Nothing is 100% effective. You can use this product for free or purchase a license. The only difference is that one requires manual operation while the licensed version is hands free.
- Eset Smart Security 4 – This has to be one of the all time best antivirus programs out there and has been for the past 5 years in my opinion. I have used many of the competitors’ products and none have succeeded as well as Eset’s NOD32 Anti-virus. I have been using the entire suite for the past year and am amazed at how well it works and it doesn’t slow down my computer like some others.
Step 3. After you have downloaded these products you need to disconnect your computer from the internet because the next step requires you to uninstall any anti-virus programs you currently have. This will leave you computer more vulnerable to being compromised. This process may require you to restart your machine a few times. Make sure you have your product key(s) handy. You will already have used your username/password to download Eset.
- Norton products may need you to download the appropriate “Removal Tool” to finish the uninstall process. It can be found here. Make sure you make note of which product you have before you uninstall it.
- McAfee needs to be completely shut down before it can be uninstalled in some cases. You will know if you need to do these extra steps during the uninstall process as your computer will tell you that xxx needs to be closed before it can be removed. In that case read the helpful posts found here.
Step 4. Install the programs you downloaded in the following order and please note the special caveat about IE 8.
- Spybot Search & Destroy – follow the on screen prompts and I recommend unchecking the box next to “Install Tea Timer”.
- the only caveat here is this; after you install it, it will run automatically, I usually skip the registry back up on machines that have been running longer than a few minutes after the INITIAL start of the computer after Windows is first installed. It has never been used to rescue any systems that I have worked on. I do everything else. The issue with IE 8 is this, as of the time of this post there have been reports of IE 8 running very slow after installing Spybot. This seems to be due to new security features installed with IE 8 that overlap the ones in the Immunization feature of Spybot. This is easily remedied by following the instructions found here.
- Malwarebytes – just follow the onscreen prompts
- Eset Smart Security (or Anti-virus if you opted for the stand alone instead of the full suite) follow the on screen prompts.
During this installation process you will probably go through a few restarts. If you have noticed your computer isn’t running as fast as it used to then you may want to run a scan with Spybot as soon as it installs and then hit the “Fix Selected Problems” when it finishes. Some issues need a restart before Spybot can fix them. It will start scanning you PC again right at the beginning; this is normal. If you still get a message saying it needs to restart to remove certain infections then you may need to take it to a professional to clean up your system.
Make sure you run these programs to do a FULL scan of your system periodically. Always keep Windows up to date, keep your programs like SpyBot and Malwarebytes (if you didn’t purchase a license so that it can be set to do it automatically) up to date with the latest patches and definitions. I do this once a week at least, more if I can remember. the Spybot/IE 8 fix usually needs to be applied every time I run the Immunization tool after I get an update. Eset takes care of itself except for full system scans which are always manual. Eset is always on guard though and even then new things can slip by and won’t be caught until a full scan is run.
If you are diligent, and that means keeping everything updated and running a scan at least every two weeks minimum, you should find yourself happy and problem free for years.
However, there are times when a big nasty virus will slip through. It happens. Here is the bad part no one wants to talk about much; all of these protection systems can be compromised by certain malicious bugs. They will look like they are running and are rewritten to report all is well. Sometimes they don’t even bother with that, they just disable and even remove the protection programs and now for the biggest baddy of them all; rootkits. Rootkits are written to take complete control of your computer, operating system and all. As a matter of fact they ARE the operating system and everything else including Microsoft Windows becoming a program installed on them. Because of how they operate they are almost impossible to detect and even harder to remove by hand. The amount of code they rewrite would take a skilled technician way too long to find and repair. At this point; and this also holds true for some other infections that can corrupt your operating system, it is just simply easier and faster to backup your important files and wipe the hard drive clean; re-install Windows and all you software from scratch and remember to install the three programs above BEFORE you connect to the internet.
By the way, when it comes to rootkits; everyone is vulnerable and that includes Mac and Linux users!
I hope you find this information helpful and maybe I have save you a trip to the repair shop. Oh, and I also repair, build, upgrade computers of all types. I also provide full file rescue services as well. Contact me if you need me.
- Marc Hall