I also like computers. At the moment I'm listening to About a Dog on mine. Sometimes I take it upon myelf to try to sort out other people's computers when they become infested with viruses and other bits of malware. A single virus can usually be sorted out by an up-to-date virus scanner but virus scanners don't pick up everything and most anti spyware programs will miss things too. I enjoy spending a few hours doing battle against thoroughly infested computers.
The first thing to do is to scan for viruses and spyware definitions. Spybot Search and Destroy is a very good spyware scanner. Next close down any programs that may be harmful. There's no point in deleting unpleasant files if an open application might recreate them. For this I use Process Explorer. If you're not sure what a process is doing look on Google. If you're still in doubt it's probably okay to close it; most things come back when you restart the computer. (the following are usually ok: "System Idle Process", "System", "CRSS", "WINLOGON", "SVCHOST", "wuauclt", "spoolsv", "ALG", "LSASS", although it's possible for a harmful process to have any of these names). Because most things come back, the next thing to do is to remove any harmful settings. Close down Internet Explorer and then run a program called HijackThis. It's particularly important to remove suspicious startup items, the things beginning 04, but check them all carefully. It's quite difficult to harm your computer seriously by removing these things but you might cause legitimate programs to need to be reinstalled. In particular don't remove anything connected to your virus scanner. Finally scan your computer again. If HijackThis entries keep coming back try deleting the relevant file, if such a thing exists and recheck the running processes. Also consider using safe mode. Even the most severely infested computer should be salvageable but it's never a good idea to use a computer that has harmful software installed - even if it's possible to do so your passwords and other information can be recorded and passed on and you may be vulnerable to all sorts of other attacks.
The first thing to do is to scan for viruses and spyware definitions. Spybot Search and Destroy is a very good spyware scanner. Next close down any programs that may be harmful. There's no point in deleting unpleasant files if an open application might recreate them. For this I use Process Explorer. If you're not sure what a process is doing look on Google. If you're still in doubt it's probably okay to close it; most things come back when you restart the computer. (the following are usually ok: "System Idle Process", "System", "CRSS", "WINLOGON", "SVCHOST", "wuauclt", "spoolsv", "ALG", "LSASS", although it's possible for a harmful process to have any of these names). Because most things come back, the next thing to do is to remove any harmful settings. Close down Internet Explorer and then run a program called HijackThis. It's particularly important to remove suspicious startup items, the things beginning 04, but check them all carefully. It's quite difficult to harm your computer seriously by removing these things but you might cause legitimate programs to need to be reinstalled. In particular don't remove anything connected to your virus scanner. Finally scan your computer again. If HijackThis entries keep coming back try deleting the relevant file, if such a thing exists and recheck the running processes. Also consider using safe mode. Even the most severely infested computer should be salvageable but it's never a good idea to use a computer that has harmful software installed - even if it's possible to do so your passwords and other information can be recorded and passed on and you may be vulnerable to all sorts of other attacks.
No comments:
Post a Comment