As long as we are on the safety subject, let me share a few moments from my life that closely relate to online safety. Earlier this week I discovered that my home computer is infected by adware/spyware. Fixing the problem set me back by roughly two evenings.
I am upset about the two ruined evenings but I learned a lot from this experience and this blog post is mostly for myself to sum up what I now know and what I am going to do next time when I find myself in trouble again. These instructions are good for Windows XP but most of them are of general nature and apply to any type of environment.
How do you know you have been infected?
Here are a few symptoms that can help:
- Your browser starts and opens webpages by itself
- You get pop-up ads even if you don’t click on anything
- You computer starts longer than usual and/or is slow
- You notice a toolbar on your browser that you didn’t install
In my case all the first three symptoms were at hand.
What should you do if you suspect infection?
Certain adware can be removed by simply uninstalling it. Go to “Settings->Control Panel”, click on “Add or remove programs” and look for anything you don’t recall installing. It usually comes your way bundled with other programs you install.
Download a few useful tools
To get rid of the majority of malware you will need to download and install a few useful and free tools. Don’t run them though, just install. Here they are:
- CCleaner - cleans all sorts of temporary files where many spyware/adware programs hide
- SpyBot - scans and cleans all sorts of spyware. I used this program a few times and it is one of the best out there
- CounterSpy - one more antispyware tool. It is shareware but has a free 15 days trial period.
Run SpyBot and CounterSpy to bring their spyware definition dictionaries up to date but don’t scan your computer just yet.
Reboot Windows in Safe Mode
After you installed and updated the tools above, reboot your PC and when you see the black screen, keep clicking F8 to trigger the menu where you can choose Safe Mode as one of the options.
Once in Safe Mode, run CCleaner and do your file system cleaning with default settings. Be aware, this will remove all saved browser sessions and passwords as well. Next run SpyBot and clean every infection it finds. Do the same with CounterSpy.
If things haven’t gotten better
If things don’t improve after you reboot the PC then there is a chance that you have a virus. Bitdefender is an online tool that can help you find if this is the case. Beware! Default settings are set so that it will remove all infected files it cannot clean! I lost all my system files before I realized what is going on and ended up reinstalling Windows. Don’t repeat my mistake.
I strongly suggest a more sophisticated tool like Symantec Norton Antivirus if you find yourself at this step.
How to keep your computer clean
Here are a few basic rules that will help you prevent infecting by malware and viruses:
- Keep your software up to date. Many viruses exploit Windows and browser vulnerabilities. A few pop-up ads the adware can cause will seem like peanuts compared to turning your computer into a bot and giving all your personal data away to a hacker, exactly what can happen if your software is not patched
- Make sure you enable firewall. Your PC either has to be behind a firewall or your software firewall has to be enabled. I have a Linux server I use as a host which sends me daily network activity reports. Since the very first day it came online it has logged thousands of probing and brute force attack attempts daily! Don’t assume you are immune.
- Be careful what you download and run. Your safety starts with you. Any software from an unknown source is a potential virus. Don’t open suspiciously looking attachments and only run executables you receive from a trusted source. Follow this guideline and instruct all your family members. The best option for small kids is to use a separate computer with restricted access to internet
- Password protect your accounts. No firewall will save you if you don’t use passwords. A good practice is to use a restricted access user (vs. administrator type of account) for all your Internet browsing
- Run periodic malware scans. To make things simple, some tools allow scheduled scans to run during night hours.
I am going to bookmark this page and use it as a reference because with the amount of Internet scouting I log it is unfortunately a matter of time when I pick up the next piece of malicious code.