You may, or you may not, have a virus so don’t panic. If your system has a virus then following the steps below will, in most cases, remove the infection from your system. But first, let’s start with the definition of a computer virus so that you know what you could be up against.
A virus is a computer program that can copy itself and infect a computer operating system without permission, or the knowledge of the user. The original virus may modify the copies, or the copies may modify themselves, making the virus more difficult to find.
Not all symptoms that mimic those of a virus infection are in fact produced by a virus. However, if your computer begins to act strangely, or if it is unable to do things it has always done in the past, it may be infected with a virus.
Symptoms including longer-than-normal program boot time, unpredictable program behavior, baffling changes in file sizes, inability to boot, may indicate that a virus is on your system. However, it is important to distinguish between virus symptoms and those that come from corrupted system files, which can look very similar.
Rule out more standard causes before suspecting a virus. In some cases software related problems, such as program execution errors and corrupted files, can create symptoms that appear to be virus-related. If you just installed new software for example, try uninstalling it and see if the problems disappear.
If you regularly engage in any of the following activities, you have substantially increased the risk of your system problem being a computer virus.
- You download files and software through file-sharing applications such as BitTorrent, eDonkey, KaZaA and other such programs.
- You click links in instant messaging (IM) that have no context or are composed of only general text.
- You downloading executable software from web sites without ensuring that the site is reputable.
- Using your USB stick on public computers, or other computers that are used by more than one person.
- Opening email attachments from people you don’t know.
- You make a practice of opening email attachments without first scanning them for viruses.
- You open email attachments that end in a file extension of .exe, .vbs, or .lnk.
- You run your Windows computer as an administrator.
Launch Task Manager by hitting Ctrl-Alt-Delete which will give you a list of all current running process. Be aware however, that many viruses are smart enough to bypass Task Manager.
A better solution here would be to use the free service, ProcessScanner, from ProcessLibrary.com, (a Microsoft Gold Certified Partner), which not only scans your Windows computer for all running processes, but in addition tells you what’s running, what each process is associated with, and most importantly, a risk analysis of each process. You may find the answer to the problem here. If not, then proceed to the next step.
In Windows XP, open the Control Panel, Administrative Tools, Services, which will give you a detailed description of the services Windows is running. If you find something that’s unfamiliar, or causes you concern, Google that service/services on the Internet.
Proceed then to select Run from the Start Menu, and type “msconfig” in the box. With this tool you not only see the services running, but most importantly, the programs that your system is launching at startup. Again, if you find something that’s unfamiliar, or causes you concern, Google it on the Internet.
There are a number of online virus scanners that are, in my view, better at detecting malware than locally installed applications. I recommend that you next scan your machine at Trend Micro Online Scanner, and in addition scan it again at Panda Online Scanner. In this situation two is definitely better than one.
Most cases of infection and compromise should be cleaned, and your machine returned to its previous condition, by employing the above methods. But unfortunately, this is not always the case and you’re then faced with performing a full reinstall of the operating system. Since there is always the risk of an un-repairable system, this reinforces the need to ensure you have a realistic backup policy in place.
Security risks on the Internet you need to be aware of.
• Trojan horse programs
• Back door and remote administration programs
• Denial of service
• Being an intermediary for another attack
• Unprotected Windows shares
• Cross-site scripting
• Email spoofing
• Email-borne viruses
• Hidden file extensions
• Chat clients
• Packet sniffing
Security Checklist: Actions you can take to protect your computer system.
• Don’t open unknown email attachments
• Don’t run programs of unknown origin
• Disable hidden filename extensions
• Keep all applications (including your operating system) patched
• Turn off your computer or disconnect from the network when not in use
• Disable scripting features in email programs
• Make regular backups of critical data
• Make a boot disk in case your computer is damaged or compromised
• Turn off file and printer sharing on the computer.
• Install a personal firewall on the computer.
• Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet.
• Ensure the anti-virus software scans all e-mail attachments.
Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.
The free software listed below, in my view, provides better than average malware protection.
avast! 4 Home Edition
This anti virus app is a real fighter, scanning files on demand and on access, including email attachments. Let’s you know when it detects mal-ware through its shield function. An important feature is a boot-time scan option which removes mal-ware that can’t be removed any other way.
AVG Anti-Virus Free Edition
Similarly, this program scans files on access, on demand, and on schedule. Scans email; incoming and outgoing. For those on Vista, your in luck, it’s Vista-ready. I have been using this application since its release and it now forms part of my front line defenses. I recommend this one highly.
SpyCatcher does a good job of cleaning out spy-ware and at stopping further infestation. In my view however, it’s not as reliable as AVG Anti-Spyware.
In my view, Ad-Aware Free is the best free spyware and adware remover available. It does a relatively good job of protecting against known data-mining, Trojans, dialers, malware, browser hijackers and tracking components. The only downside with the free version; real-time protection is not included.
ThreatFire 3 blocks mal-ware, including zero-day threats, by analyzing program behavior and it does a stellar job. Again, this is one of the security applications that forms part of my front line defenses. I have found it to have high success rate at blocking mal-ware based on analysis of behavior. Highly recommend this one!
Comodo Firewall Pro
The definitive free firewall, Comodo Firewall protects your system by defeating hackers and restricting unauthorized programs from accessing the Internet. I have been using this application for 6 months and I continue to feel very secure. It resists being forcibly terminated and it works as well, or better, than any firewall I’ve paid for. This is one I highly recommend. Amazing that it’s free!
The free version of ZoneAlarm lacks the features of ZoneAlarm Pro’s firewall. Its program control asks you regularly whether to allow programs; for some this can get to be intrusive and annoying. But it’s been around forever it seems, and it can’t be shut down, or out, by mal-ware.
Do you want to get a better understanding of what programs are being added to your computer? Then WinPatrol is the program for you. With WinPatrol, in your system tray, you can monitor system areas that are often changed by malicious programs. You can monitor your startup programs and services, cookies and current tasks. Should you need to, WinPatrol allows you to terminate processes and enable, or disable, startup programs. There are additional features that make WinPatrol a very powerful addition to your security applications.
Surfing the Internet without using Sandboxie is, to me, like jumping out of an airplane without a parachute. Deadly! This application creates a “Sandboxed” protected environment on your machine within which you browse the net. Data that is written to your hard drive is simply eliminated, (or not, your choice), when the sandbox is closed. Utilizing this application allows you to surf the web without the risk of infecting your system with mal-ware or other nasties. This is another security application I have been using for over 10 months and it has yet to let me down.
Snoop Free Privacy Shield
Snoop Free Privacy Shield is a powerful application that guards your keyboard, screen and open windows from all spy software. I have been using this application for quite some time, and I have been amazed at the number of programs that have requested access to my keyboard and screen. Particularly, programs that I am in the process of installing. If you’re serious about privacy, this is a must have addition to your security toolbox.