A system that displays the symptoms listed previously is most likely infected with malware. to clean it, download Microsoft Security Essentials and Spybot search and Destroy (to start). When the cleaners are installed, launch
each and select Update to get the latest definitions.
NOTE If your web browser is
hijacked, you may be unable to use the infected machine to download the
software. Alternatively, download the software on a clean machine and burn it to
CD or save it to a USB drive. If no other machine is available, try downloading
it using a non-Internet Explorer–based web browser, such as Mozilla Firefox
(http://mozilla.org/firefox) or Google Chrome (www.google.com/chrome/), which is less likely to be
hijacked.
Before you scan your computer, unload any spyware processes that are
already up and running on your machine. To unload spyware processes and scan your
computer, follow these steps:
1. Disconnect your PC from the
Internet connection and shut it down.
2. Start the computer again, and
press the F8 key while it is booting up (before you get to the blue-toned
Windows welcome screens).
3. Choose to start the computer in
Safe Mode, which runs only the bare-essential processes and drives to make a
system work.
4. When the computer is up and
running in Safe Mode, open Microsoft Security Essentials. Set your Scan Options
to Full; then click the Scan Now button. The scanning process can take a while
to run, but as it’s scanning it displays a list of possibly malicious objects it
found on your system, as shown in Figure 11-1.
Figure 11-1: Microsoft Security
Essentials notifies you of threats and recommends a course of action.
5. Select any item, and click Show
Details to read about the potential threat. You can choose to Remove,
Quarantine, or Allow any item in this list; normally you simply stick with the
Recommended Action. Click the Apply Actions button to take the action set for
each item in the list.
6. Quit Microsoft Security
Essentials and launch Spybot Search and Destroy. Choose Check for Problems. This
scan might also take some time. Remove anything Spybot finds.
7. While you’re still in Safe
Mode, go to Add/Remove Programs in Control Panel and comb through your installed
software list. Uninstall anything you don’t recognize or need. Any piece of
software whose title contains the words bargain,
tracker, snoop, or
monitor should be removed immediately (and their
authors roasted for long, painful hours over a hot fire).
8. Reestablish your Internet
connection and reboot your computer normally (not in Safe Mode).
9. When you’re back in Windows,
visit Windows Update (http://update.microsoft.com) or open the Start menu and search
for and launch Windows Update to make sure your copy of Windows has all the
latest security patches and updates — at least all the critical updates, if not
all recommended upgrades. This process can take a long time, depending on the
speed and age of your computer, and it may require rebooting your PC (sometimes
more than once).
10. In the Windows Update sidebar,
click Change Settings to turn Automatic Updates on, as shown in Figure 11-2.
11. Finally, weed out any
unnecessary programs that start up with your computer. (Hack 104, “Clean Up Your
Start Up” provides more on how to do that.)
Figure 11-2: Microsoft Windows
Automatic Updates keep your PC’s system patched and secure.
each and select Update to get the latest definitions.
NOTE If your web browser is
hijacked, you may be unable to use the infected machine to download the
software. Alternatively, download the software on a clean machine and burn it to
CD or save it to a USB drive. If no other machine is available, try downloading
it using a non-Internet Explorer–based web browser, such as Mozilla Firefox
(http://mozilla.org/firefox) or Google Chrome (www.google.com/chrome/), which is less likely to be
hijacked.
Before you scan your computer, unload any spyware processes that are
already up and running on your machine. To unload spyware processes and scan your
computer, follow these steps:
1. Disconnect your PC from the
Internet connection and shut it down.
2. Start the computer again, and
press the F8 key while it is booting up (before you get to the blue-toned
Windows welcome screens).
3. Choose to start the computer in
Safe Mode, which runs only the bare-essential processes and drives to make a
system work.
4. When the computer is up and
running in Safe Mode, open Microsoft Security Essentials. Set your Scan Options
to Full; then click the Scan Now button. The scanning process can take a while
to run, but as it’s scanning it displays a list of possibly malicious objects it
found on your system, as shown in Figure 11-1.
Figure 11-1: Microsoft Security
Essentials notifies you of threats and recommends a course of action.
5. Select any item, and click Show
Details to read about the potential threat. You can choose to Remove,
Quarantine, or Allow any item in this list; normally you simply stick with the
Recommended Action. Click the Apply Actions button to take the action set for
each item in the list.
6. Quit Microsoft Security
Essentials and launch Spybot Search and Destroy. Choose Check for Problems. This
scan might also take some time. Remove anything Spybot finds.
7. While you’re still in Safe
Mode, go to Add/Remove Programs in Control Panel and comb through your installed
software list. Uninstall anything you don’t recognize or need. Any piece of
software whose title contains the words bargain,
tracker, snoop, or
monitor should be removed immediately (and their
authors roasted for long, painful hours over a hot fire).
8. Reestablish your Internet
connection and reboot your computer normally (not in Safe Mode).
9. When you’re back in Windows,
visit Windows Update (http://update.microsoft.com) or open the Start menu and search
for and launch Windows Update to make sure your copy of Windows has all the
latest security patches and updates — at least all the critical updates, if not
all recommended upgrades. This process can take a long time, depending on the
speed and age of your computer, and it may require rebooting your PC (sometimes
more than once).
10. In the Windows Update sidebar,
click Change Settings to turn Automatic Updates on, as shown in Figure 11-2.
11. Finally, weed out any
unnecessary programs that start up with your computer. (Hack 104, “Clean Up Your
Start Up” provides more on how to do that.)
Figure 11-2: Microsoft Windows
Automatic Updates keep your PC’s system patched and secure.
