Sunday, February 28, 2010

I am Geek, hear me RAR (or tar, or gz, but (sigh) rarely unzip)

with all credit to www.userfriendly.org.


Wednesday, February 03, 2010

Virus Removal

Again, a question from a friend caused me to write this up. And since I give out this information relatively frequently, I thought I would just post it here for all to see.

As with any of my stuff, Caveate Emptor, YMMV, Objects may be closer than they appear, draco nuncum titilandus.

***************

The overall theme to this process is "wash, rinse, repeat". Because viruses and spyware programs tend to have lots of little pieces which "hide" the other pieces from the operating system, your process to remove them is to get rid of the piece that is visible, then reboot, then get rid of the next piece, etc.

I have 3 tools that I use for this:

  • Malwarebytes Anti-Malware (http://www.malwarebytes.org/index.php)
  • Spybot Search and Destroy ()
  • Grisoft's AVG ()
Things to consider:
1) If you already have an anti-virus program, you don't need AVG. That having been said, I'm not a big fan of Symantec or McAffee. I have used them for years but find that recently their software has become bloated, convoluted, unresponsive and even difficult to remove. If you have one of them and you aren't impressed, I would suggest removing them in favor of the 3 programs above.

2) The same can be said for Spybot. If you already have an anti-spyware program, then you can skip this. If you DON'T have one, please make sure you install Spybot.

Step 1: download and install the software
  • Download Malwarebytes from here:
    http://www.malwarebytes.org/mbam-download.php
    Download Spybot from here:
    http://www.safer-networking.org/en/download/index.html
    Download the FREE version of AVG from here:
    http://free.avg.com/us-en/download?prd=afg
    (you click the left side of the screen where it says "FREE", which takes you to a C-Net download.)

Step 2: Install Malwarebytes
For immediate virus/spyware removal, you only need Malwarebytes. But don't forget that you need an anti-virus program AND an anti-spyware program!

Step 3: Run Malwarebytes
Once you have installed it, running it should be fairly easy to figure out.

After it has run, you will see a message about infected files. Make sure you choose to "remove selected" files rather than just closing out of the program.

Step 4: Reboot

Step 5: Run Malwarebytes again
Really. It sounds dumb, but just run it again anyway. Remember to remove any infected files you find.

Step 6: Reboot into safe mode
While the computer is coming up (immediately after restartng, before the Windows logo shows up) hit the F8 key on your keyboard. You will see a black screen with white letters, and the top option will be "Safe Mode". Use the up- arrow key to get to that choice, and then hit ENTER to select it.

Once you are into windows (the screen will look way funky. Just stay calm), start Malwarebytes again.)

If you have problems with Safe mode, check this out for screen shots and more information: http://www.computerhope.com/issues/chsafe.htm

Step 6: Reboot normally (no safe mode)

Step 7: Run Malwarebytes again
At this point, you need to pay attention to the errors and such. If you are STILL getting messages about infected files, keep this process up. I would drop back to Safe Mode and keep running/rebooting until you can a clean run (ie: no infected files). THEN I would reboot into regular mode and run one more time for safe measure.

Step 8: Install antivirus and antispyware
Remember, if you don't have an antivirus program, or if you have one that isn't working for you, I would remove what you have, and then install AVG and Spybot.