Providing Real Solutions to Business Problems...
|
|
Systems, Solutions, and Services, Inc.
Providing Real Solutions to Business Problems... |
The best way to not have malware on your computer is to not get it. Practice "Safe Computing" (see "Protection from Malware"). Short of that, there are some basic steps that you can take that will often get you back in operation. Assuming that your computer is still operable, you can speed up the subsequent steps by running Disk Cleanup (Start->Accessories->System Tools->Disk Cleanup) and removing all temporary files.
Attempt a "System Restore" to reset the computer to a prior configuration (restore point). In home versions of Microsoft operating systems, you may have to create restore points manually. In the business oriented or professional versions, the restore points are created automatically. If you have a restore point created prior to the occurance of your problem, you may be able to get back in operation by going back to that restore point. To go back to a system restore point, click Start->Help and Support. You should see the option to undo changes to your computer with System Restore. If a system restore gets your computer in an operable condition, perform the remaining steps to ensure that you remove the malware from your computer.
Attempt to download updates of your current anti-virus product and run a full system scan. This may take hours. If infections are detected and removed, repeat the process until either no infections are detected or the detected infections cannot be removed.
NB: If you do not have an up to date anti-virus software product on your computer, GET ONE! If you use an unprotected computer on the Internet, it is not a question of whether or not your computer will be infected, it is only a question of how quickly and how badly will it be infected.
Attempt to download updates to your current anti-spyware product and run a full system scan. This may take hours. If infections are detected and removed, repeat the process until either no infections are detected or the detected infections cannot be removed. Recommendations for anti-spyware tools can be found at "Protection from Malware."
If the steps described so far do not correct your problem, you may need to attempt to clean your computer while running in "Safe Mode".
Reboot your MS Windows based computer. While the system is starting up, repeatedly press and release the [F8] key. This key is usually at the top of the keyboard, above the letters. When presented with a text menu, select "Safe Mode with Networking" by highlighting it with the cursor and pressing [Enter]. A lot of text will scroll across the screen. This is a normal process, but it is hidden during a regular system boot. When the system boot is finished, you will be cautioned that you are running in safe mode. Acknowledge the information and then run a full system anti-virus and anti-spyware scan using your installed tools. This may take hours. If infections are detected and removed, repeat the process until either no infections are detected or the detected infections cannot be removed.
After your scans have finished, while connected to the Internet, point your web browser to http://housecall.trendmicro.com and run the free on-line anti malware scan. Use either the Active X or Java based engine, depending on your system configuration and preference. At the completion of the scan, select the option to remove the infections detected. This may take hours. If infections are detected and removed, repeat the process until either no infections are detected or the detected infections cannot be removed.
If the processes above result in no more infections being detected, reboot your computer and try to use it. If you are still having problems, the malware may have caused more serious damage to your system configuration. Likewise, if the steps above result in infections being detected but not not removable, your computer is still infected. You may need to have the disk drive removed and scanned from a known good system.
Unfortunately, there are some malware infections which are essentially irreparable. If your computer is seriously infected, you may decide to do a "Wipe and Reload". It has the advantages of being the most sure-fire way of cleaning your computer and of taking a predictable amount of time, perhaps less than the time that any one of the previous steps might take.
A "Wipe and Reload" is the process of deleting all the content on your computer and restoring it with either a disk image or with factory restore disks. Many computers now come with a special partition on the hard drive that allows you to restore the computer to a "factory new" configuration. Each vendor has a different set of key strokes to be used during system boot to launch the restore. Consult the documentation that came with your computer. Some computers come with "Restore Disks", CD's or DVD's that can be used to restore the computer to a "factory new" configuration. Simply put the restore disk into the disk drive, reboot the computer and follow the prompts. Please be aware that a "Wipe and Reload will delete all the content on your disk drive. That includes your pictures, music, videos, email, documents, and any software you have added to the system. If you have information which you are unwilling to lose, make a backup copy of them before performing the "Wipe and Reload". If you do not have a backup, SSSi can usually get the information off for you. If you elect to do that, SSSi will provide you with a CD or DVD containing the information retrievable. If you want to save that information you must get it BEFORE the "Wipe and Reload".
The best corrective measure is prevention. Short of that, you are unfortunately in for some serious inconvenience, at best. The steps here are not guarantees, but have proven to be generally effective. The last resort, a "Wipe and Reload" may be worth earlier consideration if you have backups of your data and program disks for applications you have added to the system.