TweakTown
Tech content trusted by users in North America and around the world
6,143 Reviews & Articles | 39,488 News Posts
Weekly Giveaway: Win an Antec Case, PSU and Cooler (Global Entry!)

PC Security Guide - Protection from Viruses, Attacks and Spyware - Advanced Virus and Spyware Removal

Patrick Tilsen better known as "Yawgm0th" from our forums has just completed his first guide, which looks deep into PC security in terms of protection and removal. He covers the basics from preventing viruses, cracker attacks, and spyware from becoming part of your life through to the basic and complex methods of removing the threats. This is a must-read guide for beginner to intermediate users and even beyond.

| Guides | Posted: Sep 15, 2005 4:00 am

Advanced Virus and Spyware Removal

 

Now we come to the trickiest part: Fixing security threats after it's too late to prevent them. This can be ridiculously easy, or painstakingly hard. After you've read this, it shouldn't be too hard ever again.

 

The first thing to worry about is the symptoms. What's wrong with the computer? Is it slow? Has it been getting lots of popups? Is it doing strange things? Are programs not running properly? Depending on what's wrong, the problem can be completely unrelated to viruses, spyware, and attackers.

 

If a system without antivirus protection or spyware protection is in use, then first install and run an anti-virus program and a spyware removal program. A simple Ad-Aware or AVG scan, I've found, will take care of most or all problems on systems that have neither. If the system has decent AV and Spyware protection, proceed. Also note that much of this assumes a Windows 2000/XP-based machine is in use.

 

- Embedded Viruses and Spyware Programs

 

The first thing you should do when you suspect something is wrong is to open up Task Manager by pressing Ctrl + Alt + Del. The first thing I look at is the number of processes - fewer than twenty is a well-run system. Over twenty can mean there are just lots of programs running, or it can mean there are lots of bad, useless, unnecessary, or harmful programs running. Over 30 usually means the computer is bogged down with viruses, spyware, unnecessary programs, or any combination of the three.

 

Use a router for improved security - How much?

 

NetGear DG834G Wireless Router

 

When I see over 20, the first thing I do is open up the Microsoft System Configuration Utility (Start > Run > msconfig). Windows 2000 systems don't have it installed by default, but you can either copy it over from XP or Windows 9x, or you can download HijackThis, which will double over as msconfig. You're likely to use HijackThis anyway, so you might as well get it.

 

 

Once in msconfig, go over to the Startup tab. The number of entries checked is indicative of how bogged-down the system is. What the entries are is indicative of whether or not the system is infected. At this point, you'll need to figure out what everything is. The best method is to use IANAG's "File Help" section which allows you to search for file names and work out if they are good or bad. You need to do the same with the processes in Task Manager. Sometimes this can be easy, an entry like atievxx.exe isn't too hard to figure out if you're using an ATI video card (BTW, it's unnecessary so you can and should remove it). VPtray in D:\Program Files\Symantec_client_security\symantec antivirus\ is obviously used by Symantec.

 

How fast this part goes takes experience. I can look and almost immediately tell if something is a start-up virus/spyware program. You might need to do some digging around. I'd suggest you look at stuff coming form the Windows folder or stuff coming from no where. For example, there is an unticked process on the msconfig screenshot of my friend's once-bogged-down Gateway. It turned out to be a non-essential process for keyboard functionality, but I've found many viruses that, like it, didn't have a full directory listed. Anyway, any useless entries should be unticked. Any suspected threats should be unticked, then found and deleted from the hard drive. Processes found in Task Manager should also be ended, then deleted from the hard drive. If something in msconfig won't delete, then you try ending its process in task manager and then deleting it. If it's not there or won't end, you have a new problem.

 

Further Reading: Read and find more Guides content at our Guides reviews, guides and articles index page.

Do you get our RSS feed? Get It!

Got an opinion on this content? Post a comment below!

Latest Tech News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases