OK so this is part 2 of this series computer virus, adware, spyware and malware. Part 1 was basically me saying I had a problem and what I normally do to stay safe. In this part I’ll talk in detail about how I got a clean system. It all started about 10 days ago, and I decided to test a bunch of freeware instead of just going into DOS. Because that’s the super easy way to clean your system; if you know where the infected files are, just stop the startup process using F8, F9 or the Del button or better yet use the installation disk if you have one of those and it will walk you through the process. But nobody does it this way anymore, for the most part they just run a virus scan and hope it gets all the removes viruses for them. This approach I’m showing you today is if YOU want to see what’s going on first. And then I’ll show you some free tools you can use to fix everything. Also I put some links to free software at the end .
But the question is; how do you tell your system has a virus malware or adware? Well, your system will be acting weird. In my case the system was slow and popup windows kept coming out of nowhere. And my computer kept trying to talk to the internet. I mentioned in part 1 that I use ZoneAlarm , and it’s a local proxy that tells you both what devices on your computer are trying to make contact with the internet AND when something from the internet is trying to reach out and make contact with your computer. It allows you to approve and disapprove everything. For a free device it can’t be beat! So I expect Internet Explorer to try to the internet, but when I saw Windows Explorer trying I knew something was wrong.
So the first thing you want to do is find the find virus software. Many times it’ll be in your system32 folder, and it will be dated.
If you open a folder and press the “date modified” button (across the top of the folder) it will put things in chronological order and you can see what software is recent.
Just look for something weird-in the old days hackers use to sometimes name their malicious software clearly fake names like “stealcomputer.exe,” and many times they’ll name it something that looks like a real file. Below in the picture you can see a bunch of files from March 15th that I know I didn’t install, so they’re bad guys and probably adware and spyware. Those .dll files are typically the bad guys. But YOU should just be looking at this point, I kinda know what I can throw away and what I can’t, and how to restore stuff if I make a mistake-so just take it easy we’re just trying to ID stuff at this point.
Another way good piece of free software is Startup Control Panel . You should have this program anyway because it helps you find junk that starting up when your computer starts up and you can stop a lot of that crap to speed up your startup time AND give you more memory to use in a way that you want. As you can see in the picture there are bunch of virus type files that in my startup. In fact you see double entries. What happened was I unchecked the boxes but they came back. And THAT is when you KNOW you’ve got some bad malware hanging in there. When it won’t go away and you can’t use the right click “delete” function of Startup Control Panel that means it’s sticking to your system like a parasite.
Another tool on your computer should know about is the Windows Task Manager . It’s a little like the Startup program except it comes WITH Windows already and tells you currently what’s going on with your system. It even tells you how much of your CPU power is being used. So I know when I’m not running anything heave but see 99 or 100 percent being used that SOMETHING is being run in the background. And those “rundll32.exe” look very suspicious. Remember when we saw those .dll programs in the System32 folder? See how it’s all tying together now?
SO NOW LET’S TALK ABOUT SOME VIRUS SCANNING AND REMOVAL SOFTWARE
Now if you had a bad virus infection you might not be able to get online! But if you can, there are a few online scanners that are free like Trendmicro, so that’s something you can try. But my suggestion is you should download this stuff now . They’re free and they’re all small files. So have them installed and ready to go when you get infected.
Well I tried my old standby and usually very good program LavaSoft’s Ad-aware . But it kept konking out. Normally this thing has a basic scan and a DEEP scan, but it would scan for a while and freeze up. So that did not do the trick. So I tried to try a new program I had never heard of called Avast 4.7. Total crap. It kept konking out too. But worse than that it’s trying to be fancy. And let me just say; when you’re computer is shut down by viruses you’re NOT in the mood for fancy. It’s got a space age interface and makes a bunch of sound effects (that you can turn off, but now you’re wasting time doing THAT). And the interface is confusing It checked me out and said I was clean!
I tried another program I had never used before, but I didn’t know it was one of those deals where it will FIND the viruses, but then charge you to clean them. It was called Spyhunter 3. It found some stuff, but I could tell that it didn’t find the REALLY bad stuff.
Next I moved on to some old favorites Spybot’s Search and Destroy. This thing will find the bad stuff and delete them. It takes a while, but really they all do. It did a good job of getting the upper crust of the malicious software off. But that’s something you have to keep in mind, if you get some malware, or adware it will start multiplying and inviting more bad software to your machine!
So Then I went and got the best free computer condom out there. It’s called Spyware Blaster, and it’s like a said a condom for the computer. It just protects you when you go out on the internet. While I was getting it, I also did search for one of those bad .dll files to see if anybody knew anything about it. That’s a big part of virus removal going onto a search engine and seeing if anybody knows how to defeat it. One really great website (it’s actually a forum).
But I had mljgg.dll and the recommendation was VundoFix, so I ran that and it gave me a clean bill of health.
But then I ran Spybot again and it said I still had Virtumondo stuck in my registry! So I went back to the forum and another recommendation was Kaspersky. And that did the trick. It found all the problems and didn’t freeze up in the middle. And deleted the problem files when the computer restarted. Now I also tried about 4 or 5 other programs like Microsoft’s Defender, but that one froze up too in mid-scan, and some other stuff but I feel I’ve overloaded the average reader at this point! So Kaspersky is the one that worked.
And here you can see my clear system.
Ok Let’s do a review. First there’s the stuff I recommend
There’s Ad-aware Virtumonde has been integrated into this program
There’s ZoneAlarm, and they have multiple versions including a free one
A great tool to let you know what’s in your startup is Startup Control Panel
Next is the stuff you can try but I had mixed results
Avast free removal
Finally there is an online tool called Trend Micro House calls . I didn’t want to push this really because even though it’s good, you need to be online .