Announcements:

I am currently writing at Computelogy.com actively and that's why i sort of abandoned my own tech blog. Since i am too busy to be taking care of both sides, i guess this blog will go into hibernation for a very very long time. Regrettable, but then it's hard to come up with new posts & stuffs.

So once again, i am now writing actively at Computelogy. Feel free to visit there and enjoy our latest articles and posts!

November 15, 2008

What To Do When You Got Infected

I am now quite a risk-taker when onlining. When i'm still a computer newbie two years ago, i was pretty cowardly at exploring the web, visiting unknown sites and downloading mysterious stuffs. Two years later, these phobia seems to have long gone. Of course, the journey is not without hardships. I contracted countless Trojans and got two Worms when i'm still using XP. Possibly a few spywares here and there too. Even after i made the transition to Vista in summer 2008, my security woes have lessened a lot but occasionally i might get infected too.

This is the famous one: Antivirus XP 2008. This rogue software once caused a havoc during the early days of 2008.

Everytime i got infected by malwares i learn bit by bit. So here i am, trying to tell you in the form of an experienced "malware-infected user" on what to do when you got infected. Some people knew on certain instance that their PC has been infected, but they do not know the complete procedure to solving the problem.

My tutorial is based mostly on experience with a bit of technical spices, and it'll go in four steps. I shall give further recommendation after detailing my self-christened "Four-Step Process".


STEP 1: TURN OFF YOUR INTERNET CONNECTION

It's pretty simple. Either disconnect using your network sharing center or simply just pull off the ethernet cable (LOL). If you're using a laptop and are connected via wireless, that's even easier: just flick off the wireless switch or button...:)


As hackers and intruders are remotely manipulating your PC and obtaining information online, disconnecting from the web is the most simple and effective way to thwart them from taking control of your PC. Even the Trojans and Spywares require an internet connection in order to send some useful stuffs back to their creator...by turning OFF the internet connection, basically you've reduced the malwares' damage by HALF!!!


STEP 2: STOP ALL RUNNING PROGRAMS AND TASKS

I'll tell you why this is important: sometimes a malware is activated and started doing its dirty jobs because you have executed a program which is infected by that malware. So, the simple thing to do? CLOSE all programs running on your PC! If you're currently doing something, just save your work and exit; it won't do you harm.


STEP 3: GIVE YOUR PC SOME GOOD, THOROUGH SCANS

After disconnecting from the internet and shutting down all running programs, here's the familiar one: scan your PC. You wouldn't need me to tell you what to do: Pull out all the security arsenals (all the antivirus, antispyware and antimalwares you got), and start scanning! (I hope you do keep your virus databases updated though, or else you might miss out some malwares)

Using some good antivirus such as Bitdefender (shown above) is the first step towards effective virus scanning and detection.
Do not assume that your PC is safe with only an antivirus running...additional antimalwares/antispywares are best to be installed as they offer additional protection without conflicting with your antivirus, such as Netgate's SpyEmergency (shown above)

Nowadays, some hackers and virus creators are VERY UNFORGIVING. When they wanted to infect a PC they wouldn't just attach one virus to a file. They will attach MANY, some included spywares and keyloggers together with a couple of Trojans or even a Worm.

I'll tell you why...again. Malicious users often attach many malwares to a file because they are counting on the fact that lots of users only have ONE antivirus to protect themselves. By attaching MANY malwares to a file, once a user got infected, his or her antivirus perhaps may only pick up some of them, while the other malwares....well, remain HIDDEN and HAPPY. As long as the malicious user got its wish of infecting your PC, they won't care actually how many malwares your antivirus had caught. Next time when you, thought that you're safe, went back onlining again, they will still be able to gain access to your systems....

Now, back to the scanning stuffs. If your security software caught something, try to ask the security software to disinfect it first. If there is no such option available, or that the security software failed to disinfect the file, WATCH BEFORE YOU DELETE! I have a case when i used to delete an infected file and it caused one of my application software to become crippled. If there is an option called "quarantine", use it! It is there for a reason!


STEP 4: CLEAN UP YOUR SYSTEM RESTORE, DEFRAG YOUR PC AND RESTART

Here are some optional step, which can be followed but not necessarily a must. In the event that you have System Restore turned on and running on your PC, remember to wipe it clean. That is to prevent malwares once residing in your PC being preserved in a System Restore point. If you did not do it, who knows one day when you need to restore your PC to an earlier state, the malware would live once again!


As malwares can cause fragmentation on your PC due to some background "nuisance" they started up, it is advisable to to defrag your PC after cleaning up an infection. Cases are rare, but failing to defrag your PC which had been severely fragmented by a piece of malware may cause your system to run slowly or even crash, if it was the system files that got fragmented.


After all the jump and duck, remember to do this one thing: restart your PC. Some antivirus, such as my Kaspersky, occasionally will request a restart to clean up certain malwares. But even if you do have Kaspersky, the best thing is to remember to restart yourself. Restart refreshes the PC's system and gave it another fresh start. If you love your PC, then do it...:)


After detailing the "Four-Step Process", here are my further recommendation:

1. In the event you failed to clean up those pesky malwares, try to restore your PC back to an earlier state via System Restore. If you are pretty aware of your PC's malware status, make sure that you choose a restore point which is healthy and free of malwares. That is of course, achievable provided that you DID NOT apply the optional choice of cleaning your System Restore point in my 4th step!

2. If you suspect your PC is still infected or partially uncleaned of malwares, try booting your PC in safe mode WITHOUT networking and start another series of scans. In safe mode, your OS is operating at a minimum amount of software and processes, Therefore, it is a definite thing that your PC can be further checked. However, DO NOT attempt to replace any STEP 1-STEP 3 of my "Four-Step Process" with this! You'll seriously be sorry if you do that, because some malwares are designed to fully control your PC ONCE YOU RESTART for the first time they went active!!! A Trojan called Kavo.exe once did this to my XP...

Booting Windows in Safe Mode is one good way of scanning for virus, as the environment variables are limited and there are no connections to the internet.

3. If your PC has been taken over completely even after all that i recommend to you, and your PC is crippled or rendered useless, then i'm afraid a reformat aka reinstallation of your PC is required....definitely required. The only three reasons you could have got to this demonic end after following all my advice are:

A) Your security softwares (antivirus, antispyware whatsoever) are poor/mediocre in detection

B) You DID NOT update your security softwares

C) The hackers/intruders are too hacking-geeky that they totally annihilated your PC at their first attempt....(LOL..though i hope its impossible)

Reformatting an infected-beyond-recovery PC is equivalent to reducing all those malwares to nil but the entire process can be tiresome, lengthy and slightly complicating.

However, do take note that reformating your PC is the ABSOLUTELY LAST RESORT. By reformatting, even though you can be 110% sure that you'll wipe out the pesky malwares, but then you can also be 99% sure that you'll lose all your data stored in the PC. There are cases where i still managed to retrieve a few of my documents through file-recovering but then i can guarantee you approximately a 99.5% loss of previous data. If you're still able to operate your PC after some malware attacks, just backup your important stuffs on a USB drive or any other storage device before you reformat.

Masterminded by James on 10:18 AM

Labels: ,

0 opinion:

Post a Comment

Subscribe to: Post Comments (Atom)

Review Digital Plexus

I do not know how well this blog is doing unless there are feedbacks. Please do leave a review or two with us on how you think about Digital Plexus, its authors or the qualities of the posts. Good and bad comments are all welcomed, but please avoid posting rude/obscene comments that are not helpful to any of us working on this blog:

Disclaimer:

This blog is dedicated for the benefits of those who seeks experiences, knowledge or information in the computer, IT news, technology and software & hardware area. Digital Plexus cannot control how readers use the information, including any fraudulent conducts, illegal activities or deeds as regard by the law. Therefore, Digital Plexus & its authors shall not be liable to any damages caused by readers who misuse the information provided.

Digital Plexus utilizes information from many sources, including personal experiences of authors. Digital Plexus will never claim credits or ownership rights regarding the information it used in the blog, except for the raw articles posted on the blog - those are original materials written by the authors of Digital Plexus itself after the compilation of various information and/or experiences.

Followers

  © Blogger templates 'Neuronic' by Ourblogtemplates.com 2008

Back to TOP