 |  |
Computer
First Aid
(updated August 2008)
Computing can be a difficult and even intimidating task for many people. One of the most troublesome problems people have with computers is when unwanted software (called malware) is installed on the computer, causing it to slow down . The presence of malware (viruses, spyware, adware, trojans, etc.) on a computer can make computing very difficult, and unsafe as well. Often, people reach this stage and then give up--they just don't turn on the computer or surf anymore, because it is too tedious. This problem is very unfortunate, because with a few simple steps, most users can clean up their computers, and keep them running in a very efficient manner. This is turn can save money, because a a cleaned computer that is already paid for is much cheaper than a new one that you would put on your Mastercard.
You would be well advised to know that there are three sections to this essay. If you have been experiencing problems with malware on your computer, it is important to take care of all three steps, because all three are essential for the continued safety of your computer.
A. Cleaning up your computer
If you are willing to put a bit of time and effort, you can most likely clean up your computer (and keep it clean) for free--there is no charge at all for any of the programs linked to below.
If your
computer has been seriously infected
(to the point that it is slowed to a crawl, or is otherwise unusable),
you should definitely take two additional steps (in addition to everything else below):
A. Run the antivirus and antispyware programs in Safe Mode.
This is a
stripped-down instance of Windows running, with fewer programs running,
which make it less likely that the malware will be running as well.
This in turn will give you a better chance of removing the malware. You
can only get into Safe Mode by booting your computer into it: after you
turn your computer on, but before the Windows startup screen appears,
hit the F8 button. Choose to boot into Safe Mode (if you haven't been
able to get online and update your virus or spyware definitions, then
you should boot into Safe Mode with Networking, which will allow you to
go online).
B. Get a second
opinion--after cleaning
up the computer, get an online virus scan. Many of the antivirus
companies provide them for free. You can find a few here: Norton Antivirus
, Bit Defender,
and Trend Micro
(which
work with Windows 98, ME, 2000, and XP). If you are running Vista and
want to take advantage of an online scan, you can try F-Secure. All of these online scanners require the scan to be done in the Internet Explorer browser.
1. Get updated
antivirus and antispyware program
If you don't have a good antivirus and
antispyware
program, you can get one of these two (either is good; you don't need
both) by clicking on the link: Avast
or AVG. Running and updating either program is easy
enough, but if you need directions on using the program, install
Avast--below, you will see directions for using Avast. AVG
is the more popular program, but both are very solid.
For a couple of minor reasons, after installing AVG and trying it for
several months,
I decided to use Avast, which I am more than happy with. But either
program
will be excellent protection for your computer. AVG 8 only
works with Windows 2000, XP, or Vista; Avast works on
Windows 95, 98, ME, 2000, XP, or Vista, so if you have a computer
running Windows 95 or 98, you will definitely need Avast.
You can safely allow all of the default choices for installign Avast. After installing it, you will need to make sure the program is updated. Either during or just after the installation, Avast should ask if you want to update. Go ahead and let it. If for any reason you aren’t sure that this has taken place, right-click on the A-ball icon in your system tray, and select Updating. In the new menu, select iAVS update. This will update the antivirus and antispyware definitions.
2. Scan for
viruses and malware
Keep
in mind my advice about an infested computer--if your computer is
having serious problems, run it in safe mode. If you are
simply
trying to make sure that your computer has good protection, then you
probably don't have to boot into safe mode (of course, it wouldn't
hurt, you know...). At any rate, once the antivirus program
has
been updated, have it scan your computer.
With Avast, right-click on the A-ball and select "Start Avast Antivirus." A splash screen will come up, and then the main window. In that main window, you will need to look for an icon that looks like a computer's hard drive. Click on that icon; then click on the icon that looks like the Play button, a right-facing arrow. This will start the scan.
Any antivirus program will be able to remove or delete the nasty file; they also have a function that they call "quarantine." This will move the infected file to an area where it can't cause any mischeif; but if you find out later that it was a false positive, you can then move it back to its original destination. I usually don't use this function, but you can if it will help you sleep any better at night. Later on, you can clean up the quarantined files by deleting them from the computer. Avast has this fuction as well, although it is called the "chest." When it detects a virus, you can either select "Delete" or "Move to Chest."
If what is being reported as malware, shouldn't be on your computer, you can remove what the scans find. If you aren't positive about removing some or all of the items they recommend for removal, both programs give you the option of "quarantining" the spyware. Quarantined malware will not be able to disrupt your computer. You can go back a week later and delete the quarantined file, if nothing is going wrong with the computer. On the other hand, if a problem is created by quarantining those files, you can always restore them.
3.
Look in Add or Remove Programs
Most spyware will not alert you
to its presence by placing an entry
here, but some programs will. Go to
Start>Settings>ControlPanel>AddOrRemovePrograms
(in Vista, the
Start pearl>Control Manager>Programs). You will be
presented with
a list of programs installed on your computer. Be forewarned-- the Add
or Remove Programs menu is not a list of spyware or viruses-it is the
menu in which all regularly installed programs go. However, there is a
chance that malware is listed here. One type of malware that does
commonly list itself in the Add/Remove Programs menu is adware search
toolbars (anything that has the word search in it
is possibly
one of these). Don't uninstall anything until you are sure that you
don't want it there. Once you have determined that you don't need or
want a particular program, select that program, and then click on the
Change/Remove tab to uninstall. You may have to restart your computer
after the uninstall process is finished. Again, you should only
uninstall a program on this list, after you are sure it doesn't belong.
A Google search can help you decide if you want it on your computer.
Don't be surprised if your antispyware progam doesn't get rid of such a
toolbar. They are notoriously difficult to kill. If you have one, and
an antivirus and antispyware scan, or the Add-Remove Programs window,
in Safe Mode won't get rid of it, you'll probably have to look it up
online to see how to remove it.
Let me warn you about one particularly subtle type of malware. There are some programs that get installed on your computer, and then inform you that your computer has umpty-six infections, and that if you pay $20 to download a certain program, you will be able to clean up your computer. Don't ever go through with that and pay them money-it's a scam! Apart from some incredibly isolated examples, everything you need to get, to clean up your computer, you can get for free. If you think you might have some program on your computer that is malware posing as a good program (trying to scam you out of $20 or so), you should go to this anti-spyware site. This site will provide you with information on such rogue anti-spyware programs.
Symantec (the makers of Norton Antivirus) maintain a fairly up-to-date library of utilities and information on how to remove malware that is prevalent in the wild. If you have a particular bit of malware that is hard to kill, you would do well to see if Symantec has a tool to deal with it.Keep in mind that you should not consider your computer to be cleaned up (after you have become infected) until after you have rebooted and run a new scan. Believe it or not, a fair amount of malware has the ability to change its directory when a drive is being scanned, and thus even though the anti-malware program tells you that it has taken care of it, it will still exist on the hard drive. This is why it is good to reboot and do a new scan, even after your program has told you that it has disinfected your computer.
4. Consult the
experts
If you have not been able to clean up your computer on your own, you
have two other choices: go online and get expert advice to clean up
your computer (still for free), or you can simply reformat your hard
drive and start over, if you have the original Windows installation
disks on hand. One major problem with reinstalling Windows is that you
lose all your files, programs, and drivers (small utilities that
Windows needs to work will all the hardware, including the innards of
your computer). Reinstalling all of these can take quite a while, so
reinstallation of Windows (and then everything else) should only be a
last resort. Before using this nuclear option, try to clean up your
computer first. You
can go online to the Techguy.org
forum and get very timely and expert assistance with your
computer problems.
B. Things to do once your system is clean:
1. Update Windows
It is important to update Windows itself. In Windows XP or 2000, just go to the Windows update site. If you are running one of the 9x series of Windows, you will need to go to another Windows update site. If you are using Vista, go to the Control Panel, and then use the Windows update function within that directory to update your operating system.
If you have Vista, you should have SP1 (SP stands for "Service Pack," a collection of updates) installed. If you don't, and don't see it offered via Windows Update, you can download it here.
If you have XP, you should download both SP3 and Internet Explorer 7 (if you haven't already). To find out if you have SP3 installed, right-click on My Computer, then select Properties. Look at the General tab. Towards the top, under System (and above the identity of the person to whom the computer is registered), you will see the version of XP you are using. There, you will see what (if any) service packs you have installed. To get SP3 for XP installed go to this link. At that page, you can get will find links to the Windows Update site (requires Internet Explorer), to a page where you can manually download it (if Windows Update won't offer it to you for some reason), or even order it on CD from Microsoft, for $4 (including shipping). Do keep in mind, that in order for SP3 to install, you need to have XP SP1 or SP2 already installed--you cannot install SP3 onto an installation of XP that does not have at least SP1 already installed. So if you don't have SP1 or SP2 on it,you can try to get it through the Windows Update site; if that doesn't work, click on this link here to download SP2 for your XP computer. It is vitally important if you are online, to have at least SP2 on your computer. SP2 has security fixes for worms and other problems that render a computer without SP2, very vulnerable the minute it goes online. Microsoft used to offer SP2 on a CD for free, but the only link I had, and the only link I've been able to find online for it, now redirects to a link for ordering XP's SP3 on cd (for which they charge a very reasonable $4 for shipping). If you still need to get SP2, it looks like the only ways to get it are via download in that link above, or through the Windows update site.
Also, if you have Windows XP, make sure that Internet Explorer is updated to IE7 (Vista comes with IE7 already installed). To find out what version of Internet Explorer you have, open it up, and then go to Help>About Internet Explorer. The window that pops up will show you which version you have. It should be installed along with other updates to XP. In case this hasn't taken place, you can download IE 7 here. Keep in mind that in order to download or install IE7, you will need to have SP2 installed, so take care of that first. If you have an older version of Windows (98, or ME), you can't install IE7. In this case, you would be much better off, from a security standpoint,downloading the Seamonkey browser, and using IE only for Windows updates from microsoft.com. If you are running Windows 95, then you should turn to the Opera web browser. Scroll down to see my remarks on these browsers in Section (3) below.
2. Turn System Restore off and then back on again.
System Restore often harbors the malware that goofed up your system to begin with. If you have found malware on your computer, be sure to turn off System Restore (which deletes any of those files), and then back on again. In XP: Right-click the My Computer icon, then select Properties. In the new windows, click on the System Restore tab. Check the box that says Turn off System Restore on all drives. Click on OK, then Yes to any warning message. To turn it back on again, go to that System Restore tab. Uncheck the box that says Turn off System Restore on all drives. In Vista: Go to Start>Control Panel>System. On the left pane, click on System Protection. In the new window, uncheck the C drive (which is the drive where Windows and other programs are installed, unless it has been altered, in which case you would probably know). Click on OK when you get a new message asking if that is what you want to do. Then, click on the Turn System Restore Off button. To turn System Restore back on: go to the same location, but this time, check the box next to the C drive. Select OK or Apply.
Keep in mind that the fact that System Restore can harbor malware, doesn't make that function a bad feature. System Restore is a helpful feature in which can re-set many settings in Windows itself back to a previous "restore point." However, it isn't a complete, system-wide rollback machine--it will not restore deleted files or programs, nor will it remove any viruses. Its simply designed as a way to preserve some Windows settings, in the event that you (or some malware) goofs things up. You can't use it to combat malware, because System Restore doesn't delete anything, and also, any malware currently on your computer will typically be also inside a restore point (they are usually made every 24 hours in XP). But you can use it in case you have made some changes to your monitor, or to Windows itself that you wished you hadn't, and can't figure out how to unravel it.
3. Download the Firefox web browser and use it to surf the net instead of Internet Explorer.
Simply using this browser will make it less likely that your computer will be infected with viruses and spyware. You can download the latest version at www.mozilla.com. In addition to being more secure (it's security holes are patched faster than those of IE), the Firefox web browser offers other advantages, such as a password manager, and the option of using many different "skins" or "themes" on the browser (themes are the different colors and icons that you can use on your browser); finally, Firefox offers you a nearly unlimited number of "extensions," small programs that do one or two things for you.
Some users might prefer a slightly different browser, akin to Mozilla Firefox--called Seamonkey (Seamonkey is in fact a "descendant" of the original Mozilla web browser project, which a few years ago decided to focus on the Firefox browser; however some people still keep Seamonkey going). There are two advantages of using Seamonkey. One is that Seamonkey is compatible with Windows 98 or ME, so if your computer is running that version of Windows, you can safely browse with Seamonkey (Firefox version 2 will run on Windows 98, but will stop receiving security updates in late 2008, so you'd be better off switching now, than finding out your machine had been compromised in early 2009, and then making the switch). A second advantage is that Seamonkey has an email client built in to its program. If you have used Netscape Navigator in the past, and like the built-in email cient, then Seamonkey is for you. Simply wanting an email client doesn't mean you have to use Seamonkey, however. If that is your only concern, you can use Firefox for web browsing, and its sister project, Thunderbird, to read your email. To summarize: if you want separate web browser and email client, you can use Firefox and Thunderbird; if you want them both rolled into one program, then you would want Seamonkey. If all you are interested in is a browser, then by all means take Firefox--it represents the future of the Mozilla project, and is more actively maintained than Seamonkey is.
If you are running Windows 95, you will be able to use neither Mozilla Firefox, Seamonkey, nor Internet Explorer. The only updated browser that will run on Windows 95 is Opera.4. Make sure you have Spyware Blaster installed, if you are going to be doing most of your surfing with Internet Explorer (I don't--the only uses I make of IE are when I go to microsoft.com to update Windows, or on a rare occasion that the site I'm surfing doesn't work right with Firefox). Spyware Blaster isn't a program, so much as a set of registry settings that ensure that malware using Active-X technology won't be installed on your computer. This program is designed primarily for those who surf with Internet Explorer, becasue IE is the only browser that uses Active-X technology that some sites use to install malware on your computer--(the technology is proprietary, owned by Microsoft).
5. Update Microsoft Office.
Believe it or not, there are security updates not only for the Windows operating system and web browsers (such as Firefox and Internet Explorer), but for Office programs as well. These do not offer functionality so much as protection from breaches in security, so it would be very wise to install these. Whether you use Microsoft Office 2000, Office 2003, or Office 2007, if you have never updated your office software, you can search for a Service Pack, which is a large collection of individual updates. Downloading and installing a Service Pack will save you time (instead of downloading these updates individually). Just go to www.microsoft.com and search for "Office 2003 Service Pack 3," or whatever you need. Both Office 2000 and 2003 are up to Service Pack 3, so you can download that. Office 2007 has just had Service Pack 1 released (as of December 2007). After downloading the Service Packs, you can easily update MS Office through the regular Windows update feature within Windows itself. If you are running XP or 2000, you can update Office XP, 2003, and 2007 at the same site you went to update Windows: update.microsoft.com. If you have Office 2000, or are running Windows 95, 98, or ME, however, you will need to go to the separate Office 2000 update site to get your updates. To check which version of Office you're using, open any Microsoft Office program. Click Help, and then click About (program name).
6.(Optional) Download a second antispyware program.
As I've already said, Avast and AVG provide protection against viruses and spyware. I am ok with Avast and a monthly online scan from Norton. If you'd rather have another program on your computer that you can run, there are some good ones available. I can recommend two: Windows Defender (if you are running XP), or Spybot Search & Destroy (which will run on Windows 95, 98, or ME). Users of Vista will have Windows Defender already installed on your computer. As with your antivirus program, make sure that it is updated with definitions before you do a scan with this. Just keep in mind that when you scan your entire hard drive with one program, you should turn off the other one until the scan is complete. For example, when I run my Norton online scan, I make sure to disable Avast.
C. Best Practices (to keep your computer clean)
Now that you have cleaned up your computer, there are some things that you can do to keep your computer from getting infected to begin with.
1. Make sure that you have an antivirus and antispyware program running in the background at all times. This would be either Avast or AVG.
2. Make sure that Windows itself is updated regularly. The best way to do this is to let Windows download and install updates automatically. If you are runing Vista, go to the Control Panel>Security>Windows Update. To configure XP for automatic updates, right-click on the My Computer icon, and select Properties. Then, select the Automatic Updates tab, and check the top button, Automatic Updates. If you choose not to use automatic updates, then use the same method that you did in Part B (to update Windows), to update it manually, every week, or at least, every month.
3. Use the Firefox web browser to surf, instead of Internet Explorer. And be sure to get Firefox updated automatically. Make sure that your version of Firefox is the latest one (3.0), and that Firefox is updated regularly. Now Firefox is set up by default, to update itself automatically. If you aren't sure, you can go to Tools>Options>Advanced. Look at the Update tab, and make sure that the "Automatically Check for Updates to" Firefox is checked.
4. Don't install toolbars from unknown companies! These are a very common form of malware. If you really do like the functionality that search toolbars provided, get one from a reputable company: Google, Yahoo, or MSN. Now this doesn't mean that these three are the only legitimate toolbars. If you would like to install another toolbar, just google that toolbar's name and "+uninstall," and see if others are having problems uninstalling it.
5. Use a cleanup utility to clean up temp files and browser cache. Malware can look in these files and get information that you have viewed or typed in to your keyboard. Now for a cleanup utility you have a choice. If you have decided to use IE for your surfing (and this should only be IE7--if you are using an older version of Windows [95, 98, or ME] you cannont download IE7 and for security reasons, should be using a modern browser: Firefox or Seamonkey), you can easily use Windows' default Disk Cleanup utility. In XP, go to Start>Programs>System Tools and select Disk Cleanup. Tell Windows what drive you want it to clean up (usually the C drive), and then make sure that Disk Cleanup has checked: Downloaded Program Files, Temporary Internet Files, Recycle Bin, and Temporary Files. I would recommend that all other options be unchecked. Then, click on OK and Windows will delete these files for you. If you are running Vista, you can run Disk Cleanup by going to Start>All Programs>Accesories>System Tools, then select Disk Cleanup. Select the drive you want to clean up (again, if you don't know, just select C). In the Disk Cleanup tab, check all the boxes EXCEPT Hibernation File Cleaner and the three three Windows Error files at the bottom. Click OK, then Delete Files.
Now if you are using another browser (besides IE7), you can still use Windows' Disk Cleanup, but then you would also still have to delete the temp files (cache) in your browser as well. If you download a small but potent program called CCleaner, you can have it do everything that Disk Cleanup does, plus it can delete the cache in other browsers as well, saving you a few clicks and one more thing to remember. If you choose to use CCleaner, I would recommend only the following boxes to be checked:Windows Tab
Internet Explorer section: check everything but Autocomplete Form History
System section: check Empty Recycle Bin, Temporary Files, Clipboard, Memory Dumps, Chkdsk File Fragments only
Unless you have a compelling reason, I would recommend that you check nothing else under the Windows tab
Applications Tab
The cache of the browsers you use (if you want it to delete the cookies and history of the browsers, you can of course have it do that as well), and also, under Internet, check Sun Java.
There are other system files that CCleaner can delete, but these files either: would be deleted by Windows anyways if needed, or might be needed at some point in the future. Do be careful with CCleaner, though: when you install a new application, especially a browser, it will assume that you want it to clean up lots of files, so before using it, I always look at that Applications tab to see exactly what it is going to delete. Ccleaner can also be used as a registry cleaner. I'm not a big fan of this, as doing this can cause some havoc to the system. Cleaning up these temp files is the only thing I use Ccleaner for.
6. Be careful about what you click on. Don't click on links to financial institutions that you get in your email. Any financial institution that you want to log in to, you should keep links to in your bookmarks. That way, if you get an email saying that your account has had some suspicious activity, you can simply click on the bookmark and login and see, instead of clicking on the link in the email, and wondering if it was a phishing attempt to get your login credentials.
7. You should not have your browser remember any sensitive passwords (via a cookie, when you check the "Remember me when I sign in again" box, or through the password manager). One of the problems with not writing down passwords or having software remember them is that they can get pretty hard after a while.If you go to a few financial sites and you aren't comfortable using the same password, try using the same basic password, but then adding a character or two that youc an easily remember--the first letter or two of the name of the institution, or the type of account, etc. I have Firefox remember all my non-secure passwords (such as website forums), and I enter in manually those for banks and my email.
8. Set up a regular schedule (from once a week to once a month) for maintainance tasks, such as scans and updates for programs that you don't have set to update automatically.
To aid this, you might want to make a folder in your Start menu, that gives you shortcuts or links (either to programs on my computer, or to websites) to every task you need to do in your maintainance program. You can do this easily by setting up a folder in your Start menu; right-clicking on any folder you want to get into, or program you want to run, and then dragging the icon onto this folder. When you let up, Windows will ask if you want to move or copy a shortcut. Copying would be fine, and still allow you to leave the links where they originally were.
For example, you would place
links to any programs
that aren't set to update automatically in this folder. If you want to
do backups of your data, or defragmenting, you can also place
links/shortcuts to those programs as well. You will want to do at least
the following, every time you perform your maintenance. First, update
the definition files for any malware programs that aren't configured to
update automatically, including Spyware Blaster (if you have it
installed). Next, run a scan with your antivirus and spyware programs.
After that, you can clean out old files by running a disk cleanup
utility, and then defrag the hard drive. Finally, update Windows. You can see an example of such a folder that I
used a while back, in the graphic below. To
make this all easy, I created a folder in my Start Menu with shortcuts
to those tasks; I simply start at the top and go down the list until
its all done. In this
folder, I have shortcuts to: Ccleaner, a defragmenting program, my
Firefox profile (so I can easily back it up), Symantec's online virus
scan (a web link), Synback (a backup program for
all my documents), Windows' System Restore feature, another
backup utility for my MS Word corrections, a settings utility for MS
Word, Windows Update, and a Java update utility.
