After literally weeks of work, we have finally seen the end of contractors working on our new home. Our primary go-to guy for wallpaper, painting and general “fix-that” duties is a fellow named Jim, who has worked on many projects for us over the years.
A couple of weeks ago, while elbow deep in wallpaper paste, he mentioned that his computer at home was running erratically and slowly. Being a nice guy, I told him to bring it over to my house, and I would check it out. After spending hours, I removed more than 4,000 pieces of spyware, malware, and general trash from his machine, restoring it to regular performance.
How did his PC get so infected? Well, the machine is shared between himself, his wife and two daughters, with each user downloading software and visiting Web sites of their choice. With all that activity, it is very difficult to keep malware and other nefarious software bits from taking up residence.
Many times spyware/malware enters your computer if you click on an embedded link in an e-mail. Never click on such links. If you want to check the status of any of your online accounts, never use embedded links — always type the address you want to go to in the address box of your Web browser.
A side note to this is that I recently received an e-mail supposedly from Pay Pal, saying that my account had been suspended and to click on this link to reactivate it. A careful review of this “phishing” e-mail revealed a misspelled word. Anytime you see bad grammar or misspelled words, the e-mail is bogus.
How do you know when a PC has become infected? If it starts up slowly, displays firewall messages indicating strange programs are trying to access the Internet, or redirects your primary home page to one that is trying to sell you steroids, and steroids is misspelled, the PC is infected.
Remember that while the typical office or home PC is a complex device, and software programs work in Byzantine ways, everything your computer does, it does for a reason. Once malware gets into your computer, it tries to connect to its “master” over the Internet to deliver your usernames, passwords, account numbers, and other information while finding out what the latest “spam” e-mail its master wants delivered to every name in your Microsoft Outlook address book.
Many users subscribe to services that claim to protect and defend a PC from spyware/malware invasions. Without naming names, I must say that I have little faith in these services. My friend Jim’s computer was “protected” by one of the nationally recognized protection programs, and he collected thousands of pieces of Internet-borne spyware while his “protection” was in full force.
You can wash your car, but it gets dirty driving it around. If you are going to use the Internet, you are going to pick up malware along the way. What should you do? I’ve devised the following program over the past couple of years, and have had minimal problems with any of the three computers we use for our business and personal matters. The keys are protection and cleaning.
For protection, every personal computer should have a firewall software program installed and operating. The one I recommend is Zone Alarm, available for free at zonealarm.com. I find Zone Alarm superior to other products because it always tells you what it is doing, and it monitors programs that are either trying to get into your computer or that are within your computer and trying to get to the Internet. Once you have Zone Alarm going, you have a good protection system in place.
Now for the cleaning. This is a six-step process that involves anti-virus scanning, malware removal, Windows registry cleaning, and a couple of hard disk servicing procedures.
The first step is anti-virus scanning. Use AVG, a free program from grisoft.com. Download the program, pick up the updates, and scan your computer. This can take more than one hour, during which time your PC may run very slowly. AVG will find most virus-signatured programs in your machine and remove them.
The next agenda item is malware removal. Two tools are used here: Spybot Search and Destroy (http://www.safer-networking.org/en/download/) and Ad Aware from lavasoft.com. Once again, download these free programs, get the updates and scrape the crud from your PC. Because these two programs use different techniques, they each will find different spyware/malware infections.
There are some infestations that these two programs cannot handle. When I ran Spybot on Jim’s PC, it would get halfway through a scan when a message popped up “Scan aborted by user” and the software would quit. The spyware in his computer was set to defeat Spybot’s attempts to remove it.
This was the time to break out the credit card and purchase the heavy artillery. Introducing Spyware Doctor (http://www.pctools.com/spyware-doctor), a $30 antispyware program that will really flatten the bugs in your machine.
You can download and run the program for free, and it will scan your machine and show you all the bugs you have. However, you need to pay the $30 to get them removed. The fee is good for a year, and this is a great program to use if Ad Aware and Spybot will not do the job.
Once you have the spyware out of your machine, it is time to clean up the Windows Registry. This part of Windows software tends to collect a lot of unnecessary debris, which can slow down your system performance. I use Reg Vac (regvac.com) to clean out unused registry items.
Now we go to disk maintenance. As you write, save and modify files, the file management system in your PC will end up saving some parts of a file on one section of the hard drive, and other parts in other sections. This process is called “fragmentation” and will slow down your machine when you are accessing files.
To fix this, run the “defragmentation” program available in Windows. To get there, do this:
- Start>My Computer;
- Right click your hard drive, highlight “Properties” and click;
- Open the “Tools” tab at the top of the window, and click “Defragment Now” in the center.
The second disk maintenance item is found in the same window as the defragmentation tool. It is called “Error Checking.” Hard drives spin very quickly, and high volume use or minor defects in the drive can create errors on the hard disk. If you gather enough disk errors, your hard drive can totally fail, leaving you with a dead machine and a very upset stomach.
“Error Checking” will scan each and every sector of a hard drive, used or unused, and verify that it is working properly. If it finds a bad sector on the drive, it will attempt to move any data recoverable from the bad sector, place it into a good sector, and designate that the bad sector should not be used in the future.
Usually when you try to run “Error Checking” in Windows XP, the program says it cannot do it right now, and asks if you would like to run the utility at the next startup. Select yes, and click “shutdown” and “restart” to get the error checking going. As with disk defragmentation, this process can take upwards of 45 minutes to an hour to complete, and you will be unable to use your machine during the process. I usually start it when I’m going to bed.
After running all these programs, a wise computer user will set a “Restore” point in Windows, so that if needed or wanted, the machine can be restored to the relatively pristine state achieved after the thorough cleansing process.
It is best to perform all these steps at least once a month on any computers used for Internet access. I know it seems like a lot of work, but once you have the programs installed, they run pretty quickly. Remember to always get the updates for the anti-virus and anti-malware detection programs — new virus variants are unleashed every day on the Internet, and your cleaning programs are only as good as the latest update.
You will sleep better knowing your computers are not unwittingly contributing to the billions of pieces of spam e-mail transmitted by infected computers every single day.
Book of the Month
The History of Wirelessby Ira Brodsky, Telescope
Brodsky is a fine technical writer, and his latest book describes in detail the progress of wireless communications from the beginnings of radio to the iPhone.
Web Site of the Month
The University of Wikipediawww.wikipedia.org
Search for “DES” in this informative Web site and find out why this encryption method is not really high security. Remember, what you read on the Internet is not necessarily true; however, I have found Wikipedia usually to provide detailed and reliable descriptions of technologies.
