Malware: Malicious software.
Viruses, Trojans, Hijackers, Keyloggers, Spyware, Adware, Rootkits, Dialers, Trackers… I bunch of nasties that attack your computer when you’re not looking (or maybe right in front of you).
I’m the “Lone IT Guy” for the company I work for, so I get a lot of people here telling me “My computer is acting weird” or “This thing keeps popping up & won’t go away” or “I just bought my computer, but’s it’s already so slow!”
Inevitably I’ll have them bring the PC to work, and I’ll spend about an hour cleaning things up for them & making it work a little faster. Some of it I go at manually, some of it I run various programs to kill off, update, & streamline.
Well ladies & gentlemen (& whoever else may stumble upon this post), I’m going to share what tools I use & abuse to clean up sick systems. There’s really no single product out there that covers all the bases, so it comes down to knowing what tools are worth it & what ones aren’t.
- SuperAntiSpyware
This program has, by far, been the best tool to remove lots of the current junk software that has been infecting the machines I run into. I’m not a big fan of things running when you don’t need them, so I tend to disable it from running on startup, but it’s a great tool to update & scan with when you run into an infection.
- Spybot Search & Destroy
This is another tool that does a good job, but is surpassed by #1 above because it doesn’t catch everything it does. I used to hate the Spybot Resident, but it’s turned out to be a wonderful tool to keep new malware from settling into a machine. Now I install it & keep it going on most machines that tend to get infected. It can be annoying when you’re doing updates, but it’s still worth it.
- Sysinternals Suite
This one is more hands on, nitty-gritty, get your elbows greasy with this set of tools. These are tools to dig through your computer & see what’s going on. Invaluable if you know what you’re doing. Disaterous if you don’t. I would definately recomend not using these much if you’re not certain of what you’re doing. That said, you gotta check out Process Explorer, AutoRuns, DiskMon, RegMon, FileMon…
In Process Explorer, you gotta right click on the column headers & check to show “Command Line” for the Process Image Tab nd “Path” for the DLL tab. This allows you to see where these files are actually running from (something you can’t do with Task Manager). You also can’t see the loaded DLL files or search for them in Task Manager, but you can here!
In AutoRuns the most valuable tabs are Logon, Explorer, Internet Explorer, and Winlogon. Look for things you don’t use or need in the Logon tab. Look for DLL or EXE files with no Publisher or Description under the other 3 tabs I mentioned. Be careful of what you delete here… You can SERIOUSLY hose your computer if you remove some of the necessary Windows backbone utilites.
Play with the rest because there are some seriously cool things you can see going on inside your computer. Very eye opening to see just how often your Registry is queried by everything running on your system, even when you’re not doing anything…
- Killbox
For that stubborn file that won’t let you delete it, won’t let you remove it’s reference from the registry, & just won’t DIE!!! Kill it with Killbox.
- Deckard’s System Scanner
This is a handy tool to create log files with just about every piece of information on your currently running system. Running Processes, Registry startup entries, Installed Programs, Files in all kinds of places, etc… Great tool for when you need a little help finding the root of your problems (run the scan, send the log files to some one who knows what they’re looking at, & hopefully they can help based on what they see there & point you in the right direction to get cleaned up). This one uses HijackThis, a popular tool to do most of the stuff mentioned above…
- Ad-Aware
I personally don’t use this one much, if at all… I know other techies that swear by it though, so I figured I’d throw it in here as well. It’s another scanner to help clean pop-ups & junk software from your machine.
Beyond these tools I’ve found a handful of sites that have some great advice, great tools, and great users… I’ll list a bunch of sites in no particular order & try to give you an idea of why I like them…
- MajorGeeks.com
They have TONS of programs & utilities to do just about anything on a PC. Great place to look for tools when the original site is not accessible.
- icrontic.com & their forums
I honestly don’t know much about this site, other than they have some good advice about maintaining your PC… In the forums they have a few pros who can help with cleaning up your system much the same way I do.
- Google
Um, yeah… I use Google CONSTANTLY when troubleshooting new issues. There’s almost always some one out there who’s been there/done that and I try to learn from their mistakes.
- SourceForge
Not directly related to Malware or anything like that… Just a place where people develope OpenSource software & make it available for download. Just a cool place to browse whenever you think “there’s gotta be a program to do this for me!”… There usually is.
I’ll come back & post a follow-up with my usual routine to clean up a system & what I look for to make sure it’s good to go.