These nastafarians show popups that claim your computer is infected, offering to
do a "free scan". But if you click it, what it really will do is install
a virus or even a rootkit. Some of these are really nasty because they disable your existing antivirus program and even prevent you from restoring your Registry (but you can still do that in SAFE mode). In this short article I'll give some advice based on my own experiences.
First things first. You need a good antivirus program. Microsoft offers Microsoft Security Essentials, which is free, even for servers.
It can be scheduled and set to update its virus signatures automatically. New virus
signature files are also delivered via Windows Update. It also offers "realtime
protection", which will alert you whenever viruses, spyware, or other potentially
unwanted software attempts to install itself or run on your PC. It can also
scan all downloads, monitor file and program activity, check for behavior - based
exploits, and increase your protection against network based attacks. I do not
know of any antivirus program free version that offers all these features.
However, MSE doesn't catch everything. And even though it can identify some rootkit
infestations, it cannot always successfully remove them. For that you need a
good "backup" antivirus program. I use MalwareBytes Free version. it
comes highly recommended by most experts. MalwareBytes can recognize and remove
rootkit- type viruses, and for the ones that it cannot, I'll show you an
easy technique to do that too.
Let's compare the "quick scan" results and times of Microsoft Security
Essentials and MalwareBytes:
Objects scanned: 108808 305509
Time taken: 3:18 3:06
You can see from the above that not only does MalwareBytes scan more objects, it
still does it in less time than Microsoft Security Essentials.
If you get a rootkit infection, the best free defense to fix it is TDSKiller from
It detects and removes the following malware:
If a rootkit modifies your Master Boot Record (MBR) then you'll need to take
an additional step:
Boot from the Windows 7 DVD, accept the defaults, select a language / keyboard, and
let it find the OS that you need to fix.
At the bottom left of the installation screen you'll see "Repair".
Click this, and you will see a menu of choices. '
Select the command prompt choice. When the command prompt appears, type the following
and hit the enter key after each:
When that's finished, you can remove the DVD and reboot. Your rootkits will be
gone. One additional step you may wish to take is to go into Disk Management:
Control Panel / Administrative Tools / Computer Management / Disk Management
Some rootkits create a small partition on which they can put more malware. If you
see a small partition at the right side of the Disk0 Basic graph, select and
Oh, and always - ALWAYS - be able to restore a known good Registry. For that I recommend
Using these tools, you should be able to ensure that your PC remains infection -