Keeping Your Windows PC Infection-Free

We live in a world where nasty people with nothing better to do come up with all kinds of tricks to install nasty Trojans, Viruses and RootKits on our computers. Intelligent surfers can avoid most of this stuff just by using common sense - but it seems that for some, that's in short supply these days.

These nastafarians show popups that claim your computer is infected, offering to do a "free scan". But if you click it, what it really will do is install a virus or even a rootkit. Some of these are really nasty because they disable your existing antivirus program and even prevent you from restoring your Registry (but you can still do that in SAFE mode). In this short article I'll give some advice based on my own experiences.

First things first. You need a good antivirus program. Microsoft offers Microsoft Security Essentials, which is free, even for servers.   

http://windows.microsoft.com/en-US/windows/products/security-essentials

It can be scheduled and set to update its virus signatures automatically.  New virus signature files are also delivered via Windows Update. It also offers  "realtime protection", which will alert you whenever viruses, spyware, or other potentially unwanted software attempts to install itself or run on your PC.  It can also scan all downloads, monitor file and program activity, check for behavior - based exploits, and increase your protection against network based attacks. I do not know of any antivirus program free version that offers all these features.

However, MSE doesn't catch everything. And even though it can identify some rootkit infestations, it cannot always successfully remove them. For that you need a good "backup" antivirus program. I use MalwareBytes Free version. it comes highly recommended by most experts. MalwareBytes can recognize and remove rootkit- type viruses, and for the ones that it cannot, I'll show you an easy technique to do that too.

MalwareBytes:
http://fileforum.betanews.com/download/Malwarebytes-AntiMalware/1186760019/1

Let's compare the "quick scan" results and times of Microsoft Security Essentials and MalwareBytes:

                              MSE              MalwareBytes
Objects scanned:   108808           305509
Time taken:            3:18              3:06

You can see from the above that not only does MalwareBytes scan more objects, it still does it in less time than Microsoft Security Essentials.


If you get a rootkit infection, the best free defense to fix it is TDSKiller from Kaspersky Labs:

http://support.kaspersky.com/faq/?qid=208283363  

It detects and removes the following malware:

Rootkit.Win32.TDSS

bootkits

rootkits


If a rootkit modifies your Master Boot Record (MBR) then you'll need to take an additional step:

Boot from the Windows 7 DVD, accept the defaults, select a language / keyboard, and let it find the OS that you need to fix.
At the bottom left of the installation screen you'll see "Repair". Click this, and you will see a menu of choices. '
Select the command prompt choice. When the command prompt appears, type the following and hit the enter key after each:

bootrec /fixmbr
bootrec /fixboot


When that's finished, you can remove the DVD and reboot. Your rootkits will be gone. One additional step you may wish to take is to go into Disk Management:

Control Panel / Administrative Tools / Computer Management / Disk Management

Some rootkits create a small partition on which they can put more malware. If you see a small partition at the right side of the  Disk0 Basic graph, select and delete it.

Oh, and always - ALWAYS - be able to restore a known good Registry. For that I recommend ERUNT:

http://www.larshederer.homepage.t-online.de/erunt/

Using these tools, you should be able to ensure that your PC remains infection - free.

By Peter Bromberg   Popularity  (6239 Views)