I think my computer is infected – what do I do now?

[Capt.Jack Sparrow]

I think my computer is infected – what do I do now?

This is something i found in Guidance and advice - Learn more about malware - Microsoft Malware Protection Center thought of posting it becasue lot of them have this question.



I think my computer is infected – what do I do now?

Depending on the malware or spyware behavior, you may experience a variety of symptoms, or no obvious symptoms at all. Some threats have ways to hide themselves in the computer, while others display messages or pictures that may indicate their presence.

Signs of viruses: Are you infected? outlines possible tell-tale signs that your computer might have malware or spyware installed. However, the most effective way of finding out if you have malware or spyware installed in your computer is to use an antivirus/antispyware product.

To protect your computer, you can install and run an up-to-date antivirus product such as Microsoft Security Essentials, a free solution from Microsoft*, which provides real-time protection from viruses, spyware, and potentially unwanted software. You can also run a full-system virus scan with the Windows Live OneCare safety scanner. To remove spyware and other potentially unwanted software from your computer, you can also use Microsoft Windows Defender. For more information, visit the Microsoft Security site. It is best practice to run a scan with your antivirus/antispyware product on a regular basis.


In addition, you are encouraged to submit files that you suspect to be malware to the MMPC team for analysis. For virus-related assistance at no charge, you can also contact Microsoft through the Microsoft Online Safety Portal.

* Your PC must run a genuine copy of Windows to download and install Microsoft Security Essentials.

What can I do to prevent my computer from becoming infected?
While there is no method that can 100% guarantee that your computer will be not be infected with malware, there are a number of steps that you can take to lessen the probability of this happening.

Microsoft offers 4 basic steps to protect your computer from becoming infected:

1. Keep your firewall turned on.
2. Keep your operating system up-to-date.
3. Keep your antivirus software up-to-date.
4. Keep your antispyware technology up-to-date.

The following articles also discuss several ways by which you can protect your computer from known attack vectors:

• How to help prevent computer viruses
• Help avoid computer viruses that spread through e-mail attachments
• Help avoid computer viruses that spread over mobile devices
• 5 steps to help avoid instant message viruses
• RATs: Remote Access Trojans and how to help avoid them
• Strong passwords: How to create and use them

Since malware can arrive as different files, such as .EXE, .DOC, .PDF, and so on, it's also important to be aware that certain files available for download may be malware. Microsoft recommends that you read the following articles for more information:

• What to know about a file before you download it
• How to save a file for safer downloads
• P2P file sharing: Anticipate the risks before you download your first file

 

[karlsnooks]

download from MALWAREBYTES.ORG
and not from malwarebytes.COM

MalwareBytes Antimalware program.

Install and run same.

This program is free and excellent. Some rather well-known computer service departments use this software.

 

[thathagat]

download from MALWAREBYTES.ORG
and not from malwarebytes.COM

MalwareBytes Antimalware program.

Install and run same.

well Capt.Jack Sparrow is just pointing to an article about tackling pc infection....his pc is not infected
there is another excellent tutorial on wilders security.... Wilders Security Forums - View Single Post - Securing Your PC and Data

If you are currently infected:
Get focused and dedicated assistance at one of available sites on the Internet or a local shop. Some specific sites/guides that are available online include:

READ & RUN ME FIRST. Malware Removal Guide at Major Geeks
Malware Removal - HijackThis Logs Forum at Malwarebytes.org
Security Cleanup Forum at DSLReports.com
HijackThis Logs and Virus/Trojan/Spyware/Malware Removal at BleepingComputer
MalwareRemoval.com
Malware Removal forum at SpywareInfo.com
Malware Removal Guides and Tutorials at Geeks to go!

It is important to appreciate that random efforts to fix a problem can create more issues than they solve. The first maxim should always be do no harm. The second maxim is that you should always be able to undo any action. Casual users may not be equipped to do this (example – having hardware/software to clone any HDD being assessed).

If you are unsure of how to proceed, that’s a strong signal to get assistance, and that’s best achieved via focused support.

If, understanding those cautions, you still wish to attempt to tackle the situation yourself, consider the following:

Don’t attempt to install new software to the compromised machine. While it often works, spectacular problems can occur as a result of software installations in an inherently unstable environment. Use approaches which do not require installation on an infected machine. These approaches include:

Use of a portable software application which runs as a standalone executable. Check for availability among your preferred tools.

Use an available online scanner. Many of the major AV vendors provide this facility including: BitDefender, Kaspersky Lab, Eset, F-Secure, McAfee, Trend Micro, Avast! and so on. For the evaluation of single files, the online multiscanners VirusTotal and Jotti’s malware scan are available.

Linux based bootable live CD. This is actually a fairly powerful approach in that one works from a clean OS. Options include DrWeb CureIt!, rescue CD images which can be created from within security products (one example would be that provided by Kaspersky Lab). If your security software provides for creation of a bootable live CD image that can be updated at run time, create that disc and verify that it functions properly now. Then store it for possible future use.

Use of a secondary Windows boot installation. Provide each machine with access to at least two different boot devices – either a second OS installed on a second physical drive, or an external USB/Firewire drive which allows booting to a known clean system. This capability is useful for any circumstance which compromises a hard drive (malware infection, physical failure, corruption of needed OS files, etc.) and allows recovery and/or manual cleaning operations to proceed. Depending on the situation, these installations can be created either by cloning or a direct OS installation to the media.

If a second physical hard drive is not an option, go about creating a bootable Windows installation via Bart's Preinstalled Environment (BartPE) bootable live windows CD/DVD or Ultimate Boot CD.

Remove the infected drive from the host machine and attach it as a slave drive to a known clean machine from which diagnosis and remedy can be achieved.

Boot to safe mode and work from a reduced functionality environment. Depending on the nature of the problem, this may or may not be productive.

Be prepared for the any downside scenario. This often means copying valuable documents prior to initiating any work on the infected drive. Be aware that this attempt to safeguard information may serve as a mode of infection to other machines.

Try to secure access to a second machine with an Internet connection and hold it in reserve in the event your primary machine loses connectivity. Before the need arises, download a copy of Winsock XP Fix and check out Repair/Reset Winsock settings

If you are unsure of yourself, you need to assess how you will validate that the problem has been fully resolved. This is one reason to employ expert assistance.

Let's repeat the initial suggestion for emphasis - Get focused and dedicated assistance at one of available sites on the Internet or a local shop.

 

[swarfega]

plus malwarebytes isnt an av program.