Curing Malware Infections

When panic-stricken customers or users call for help with systems that have gone kablooey, the culprit is probably a malware infection.

Common complaints from malware infections include dying audio, blinking video, even a system that mysteriously turns itself on and off. The reasons for infection can vary, too. Maybe the customers simply lowered their security settings...or failed to update the security software you already installed...or just had a spate of bad luck.

Whatever the scenario, have no fear. In this TechBuilder Recipe, we'll offer several simple steps you can take to diagnose the most common malware-related problems. Then we'll show you how to get infected systems back in working order, quickly and efficiently. We'll also provide quick and easy preventive measures you can take to keep your systems battle-hardened against future malware mutations. Finally, we'll show you how to use freeware utilities that will help you and your clients limit your security spending.

Malware has become a serious business. While some malware is still created as a kind of competitive game, today most attacks are driven by the profit motive. In other words, most of the bad guys are in it for the money. This means your clients have much more at risk than just their data. Their passwords, credit-card accounts, and other payment data are now up for grabs, too.

When it comes to malware, spyware tops the list of offenders. Unlike viruses and worms, spyware is not self-replicating. Instead, spyware enters a system via a software download or Web site. As the term suggests, Web browsing done from an infected system can be spied on by a third party. While the spying may be done for relatively harmless marketing, spyware can actually participate by shoving in nasty pop-up ads, re-routing browsers to ad sites, and -- far more insidiously -- stealing user IDs, credit-card numbers, and other valuable information. (For more information on the differences between spyware and viruses -- and their prevention -- see this earlier TechBuilder Recipe, Fight Spyware Like You Mean It!)

The good news is that, by cleaning up malware from a system, you may also help fix other system problems users did not even know they had.

INGREDIENTS

Here's what you'll need to start healing a malware-infected system:

• The user's system: This is the system that you suspect is malware-infected. For the purposes of this Recipe, we're assuming the system runs on Windows and has an Internet connection.

• Virus-removal software: We recommend McAfee Stinger, which is freeware.

• Anti-spyware software: We like SpyBot Search & Destroy, also a freeware package.

• Anti-virus software: We recommend Grisoft AVG (free edition), Symantec Norton AntiVirus, or Trend Micro PC-cillin Internet Security.

Note: McAfee's Stinger is mainly deployed for removing viruses, while Spybot Search and Destroy is used for tracking down and removing spyware. There's very little overlap in what they do, which is why we recommend you install and use both. If you deploy only one of these programs, the system could still end up infected, despite your most noble efforts. So to be safe, use both.