3 Replies Latest reply on May 26, 2011 6:55 PM by Hayton

    Steps to take before installing Internet Security on an infected machine?

      Heading to my mother's this weekend.  She has not been running any kind of antivirus and apparently has various bugs causing havoc.  I'm going to install Internet Security, but are there any steps I should take before doing it?  Any help appreciated.

       

      Kevin

        • 1. Re: Steps to take before installing Internet Security on an infected machine?
          Hayton

          If you know it's already infected with malware I think you have to be prepared for the worst. Some malware will try to disable antivirus programs or prevent them from being installed, and will block access to a number of websites which provide anti-malware solutions. In that case, you might to download a few programs before you go, save them to a USB and rename them to something innocuous - just make sure that you can still run them from the USB if needed.

           

          Much will depend on what PC you're dealing with, and its hardware and software configuration. You don't say if this is a Windows PC, and if so what operating system it's running. The best general advice there is, make sure if you can that the latest Microsoft updates are downloaded and installed : Microsoft's Malicious Software Removal Tool may get downloaded - if not, look for it here.

           

          Microsoft have a security tool which you can run which checks for security weaknesses and vulnerabilities : the Baseline Security Analyzer. It's primarily intended for small businesses, but I've tested it on my home PC and it does pick up things like missing updates, unsafe IE security settings, and extra accounts with admin privileges.

           

          If this is Windows, you can safely run Windows Defender alongside McAfee, so get it from here.

           

          Then try to get the latest updates for any other installed programs - Flash, Adobe Reader, anything else you see. If Java is there, uninstall it and - if it's really needed (which I doubt) - reinstall the latest version. Make sure that any browsers are at the latest version, and set security settings on Internet Explorer to be strict; if Firefox is there add NoScript and NoRedirect, and any other security add-ons you can find that might be needed.

           

          Install and run the free version of this program to deal with with any fake antivirus programs on the PC.

           

          Then try to clean up the disk. A lot of scareware programs are put into Temp directories, so you need to clean them out. Run any cleanup programs you can see, then download CCleaner to clean up the rest. Run chkdsk and defrag. If there's a problem with missing or corrupted system files, go to Start-->Run and type in sfc/scannow - this will find and replace any problem files.

           

          Then install McAfee, and run a couple of scans. You may need to do a full scan if the PC is badly infected. Install MVT and Security Scan Plus.

           

          That will keep you busy for the weekend, I would think. Post again and let us know what you found; if you're blocked at any stage by persistent malware ask here and we'll do our best to help.

          • 2. Re: Steps to take before installing Internet Security on an infected machine?

            Thanks for all the helpful suggestions.  I really appreciate the time and effort.  It's a PC running XP.  I'll post again after the weekend about what I found.

             

            Thanks,  Kevin

            • 3. Re: Steps to take before installing Internet Security on an infected machine?
              Hayton

              Mine's also XP, so what I suggested should work - it's all been tried on this machine. Make sure XP is current - it needs to be on Service Pack 3. If you would like a visible reminder of the OS version details, you can download BgInfo from SysInternals, which will display the information discreetly in the bottom right-hand corner (see below) or splash it over the screen, if you want it to.

              BgInfo.PNG