Helping people with computers... one answer at a time.

Tools, techniques, and mechanisms related to detecting malware both before and after it's reached your machine.

Can I determine which of my contacts gave me a virus?

Which contact gave a virus can be hard to guess unless you can follow the clues from the email or instant message that delivered it.

Can a keylogger record keystrokes pasted in by my password utility?

Regardless of what techniques a password utility might use, it is possible that it could still be logged, even if it bypasses the keyboard.

Can a virus be transmitted in a picture?

In general, it's very unlikely that a picture would become infected with a virus, but there are related scenarios to be aware of.

Can a virus destroy my computer or hard drive?

A virus attacks the software installed on your machine. Fixing it may take work, but hardware should not need to be replaced due to malware.

Do I need to reboot into Safe Mode to run anti-malware scans?

Virus programs are designed to be run in Windows normal mode. If you are looking for a suspected virus, there is a better way.

How can I stop my anti-virus software from filling up my hard drive with updates?

Anti-virus updates (from well written anti-malware tools) should not be accumulating virus definitions on your hard drive.

How can I tell if my computer is being hacked?

Unfortunately, it's extremely difficult for an average user to tell if a hack is in progress. I'll touch on a few ways and discuss prevention as best.

How can I tell if my computer is infected?

Sometimes it seems obvious, sometimes not, but ultimately there's no way to prove that a computer is not infected. Best we can do is increase the odds.

How did you clean up your friend's infected machine?

A friend brought me his machine infected with several viruses. I'll review the steps I took to clean it up.

How do I clean up this slow machine and its misbehaving browser?

I had a machine that was having troubles accessing common sites like Hotmail and Facebook. A virus was suspected. I'll walk you through the steps I took to clean the machine.

How do I fix Windows after removing a virus?

Once you've removed malware from an infected machine it's possible that Windows may suffer lingering side-effects. I'll look at why and what to do.

How do I fix crashing whenever I try to download something?

This particular problem with downloading sounds like something has inserted itself in the computer system. It's behaving suspiciously like malware.

How do I get rid of 'Adware Games PUP'?

It sounds like malware. I recommend doing a deep scan with an additional set of tools to see if those will clean the computer.

How do I remove a file that my anti-virus says can't be quarantined?

Anti-virus programs are good at removing more problems, but occasionally they can't. We'll look at approaches to manually dealing with the issue.

How do I remove a virus from a memory card?

Lately memory cards, such as used in digital cameras, have been used as "carriers" of malware. The card is easy to clean. Your system may not be.

How do I remove this error on startup after a virus removal?

Most malware tools can remove most malware fairly well. Occasionally a removal will leave behind startup entries that I'll show you how to clean up.

How do I remove this hijack of my search engine?

You will need to start taking the basic steps for removing malware from your machine. Even if it wasn't intended as malware, it is acting like it.

How do I scan computers at my nuclear power station for viruses without an internet connection?

Scanning your nuclear power station's Windows computers for malware can present some challenges if the machines have been secured properly.

How do I stop my computer from being a zombie?

If your machine is sending lots of email without you knowing it, it may be a zombie. Zombies are preventable, but may be difficult to clean up.

How do I temporarily turn off Microsoft Security Essentials for an install?

Many setup programs ask you to temporarily disable anti-virus tools. I'll show the setting in Microsoft Security Essentials and discuss if you need to.

How do i totally delete a virus on my computer?

Once infected knowing that you've removed a virus totally is theoretically impossible. In reality we most often assume that it can be done anyway.

I can't access the Windows Update site, what do I do?

A computer that won't update is a serious problem. We'll start by investigating potential malware.

I clicked on a bogus link in spam. What should I do?

If you clicked on a link in a spam email, you should immediately do a thorough scan of your computer. Unless you are not running a Windows machine.

I have annoying malware, but my anti-malware tools don't remove it. What do I do?

Every so often malware comes along that the current crop of anti-malware tools don't remove. We'll look at why, and what steps you should take.

I let a questionable technician remotely access my machine - what kind of risk have I exposed myself to?

Several current scams center around gaining remote access, often in the guise of fixing problems on your machine. Be it for money or other reasons, one thing is clear: it's a trap!

I suspect spyware or a worm, how do I get rid of it?

In most cases getting rid of malware involves running up to date scanners for viruses and spyware, and then making sure you're behind a firewall.

I'm getting a message that my system is not clean, how do I get rid of it?

A sudden pop-up saying that your computer is infected feels like malware. To be safe, treat your machine as if it is already infected.

Is "Defender" enough, or do I need additional anti-malware tools?

Multiple anti-virus programs should not be running real-time scans together. They might conflict. I look at what you really need running on your computer.

Is Microsoft's new Anti-Spyware program any good?

Microsoft's Anti-Spyware (now called Windows Defender) turns out to be a reasonable anti-spyware solution.

Is a quick scan the proper default for security software?

A quick scan is going to find a good percentage of malware problems. You should also consider a full scan at the right time.

Is it safe to install an infected drive into a working machine to clean it?

One approach to disinfecting a drive is to install it into another machine for cleaning. It's common, reasonable even, but there are risks.

My anti-virus cleared something off my machine. Should I change my passwords?

When your anti-virus program tells you that it caught something, your next steps depend on what, when and how it was caught. And it depends on prudence.

My computer has a virus infection; how much has been compromised?

Once infected it's often difficult to know what malware has done to a machine. What you do next depends on your concern and some legitimate paranoia.

My computer logs out immediately on login, what do I do?

If you're logged out as soon as you log in to Windows it's likely that your anti-malware tools removed an infection along with your ability to login.

My computer's infected with a virus, how do I clean it up?

Once infected it's difficult to guarantee that your cleaning efforts succeed. Best is to make sure that you never get infected in the first place.

Pages I visit are being obscured by a survey; how do I fix it?

Pages obscured by a survey might be legitimate ads... or it may be a virus. Time for a thorough scan.

What are (and how do I get rid of) "Antivirus 2010" and "Vista Spyware 2010"?

Antivirus 2010 and similar are malware that tries to fool you into installing viruses or spyware, and then charges you for the promise of removal.

What does it mean when "traces" are left behind from malware removal?

Traces of malware could be left in various places on a computer after a virus or spyware infection. First thing: don't panic!

What happens when my anti-malware tool quarantines something?

Anti-malware tools, on identifying malicious software, will "quarantine" it. I'll look at what that means, and if there's any residual threat.

What is "signature scanning"?

"Signatures" are the unique data patterns that malware scanners use to detect viruses as they scan your files or data.

What is a "broken digital signature", and is it a problem? If so, why?

Digital signatures are used to confirm the integrity of things from web sites to software. I'll look at what it means when software signatures "break".

What is msmsger.exe?

Msmsger.exe is, most likely, an imposter. Trying to look like something legitimate, msmsger.exe is probably malware.

When do I actually need to run a virus scan?

There are two types of virus scans: continuous or periodic. Which and how many you need and how often they're needed depends on your situation.

Where can I get a free antivirus for my computer?

There are many free antivirus programs available for your computer. We'll look at some of them, including the one I'm currently evaluating.

Why Can't I Go To a URL that Avast Tells Me is Related to a Trojan Horse?

Sounds like Avast is doing its job and keeping you away from websites that are infected with a trojan.

Why can't my anti-virus program open certain files?

Depending on how anti-virus programs work, certain files may not be scanned. In some cases that's expected and nothing to worry about.

Why can't this trojan be removed?

Occasionally, malware will infect files that are critical to Windows own operation. Repairing these types of infections can be difficult, at best.

Why did this Win32/OpenCandy malware come back, and how do I really get rid of it?

The world of malware and malware removal is complex. Occasionally, malware can't be removed by some tools. Occasionally, it will return quickly. I'll look at why and my approach to dealing with persistent pests.

Why didn't my anti-malware tool catch malware that was delivered when I visited an adult site?

Anti-virus tools won't catch all malware, all the time - especially in real-time visits of questionable sites.

Why do I get "This operation is canceled due to restrictions in effect on this computer"?

'This operation is canceled ...' is an unfortunately common symptom of an all-too-common problem: a virus infection. We'll look at your options.

Why do I keep getting this random "Your computer is at risk" message?

If you get a message, "Your computer is at risk," it's a scam. The solution is to follow computer safety (so you know you are not at risk) and then determine where the message comes from.

Why do some programs say to "disable anti-virus" before installing, and should I turn it on again after?

It's not uncommon for setup programs to recommend disabling anti-virus programs first. We'll look at why. But do turn it back on when you're done.

Why does legitimate anti-malware software interfere with my browsing?

Anti-malware software tries to insert itself between you and "possibly malicious" links and webpages on the internet... it often does that less than perfectly.

Why isn't Malwarebytes Anti-malware recommended as standard security more often?

Malwarebytes for standard security is best used as a first step in a cleanup job. It's a great program to pull out when you suspect you have a problem.

Why won't this "Your Computer Is Infected" warning go away?

If you're getting messages that you computer is infected, it might be. But you MUST be skeptical and extremely careful about the steps you take next.

Will I lose internet access in July?

When a major malware infection was discovered last year, a temporary solution was created on the internet. On July 9th, 2012, it's scheduled to go away.