My last post dealt with being proactive and installing a good anti-malware solution that won’t eat up all of your processor cycles. This post will deal with the reactive side:
You suspect you may already have a virus….NOW WHAT?!
How bad your computer is infected will determine what you need to do to get rid of the malware. As far as I’m concerned, there are 3 levels of infection:
- “Peer” Pressure: You may or may not have visited a few questionable websites, whether is was for music, games, or something worse, or downloaded some freebie software using your favorite P2P software, without bothering to configure virus scans. Even good sites can be compromised by a hacker. At this stage, you have probably inadvertently downloaded spyware or a trojan. If left unchecked, you will be well on your way to the next stage (below). Luckily, there are several software packages that can detect and repair malware at this stage. You should scan your entire computer with this software, remove the threats, and repeat until no more threats are found. Here are a few of my favorites, in addition to the software listed in my last post:
- Rooted: At this stage, you probably have had a trojan or rootkit lingering around for a while and it’s invited some buddies, who in turn have invited some of theirs, etc. You’ve also started to have noticeable problems with your computer performance and/or speed issues while browsing the Internet. You can still use the programs above to detect your problems, but they probably won’t be able to get you out of this jam by themselves.
- McAfee Avert Stinger
- Sysinternals Process Explorer
- Sysinternals Autoruns
- VundoFix and other virus-specific tools
For an overview on using the Systernals tools for cleaning malware, check out this great presentation given by Mark Russinovich, creator of the Sysinternals tools.
- Brain Dead: If you’re at this point, chances are you already know it. Your computer is unresponsive, may or may not start correctly, experiencing symptoms that appear hardware related, and generally unusable. While technically you may be able to recover your system intact at this point, it is usually not worth the effort or time. Your best bet is to start over, especially if you already have a good backup of your data. If not, take your computer to your trusted computer professional and have them make a copy of your data and reinstall your operating system.
- Scan drive using alternative OS
- Reformat and reinstall
Know of a tool or application that works better or is easier to use than the ones listed? Share your experience and advice in the comments!