It’s infected Jim…..

Okay I admit that a big reason I am doing this post is to paraphrase Deforest Kelly in his role as Dr McCoy but I thought I would go through my process when I do encounter an infected computer.

1) I go manual:

I usually check these things first before anything else.  A lot of virus and maleware programs have names that are randomly generated.  This helps them get past AV software. So anything in these programs that looks like nonsense usually is.  Also these show me where the software is located. Almost any time a program is being run from the users application data rather then the program files is a red flag for me. Taking a look around like this first before I pull out my AV software toolbox gives me a chance to remove the software manually if possible and to make notes of  file names and symptoms to research while I run scans.

2)  I go automatic:

I run these scans in order listed.  Even if I have removed the virus manually or not. Why?  Well just because I found one virus that doesn’t mean that the machine is clean.  Alot of malware gets on a computer because of antoher piece of software brought it in. Think of it like having a buddy open a back door to the theater to let his 5 friends inside to see the movie.

Now all three of these are free utilites or have free versions, mostly beucase I want to be able to leave them with my client and not haveing to worry about licecning or updating them.

MS Security Essintials is the AV that is on my laptop. I like it because it does just one thing really well and that’s find viruses.  It scans fairly quick and it has in the past found some nasties many other AV software misses. I also like the fact that it can be updated though MS update.

Malware bytes has an impressive database update and does a great job on on demand scanning.  It finds the less dangerous but annoying pieces of malware.  Its free version is just an on demand scanner wtich is find with me since when running its a bit of a resouce hog.

TDSKiller is my secret weapon and I always feel better when it comes back clean. Its an anti-root kit utility.  Root kits are malware that is so deep in the system that most virus scanners just pass it by.  Many times its what opens a computer up to other viral infections, or its responsible for browser re-directs.The  SMB Technologist blog on Tech Republic did a great article this past week featuring TDSKiller.

Now there are a tone of great security utilities out there.  Spy bot Search and Destroy, AVG free, Avast, Spy ware Doctor.  And for some malware I have reached for them, but my three mains 95% are more then enough to get a system clean and help it stay that way.

Now I do warn you before you make any big changes to any computer that a good backup being your first step is always a good idea. Also if you don’t want to do this, we can do it for you.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s