Disinfecting a virus-laden PC

April 14, 2008 – 5:04 AM

The first thing is to isolate the computer (no more trading floppies until you’re done) and then begin to disinfect it.

One of my favorite tools is Knoppix. The great thing about this Linux distribution is that you don’t have to know anything about Linux in order to be able to use it. Download the latest copy of Knoppix and burn it to CD from another computer that is virus free to the best of your knowledge. Turn on the “infected” computer and open the CD-ROM drive as soon as you can. Depending on how quickly you can get this done, you may need to reboot the computer to get it to boot from the Knoppix CD.

If you still have a problem getting the computer to boot from the CD, go into BIOS and make sure that the CD-ROM is in the boot order so that it gets seen before the hard drive. If there is anything important that you cant easily recreate, take a moment using Knoppix to back those files to a flash drive so that you can still have them if parts of the drive or some of the files become damaged during the virus removal process.

Once you can get Knoppix to boot, go into the menu and look for the anti-virus software that is installed. Depending on the version of Knoppix that you have, it could be Clam AntiVirus or something similiar. Run the anti-virus software and before doing anything get the latest signature files downloaded. After the signature files are downloaded, run a file level clean on the computer. Depending on how infected your computer is, this could take a while. Once this completes, remove the Knoppix cd from the drive and reboot the computer, allowing to go into Windows. Try at least one other anti-virus software package and make sure that it comes up clean with no viruses being reported.

Once you don’t have any viruses being reported, it’s time to run some anti-spyware software. I’d try at least three – each will find different bad apps. Run each one of them, one at a time, until they don’t report any problems. Once you have gone through each of the removal tools, go through each of them again.

Now get a good backup of the computer before trying to start using it on a regular basis. The steps I have walked you through is something that you will need to revisit on a periodic basis. Especially with the spyware removal tools, checking things periodically might just help you avoid a problem the next time. With anti-virus tools, that process may be a little trickier. You can’t have multiple anti-virus software packages installed at the same time. This is where having Knoppix available will help you try a different anti-virus package without having to uninstall one package and then install another one.

Source: Network World

You must be logged in to post a comment.