We have had a rash of computers grace our office with some type of malware on them.  If you believe your computer or other computing device (ie phone, tablet) give us a call right away.  You could potentially be hemorrhaging sensitive data across the network without knowing it.  I thought it would be informative to show the checklist we go through in the removal and repair process so our clients can get a feel for the work involved. 

Virus & Malware Removal Checklist

SYSTEM INFORMATION

• Computer Model (Download All Necessary Drivers)
• Computer Make

PASSWORD INFORMATION

• System Boot/Biometric Password
• Administrative Password
• User Account Password

DISK IMAGING

• Create/Test System Image Backup
• Remove All Windows System Restore Points

ANTIVIRUS

• Antivirus Efficacy Check
• Confirm Application Is Most Current Available
• Confirm Application Is Operating Properly (Not Corrupted)
• Uninstall Outdated/Corrupted Application (If Necessary)
• Install Current Antivirus Application (If Necessary)
• Install Antivirus Signature Updates

ANTISPYWARE

• Antispyware Efficacy Check
• Confirm Application Is Most Current Available
• Confirm Application Is Operating Properly (Not Corrupted)
• Uninstall Outdated/Corrupted Application (If Necessary)
• Install Current Antispyware Application (If Necessary)
• Install Antispyware Signature Updates

ANTIROOTKIT

• Antirootkit Efficacy Check
• Confirm Application Is Most Current Available
• Confirm Application Is Operating Properly (Not Corrupted)
• Uninstall Outdated/Corrupted Application (If Necessary)
• Install Current Antirootkit Application (If Necessary)
• Install Antirootkit Signature Updates

NATIVE DISINFECTION

• Remove All Temporary Files
• Perform Full Antirootkit Scan
• Remove All Found Infections
• Perform Full Antivirus Scan
• Remove All Found Infections
• Perform Full Antispyware Scan
• Remove All Found Infections
• Install Periform CCleaner
• Run CCleaner
• Install Thalo Creative Malware Detection & Removal Suite
• Run Thalo Malware Detection & Removal Suite
• Review Add/Remove Programs Applet
• Uninstall Unnecessary Programs
• Remove Unnecessary Entries From Launching At Startup

SYSTEM FILE CHECK

• Install Microsoft Autoruns For Windows
• Disable Unnecessary/Rogue Entries
• Run Trend Micro Hijack This
• Remove Unnecessary Programs

PERFORMANCE CHECK

• Confirm Error-Free Boot Operation
• Confirm Proper Network Operation
• Confirm Proper Web Browser Operation
• Confirm Proper Microsoft Office Operation
• Create New Windows System Restore Point

SLAVED/PBE DISINFECTION

• Remove Drive/Boot Using PE Utilities
• Perform Full Antirootkit Scan
• Remove All Found Infections
• Perform Full Antivirus Scan
• Remove All Found Infections
• Perform Full Antispyware Scan
• Remove All Found Infections
• Registry Editing
• Manually search/edit/clean Registry

PERFORMANCE CHECK

• Confirm Error-Free Boot Operation
• Confirm Proper Network Operation
• Confirm Proper Web Browser Operation
• Confirm Proper Microsoft Office Operation
• Create New Windows System Restore Point

REPAIR DAMAGED APPLICATIONS & OS

• Create/Test System Image Backup
• Perform Repair Installation Of Windows
• Perform Uninstallation & Reinstallation Of Damaged Applications
• Creat New Windows System Restore Point

At this point the unit can be returned to the client.  The entire process takes about 48 hours.  Then we make recommendations to the client about how they can stop this from happening again.  We also recommend our Computer Security class that focuses on educating the client about the many ways malware gets around and how to avoid them in the future.

Thanks