My home computer got infected with a virus last week. I wish I could say it was my kids fault or my wifes, but I have to admit that it was completely my fault. I wanted to document the process I went through once I realized my computer was infected for anyone else that might need it and so I have the steps documented for the next time I need it.
Once I realized I had been infected with a virus I immediately disabled my network connnection. I did this to prevent the virus from spreading to other machines on the network and so it couldn’t commuicate back to who ever wrote it. I then started a full system scan with Windows Defender. I grabbed my laptop and downloaded two additional virus removal tools Malwarebytes and Kaspersky Virus Removal Tool. Malwarebytes is one of the best and most popular software when it comes to malware protection and removal. Kaspersky is one of the best and most popular software when it comes to antivirus protection and removal. Kaspersky is consistently ranked in the top three by AVTest an independent third party testing group. Here is Kaspersky winning AVTest’s 2015 top award. Kaspersky Virus Removal Tool is a simple executable that you download and don’t have to install which is great for a portable thumb drive.
Once I had copied Malwarebytes and Kaspersky to my infected machine with a thumb drive and Windows Defender had finished it’s scan of my system I rebooted into safe mode. By the way Windows Defender found 1 virus on my machine installed in my user directory which it quarantined and deleted. Once in safe mode I installed Malwarebytes updated it with the latest definitions and started a full system scan. It found 6 additional spyware cookies and malware. Luckily the malware was only in executables that had been downloaded, but never installed so no infection had occurred that I was aware of. After Malwarebytes finished deleting all the nasties from my computer I opened Kaspersky updated the definitions and started a full system scan. Each of these scans took several hours since they scan every file on your system so I completed this process over two days kicking off a scan before I left for work one day and kicking off another scan when I arrived home later that day. Kaspersky found 1 more piece of malware that was in an instalation file just waiting to be installed on the machine. It quickly quarantined and eventually recommended deleting the file which is just what I did. Now that I had run three different full system scans with three different utilities across multiple reboots I had confidence that all viruses and malware had been removed so I rebooted out of safe mode and enabled my network connection.
Take aways from this experience include:
* That I need to be more careful where I download files from especially installation media.
* That Windows Defender still has a lot of room for improvement. This is clearly indicated by the 3.0 out of 6.0 score Windows Defender recieved by AVTest versus Kaspersky which recieved a perfect 6.0 score.
* That we all make mistakes and that the next time a family member or co-worker calls asking for computer help I will be a little more humble and be able to better empathize with thier situation.