Eliminating malware requires a systematic process with no missed steps. This checklist will make it easier to do an effective, thorough job.
Malware removal is among the more frustrating tasks that support desks, network administrators, and IT consultants undertake. You must typically clean multiple machines simultaneously. Performed in a vacuum with no interruptions via e-mail, telephone, cell phone, and in-person contact, the process might prove manageable. Faced with endless distractions in the real world, however, the process often proves disjointed and inefficient.
A single simple form can help bring order to the chaos. Our free Virus & Spyware Removal Checklist will help you methodically isolate and remove virus, spyware, and rootkit infections.
The checklist begins by ensuring that you don't forget to create image backups prior to troubleshooting. With an image backup stored on a secondary hard disk, you can work with a safety net. Since image backups duplicate user settings, configuration information, download files, email, and all user data, you can remove infections without fear of rendering a system unusable. In worst case scenarios, you can restore the image backup and continue attempting repairs, should a specific malware removal step smoke a system. Further, image backups safely store all user data and information on a secondary disk, which you can use to recover critical data and settings if a Windows reinstallation proves necessary.
Next, the checklist covers some critical steps that are easily overlooked -- like verifying that the most current antivirus, anti-spyware, and anti-rootkit platforms are not only installed but have the most current signature updates.
If you tend to forget whether problematic entries revealed by Microsoft Autoruns for Windows were already reviewed and disabled, you'll be able to tell at a glance. In addition, the checklist reminds you to delete problematic Windows System Restore Points, remove temporary files, and uninstall unnecessary and/or rogue programs. It also reminds you to create new Windows System Restore Points once repairs are complete.
If repair attempts fail to identify and remove malware infections natively (running removal efforts within the infected Windows environment), you can follow the steps for strategy escalation. Badly infected systems, or computers plagued with a particularly problematic infection, may require physically removing the hard disk from the offending system and connecting it to a test system specifically configured to isolate and sanitize slaved hard disks. Or you may prefer to clean stubborn infections using preboot environment or Linux boot disks that leverage BartPE, Knoppix, or similar recovery technologies.
If you want to rearrange the steps or add your own special procedures, you'll find it easy to edit the checklist. The download includes versions in both Excel 2003 and Excel 2007.
Erik Eckel owns and operates two technology companies. As a managing partner with Louisville Geek, he works daily as an IT consultant to assist small businesses in overcoming technology challenges and maximizing IT investments. He is also president of Eckel Media Corp., a communications company specializing in public relations and technical authoring projects.