The tutorial below only applies if the infected computer will not be part of an investigation. Any computer that is part of an investigation should not be altered in any way – even to have viruses removed.
We get a lot of questions from friends and family about virus removal, for which there is no easy answer. My usual recommendation is to make sure your antivirus program is running and updated with the most recent virus definitions. I then recommend a full scan if the antivirus program is functioning properly. If there is still possible indications of a virus, such as being redirected to strange websites, unfamiliar popups with virus warnings, or the inability to access the internet, I recommend that the computer is serviced by someone that knows what they are doing.
If you first want to try and resolve the problem yourself, a possible solution is to try McAfee’s Stinger. I must say that I do not care for McAfee software, but Stinger is the exception.
Disclaimer:
Virus removal can be destructive! If a virus writes itself into a file, that file may be damaged or removed with the removal of the virus. Always backup data whenever possible before the scanning and removal of viruses (even if that backs up the viruses). Close any running programs and close all web browsers before using Stinger. Inland Investigations Group or its employees are not responsible for the loss of data and you are following these steps at your own risk.
Let’s get started:
- Download McAfee’s Stinger from here.
- If you cannot access the website because of a virus, use another computer and download Stinger to a flash drive (AKA thumb drive).
- Stinger does not install – it is an executable and just needs to be double-clicked.
- You may get a message about updating if Stinger is more than a few days old. Always try and use the most up-to-date version.
- Upon starting Stinger, you will be presented with the following main screen. If you want the most in-depth virus scan, click on Preferences (which I blocked out in red).
- Once in the Preferences screen, you can select the sensitivity level of the scanner. You can also change other settings, such as whether or not you want a virus repaired, deleted, etc. Once you have made your selections, click OK.
- Once you are back at the main screen, click Scan Now.
The program will take quite a while to scan, even more if you selected very high sensitivity. Once done, you will be presented with a message about the findings and actions. Once the program has completed it’s tasks, reboot your computer and see if the problem has been resolved.