From Gizmo Richards' excellent Support Alert Newsletter:
Here's Gizmo's simple, zero-cost, three-step procedure to follow next time you feel your PC might have become infected as the result of installing a program you downloaded.
(a) First, upload the installation file of the program you installed to Jotti.org [1] for a free scan. Jotti will then run it through more than a dozen malware scanners and let you know if there is a problem.
If Jotti determines that your file is clean, it doesn't mean that there is no infection. It simply means that it's unlikely there is an infection, and that folks, is a very comforting finding.
(b) Download and run the free Panda Rootkit detector [2]. Again, a clean scan is not a 100% guarantee of no infection, but should add greatly to your confidence. Panda doesn't run on Vista, so Vista users should use the BlackLight [3] anti-rootkit scanner instead.
(c) Finally, download HijackThis from this page [4], and follow the instructions on the same page which tell you how to create a log that you can paste to web forums.
There are several forums where you can post. You can find two here [5], [6] and many more by doing a Google search on "Post HiJackThis log". Tell the forum helpers you have already done a Jotti scan and a rootkit scan, and let them know what the results of these scans were.
The folks in the forum will then let you know if you have a problem. If you do, they will also be able to tell you how you can get rid of it permanently. And it won't cost you a cent.
Now in most cases you will find that nothing shows up with Jotti, the rootkit scan or HiJackThis. That's good news. OK, you have spent some of your time chasing a false lead, but that's a lot better than having an infected PC and doing nothing about it.
[1] http://virusscan.jotti.org/[2] http://www.majorgeeks.com/Panda_Anti-Rootkit_d5457.html
[3] http://www.antirootkit.com/software/F-Secure-BlackLight-Beta.htm
[4] http://www.whatthetech.com/hijackthis/
[5] http://www.techsupportforum.com/security-center/hijackthis-log-help/
[6] http://forum.piriform.com/index.php?showforum=12
No comments:
Post a Comment