Malware Removal Guide 2011: How to Get Rid of All The Latest Malware

Posted 10/31/2011 at 1:57pm | by David Murphy

9

Comments

Print

Running a perfect browser setup only goes so far in the battle against malware: Remember, you are your own worst enemy. Assuming that malware could slip through the gates at some point, what are some of the free software tools you can use to equip your system with powerful protection before a rogue app gets out of hand?

First up, you’ll want a comprehensive scanner running day in and day out to make sure that each and every bit of software you slap onto your computer gets a quick check. For that, we turn to none other than Microsoft’s own Security Essentials app. Our reasons are simple: It’s free and it works. Is it as comprehensive as a premium paid solution? No, but our rationale here is that it’s better to have free AV that has updated definitions than a paid AV suite with a lapsed subscription.

Install Security Essentials and you’ll get instant access to frequent Microsoft virus and spyware updates, in addition to a real-time scanning mechanism that protects your system from anything you download from the Internet (or, if you’re fancy, anything on a USB device from the moment it’s jacked into your system). MSE schedules nightly scans to run by default, but feel free to reschedule these for any time that suits you. Additional options let you set the exact parameters for when the scanning should start, which include the ability to restrict virus and malware hunts to periods when your CPU use is below a certain threshold.

Some of the very best antimalware apps on the market can be had for free, but with an asterisk: We’re talking, of course, about SuperAntiSpyware and Malwarebytes’ Anti-Malware. We’re fans of Malwarebytes’ offering, mainly because the freeware version of its powerful antispyware app gives you a few more features to tinker with than SuperAntiSpyware’s. The hitch with both? No real-time protection, so make sure you set a mental task for yourself to run these apps on a daily or weekly basis.

If you want to get truly hardcore, be sure to grab ComboFix, as well. This app, often considered the “nuke it from orbit” option for certain nefarious bits of malware, uses the Windows Recovery Console to find and eliminate annoying malware. It doesn’t protect your system up front, but it’s a great tool to have in your back pocket when disaster strikes.

RKill is an excellent tool for detaching malware that won't stop running on your system: If it's running, it's not getting deleted by your antimalware apps.

So you’re infected. Shucks. Malware comes in different forms and annoyance levels, depending on just how well the particular piece of offending software has entangled itself into your operating system. This makes it difficult for us to deliver a fix that fits every situation. However, we can at least give you a few helpful suggestions for freeing your PC from malware’s clutches.

First off, see if a simple scan from Windows Security Essentials stops your issue dead in its tracks—likely not, but it never hurts to try the simplest solution before you start rolling up your sleeves a bit more. Update your definitions and select the full‑scan option, and then sit back and hope that Microsoft’s scanner can fix your problem. No luck? Next, fire up Malwarebytes’ Anti-Malware, make sure your definitions are updated, and run a full scan on your system. If it catches an issue, great; if not, and your malware problem persists, it’s time to get a little more creative. Fire up the utility RKill, and use it to try to force-stop any malware processes that happen to be running in your system’s background. Run a full scan with Malwareybytes’ Anti-Malware one more time.

If you’re still out of luck, you’ll want to reboot your system into safe mode (keep pressing F8 as the BIOS loads until you’re given the option for safe mode) and repeat the same RKill/Malwarebytes’ Anti-Malware step as before. You’re doing this in an attempt to unhook whatever malware’s plaguing your PC from the operating system itself: It’s not getting wiped out because it’s still active (and possibly protecting itself from your removal tools).

Still hurting? Fire up Combo­Fix and let the scanning and removal tool work its magic—if, for some reason, it can’t remove whatever’s affecting your system, you’ll get a lengthy log that you can post on one of ComboFix’s associated web forums for further assistance from qualified log parsers. At this point, it might be worth your while to check out other scanning tools not explicitly mentioned in this article, which range from Spybot Search&Destroy, to McAfee Labs Stinger, to GMER, to Sophos Anti-Rootkit, and the list goes on. And you might also benefit from grabbing a few live CDs, like AVG’s Rescue CD or Hiren’s BootCD, for malware and virus removal.

Booting a system into safe mode is a useful technique to prevent malware from starting—and to ensure that your antimalware apps catch it.

There are nearly as many tools for removing malware as there is malware to infect you. The better you can protect your PC up front, including training yourself to recognize potential malware when it presents itself and keeping it off your system to begin with, the less you’ll have to fool with potentially complicated removal techniques later.

But if you have to go down this route, and simple scans aren’t getting the job done, don’t forget to try ripping active malware processes out of your operating system and booting your PC into safe mode. After that, exorcising these software demons from your system is all up to your tenacity, your search engine research skills, and your knowledge of third-party removal apps—Or, if worse comes to worst, your backup schedule. You know, a clean install is but a few clicks away!

So you’re paranoid. We get it. There’s nothing wrong with wanting even stronger security measures than those we’ve mentioned in this article. For the best-in-class prevention against debilitating malware and viruses, you have two options: a virtual machine or a "live CD."

A virtual machine is exactly what it sounds like: a pseudo operating system that runs within your existing operating system. Think Inception. Anything that happens to your OS‑inside‑an‑OS cannot break out of the dream. Applications, malware, drive formats, you name it: That which transpires within the virtual machine’s operating system will never affect your actual operating system running one layer above it. Beware, though: Some malware can tell if it's running on a VM and won't activate if it is. This can make compromised software seem harmless, and could get you to lower your guard and install it on your real machine, where the malware will activate.

Our recommendation? Check out VirtualBox, a totally free VM that lets you install any Windows version you want.

You can also super-protect your primary system (or browsing experience) by running your actions off a live CD. A live CD is typically a version of the Linux operating system that’s been installed on a physical disc or USB key. Restart your computer and boot off a live CD, and you’ll find yourself within a self-contained OS that’s free of malware and other problems the second you boot. Once you’re finished, presto: Your changes can disappear and you’ll be back to a brand-new version of the OS to boot into the next time you need it.

Our recommendation? Check out Xubuntu. It’s not as graphically interesting as other Linux “buntus,” but it does give you a bit more flexibility for running the operating system on lesser systems—like those with anywhere from 256 to 512 megabytes of RAM.