How to Remove Malware

So in our how to avoid malware section we gave you a few tips on how to avoid getting malware on your computer. We want to now give you some pointers on what you need to do if you have been infected by some variant of malware.

Writers of malware are getting more and more sophisticated when it comes to making their applications less visible to malware protection programs and also they are able to “re-spawn” their programs if you are able to successfully delete the files that are visible to you.

Determining what damage has been done

One of the first steps to assessing the damage is to determine how much damage has taken place to your files as well as your operating system. A good indicator of how much damage may have been done is to determine whether or not your computer can still boot. If you can boot into Windows, chances are there is still hope to either A) salvage and copy off your files or B) undo the damage that has been done and get rid of the malware.

If your computer can’t boot, the boot files may have been corrupted by the malware to a point of no return besides either repairing or reloading the operating system. Files may still be able to be copied from the hard drive though even if you are not able to boot into Windows.

If you can boot into Windows

If you can boot into Windows you can hopefully run utilities that will help clean the system from the Malware. One of the first things to check is to see what programs are starting or attempting to start when the computer boots into Windows.

There is a really great program called Autorunsthat can be obtained from SysInternals.com. With Autoruns you can truly see what programs may be lurking on your computer that may be hiding themselves from other traditional startup viewing utilities such as “msconfig” which is highly used to disable startup items. An awesome feature of Autoruns is that it allows you to verify a particular software’s digital signature. A digital signature allows you to verify the “fingerprint” so to speak of the software so you know for sure that it is legitimate. Most malware software will fail this test. Also, the description field of many malware programs is blank also.

Another really handy feature of Autoruns is that it allows you to hide the Microsoft and Windows Entries from the list of startup items. This helps you to immediately get down to viewing only third party applications that are attempting startup on your system. Eliminating suspicious startup programs many times will at least start the process of cleaning up your system.

Running Autoruns can help to disable any rogue items that are starting up when your computer boots or when a user logs into the computer under a login session.

Running a Malware Removal Utility

There are many great malware removal utilities out there. One that really does a great job when it comes to cleaning up malware is Malwarebyte’s AntiMalware utility. It is a free download and will also clean your computer without cost. Many malware removal utilities will scan your computer and find infections, however to clean these infections off, you have to pay for the software.

After downloading and installing Malwarebyte’s Antimalware software, be sure to update the signatures before scanning your computer. Updating the signatures allows it to pull the latest “fingerprints” for all known malware programs that try to install themselves on your computer and allows the antimalware software to make a positive ID on the software. After updating your signatures you will need to run the full system scan to make sure all files are scanned and checked for infections.

Some Malware does a good job of blocking your efforts to run anti malware software to clean the computer. Many malware software packages block the execution of the actual install files. It looks for the default setup file name and can use other means to determine that you are trying to use an anti malware suite to clean your computer.

An easy way around this is:

• Try renaming the executable for your anti malware software
• Change the extension for the file after renaming. You can rename to something like (.bat). The file will still work and this many times will get you around the anti malware stopping either the installation or the execution of the program.

Install a Good Antivirus Program

Many people who buy new computers usually have antivirus software preloaded. However, most fail to keep up with the subscriptions to McAfee and Symantec among others. This leads to outdated antivirus programs and outdated signatures which leads to even more malware infections and system compromises.

We covered the steps to malware avoidance in our How to Avoid Malware section. However, just to once again highlight some really great free antivirus software packages, Avast Antivirus and AVG Antivirus are a couple of really great programs that are free and they do a really great job of preventing not only virus infections but also malware infections.

After you have cleaned up your startup items, ran a malware scan with a good antimalware utility, then you need to download and install a good virus scan. The above mentioned free scanners are a really great alternative to sometimes expensive virus scan packages.

After installing your virus scan, run a full system scan once again with your virus scan program just to make sure there are no other infections that the other programs may have missed.