Download our in-depth report: The Ultimate Guide to IT Security VendorsNo doubt the best protection against viruses, spyware and other malware is prevention: You wont have to remove that which doesnt exist.
Firewalls and antivirus programs are a given as are good security practices such as protecting your network, password protecting idle devices and steering clear of suspicious emails. Even so, you may find your computer is infected. Worse still, your antivirus software may be infected too and thus unable to completely wipe the computer clean.
So now what?https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=iThe problem with all removal strategies, barring reimaging, is that most malware is near impossible to remove, warns Mike Meikle, CEO of the Hawkthorne Group, a boutique management and technology consulting firm. Many times the malicious code hides in the memory or boot sector and when the machine is restarted, it establishes a connection to its Command and Control server and reinstalls itself on the infected machine.
Most IT departments dont even try to remove malware as it is too labor intensive to be worth the effort. Instead, IT pros typically wipe and reimage the infected machines and move on. But if youre willing to put in the effort, and take the risk if your efforts fail, heres how you can combat all but the most sophisticated attacks.
Run your existing antivirus program - Far too many people think antivirus programs work automatically. Many do, at least in a fast scan mode. But many also require a manual command to do a complete scan and it is this deeper scan that is likely to find and remove the more serious viruses. Check to make sure your program automatically updates. If it doesnt, enable the automatic function or look for updates daily and manually do it.
Use a malware specific software tool - An example of this is Malwarebytes Anti-Malware. It is a fantastic malware detection and removal tool, said Meikle. The base level of the application is free and is feature-rich. SUPERAntispyware also works.
Use your operating systems tools - For example, if you are using a Microsoft operating system, you can download the Microsoft Malicious Software Removal tool. Such tools can be downloaded or run in your browser to detect malware that may have compromised the antivirus program on your computer.
If that doesnt work, use the Microsoft operating system rollback feature to move the OS back to a date when the system was not infected, said Meikle. If all else fails, backup the data and reimage the machine then reinstall all applications.
Dont overlook help from other free tools such as Microsoft Security Essentials.
Use antispyware rescue disk - The best way Ive found to remove malware is to boot from a Linux disk, such as the Kaspersky Rescue disk, said James Kelley of Kelley Consulting Company. It ensures the malware is not running, since malware often attempts to reinstall or evade detection.
Newer versions of Norton will also allow you to boot from the Norton disc, or connect via the Internet and do a complete scan.
Contact support - Contact the antimalware vendor's support department and work with the tech support engineer to examine the system for any residual damage caused by the malware that may still need to be repaired, advised Aryeh Goretsky, distinguished researcher at ESET. Also, the technician may (or may not) be able to help determine what the malware may have done while it was on the system.
In fact, you may be pleasantly surprised by what tech support can do to help.
Many of the paid antimalware applications include tech support that will work with you via remote to remove infections, said Louis Katz, owner of Technolene, a member of the Apple Consultants Network and a Microsoft partner.
Seek professional help - Find a computer security expert to help you eliminate the malware and check to see if it is automatically reloading when you restart the machine.
These days, malware is insidious, establishes all sorts of footholds within the system and can make many different changes to a system which may be non-obvious and cause seemingly unrelated and difficult-to-troubleshoot problems, warned Goretsky.
In the end, however, a computer may not be trustworthy despite your best efforts to make it so. If you've had your computer awhile, this may be the time to replace the hard drive with a bigger, faster unit, said Katz.
If replacing the hard drive isnt an option, go for a total wipe and a clean reinstall of everything. Just be sure to backup your important files first, using a remote service such as Carbonite, Mozy, or JungleDisk. Load at least two antimalware programs on the new drive and then transfer your files.
A prolific and versatile writer, Pam Baker's published credits include numerous articles in leading publications including, but not limited to: Institutional Investor magazine, CIO.com, NetworkWorld, ComputerWorld, IT World, Linux World, Internet News, E-Commerce Times, LinuxInsider, CIO Today Magazine, NPTech News (nonprofits), MedTech Journal, I Six Sigma magazine, Computer Sweden, NY Times, and Knight-Ridder/McClatchy newspapers. She has also authored several analytical studies on technology and eight books. Baker also wrote and produced an award-winning documentary on paper-making. She is a member of the National Press Club (NPC), Society of Professional Journalists (SPJ), and the Internet Press Guild (IPG).