How to Remove Malware

Many users even after carefully surfing the Internet find themselves infected by some variant of Malware on their computers. It is becoming easier than ever for computers to become infected by Malware especially if users are still running Windows XP with outdated patch levels and virus scans. Writers of Malware are getting more clever about how they entice an unsuspecting user into clicking a banner or installing software that on the outside looks to be beneficial. If your computer has become infected with Malware, what steps can you take to get rid of the infection?

Analyze the Damage

The first step is to analyze the damage that has been done to your computer. What does that mean? The first look at the machine should be to determine whether or not the computer can still boot into Windows. This can change things. Obviously, if your computer will not boot, your first priority will be to get the computer to boot into Windows.

For this article, we will look at a situation where the computer will boot into Windows. If this is the case, we know that the boot sector as well as system files have not been corrupted beyond repair.

Getting Started

You may have weird pop-ups, windows background, or other odd behavior going on with Malware infecting your system. Many Malware programs make their installation evident by what you see after you log back in. Many prompt you that your system is infected with spyware or Malware and you need to click to enter your information as well as a credit card number to purchase the fix. Do not fall for it!

One of the first things we need to do is get the right utilities to check the system and repair the Malware infection. If you have control over your system with ability to insert a USB drive, copy the following files to your thumb drive. Each are free downloads via the web and are easy to find with Google.

· Autoruns

· Process Explorer

· Malwarebytes Anti-Malware

Running the Utilities

After you have the files copied to the USB drive, connect the drive to your computer and run the "autoruns.exe" file from the extracted location on your thumb drive.

Autoruns allows you to see what is starting up on your computer and even discloses programs and registry entries that may be missed by popular startup editing tools such as "msconfig" which is built into Windows.

One of the most valuable abilities of autoruns is the ability to look at code signatures. The code signatures allow you to see whether or not the software is actually what it says that it is. It is the digital fingerprint that verifies its authenticity.

Most of the time, malware will fail this test of authenticity using the code signatures.

Another really nice feature of Autoruns, is that it allows you to hide the genuine Microsoft and Windows entries so you do not have to parse through those entries to find any abnormalities.

Uncheck anything you see that is suspicious which may include items that do not have a description or that the code signature appears invalid.

If you have popup windows on your desktop associated with the Malware, you can use the Process Explorer utility mentioned earlier to pinpoint the service or process that is spawning the windows. This can greatly help to identify the malware infection and where it is coming from.

After you have cleared out suspicious startup items as well as processes that look to be malware related, you can install Malwarebytes Anti-Malware utility to run a full system scan to track down and eliminate malware. The first thing you need to make sure to do is update the signatures as these change and get updated regularly. You want the utility to be as effective as possible when you run the full system scan and the recent signatures make this possible.

Some malware is very good at making your efforts difficult when it comes to cleaning up your system. They even look for applications with the familiar executables of most popular anti malware utilities and block these from executing. If you notice that you cannot install Malwarebytes, try renaming the executable for the installer. You may even need to rename the extension from.exe to.bat. The program will still install and this will make sure the malware doesn't keep the program from running.

This may also be the case after the program is installed. You may need to rename and change the extension of the actual program files executable to be able to run the utility.

Malwarebytes most likely will find the infections that you have present on your system. A reboot will probably be necessary after the cleanup process has finished. After rebooting, verify that the suspicious popups are gone and other malicious software is no longer present. At this point it will probably be a good idea to also run a full system scan with your virus scan software of choice.

Note, you may need to reinstall your virus scan program as many times these are corrupted by malware attacks, especially if the virus scan program was severely out of date and was compromised.

Post Repair

If you were fortunate and the utilities mentioned above allowed you to free your system from a severe malware infection, please use the second chance to prepare your system for the next attack. Especially if you are running Windows XP, make sure you are at the current system patch level of SP3. Also, make sure you are running at least Internet Explorer version 7 and preferably version 8 as these contain the latest security enhancements.

Make sure that your anti-virus software is functioning normally. Having outdated virus signatures cripples the effectiveness of these programs. In fact, you are just about as safe not having a virus scan installed as having it installed with outdated signatures.

There are many great free anti-virus software packages available. Avast, AVG, and others offer really great service that is free to home users. You are simply asked to register the software and install the key that is sent via email.

If you do not want the hassle and expense of keeping an up to date copy of McAfee, Symantec, or other more expensive virus scan packages, the above mentioned free alternatives are a great way to keep your system protected at no cost.

Browsing Habits

No matter how well you have protected your system with software solutions, one must still be careful in this day and age to keep a strict watch on their browsing habits. Installing tons of free trial software as well as downloading P2P programs significantly increases your risks of your system becoming infected with some variant of Malware.

Do not agree to install software that is unsolicited that may pop up from a strange website. Do not fall for the trick of a popup telling you that your system is infected and will stay infected until you install their software. All of these scams are ways that Malware writers are infected thousands of Internet users. Be smart where you click and which websites you visit. Running web filter software such as the free tool called Untangle can greatly benefit your overall Internet security as well.

Malware is definitely here to stay and so the threats will continue to mount on home and corporate users alike. However, using the right utilities and implementing several protective layers that are available will help you to avoid Malware altogether.

Elisha Wallace is a technical writer and reviewer for http://www.computer-howto.com.

Visit http://www.computer-howto.com to find the latest how to guides and technical information on common computer and network challenges and issues.

Article Source: https://EzineArticles.com/expert/Elisha_Wallace/502027