BEGINNER'S MALWARE REMOVAL GUIDE
It looks like malware is everywhere these days; 70% of companies state that their security risks increased significantly last year. New versions of viruses, adware, ransomware and other evil applications are released in the wild on a daily basis, even though I'll admit that most of them are rendered useless when malware researchers manage to identify the appropriate threat removal procedure, and then add it to their products.
However, certain pieces of malware are more advanced and can cause a lot of trouble. Some of them may even manage to trick most antiviruses by using a "clean" application that connects to an infected website to download its destructive payload, for example. This article will show you how to get rid of those digital pests for good.
But first, let's discuss the most common computer infection signs. Since there are so many varieties of malware, infection symptoms can vary a lot. Here are the most common ones, though.
- Your computer beeps randomly or displays strange pop-ups every now and then;
- Applications run slower than usual. Random crashes occur regularly;
- You discover strange toolbars that have taken over your web browsing experience;
- When you try to visit certain sites, you are redirected to other websites;
- You can not access websites that provide security products: antiviruses, anti-spyware, etc;
- Some of your files are now locked and won't open unless you input a password.
To get started, it is wise to make a backup copy of your infected hard drive. It may sound counter-intuitive (why would you want to back up those viruses?) but it's the best method to preserve your precious company data in case that something goes wrong.
So, disconnect the infected hard drive from your computer, use a rack to install it as an external drive for a second computer, and then use a disk image application to replicate the content on the infected drive. The existing antivirus may trigger one or more alerts, so be sure to disable it while the backup process takes place. Since (hopefully) the second computer is clean, and the viruses on the infected hard drive aren't active, your computer shouldn't get infected.
Okay, so now that you've gotten the infected drive backed up, it's time to start the cleaning process. Please note that the operation could take several hours, so set aside some time for it.
Install the infected drive in the first computer, and then start it by booting in safe mode. This way, most viruses won't be loaded in the memory, and thus prevent your antivirus from doing its job. Then, access "System Restore" from Windows' "Control Panel". If this feature has been activated, you will see several backup copies of the OS, which should allow you to restore Windows to a previous version, which is (hopefully) free from viruses.
But let's assume that System Restore was never activated on that particular PC. This means that you should try and remove the infection manually. Go to the "Add or remove programs" setting, and then uninstall all the applications that have suspicious or obscure names. Now it is also a good time to remove all the programs that aren't used anymore, and could have severe security flaws.
Shut down your computer; we need to scan it for rootkits, advanced viruses which are able to plug into the system's API functions, and thus trick most antivirus applications. Fortunately, free tools such as Kaspersky's TDSSKiller make it really easy to find out if your system is infected with a rootkit or not.
If the rootkit test is okay, it's time to use a regular antivirus and clean up the infected computer. Kaspersky is also the maker of an award-winning antivirus, and it offers a free rescue disk which can be downloaded from here. Create a CD that includes the content of the downloaded file, or save the image to a USB stick. Then, boot your PC from that CD/USB stick and let the application update its antivirus database. Follow the instructions on the screen to remove the viruses from that computer.
As you can see, malware removal can be done successfully even with free tools. However, if your virus removal efforts are fruitless, you should contact us. We will be glad to help.