.: Malware Defined :.

Malware (malicious software) is software designed to infiltrate or damage a computer or network. Malware is commonly taken to include computer viruses, worms, Trojan horses, spyware, adware, hijackers and dialers. This internet garbage not only slows your computer down, it can cause operating system errors, random popups, and redirect your browser to websites without your consent. If you are infected with worms your computer can become a mass-mailing zombie. Even worse, keyloggers can grab confidential information that includes chat sessions, usernames, passwords, bank account information, full names, and even addresses that could be used to create fake online identities. Never give out personal info thru email or instant messages and beware of phishing scams.

The sad thing is that "trusted" websites can no longer be trusted. Malware was once restricted to sites offering free music or porn, but today it's being served up by some of the most popular sites on the web. An average of around 8,000 new URL's containing malware emerged each day during April, 2007. That was close to six years ago, and obviously that number has increased ten fold. What's even more alarming is that 70 percent of URL's hosting such malware are found on legitimate web sites that have been targeted by hackers. The outdated notion that malware only resides in the darker corners of the internet is far from the case now. Users are being exposed to malicious content without them being aware of it. Cybecriminals pumped out more malware in 2009 than they did in nearly 20 years, according to anti-virus vendor Panda Security. During 2009, PandaLabs, the anti-malware lab of Panda Security, identified 25 million new malware samples, according to Panda Security's Annual Malware Report, released Tuesday. Before 2009, PandaLabs had identified a total of 15 million pieces of malware in 19 years.

.: My $.02 :.

Unfortunately, cleaning an operating system that has been infected by malware is no longer as simple as it used to be. Malware has become increasingly more difficult to clean, as malware creators find more ways to avoid removal. They have been known to modify specific files to avoid detection, some files refuse to be deleted using conventional tools, others latch on to critical system files, and in some cases rootkits can mask their detection altogether. I am often asked "What are the best detection and removal tools?" The fact is that no single antivirus or antispyware application can successfully remove all malware circulating around the internet. It's not unusual to resort to an arsenal of security products in an attempt to ensure that everything has been properly removed. Everyone seems to have their own idea of the "best", and this guide will highlight my recommendations. Furthermore, there are many rogue antimalware products, from those that are advertised by malware or those from malware creators who strike deals with antimalware creators to ignore their software.

Tech advice:

.: Malware, Adware & Trojan Removal :.

First we'll start out by installing 7-Zip which is an open-source (free) archiver utility. Keep in mind that the System Restore is a protected directory that can trap viruses and other applications inside. Leave it enabled in case your pc fails to boot to the OS after removing infections. Once you are certain that your system is malware free you can toggle the System Restore to delete the contents and set a fresh restore point.

Download the items listed below, preferably to a removable disk, using a 'clean' pc, and run all of the tools in Normal Mode. Only boot to Safe Mode with Networking as a last resort.

  1. Hitman Pro - will scan your PC for malware in a few minutes using multiple scan engines. If malware is detected during the behavioral scan the actual identification of these potential malware files is then performed at the Hitman Pro "cloud" servers. Hitman Pro 3 does not leave a program running in the background that continuously checks incoming e-mail and downloaded files for malware. It is on-demand only. Scanning your pc for malware with Hitman Pro 3 will always be free, so it is an ideal program to make sure that your security cuite is not allowing legitimate malware to infect your system. Should detections arise you have the option to remove them which activates a 30-day trial. Hitman Pro has updated removal technology to handle TDL rootkit version 3.xx (updated variant of the Google Redirect Virus). Hitman Pro just gained a new feature called: Force Breach. Most people in the security business have come across a couple of fake/rogue anti-malware infections that kills every application you are trying to run, including your favorite removal tool. If you run Hitman Pro from a USB stick and start its EXE while holding down the left Ctrl-key until the Hitman Pro interface opens up < Important: if you receive a Vista or Win 7 UAC prompt you need to keep holding down the Ctrl-key while you click continue > it will kill every non-essential process running under the user's context including the rogue infection. You also have the ability to make a Kickstart USB disk to combat against FBI ransomware and other persistent malware that has taken your computer hostage or prevents normal computer use.
  2. Malwarebytes' Anti-Malware - utilizes Malwarebytes powerful technology to detect and remove all traces of malware including worms, trojans, rootkits, rogues, dialers, spyware and more. Download and run MBAR while you are at it.
  3. RogueKiller - a security tool that can be used to terminate and remove malicious processes and programs from your computer.  RogueKiller has the ability to remove infections such as ZeroAccess, TDSS, rogue anti-spyware programs, and Ransomwares. When you run RogueKiller, you can perform a scan of your computer for malicious programs and entries.  Once the scan is complete it will display a list of found issues and allow you to fix them.  RogueKiller also contains individual fixes that include repairing missing shortcuts due to the FakeHDD program, fixing your HOSTS file, and fixing Proxy server hijackers.
  4. AdwCleaner - AdwCleaner is a program that searches for and deletes Adware, Toolbars, Potentially Unwanted Programs (PUP), and browser Hijackers from your computer.  By using AdwCleaner you can easily remove many of these types of programs for a better user experience on your computer and while browsing the web.
  5. Junkware Removal Tool - Junkware Removal Tool is a security utility that searches for and removes common adware, toolbars, and potentially unwanted programs (PUPs) from your computer. A common tactics among freeware publishers is to offer their products for free, but bundle them with PUPs in order to earn revenue. This tool will help you remove these types of programs.

If your desktop icons, documents, start menu folders, or other critical system files appear to be missing you should run Unhide. In some cases you may need to use Rkill if you are infected and unable to launch executables. After you've finished all of the scans you can run CCleaner to clean all areas of your computer.

.: Virus Removal :.

It should be noted that running antivirus applications from a number of different vendors on the same computer may cause problems due to interoperability issues. System issues that can result from running more than one antivirus application in your environment at the same time include:

For these reasons, the use of multiple antivirus applications on the same computer is not a recommended approach and should be avoided if possible. Norton and McAfee are household names since they have been preinstalled on pc's for over a decade, so it's not uncommon for the end user to be using an old version, an expired license (eg. no updates), or a version that eats up a lot of system resources. Should you have trouble uninstalling either product using add or remove programs then use the Symantec removal tool or the McAfee removal tool.

Independent antivirus reviews:

Online scanners:

Eset (NOD32) Online Scanner

On-demand scanners:

Let's say you only have a couple of suspected file(s) on your computer and you want another opinion to see whether they are clean or not. Head on over to Virustotal to scan using over 46 antivirus engines.

Free AV's:

I've listed a few of the popular ones below.


.: Firewalls :.

All broadband users should have a firewall protecting their system(s). A Cable/DSL router is a very inexpensive hardware solution that most people are familiar with. Brands such as Linksys, Asus, TP-Link, and Buffalo are highly recommended. These routers typically offer stateful packet inspection (SPI) and most models will allow DD-WRT firmware to be loaded. This free open-sourced firmware offers increased wifi transmission power, WDS, QOS, website filtering, guest access, and so much more. Hardware firewalls are important because they provide a strong degree of protection from most forms of attack coming from the outside world. Additionally, in most cases, they can be effective with little or no configuration, can protect every machine on a local network, and allow you to share your internet with multiple computers. I highly recommend changing the default router login password to thwart DNSChanger trojans in addition to disabling remote management (unless you need it). Wireless routers should enable WEP64 (easy to crack) at a bare minimum for baseline security. WPA & WPA2 are more secure and supported by newer hardware. Be sure to set a unique SSID, disable wireless access web, and disable the radio if you are not using wireless. When you implement these security measures it will deter potential hackers and wardrivers so that they move on to the nearest unsecured network.

It's alarming at the number of individuals and businesses that have unsecured networks. I've seen people connected to a wireless network without even realizing that it belonged to someone else. Another security risk are public hotpots where other computers also connect to unsecured networks. Network attacks can be made through them, and they can possibly connect to your computer and download data from your hard drive. A good rule of thumb is that you should always use a quality (software) firewall whenever you are connected to an unsecured wireless network and promptly disconnect after you've completed your tasks. I'd advise against logging in to any websites that requires a login and password while you're connected to an unsecured network since "hackers" can easily capture network traffic. Another thing to consider is that anyone connected to an unsecured network can download and engage in illegal activities. There is typically a single public IP assigned to the network (hotspot, your home, a business, etc.) and all illegal activities are tracked back to that IP. If you happen to own the unsecured network you are ultimately responsible for the content passing thru it.

The Five Deadly Dangers of Unsecured WiFi Networks

Software firewalls can only protect the machine they're installed on, so if you have multiple computers (which many homes and small offices do) you need to install and configure a software firewall separately on each machine which could be difficult to manage. Another drawback is the software will often popup messages asking you to allow or deny a particular connection. The end user gets in the habit of clicking 'allow' without even reading the details of the window because they are annoyed with the popups. Most commercial software firewalls include a feature to stop all but authorized applications from sending outbound data packets to the internet. This supposedly stops malicious code from sending unauthorized communications, and also prevents PCs from being hijacked and used to send spam or participate in distributed denial-of-service attacks. The built-in Windows XP firewall (updated in SP2) only filters incoming traffic and allows any application to send outbound packets. However once malware is on your system then the security has been compromised. If an application wants to send data out in most cases an outbound filtering firewall running on the infected machine is not going to stop it.

Virus Bulletin: Free firewalls rated best in leak tests
Matousec: Leak test results

Before installing 3rd party firewall software on a Windows XP computer, be sure that the built-in firewall is turned off. Never use two software firewalls at the same time. Test your firewall capabilities at HackerWatch.org, Firewall Leak Tests, Comodo firewall tests or AuditMyPc.

.: Prevention :.

Almost all malware is unknowingly installed so please use common sense when you sit down in front of the computer. Accidents can and do happen, so here are other ways to prevent malware from being installed: