Removing Viruses From Your PC: Best Practices

Need to remove viruses? A PC security expert provides an easy-to-follow guide to removing viruses from your PC.


You Can't Detect What You Can't See: Illuminating the Entire Kill Chain

On-Demand Webinar

Also see: How to Remove Malware (part 2): Booting from a CD

There are only two ways to remove malicious software from an infected Windows machine: with the infected operating system running or not.

The easy way, of course, is from within the infected copy of Windows. Just download anti-malware software, install it, run it and get on with your life. The problem is, this may not work.

Much of today’s malicious software features very technically sophisticated defenses against detection. Recently researchers at the University of California at Santa Barbara took control of the Torpig botnet and wrote a paper about the experience. Their description of how the software infects a computer is fascinating. The sophisticated approach makes the malware very hard to detect by any software running within the corrupted copy of Windows.

Steve Gibson, in his Security Now podcast, offered another lesson about the many defenses malware (in this case the Conficker worm) employs to prevent detection. It's frightening and impressive and makes plan B, scanning from outside the infected operating system, the obviously better approach.

Given this, there are, again, two ways to go.

When I first broached this subject, I suggested removing the infected hard disk and connecting it a USB port on another computer using a special cable. But, there's another approach to access the infected hard drive while still bypassing the infected operating system, one that lets the hard drive remain inside the infected computer.

Boot the infected computer using a CD, DVD or USB flash drive and run another operating system off the bootable media.

For Windows users, the Ultimate Boot CD For Windows fits the bill perfectly. UBCD4WIN, as it's often called, is an amazing collection of free software put together by Benjamin Burrows.

It takes Windows where it was never meant to go – to a CD. That is, it creates a bootable CD that runs a stripped down copy of Windows XP.

Although UBCD4WIN runs XP, the computer on which it runs can have any version of Windows installed. Like a normal copy of XP, the version that runs off the CD can read/write any hard drive partition formatted with the NTFS, FAT or FAT32 file systems.

The original intent of the Ultimate Boot CD for Windows was to run assorted diagnostics against the host computer (my term). Included in these diagnostics are a handful of antivirus and antispyware applications such as Avira's AntiVir, McAfee's Stinger and Super Antispyware.

There are some problems, though, with running anti-malware software from the Ultimate Boot CD for Windows.

Read the rest at eSecurityPlanet.

Tags: PC, malware, viruses, spyware, Viruses/Patches

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.



IT Management Daily
Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that datamation.com may send you Datamation offers via email, phone and text message, as well as email offers about other products and services that Datamation believes may be of interest to you. Datamation will process your information in accordance with the Quinstreet Privacy Policy.