Malware  (mal´wãr)  (n.)  Malicious software.  Umbrella term for undesirable software including - but not limited to - viruses, trojans, worms, pests, parasites, adware, spyware, browser hijackers, drive-by downloads, key/password loggers, unwanted browser-helper objects (BHO), and other unsolicited commercial software.

People occasionally ask me how to remove malware from their computers. My approach is usually multi-tiered. I typically start at the top of the list below and work my way down until the symptoms/problems disappear.

1. Protect valuable information before you get infected. You're not paranoid if they're really out to get you. Consider this a wake-up call. Malware exists and would love the opportunity to destroy your family photos, corrupt years of archived documents, and share your credit card numbers with the Internet community. First: Any important documents should be backed up to removable media so they can not be hacked, cracked, or otherwise attacked by a malware infection. Second: Install and update anti-virus / anti-spyware / anti-malware software on your computer to help prevent problems. But no product is perfect...

2. After your computer is infected you'll need one or more tools to exorcise the demon(s). I like portable tools that do not require installation. You can find some listed under Resources lower down this page. "Portable" means you can bring a ready-to-run, no-installation-required executable program with you on a CD-R without worrying about the virus compromising an installation or infecting your removable media. Rewritable media (e.g., USB drive, CD-RW, DVD-RAM) can be infected and spread the virus to other computers. Portable tools do not offer permanent protection from later infections and are no substitute for a real-time, always-on anti-malware system. But they can help you eradicate the infection(s) at hand.

   This may be an appropriate time to mention that some malware actively attacks anti-malware tools. You may need to boot your computer into Windows "Safe Mode" before these tools can do their job.

3. If at first you don't succeed... try, try again. If one tool doesn't eliminate the problems then I use other tools. There are several good tools available but no wrench fits all nuts. In the case of particularly troublesome infections I may alternate running two or more tools multiple times until each reports a clean system. You should not run two scanning tools at the same time. This means you should temporarily disbale permanent, real-time protection software before running portable tools.

4. Search the Internet for any names, terms, or error messages associated with the problems and see if you can find a solution. This is another good reason for running multiple tools. Different companies often refer to the same virus by different names. Running multiple tools may give you multiple search terms in desperate hours. Don't forget to search the newsgroups as well as the web.

5. "Phone a friend" is a valuable lifeline for more than television game shows. You probably have at least one friend with competent computer skills you can call in the middle of the night when your solitaire crashes. If not, make one. Geeks need love too. Of course, you should also phone them when life is good so they don't get in the habit of screening your calls.

6. Post the problem to an appropriate newsgroup or forum and see if others can offer helpful suggestions. Be a good netizen and read that site's FAQ or guidelines before posting to make sure you follow their protocols. Many newsgroup admins and contributors like to see a HijackThis log from your computer so they have enough info to make a decent suggestion. It's their turf. Respect it if you want a helpful response.

7. If all else fails, you might look for rosary beads or a sledgehammer. Mind you, I've never witnessed divine resurrection of a dead computer. Neither have I had the pleasure of pressing the power button with a 20-pound sledge. But either would be cool, huh?

I recommend trying these tools first:

Companies	Resources
Microsoft	Malicious Software Removal Tool (MSRT)   Free One of the best portable malware removal tools available. Can perform "Quick" scans, "Full" system scans, or "Custom" scans of a specific folder. In my experience, this tool sometimes finds more than others and runs more quickly. It's hard to argue with success.
McAfee	Stinger   Free Another excellant portable malware removal tool that allows "custom" scans of specific folders
Dr.Web	CureIt   Free / $ Download & run free portable malware removal tool NPS CureIt Info
Malwarebytes	Anti-Malware   Free / $ Another excellant portable malware removal tool
Spybot	Spybot Search & Destroy   Free / Donations Download & install free spyware/adware removal tool
Lavasoft	Ad-Aware   Free / $ Download & install free spyware/adware removal tool

If the suggestions and tools above didn't help and you've made it this far down the page, then you are probably in a mess. You may want to try the links below or Google for the error messages or symptoms you see. NPS staff may want to speak with their Site Contact Person, submit a Technology Work Request (TWR), or save your files and reload your Unified DeskTop (UDT) system.

Companies	Resources
Counterexploitation	adware / spyware / malware info
Doxdesk	parasite info
PestPatrol (Computer Associates)	PestPatrol   Free / $     free trial version will find problems, but you must buy the full version to fix them CA Security Advisor     includes online virus/spyware scanning, a glossay of security & malware terms, and a searchable threat database
Spyware Warrior	Anti-spyware information galore Anti-spyware software comparison     good comparison of free and commercial software Rogue/suspect anti-spyware list   -   excellent list!     bad/questionable software that pretends to be good
Javacool Software	Spyware Blaster   Free Spyware Guard   Free
PC Tools	Spyware Doctor   $
Intermute Now a part of Trend Micro	CWShredder   Free     finds and removes traces of CoolWebSearch & variant trojans
Merijn	HijackThis   Free   (& other free utilities)     homepage hijacker removal & the de facto standard info tool for online problem posting
SpywareInfo	Malware/Spyware Information Annotated software list Links     includes an archive of categorized articles & dated newsletters
Kephyr	Bazooka Adware/Spyware Scanner   Free SystemSherlock Lite   Free The File Database
Castle Cops	Software downloads Software reviews

Disclaimer: The malware information and anti-malware software available via the links on this page are provided here to assist you in your search for anti-malware resources. Not all of the information has been validated and not all of the software has been tested by Norman Public Schools to be safe for use on your, our, or any other computer.