Thursday, May 31, 2012

Know about Six free tools for removing malicious software

Malicious software (be it viruses, rootkits, Trojans, worms, or malware) is so prevalent, it seems one of the primary jobs for IT is to protect, clean, and remove it. Yet no matter how hard you try, or how much you pay for the software you use to protect your desktops, it always seems like a losing battle. Fighting a losing battle really hurts when you're spending a good deal of your IT budget (if you even have an IT budget) on software to protect machines from attacks.
It doesn’t have to be that way. I have found plenty of tools that can help in the quest to have a virus/malware-free environment. These tools can either be installed on your machines or used as a toolkit to carry with you to fight the good fight. You won’t find enterprise-grade tools here. What you will find are tools that have done the best job at keeping my systems clean.
1: Combofix
Combofix is my first line of defense when I suspect something has taken over a machine. But you shouldn’t just run this powerful tool without a few considerations. First, what will Combofix fix? After a successful run of Combofix, you should have cleaned (if applicable): malware, rootkits, Trojans, worms, and viruses. What you need to know about Combofix prior to running is quite important. The single most important issue with Combofix is that you can't run it with an antivirus tool enabled. With some antivirus solutions, you can simply disable the tool (Symantec Endpoint Protection is a perfect example.) I have found that one particular antivirus solution, AVG, requires complete removal before running Combofix. And to be on the safe side, I prefer to run Combofix with the computer in safe mode. One other note: Never download Combofix from any other site than Bleeping Computer or ForoSpyware.
2: CCleaner
Another free tool, CCleaner, does two things incredibly well: It cleans the Windows registry and removes cached Web data. There are a lot of registry cleaners available, but CCleaner is the one I always trust. As with any tool, you want to make sure you understand it before using it. Cleaning cached browser data is fairly harmless, but cleaning the registry is not. I highly recommend always backing up the registry when using Ccleaner to clean the registry. Fortunately CCleaner has a built-in tool for handling the backup.
3: Microsoft Security Essentials
After using many antivirus tools, the one that seems to work nearly as well as any other --without any attached cost -- is Microsoft Security Essentials. Not only will this antivirus tool help prevent infection, it does so with as little drain on the system as most other antivirus tools.
Six free tools for removing malicious software

4: Malwarebytes
People are always surprised to find out they need anti-spyware as well as antivirus protection. Of the anti-malware tools I have used, Malwarebytes seems to be the most effective. Now there are two versions of Malwarebytes: Free and Paid. The biggest difference is that the Paid version has a real-time scanner built in. The free version must be run manually. This is not a problem if you are in control of all the PC scanning or you can trust your users to manually run the software nightly (and to manually update the definitions often). If you can't trust your users to do that, you might need to drop the $24.95 for the licensed version.
5: Clonezilla
Clonezilla is free open source software (FOSS) that allows you to do bare metal backups and recoveries. There are two versions available: Clonezilla Live and Clonezilla SE (Server Edition). As the name implies, Clonezilla Live is a small, bootable live Linux distribution that allows you to do a single clone at a time. The Server Edition requires a DRBL server and allows you to do massive cloning. With the Server Edition, you can do large simultaneous restores quickly. Regardless of which tool you use, Clonezilla is a reliable tool for bare metal backups and restores.
6: Hamachi
Although not a tool that will help you clean up your systems, Hamachi enables you to add machines to a VPN without having the associated costs of a typical VPN. I have already covered this tool in my blog post Use Hamachi VPN on your Linux clients, so I will let you use that as a basis for installation and use. If you’re curious about how to use this as an admin tool, you can always house your toolkit on a machine connected to a Hamachi VPN and then access those tools from anywhere (so long as you can add Hamachi to the machine in question).
Final thoughts
There are many pieces of software available for the DIY user, which can make it a challenge to discern which ones are worth using. I hope the list above will help you narrow down the tools you need to keep around in your DIY toolkit.

Thanks:Jack Wallen from techrepuplic

1 Responses to “Know about Six free tools for removing malicious software”

kristina said...
June 1, 2012 at 1:23 PM This comment has been removed by a blog administrator.