How To: Removing Malware

Malware. Everyone hates it. Random popups, slow systems, slow networks, browser redirects, everyone's been there at one point in time or another. Short of reinstalling Windows, what can you do about it?

Spyware is a different form of program than a virus, and as such, standard anti-virus programs don't get rid of spyware. You need one or more special programs to remove spyware.

Some people also make the mistake of not keeping their antivirus program up to date, or letting the subscription expire completely. This is a very bad idea. The program can't work to its fully ability if it doesn't stay up to date.

This is where anti-spyware programs come into play. Anti-spyware software specializes in removing spyware and adware programs.

One such program is Malwarebytes Antimalware, also known as Mbam. Mbam is one of the leading antispyware tools available. If you run Windows, even if you don't think you have malware on your system, I highly recommend downloading this wonderful program and letting it scan occasionally.

Sometimes, particularly nasty malware will stop you from being able to install a program that will remove it. If this happens, you will need to go into safe mode. Even if you can install it, it's advisable to go into safe mode, anyway. What safe mode does is run Windows in a stripped-down mode where only essential processes are started. To get into safe mode:

1. Restart your computer.
2. After your computer does its initial start up (this will either be a bunch of information about the computer, or a splash screen with the manufacturer's logo), and before the Windows splash screen fully loads, press F8.
3. If done at the right time, you should get a screen entitled "Advanced startup options." Select "safe mode with networking" and press Enter.
4. Windows will then load into Safe Mode. This has many similarities to regular mode. When you get to the logon screen, log in as the Administrator.

You should now be in Safe Mode. If you haven't already, download and install Mbam.

Make sure it's updated. Like your antivirus, it's not as effective if it's not up to date.

Start Mbam and go to the update screen. Tell it to update if it doesn't automatically prompt you to do so.

Then run it. Let it do a thorough scan. This could take an hour or two, or even more. Once it's done, it should give you a summary of any malware you have on your system and the option to remove it. Once it's removed, you should be able to restart it and confirm that the malware has been removed. If you couldn't install in normal mode, or the malware was interfering with your antivirus, it might also be a good idea to update and run your antivirus before restarting.

Because all antimalware programs are forever playing catch-up to the malware writers, no single antimalware is guaranteed to remove every single piece in a single scan. Mbam is one of the best out there, but other titles, such as Adaware and Spybot may have definitions that Mbam doesn't yet have and that include the malware you have. If you restart and find you still have problems, you may want to go back into Safe Mode and try one of these two titles.

Some malware is particularly nasty and gets into system files. When a program like Mbam removes these, it may corrupt Windows and prevent it from starting. This is not necessarily Mbam's fault, but a side effect of the malware it removed. Make sure you have recovery disks or a Windows disk (matching your current version) on hand in case this happens. I will have a tutorial for doing a non-destructive Windows recovery in the future.