One of the most frequent requests that I get from readers of this column has to do with removal of malware from infected computers. Most frequently, I have recommended the free versions of MalwareBytes (malwarebytes.org) and SuperAntiSpyware (superantispyware.com). I typically suggest downloading, updating and running one, and then repeating the same cycle with the other in order to reasonably ensure that the computer is free of malware. While these two anti-malware utilities, when properly updated and run, have an excellent reputation for detecting and removing malware, no single or pair of programs is 100 percent effective at detecting and removing malware. Fortunately, there is a broad selection of other free utilities available from a variety of authors that also offer the user the ability to detect and remove difficult malware.
One such company is the Moscow-based Kaspersky. In terms of sales and users, Kaspersky is well entrenched as one of the top four antivirus vendors, producing security software for corporate clients of all sizes, small businesses and individuals. In its 16 years as a cyber security company, Kaspersky has gone multinational with offices in 30 countries, operating in nearly 200 countries, and employing more than 2,700 people. While headquartered in Moscow, its corporate holding company is in the UK. Kaspersky currently provides security services to over 300 million individual users and 250,000 corporate clients worldwide.
One of the free utilities from Kaspersky that I have personally used many times to clean a badly infected computer is Kaspersky Rescue Disk 10. According to Kaspersky, “Kaspersky Rescue Disk is designed to scan, disinfect and restore infected operating systems. It should be used when it is impossible to boot the operating system.” Kaspersky Rescue Disk 10 is downloaded as a large 250MB file in ISO format that must be burned to a blank CD or USB in order to make bootable media. The ISO format is not simply copied to a blank CD like a music or video file, but must be installed using an ISO image burning utility in order to make the CD bootable. While most major CD burning software offers an ISO burning option, many do not, which may necessitate a dedicated ISO burning utility. My personal favorite is the free ImgBurn software (www.imgburn.com ), which can create a bootable CD from the ISO file. For those who may need it, detailed instructions on how to create the Kaspersky Rescue Disk 10 from the downloaded ISO file and then booting the computer with the newly created CD are online at support.kaspersky.com/8093. Once the bootable Rescue Disk CD is created, and the computer booted with it, the Rescue Disk can be updated and then be used to scan, clean, and restore infected computers. Booting from the Rescue Disk is often more effective than using online or PC based security scans while Windows is loaded, as the Rescue Disk contains its own operating system; since Windows is not loaded or running, malware is more vulnerable to detection and removal, possibly greatly improving detection and removal rates. This is also an excellent method to try and recover computers so heavily infested with malware that Windows will not boot, or otherwise boot into malware that has taken control of the computer (such as the infamous “ransomware”). It may be a good practice to create one of these bootable CDs right now, and store it someplace safe but accessible, such that it is readily available in the future if it is ever needed.
Another free virus and malware removal tool from Kaspersky is Kaspersky Virus Removal Tool 2011, also called AVPTool 2011. Do not let the moniker “2011” fool you into thinking that this is some two year old product, as the utility is fully updated when downloaded from Kaspersky. A large download of about 152MB, this utility is only intended to detect and remove malware infections that are already on the computer, and once downloaded, cannot be further updated; if future scans are necessary, a freshly updated copy needs to be downloaded again. Kaspersky Virus Removal Tool 2011 is an excellent scanner and cleaner, but only functions as an on-demand scanner, and does not provide any continuing or real time protection; Kaspersky recommends that it be uninstalled after running and cleaning an infected computer. There is still a continued need for a full-time security utility, a function not provided by this tool. This Kaspersky Virus Removal Tool 2011, when freshly downloaded and run, is an effective way to check and verify that malware has not penetrated your existing security software and jeopardized the security of your computer.
Kaspersky also offers a large selection of free dedicated software utilities intended to remove specific types of malware, such as the recently endemic “ransomware,” and its more vicious cousin that also encrypts the user’s computer unless a ransom is paid. These and dozens of other malware specific utilities are freely available from Kaspersky. Another form of ransomware that has appeared places a large banner across the monitor screen, blocking the view of the screen, unless a ransom is paid. Kaspersky offers a free “unlocking code” at support.kaspersky.com/us/viruses/deblocker.
Many times, users want to perform a quick scan to determine if their systems are clean and free of malware; Kaspersky offers a free online scan using the latest malware definitions “in the cloud.” This Kaspersky Security Scan can identify viruses, malware, and other security threats, displays information about any issues found, but does not clean any infections which may be on the computer; one of the other scanner-killers can be used to disinfect the computer. Kaspersky recently released a new version of a downloadable security scanner, Kaspersky Security Scanner 2.0, a free utility designed to scan your computer for antivirus status and vulnerability detection. This Security Scanner 2.0 identifies and tests the firewall, security software, and searches for other vulnerabilities, but like the cloud based scanner, does not remove any detected malware. If any rogue security software is found, Kaspersky offers additional information and removal information on its rogue software Web site at support.kaspersky.com/us/viruses/rogue. A somewhat similar product, Kaspersky Virus Scanner for Mac, is available from the Apple app store.
For those who simply want to be sure that their computers are free of malware and other security threats, or to remove otherwise difficult to remove malware, Kaspersky has a variety of free utilities that can likely perform those services.
Listen to Ira Wilsker’s weekly radio show on Mondays from 6-7 p.m. on KLVI 560AM.