TechSoup.org The place for nonprofits, charities, and libraries

Removing Malware from Windows

Removing Malware from Windows

  • Well if you want to use Malware Bytes as a primary security software, then please just buy the memory-resident, always on version.  Never hurts to support people that bring you great tools!

    Chris Shipley
    Nutmeg Consulting

  • My experience shows that while Norton my be fine for residential usage, it is NOT well suited for businesses that have to use internet apps.  It takes way too many resources thus slowing down your PC's, doesn't get updated as frequently as other products and it makes problems using other software.  Use Symantec Endpoint Protection on your server to manage security on all machines from a central point.

  • SUPERAntiSpyware is the program I use regularly to get rid of malware on my machine.  It's excellent.  I use the free version, which is free for personal use.

    Yann

    Yann Toledano, Digital Marketing Strategist
    YTConsulting.com
    Host, Web Building Forum, TechSoup.org
    Twitter: @webmanyann

  • The distinctions are a little blurry, but it can be helpful to think about three categories of malware tools:

    1. Always-on scanners like Symantec Norton (paid) and Microsoft Security Essentials (free). These constantly watch for threats from downloads, and periodically scan your entire hard drive for malware.
    2. On-demand scanners like Malware Bytes and AVG. These free tools are less convenient and safe than the always-on kind, but are free. Many offer upgraded always-on versions for a price.
    3. Lightweight scanners like TrendMicro Housecall, McAfee Stinger, and Norton Security Scan. These free programs only scan for a small subset of known viruses, generally the latest/biggest threats.

    So why use a lightweight scanner? For a second opinion.

    When I suspect a malware infection but the primary virus program finds nothing, I want to hear from another vendor. Sometimes you can install a second malware scanner from category 1 or 2 (Malware Bytes is a safe bet), but some full-blown malware scanners get grumpy if you try installing a second full-blown malware scanner. They might even prevent it.

    Scanners in category 3 are lightweight in that they run without having to install a full application. So while your main scanner might hiccup a little (for example, Norton warns me about suspicious activity when I run Housecall), at least you can get a decent secondary scan and some peace of mind. I recently had a situation where two full-blown scanners claimed a machine was clean, but a lightweight scanner turned up a potential threat.

    I recently wrote a blog post on nonprofit malware detection and removal at Blazing Moon covering a variety of related topics.

     

     

  • Andy: Great blog post. You do a good job covering the different aspects

    The problem I have with (free) on-demand scanners is that you have to manually run the scans. I wouldn't trust users to keep up with the scans, and it seems like a hassle to physically go to each machine.

    Is anyone actually running periodic, preventative malware scans? Or, do you just rely on anti-virus software for protection (and just use anti-malware when a problem shows up)?

    David Janke
     

  • djanke

    The problem I have with (free) on-demand scanners is that you have to manually run the scans. I wouldn't trust users to keep up with the scans, and it seems like a hassle to physically go to each machine.

    I agree, it's too risky to use on-demand scanners as the first line of defense.

    Fortunately, TechSoup makes malware protection so cheap that most nonprofits can afford "real" always-on security software. Also,  Microsoft shifted the paradigm with Microsoft Security Essentials since it's a solid, always-on security program that's free.

    djanke

    Is anyone actually running periodic, preventative malware scans? Or, do you just rely on anti-virus software for protection (and just use anti-malware when a problem shows up)?

    My recommendation, and what I do personally, is:

    1. First line of defense: a quality, always-on security program (Norton, Kasperky, Security Essentials, etc.)
    2. Periodic scans (roughly monthly) with an on-demand scanner like Malware Bytes.
    3. In case of an actual infection, scan with at least one other malware program out of paranoia

    I know at least one of my clients actually does this, and I do it personally. However, I don't know of any large-scale organizations doing it.

  • We are a good-sized org with 120 users.  We have an appliance made by Untangle as our first line of defense.  It blocks phishing, spam, viruses, ads, and filters the types of websites that our users can get to.  If something gets by, we have Symantec Corp AV as our second line of defense.  I would venture a guess that this two-tiered setup has reduced my virus and spyware issues by 99.5%.  The 1 or 2 times a month that one of our machines get infected, I typically remove the issues with Malwarebytes on the first try.  I do another scan with Spybot S&D to be certain.  

    Outside of work, I do some computer repair on the side and have seen all sorts of messes where the users have no sense of how to protect and prevent issues.

    Gary

    Gary Network/Systems Admin Berlin, NH
    Host Non-profit Tech Careers, Security Forums
    Co-Host Networks, Hardware, & Telecommunications Forum