Jack Wallen, internet tools for removing malware...
Takeaway: Fighting
the malware battle really hurts when you’re spending a good deal of
your IT budget (if you even have an IT budget) on software to protect
machines from attacks. Here’s how to do it for free.
Malicious software (be they viruses, rootkits,
trojans, worms, or malware) are so prevalent it seems one of the primary
jobs for IT is the protecting, cleaning, and removing of said software.
It seems no matter how hard you try, or how much you pay for the
software you use to protect your desktops, it always seems like a losing
battle. Fighting that losing battle really hurts when you are spending a
good deal of your IT budget (if you even have an IT budget) on software
to protect machines from attacks.
It doesn’t have to be that way. I have found plenty of tools that can
help in the quest to have a virus/malware-free environment. These tools
can be either installed on your machines or used as a toolkit to carry
with you to fight the good fight. You won’t find enterprise-grade tools
here. What you will find are tools I have found to do the best job at
keeping my systems clean.
Combofix
Combofix
is my first line of defense tool when I suspect something has taken
over a machine. But you shouldn’t just run this powerful tool without a
few considerations. First, and foremost, what will Combofix fix? After a
successful run of Combofix, you should have cleaned (if applicable):
Malware, Rootkits, Trojans, Worms, and Viruses. What you need to know
about Combofix, prior to running is quite important. The single most
important issue with Combofix is that you can not run it with an
antivirus tool enabled. With some antivirus solutions you can simple
disable the tool (Symantec Endpoint Protection is a perfect example).
One particular antivirus solution, AVG, I have found to require complete
removal before running Combofix. And to be on the safe side, I prefer
to run Combofix with the computer in safe mode. One other note: Never
download Combofix from any other site than Bleeping Computer or ForoSpyware.
CCleaner
Antoher free tool, CCleaner
does two things incredibly well: Cleans the Windows registry and
removes cached web data. There are a lot of registry cleaners available,
but CCleaner is the one I always trust. As with any tool, you want to
make sure you understand the tool before using. And although cleaning
cached browser data is fairly harmless, cleaning the registry is not. I
highly recommend always doing a backup of the registry when using
CCleaner to take care of this task. Fortunately CCleaner has a built-in
tool for backing up said registry.
Microsoft Security Essentials
After using so many different anti-virus tools, the one tool that
seems to work nearly as well as any other, without any attached cost, is
Microsoft Security Essentials.
Not only will this anti-virus tool work well to help prevent infection,
it does so with as little drain on the system as nearly any anti-virus
tool.
Malwarebytes
People are always surprised to find out they need anti-spyware as
well as anti-virus protection. Of the anti-malware tools I have used, Malwarebytes
seems to be the most effective. Now there are two different versions of
Malwarebytes: Free and Paid. The biggest difference is the Paid version
has a real-time scanner built in. The free version must be run
manually. This is not a problem if you are in control of all the PC
scanning, or you can trust your users to manually run the software
nightly (as well as manually update the definitions often.) If you can
not trust your users to run this piece of software, you might need to
buckle down and drop the $24.95 for the licensed version.
Clonezilla
Clonezilla is a Free Open Source
Software (FOSS) that allows you to do bare metal backups and
recoveries. There are two different versions available: Clonezilla Live or Clonezilla SE
(Server Edition). As the name implies, Clonezilla Live is a small,
bootable live Linux distribution that allows you to clone to do a single
clone at a time. The Server Edition requires a DRBL server and allows
you to do massive cloning. With the Server Edition you can do large,
simultaneous restores quickly (instead of a single clone at a time.)
Regardless of which tool you use, Clonezilla is a very reliable tool for
bare metal backups and restores.
No comments:
Post a Comment