Really Free Malware Removal

At first I intended to write about one free malware remover - a-squared anti-malware command-line scanner. It is available as a free downloadable archive which is kept always up-to-date with latest malware definitions. Freeware anti-malware are in rising demand right now, and short instructions on how to properly use this free malware remover are needed by lots of victims of computer infections.

But then I thought: who would search for a command-line scanner? I bet most PC users are unaware of black DOS-like looking windows, and even among those who know about command line console, the majority would prefer traditional GUI-based software with mouse support and colourful graphics. In the world of 3D graphics and customizable skins, DOS environment is looked upon as a remnant of the past. Command line scanners are mostly used by IT pros or Unix enthusiasts, so I risked creating a hub that would never attract its audience.

Therefore I decided to slightly broaden the theoretical part of free malware removal options, while still concentrating on the a-squared command line scanner.

As time goes by and we move in the next decennary of the XXIst century, the pests that aim attacking our computers never stop mutating. Their nature and activity patterns change, and so does the approach to naming the threats. In addition to computer viruses which appeared in the last millennium, a number of new types of PC infections appeared. Consider this list:

adware

spyware

threatware

badware

rogueware

scam extortion

Not speaking about the sub-divisions of the malicious programs, it is clearly seen that almost every PC user simply gets confused. How to know what type of infection bypassed my antivirus protection last night? What changed my desktop background and screensaver?

That's why it is common to unite the whole range of threats into a single term: malware

So what is malware?

In short, it's all included in the list above, plus keyloggers, phishing, process injection, browser hijacks, etc. These are most widely known types of malware. Malware is something that should never be allowed to penetrate into a PC because no-one knows what purpose it prosecutes. Malware can display innocent pop-ups, but also steal identity and transmit sensitive private data to remote servers for later use by web criminals. Malware is used for achieving all kinds of goals, none of which you wish to be achieved.

There's one more question often asked by inquisitive PC users:

What is the difference between malware and spyware?

Spyware is limited to drawing money out of the victim's finances. Opposite to viruses which may use infected computers silently for certain activity (like sending spam or redirecting traffic), spyware is created to make money. It may deliver ads (forced to desktop or browser), collect information about surfing habits and transmit it to companies engaged in Internet marketing, make a log of keyboard activity (recording all hits), etc. Generally speaking, virus and spyware together constitute the most widely known type of malware. A new spyware function is distribution of scams - rogue security software, also known as SmitFraud. This is when people are fooled into buying fake antivirus or antispyware porgram.

Removing malware consists of the following steps:

1. identifying the presense of malware in the system;
2. locating the exact places where parts of the malware reside;
3. finding a proper tool for removing malware;
4. creating conditions for removing malware;
5. completing the malware removal process.

As you see, malware removal tools are not the main concern - it's far more important to find out what needs to be removed. When you know what exactly is the cause of PC malfunctioning, that is, you have information about the types of malware and their locations, it's much easier to find proper free malware removers.

A free malware killer may be:

1. a single executable file (like McAfee stinger); major PC security software vendors offer such tools whenever a certain type of malware take the Web by storm. for example, such malware removers were released when Nimda and Bagle worms infected millions of computers worldwide.
2. a batch file executed in the command line console;
3. a feature-limited version of commercial anti-malware tools. Sometimes trials allow the malware removal for an assessment period of two weeks or a month. This is used to get the software introduced to potential customers.
4. Free online virus scan. Such services are provided by industry-leading anti-malware software manufacturers, as well as IT security-related websited which sometimes combine the power of several online virus scanners. Usually companies provide free online malware scan services as a way to attract new customers. An effective online tool serves as a powerful marketing incentive.

Somebody would inevitably ask what advantages a plain-looking black window may have over convenient, pleasant-looking unfolding menus with keyboard shortcut and mouse support? And that's not to mention the need to type in commands with switches, where every little error (like omitted space or inverted comma) results in necessity to start typing all from scratch (well, there's a key that saves the time).

However, let's look at strong points of free malware removal tools anyway.

• They never expire, never stop removing malware, never require subscription renewal;
• Being command console applications, malware removal tools use very little system resources, unlike desktop software with fancy graphics and transparency effects;
• They do not require installation and can be removed simply by deleting a folder;
• They perform malware removal even in Safe Mode and when desktop programs are disabled by smart viruses. In fact, command-line scanners perform best in Safe Mode where most malicious programs can be caught 'sleeping' because Windows loads only system-critical services.
• They are easy to automate by creating simple .bat files. Double click it to perform definitions update and initiate a scan and malware removal process;
• They are easy to transfer to portable devices and can be used for cleaning other computers.

I'd add that command-line based free malware removers help users to discover the hidden part of the system where certain tasks are performed faster than in GUI environment.

A-squared (formerly knows a2) offers a cool command-line scanner that saved lots of users in frustration after their computers underwent malware attacks.

Diverse scams circulating on the Web are smart enough to get onto PC's protected by popular antivirus software and firewalls. Unfortunately, resident monitoring is often helpless when trojans bring SmaitFraud infections with them. And once pop-ups appear on the desktop screaming about spyware infections detected, users feel at loss. How did it happen? How to remove malware?

Because installed security software either doesn't detect the threats or cannot load its engine into system memory to start the rescuing scan, there are essentially two ways to recover the PC:

1. Burn a bootable CD with antivirus and antispyware, providing latest signature files (the choice of such programs is very limited; Lavasoft Adaware SE, once to be found on almost every bootable recovery CD, was excluded of manufacturer's support more than a year ago).
2. Run a command-line scanner which works both in Normal and Safe Mode.

a-squared anti-malware is exactly this type of scanners. The manufacturer offers it for download with no strings attached (no need to enter email, confirm, subscribe to newsletter, etc.), conveniently keeping the archived file with latest anti malware definitions at any time.

a-squared makes removing malware a no sweat task. Just a few command switches are needed to instruct the scanner:

• to scan memory
• to use heuristics
• to clean the infected files
• to remove those files when cleaning fails

It is worth noting that a-squared free anti malware is better at removing malware than most antivirus tools because it incorporates the detection mecahanism not limited to common viral infections. Its scanning engine is designed to fight a broader range of types of malware, that's why it may perform at a higher efficiency rate than already installed desktop security programs, even kept up-to-date.

In particular, free malware remover from a-squared is capable of fighting:

• spyware
• adware
• trojans
• worms
• keyloggers
• rootkits
• dialers

a-squared malware remover is capable of scanning Alternate Data Streams (ADS) on NTFS file systems and archives. Of course, it creates detailed logfiles in ANSI and Unicode formats.

A typical command to instruct a-squared to start scan and malware removal looks like on the screenshot below.

The legend is iterpreted the following way:

E:\a2cmd\ shows the location of a-squared malware remover program files. In my case Windows is installed on E:\ drive, therefore I unpacked the files to the root.

/deep is one of the three scanning modes: quick, smart, deep. For an infected computer, I suggest using the deep mode to maximize the chances of malware removal.

/n instructs the malware remover to scan the NTFS file system for Alternate Data Streams.

/h turns on the heuristics scan mode. It is used to identify the unknown malware by suspicious behavior patterns or hazardous activity performed by pests.

/m stands for "memory scanning". I see no reason why it shouldn't be used.

/t scans for malware traces.

/r reveals Riskware - not yet defined occurences or types of malware, yet suspicious in the digital eyes of the a-squared scanning engine.

/d is the most expected command. Every owner of a malware-infected computer would want this ON because it stands for MALWARE CRUSH ;)

Below is the screenshot to demonstrate what happens when ENTER is pressed with the above described command parameters. The figure [404] in square brackets shows the number of scanned files.

Free malware remover from a-squared makes a perfect tool for on-demand anti-malware scan. It needs no installation, doesn't add any files into Windows system directories, and makes no changes to the registry. About 26 megabytes of space is all that this malware remover needs.

a-squared designed its command-line scanner to remove malware an easy way with no special knowledge needed. The program uses very little RAM and CPU when running.

This malware removal tool is capable of deleting a number of rogue security programs like XP antivirus, Vista antivirus, registry cleaner 2008, including variations of this family and other types of malware.

P.S. If you find this information useful, please feel free to share it with your friends and those in need of removing malware the free way.

For those suffering from panic fear of command-line tools, SDFix can serve a partial replacement. While it doesn't have a huge built-in database of malware, it may come very handy in certain cases of infection.

1. Double click SDFix.exe and let it extract the files to the drive where Windows is installed, usually to C:\SDFix

2. Boot into Windows Safe Mode (hold F8 key during computer startup, when the Boot Menu appears, select Safe Mode with Networking).

3. Right-click on the SDFix.zip folder and choose Extract All (or UnZip if you have WinZip installed). Open the extracted folder - C:\SDFix and doubleclick on RunThis.bat to start the SDfix script.

4. Type Y to begin the script. It will remove the Trojan Services then make some repairs to the registry and prompt you to press any key to restart Windows. Your PC will take a bit longer to restart as SDFix will be running and removing files.

When your desktop loads, the utility will complete the removal and display Finished. Press any key again to end the script and load your desktop icons.

Download SDFix Tool: SDFix

G-Data Security, a manucaturer and vendor of comprehensive PC security suites, offers a free remover to erase certain viruses. As of writing this hub, G-Data remover claimed to detect and remove 792 infections (see screenshot below). Zlob, Bagle, Sasser, Blaster are detected and removed among other threats.

This tools doesn't require installation and can be run immediately after download.

Download: G-Data Virus Remover.

(NOTE: Download will start immediately. The target file is named remover.exe)