Important: How To Scan and Remove Malicious Viruses

Every so often, we hear about a new and horrible virus spreading across the internet, infecting millions of Windows computers. Today we’ll show you the steps to remove those threats and (hopefully) prevent them from happening in the future.

Note: The latest horrible virus is set to hit on April 1st, 2009. It’s called Conficker, and we’ll explain how to make sure you are safe.

Whenever an outbreak happens, you should take the following steps:

  1. Run the Microsoft Windows Malicious Software Removal Tool.
  2. Run the McAfee Stinger Tool (optional)
  3. Make sure you are using Updated Anti-Virus Software.
  4. Make sure Windows Updates are turned on.
  5. Get Notified for Microsoft Security Alerts.

We aren’t talking about regular viruses… your anti-virus software can handle those. We’re talking about the terrible viruses that will crash your computer, steal your information, delete the pictures of your kids – and cause your computer to be remotely controlled by a spammer. Bad stuff, but they can usually be prevented.

Run the Microsoft Windows Malicious Software Removal Tool

The first step in detecting and removing horrible viruses and worms from your computer is to run Microsoft’s own Malicious Software Removal Tool – it’s not a replacement for anti-virus, but it’s the best way to get rid of some of the worst offenders, like the current Conficker worm.

To run the tool, you simply need to download the file from Microsoft and run it. There’s no installer required.

Malicious Software Removal 

If you were affected, the tool would remove the virus and alert you. Since we’re thankfully safe, we got the friendly message that no malicious software was detected. You can click the “View detailed results of the scan” to see more information.

No malicious software detected

By scrolling down in the list, you can find the current threat and make sure that you are not infected.

Scan results

The tool should be updated automatically through Windows Update, but you can always just download it directly as well. This is an important tool to keep around.

Download the Microsoft Windows Malicious Software Removal Tool from microsoft.com

Run the McAfee Stinger Tool (optional)

An alternative tool is the McAfee Stinger tool, which is a freeware tool that removes only the worst viruses from your computer. You can check to make sure that Stinger can remove the current virus problem by checking the List Viruses dialog… make sure you have the latest version of Stinger before you use it.

List of viruses Stinger can detect

Simply hit the Scan Now button to do a full scan of your computer, but be warned that this will take a long while.

McAfee Stinger

Once it’s done, you should get a report with the number of clean files.

Stinger Results

It’s a simple and rather ugly tool, but it does the job. It’s still not a replacement for real anti-virus though.

Download McAfee Avert Stinger from vil.nai.com

Make sure you are using Updated Anti-Virus Software

This is one of the most important steps in keeping yourself safe. You need to make sure that your anti-virus software is enabled and properly working! Here’s a quick list of what you should do:

  1. Make sure your virus definition updates are automatically updated.
  2. Make sure that real-time scanning is enabled.
  3. Run a full scan (optional but useful)

ClamWin Update

If you aren’t sure what anti-virus software to use and don’t have money to spend, you can try out AVG Free edition, or you can take a look at the big list of anti-virus software we tested with Windows 7.

Note: We don’t necessarily recommend ClamWin for regular users, because it has no real-time protection. It’s just what I have installed on this computer and I needed a screenshot.

Make sure Windows Updates are turned on

Now we arrive at the most important step: making sure that Windows is fully patched and Windows Updates is enabled. You can’t protect yourself against worms and hackers if you are running a woefully out-of-date version of Windows that isn’t patched. It just won’t work.

Open up Windows Updates, make sure to click “Check for updates” and install every security patch they recommend. Then click the Change settings link…

image

And make sure you have it set to check for updates automatically, and installing updates automatically isn’t a bad option. Just remember, if you are running an un-patched system, you are leaving yourself open for all sorts of bad things.

image

Note: Please pardon the alarmist nature of this point, but patching is the #1 key to keeping safe against internet worms.

Get Notified for Microsoft Security Alerts

If you really want to make sure you are secure, you can sign up for alerts from Microsoft whenever there is an important patch that needs to be installed. You can also check the current security bulletins at any time by visiting their security bulletin home page.

Subscribe to Microsoft Security Alerts by Email or RSS

Latest Microsoft Security Bulletin Home Page

How Do I Make Sure the Patch is Installed?

So now we get right down to it… how do you know if you are vulnerable to one of the security holes? As an example, we’ll look at the security hole that leaves you vulnerable to the Conficker worm: Vulnerability in Server Service Could Allow Remote Code Execution. If you look through the list of downloads, you’ll see the particular patch for your system.

If Windows update says that you are up to date, you can check for a particular patch by clicking on “View update history” on the left-hand side.

Windows Update

This will take you to a long list of every update that has been installed. Look through the list, and you should see the update mentioned in the security bulletin… for me, it was KB958644 for x64-based systems, since I’m running 64-bit Vista.

View Update History

At the very least it’s a relief to know that you aren’t vulnerable… to the current worm, at least.

Conclusion

These steps are essential in protecting your computer from hackers, worms, and viruses, but they aren’t the only important keys to safety. You should still remain vigilant and use common sense: don’t download files from untrusted sources, use a firewall, and make sure your email provider scans for viruses before you open attachments.

Lowell Heddings, better known online as the How-To Geek, spends all his free time bringing you fresh geekery on a daily basis. You can follow him on if you'd like.