How To Clean Malware From Your PC Using Free Tools

Scan & Clean Your PC With Free Tools

how to clean malware from pc with free tools
Cure Your Malware Problem

I have written a bit about how to clean your PC with Free Tools but I don’t think I have ever done a video SHOWING how to do it, so I figured it’s about time.

Below you will find a new video embedded that will cover the exact process I use on my own PC’s whenever I have any reason to suspect a virus, trojan or malware infection of any kind.

I am not disparaging any paid tools here, there are advantages to them and value received (usually) but not everyone can afford the cost or has often enough use (thankfully) to justify the expense. And since the economy still sucks for a good many people out there, the timing is right for the video.

Free Computer Security Tools

Here are the free tools we will be using in the video:

  • The first is TDSSKiller by Kaspersky Labs (and no, as you will hear in the video, I can never say that name right!) It is an anti-trojan software. Trojans are some of the NASTIEST infections you can get. Here is the link to TDSSKiller at BleepingComputer
  • The second is the FREE version of MalwareBytes excellent anti-malware software. It will scan AND clean your system. They do have a paid upgrade to the software but for the video we use only the free version. Yes, I do recommend the paid version as being worth the cost unless you consider your computing to be low risk. Here is the link to
  • Finally, we take a look at the anti-virus/computer security software we are running. It’s Microsoft Security Essentials which is not only free but also one of the LEAST performance reducing security software packages out there. Get MS Security Essentials here

Watch The Video

Other, More Robust Computer Security (Paid)  Software

A lot of my clients feel more secure with a more robust, paid, security product protecting their PC. Sometimes it’s because they know they have a greater chance of malware due to the types of email they get from friends, the sites they visit (not nasty ones, but ones that get attacked because they are popular) or they download some combination of screensavers, wallpaper, “free” music and videos.

Here are some of the paid security programs we recommend and have worked with:

For Really Stubborn Malware

If you have an infection and can’t seem to get it cleaned, check out this post using yet another free malware cleaning tool or another rather long post I did over at

Free Rescue CD’s Can Solve Your Computer Problem

I have been using Ultimate Boot CD recently to give myself convenient access to a hard drive that will not boot Windows for one reason or another. And while convenient to use, Ultimate Boot CD might not be the best all around tool to have on hand simply because the antivirus definitions are not very recent (a new beta release changes that but they will go out of date too naturally).

Many people don’t follow my advice for safe computing or to install competent auto updating internet security software and end up with problems requiring a rescue boot cd to clean their PC.

So when I saw some of the free rescue cds profiled in another letter recently, I thought I would highlight them here. There are pros and cons to each of the four, and rather than rank them as others do, I will just list them and let you look for yourself.

I really hate rankings unless one is head and shoulders above the rest. Reason being is that I know as soon as I write something in this business, someone has updated their software and what I wrote is out of date.

The first is Avira’s rescue CD. Avira’s AntiVir kind of jumped on the scene recently with some good scores in their free antivirus solution.

Bitdefender is a well known name and you can find theirs here. Beware that this is an .ISO image that you have to burn to a CD with either freeware or paid commercial software.

F-Secure’s CD is available here.

Kaspersky Rescue CD here. (This also an .ISO)

The nice thing about the rescue CDs mentioned is that they have a variety of tools on them, not just virus and malware cleaning tools.

Have these available ahead of time, before the problem rears its ugly head. That way you don’t have to borrow a friends CD and worry about whether his CD burner works or what software he has available to burn an .ISO image to CD.

Antivirus 2009 is malware; Lavasoft cures

One of my clients emailed yesterday to say that one workstation kept getting a popup about Antivirus 2009 and how they had 40 some threats on the PC that could be easily cleaned by Antivirus 2009 if they would only plunk down the $40 or so to buy it.

Well, someone obviously surfed where she shouldn’t. Now how to get rid of it?

I could have gone over there and charged them about $100 to clean the PC of the Antivirus 2009 malware, but instead I directed them to Lavasoft USA to pick up the free version of AdAware.

Cleaned it right up.

Driver Update Progams .. and Scams

I was reading this morning an article by some respected PC Guru’s about Driver Update programs. They led off warning readers not to be scammed by a product called Driver Update 5 which essentially does nothing for you.

The premise to all of this, although unstated, is that you need to keep abreast of driver updates for your computer’s hardware in a similar fashion that you need to keep your software updated.

I disagree with that premise.

Unless you enjoy the prospect of seeing the dreaded Blue Screen of Death on your Windows computer my recommendation is the same as in many areas of life:

If it works, don’t fix it.

If for some reason you feel your computer would benefit by updating certain drivers, my recommendation is to go the manufacturer of the computer (Dell, Gateway, local PC shop) and get the drivers from them. Hopefully you will get the right ones that way.

And before I go any farther, before attempting ANY update of this sort BACKUP YOUR COMPUTER!

This particular article did recommend a couple of free driver update programs, but the one they get the best review to apparently couldn’t handle the traffic today and I was unable to even bring their site up.

What they did mention is that these free products, which offer a paid version as well – naturally, typically will pollute your PC with InstaCrap (a new term I have coined to represent the installation of software, by default, unless you take action to prevent it, that is not related to what you are trying to install and probably shouldn’t want). So beware always when installing software to UNCHECK the InstaCrap boxes for the toolbars, installers and whatevers that they want to clog up your computer with.

And trust no company, it seems like everyone has jumped on the InstaCrap bandwagon.

And, remember, when it comes to updating drivers, “if it works, don’t fix it”.

Comodo BOClean 4.26 Released

I pretty much gave up on Comodo’s antimalware product BOClean recently. Between false positives and a database that was continually becoming corrupt with errant instructions on how to fix(and a popup that wouldn’t go away), my clients were tired of it.

But BOClean has saved my bacon more than once. So when I checked today and found out the v4.26 has been released, I figured I would download and install it again.

I’ll let you know if there are any problems “pop up”.

Comodo BOClean: Another False Positive?

With this mornings update (3/5/08), C:\Windows\System32\WUAUCLT.exe (windows update agent) is being stopped by Comodo BOClean as DRP-AGENT.SCK malware.

Is this another false positive like the USERINIT.Exe fiasco of a few weeks ago or is this real?

I posted to Comodo’s BOClean forum and someone else promptly indicated the same thing happened to them. I have had quite a few clients receive this prompt, with at least one selecting “Yes” to BOClean’s offer to delete the file.

As of 24 hours later, Comodo has not chimed in; although my laptop, the first to experience the problem, updated the definition file again around 4pm and then no longer reported the problem.

This is frustrating. Yes, Comodo gives away BOClean for free, but I have a number of clients who paid for it just a year or two ago.

Compound this with the ongoing “file corrupt” message that only goes away if you know the trick (I have a video), and the UserInit.exe false alarm just a short time ago that rendered many PC’s unable to login (and me glad I typically install Windows Recovery Console on PC’s), and I’m about to pull my support of the formerly fantastic product and uninstall from all of my client computers.

Very sad. As another poster commented: “This never happened when Kevin (owner of NSClean who created it) was running the show”.

Comodo BOClean database is corrupt – File BOC425XVU

The last day or so users have been calling and reporting that they get an error message (in a persistent dialog box) stating that BOC425.XVU is corrupt, go to BOClean update to correct. But doing so doesn’t fix it and you can’t get the dialog box to go away.

First, right click the BOClean icon Comodo BOClean Icon in Task Tray in the task tray and select “Shutdown BOClean”. If it is not there, then you will likely have BOC425.exe in Task manager. That’s Ok too.

Next, pull up Task Manager (CTRL-SHFT-ESC) or right click the taskbar and select “Task Manager”. Click on the column heading “Image Name” to alphabetize. Look for and click on BOCore.exe and “End Process”. Do the same with BOC425.exe if it’s there. If there is more than one of either of those, do them all.

Comodo BOClean BOCore.exe in Task Manager

When you have BOC425.exe or BOCORE.exe highlighted and click on “End Process”, you will have to acknowledge any warnings and then close Task Manager.

Now you can go to Start | All Programs | Comodo | Comodo BOClean | Updater and the update should fix the problem. You will need to either reboot or run BOClean manually (from the Start Menu) to get it up and running and protecting you again.

Laptop from he11 – Virus infection and then some

I wish I weren’t such a nice guy. A gal that works for one of my clients asked where she could take her laptop to for cleaning.

There wasn’t anyone I really felt comfortable recommending and I figured “how bad can it be?”

“Bring it to me”, I foolishly said.

It’s an IBM Thinkpad, which is good, with a Celeron processor, that’s bad.

Even though it has a Windows XP Pro license sticker on the bottom, XP Home is installed – Strike two.

And this thing is so polluted you can barely move the mouse pointer. There was no working antivirus software, although I finally found some program shortcuts for Norton 2003. No sign of the software though.

Internet Explorer is absolutely useless, well, more than usual. Unless you like infinite exploding popup windows. So after cleaning out the registry and everything else that was easy to find, I loaded BOClean antitrojan, antimalware and Firefox. BOClean has found only 1 item so far (and killed it).

Firefox runs, go to Google and do a search, no problem. Try to navigate to and the program closes.

Using a USB flash drive I copied adaware 2007 (free version) and ran it twice. Found quite a bit and cleaned it. Now it refuses to run.

Using a USB flash drive I copied SysClean from another PC where I downloaded it. It gave me fits too, but finally I was able to make it run.

Also from a USB flash drive I copied the free antivirus from Comodo. It found nothing, although much had already been cleaned.

Searching for RootKits I used F-Secure’s Free (expires Oct 1st) BlackLight. It found nothing.

The persistent file I find, loading from the registry is PRX.exe in C:\Windows\System32. Googling it brought up nothing of any use.

I keep threatening to blast the whole thing, format the drive and reinstall Windows XP Pro from scratch but:

  • I’m stubborn and see this as a challenge
  • The owner says there is nothing she wants on the machine, but I’ve heard that before
  • I can save C:\Windows\inf off to USB before I blast it, but I still fear the potential hassle of finding all of the drivers I will need for a laptop this old

Folks, surf wisely. Check out my User Behavior page on my website. Use SiteAdvisor. Run a competent antivirus program and BOClean for malware. Don’t open suspicious emails.




  • McAfee’s rootkit tool found nothing
  • Trend Micro PC-Cillin would not install.. reported corrupt installation file. Installs fine on other, known clean, PC’s
  • Navigating to or AVG in Firefox caused the browser to immediately close
  • Even if left unattended, at some point IE windows would open at a furious rate trying to go to

Final resolution: Wipe Drive and Reinstall Windows XP.

McAfee SiteAdvisor no longer highlights search results

I use Google quite a bit and I just realized that McAfee SiteAdvisor was not highlighting the search results with green, yellow, red or gray. A quick Google search didn’t help much either.

So I went to McAfee’s website and downloaded the plugin for Firefox again and voila, it works again.

I heavily rely on McAfee’s SiteAdvisor (free version) to help me stay away from bad sites. And that is the secret to keeping your computer clean of malware.

Check out McAfee SiteAdvisor here.

70-640 as well as 70-236 are both highly advanced exams that require experience of 220-602 as well as 350-030 and 642-825.