The most reliable way of removing malware: by [email protected]
The best way to remove viruses from your computer is to boot from something other that your hard
disk. Fortunately, most AV producers provide what is called a Rescue Disk. This is a boot-able CD/DVD or flash drive. On a *clean* computer, download at least one of these programs, preferably two of them. (No AV program gets everything but not many can get past two reputable scanners.) Make the boot-able disk or flash drive, boot the computer with it. Now this image was made a while ago so you will want to update after you boot. Once it has updated set it to work scanning your computer. See the explanation of why this is the case below.
Separate from the others I will offer to you is Kaspersky's TDSSKiller. Not an actual Rescue Disk by itself, it is at the very top of the list of root-kit finders/eliminators. You should run this in addition to at least one of the others:
Here are 4 of the many free Rescue Disks available:
One of the most difficult things about viruses is once you get one it is difficult to be sure you got rid of all of it/them. Resident programs are pretty effective at blocking initial infection if kept updated, but not so good at removing all of the viruses, especially the worst ones – root-kits.
Think of the entire computer with all the software as a walled city with one outer wall – the rest of the world outside, the computer and the software inside – and then a series of inner walls with fewer and fewer people allowed within the next layer towards the castle in the middle. It is the center wall within which all the power of the kingdom resides. On a computer, in the middle, we have the kernel or heart of the operating system which talks directly with the hardware such as the CPU, motherboard, RAM, etc. Anything that wants to access any of the computer's hardware must go through the OS to get there. In the layers going out, each layer has increasingly less security to go through (and less authority) so that on the very outside where the applications are, there isn't a lot of security or authority to change things on the computer.
Most viruses operate in the outer layers which makes it relatively simple to find, identify and remove. Malware performs various tricks in order to get access to the inner layers. There are, however, some viruses which manage to get access to the kernel level. These are called “Root Kit” viruses. Root is a reference to the center layer. In the Linux and Unix world, a root user has the keys to the kingdom and full control of everything on the machine. With Windows, of course, we don't have a root, we have administrators who actually have a little less authority than Root on Linux/Unix.
The Root-Kits are able to get themselves launched at the same time as the kernel, sometimes as part of the kernel. This happens well before any security software on the machine is launched. As a result, these root-kits have time to hide themselves and even hide other viruses from the security systems/software of the computer. The only reliable way to find them is to perform a virus search before the virus launches which means before the Kernel of the OS launches. By using something other than your hard drive to boot from you have full access to everything on the machine and nothing has time to hide because they never launch.