If you’re unfortunate enough to get a particularly aggressive virus or piece of malware on your computer, the typical free anti-virus suites will only be able to get you so far. You can never be fully confident that their scan and removal tools will have wiped every single trace of the infection from your machine.
Instead, it’s best to turn to an app that specializes in finding and/or removing aggressive malware. These tools shouldn’t replace your anti-virus suite — they won’t keep you protected. They are solely for the purpose of detection and deletion.
A Word of Caution
Please keep the following two points in mind before using any of these tools.
First: Because these seven apps are designed to remove extremely resilient viruses, they frequently identify false positives. Deleting false positives can have grave consequences for your machine. In the worst case, you might need to reinstall your entire operating system.
Therefore, take precautions and make backups before you delete anything. And of course, if you’re not sure whether a file is a false positive, you can usually find the answer on Google.
Second: You’ll often need to use several of these tools in tandem for maximum results. There is no one-size-fits-all solution for overly virulent malware.
One of the most common reasons for an anti-virus suite failing to delete an infection is because the underlying processes are still running in the background.
In short, Rkill lets you kill processes that Windows Task Manager cannot access. It’ll also scan the registry for any entries that prevent legitimate programs and apps from running. These include malicious Image File Execution Objects, DisallowRuns entries, executable hijacks, and policies that break the Windows utilities.
Rkill does not delete any files. Therefore, once your scan has finished, run a standard malware removal tool to get rid of the offending entries from your system. Do not restart your computer between the completion of the scan and running the malware tool — doing so will allow the killed processes to restart.
Farbar Recovery Scan Tool is primarily for logging. It’s an indispensable app if you need to find out more about an underlying virus.
The best part of the app is its flexibility: it can run in Windows Safe Mode and the Windows Recovery Environment. As such, it’s one of the easiest ways to trace a virus if you’re having boot issues.
The app offers various scans. The main scan covers areas such as running processes, the registry, drivers, services, and NetSvcs. The extended scan also includes users accounts, the security center, firewall rules, and a lot more.
Farbar Recovery Scan Tool also allows you to fix problems, but you’ll need to create the Fixlist.txt file yourself. If you’re not security-savvy, head to the BleepingComputer.com forums and someone will help you.
From a user perspective, some of the most frustrating and frightening infections are the ones that prevent your computer from booting. All your work, media, and music suddenly becomes inaccessible.
If you’re unlucky enough to find yourself in this situation, don’t despair. You just need to download Dr. Web LiveDisk. It will let you boot your system regardless of a malware infection.
The software has three key features that make it appealing; it can find and delete infected and suspicious files, it can extract your most important files to another computer or a USB flash drive, and it can cure any infected objects.
You can download the software directly to a USB drive, or CD for ease-of-use.
RogueKiller is a more traditional malware removal tool, but it boasts an anti-rootkit module which makes it able to detect threats that many other malware removal tools cannot.
It can find and remove rootkits, spyware, adware, junkware, PUPs, Trojans, worms, hidden processes, malicious autorun entries, registry hijacks, infected DLLs, and hijacked DNS and host entries.
The app also includes a repair feature. It can restore system files that a rootkit has altered and files that were hidden by malware.
The program doesn’t need to be installed, meaning it’s one of those apps you can keep on your USB drive and have to hand at all times.
5. Hitman Pro
Hitman Pro is a secondary anti-virus suite. It’s designed to run alongside your existing anti-virus software and act as a safety net, catching the latest threats, zero-day attacks, and any other infections that slipped past your main app.
Most anti-virus apps work by looking at product signatures, but Hitman Pro watches how files behave and monitors them for suspicious activities instead.
Obviously, it has the ability to remove infections and, in the case of infected Windows files, it can even replace them with clean, original versions.
You can try out a free 30-day trial. The full version costs $24 per year.
Norton rightly has a terrible reputation in the world of anti-virus, but that doesn’t mean some of its products aren’t really useful.
One such product is the Power Eraser. The free-to-use app possesses what is arguably the most aggressive anti-malware scan out of all the tools on this list. As such, it often marks legitimate apps as viruses, so be extra careful when you use it. If you do accidentally delete a non-infected file, the app does offer a roll-back feature.
It’s especially useful if an infection is preventing you from installing, using, or updating a traditional anti-virus suite.
Remember, Power Eraser is not a standalone anti-virus app. Independent tests have shown it performs poorly if it’s used in that way.
The final tool on this list is ComboFix. It’s another malware removal tool that offers two key features.
- Scan and Removal — As you’d expect, ComboFix has an extensive scan and removal tool. For typical malware infections, it’s more than adequate. Removal is performed automatically once a scan is completed.
- Report Creation — If a malware threat is particularly tough to removal, the app will produce a detailed report for you to share with a security professional or on a security forum.
The developer of the app explicitly warns against acting on the report unless you are extremely sure of your actions. Due to the power of the tool, doing so can severely damage your system.
Note that ComboFix is only available for Windows XP/Vista/7 systems. It is not compatible with Windows 8 or later.
Which Tool Do You Use?
I’ve introduced you to seven valuable tools you can turn to if you’re stuck down by an aggressive virus. Hopefully, they’ll get your machine running perfectly again in no time.
I’d love to know what other tools and apps you would add to this list. What do you use when you need to find and remove resilient malware?
You can leave your thoughts and suggestions in the comments below.