My Troubleshooting Steps For Removing A Virus

Getting a virus, Trojan, malware, spyware, or whatever else you can call it on your computer is never good. Your personal information and identity could be stolen, or your computer will become inoperable either locking you out completely or displaying hundreds of popup’s you can’t close, and we all know how annoying that is. Therefore, here are a few things I do to remove viruses.

Please note, every virus is different, so some of these steps may not work, and viruses may also trick you, so if you are not too sure what’s happening, you might want to get a computer repair person to get rid of it for you.

Throughout my dealings with computers, I’ve seen virus make computers take forever to load, or change system settings to lock you out of your own computer, as well as many other things. Recently, one of the computers at work got a virus that was telling the user that the disk is corrupted and needed to be repaired. It hid all the files on the Operating System and just created popup after popup, which you could not close. So based on my recent encounter, and previous encounters, here are a few things to do.

First, Prevent a Virus

Before going into detail about removing a virus, the best thing to do is to prevent a virus. I have written a previous article about this here, but to recap, you can do the following to help prevent getting viruses in the first place:

  • Ensure your Operating System is patched and up to date
  • Ensure you are using the latest version of your preferred web browser software
  • Use web browser add-ons like NoScript to disable the execution of possibly malicious code
  • Visit only trusted websites
  • Don’t look at porn
  • Be careful on the links you click
  • Disable popups
  • Download and install programs from only trusted locations (make sure you click on the download link, and not an ad!)
  • Install Antivirus Software
  • Use a Firewall
  • Uninstall programs you no longer use
  • Buy the official version of a program, don’t download it from torrents and use key generators
  • Don’t connect to free Wi-Fi

If you want to learn about information security, read my article “The importance of Network Security and the Types of Security Attacks

Perform a Virus Scan

The first thing I do is run a virus scan, ensuring it has been recently updated. Depending on the virus you have, it may not allow you to run it. You can also try the Microsoft Safety Scanner.

MSSecurityEssentials

System Restore

If you cannot use Antivirus software to scan and remove the virus, the next step I perform is a System Restore to see if I can return my computer to a previous state.

System Restore on Windows 7

HiJackThis

HiJackThis is a very handy tool that tells you everything that is running on your computer. You can Download HiJackThis from here. I then copy the log into HiJackThis.de and delete anything that is suspicious. Be careful of what you remove, as removing the wrong item could crash your computer and make it even worse.

HiJackThis Scan Results

MSCONFIG

I love MSCONFIG a lot. The first thing I do if I get a virus, it open MSCONFIG and disable everything that I don’t need. Usually the virus will be included in the list, so make sure you look out for it. If you are not sure if someone is a virus or a legitimate program, Google it. It does not solve the problem, but it can make your computer more workable to allow you to run AV software or access Task Manager if the virus prevents you from accessing it.

MSCONFIG Enable and Disable Startup Items

Task Manager

If possible, I open up Task Manger and end any running suspicion process or application. In doing so, the virus might appear again, which makes things a little tricky. Remember, clicking on ‘End Task’ won’t remove the virus, but it would likely disable it for you to perform other virus scans or at least use your computer.

Windows 7 Task Manager

Use Safe Mode

If some of the above steps don’t work, I try it them Safe Mode. To open Safe Mode, press F8 during booting your computer. (Note, depending on your computer, it might be a different key)

Perform another Virus Scan

Hopefully the virus is now disabled for us to now perform another virus scan. I like to use AVG, or Microsoft Security Essentials.

Do A Google Search

If you do a Google search on the .exe files that are causing you grief, you will find specific instructions on removing the virus from your system. Most of the time, you will have step-by-step instructions that will tell you what files to delete in C:/windows, or what registry entries you have to modify.

Google Search Australia Homepage

Repair or Format Windows

Depending on how your files are stored, you might want to repair Windows, or completely reformat it and start over again. Sometimes viruses can corrupt critical operating system files so you need to repair Windows.

By formatting your computer, you are guaranteed the virus will be removed but you will also lose everything on your hard drive partition that you format. So keep this step as your last resort. If I get to this stage, I will back up my files first, and then format it.

If you can’t access your computer to back up your files, you can use a Live CD. A live CD will boot your computer into a different operating system like Ubuntu, which will allow you to copy or move files between storage devices.

Personally, if I get a virus, I like to format my computer anyway for the peace of mind.

Ubuntu Live CD Boot Menu

Keep in mind:

Please keep the following things in mind:

  • If you don’t know what you are doing, don’t do it, and get some help
  • Viruses are hard to remove. If you think you’ve removed it, you could be wrong
  • You might have a virus, but you won’t know it until it’s too late
  • These steps are the basic steps, and the virus may have disabled your access, so you need to perform other steps to get what you need done, which haven’t been covered in this article.

So have you had a virus before? How did you remove it?

Leave a Reply