There are many types of dangerous software and many ways how to deal with them. Thus there is no simple answer for question “How to remove a virus”. Let’s see what options do you have.
Know your enemy
If you try to search for a help on how to remove a virus, it is certain that you already spot the presence of a virus in your system. That’s a positive finding. Many viruses are undetectable by users and some kind of viruses known as rootkits are also undetectable for antivirus applications. How were you able to find the virus ? Check the most common signs of possible threats :
Antivirus False Positives
Antivirus software is trying to do the best to protect you against possible threats, but malware is always one step forward. There is always some time between malware release and antivirus being able to detect it. To solve this problem many antivirus applications add different kind of detection features that on the other hand increase false positive detection.
If your antivirus made some positive observation (marked some file as a possible virus-infected) and you are not sure about it, you can try to re-check the detected file via free internet virustotal.com service. This service will check any uploaded file using all major antivirus software cores and show you a summary report about it. If the file is marked as Safe by most of antivirus applications then the detection of your antivirus was probably false positive. If you want to help others, you should report this detection to antivirus developer.
If you try to search for a help on how to remove a virus, it is certain that you already spot the presence of a virus in your system. That’s a positive finding. Many viruses are undetectable by users and some kind of viruses known as rootkits are also undetectable for antivirus applications. How were you able to find the virus ? Check the most common signs of possible threats :
Antivirus False Positives
Antivirus software is trying to do the best to protect you against possible threats, but malware is always one step forward. There is always some time between malware release and antivirus being able to detect it. To solve this problem many antivirus applications add different kind of detection features that on the other hand increase false positive detection.
If your antivirus made some positive observation (marked some file as a possible virus-infected) and you are not sure about it, you can try to re-check the detected file via free internet virustotal.com service. This service will check any uploaded file using all major antivirus software cores and show you a summary report about it. If the file is marked as Safe by most of antivirus applications then the detection of your antivirus was probably false positive. If you want to help others, you should report this detection to antivirus developer.
Unstable and slow system
Unstable or slow system can be a sign of virus presence. There can be also different reasons for this, e.g. some hardware problem, driver problem or using a poorly written software. Operating system and also many applications have automatic update feature which brings regularly new fixes and features to your computer but also new bugs that can lead to many other problems (one bug solved, many others implemented…).
Suspicious behavior
If your computer is displaying some strange windows with ads, your internet browser is opening unwanted web pages and searching via strange search pages, you are not able to change your internet search settings or your computer is trying to connect to a strange web address (your homepage was changed) – then you can have a problem with some malware and you should not let it be and try to detect and remove this malware or virus from your computer.
Found suspicious processes or files
This means you are an advanced user who knows how to work with task manager and have some experience working with operating system files. To fulfill this task successfully this also means you know the suspicious filename and/or have found a suspicious file, so the virus removal should be possible.
So, if we have succeeded in finding the source of the problem, how to proceed with the threat?
Various ways how to remove a virus
Virus removal with antivirus
There are many different antivirus solutions. Some are better, some are free.. but don’t expect there is any product which provides 100% protection. If you need to remove a virus, then you could try some tested and popular antivirus. Many antivirus applications have some free version for home computers. Here is a table of top antivirus applications used by the System Explorer Community (12/2012):
avast! Antivirus (26.25%)
Microsoft Security Essentials (22.76%)
Avira Desktop (11.41%)
Windows Defender (6.89%)
Kaspersky Internet Security (6.17%)
Norton Internet Security (4.68%)
AVG Anti-Virus Free Edition 2013 (4.15%)
COMODO Antivirus (3.42%)
ESET Smart Security 5.2 (3.32%)
Symantec Endpoint Protection (2.39%)
AVG Anti-Virus Free Edition 2012 (2.24%)
avast! Internet Security (2.19%)
If your antivirus doesn’t find any virus you should try some different solution. Some viruses can hide themselves when active. To detect this kind of threats you can use bootable CD or USB flash key with antivirus, start the system from this source and scan Your computer with higher possibility the virus is not active.
Special removal tools
Some viruses are too complicated to be easily removed and need to prepare/use special removal tools. If you know the name of the virus, try to search for a dedicated removal tool via Google. For example Kaspesky Labs provides removal tools for Trojan-Banker.Win32.Capper, Worm.Win32.Fipp.a, Trojan-Ransom.Win32.Rannoh, Trojan-Downloader.OSX.FlashFake, Net-Worm.Win32.Kido, Rootkit.Win32.PMax and many more.
Manual removal of the Threats
If you know which files belong to the virus/threat and you are able to delete these files, then you can remove it manually. If you are not able to delete the files, you should check if some of the files are not active as Windows process or loaded in the system as a library. You can try to rename locked files, try to use special tool like file unlocker or boot system to safe mode.
Rarely you can have problem with internet connection after threat removal and reboot. This problem is usually caused by corrupted WinSock2 stack which can be fixed in these steps:
Click on Start button.
Type cmd in the Start search text box.
Press Ctrl+Shift+Enter to run Command Prompt as Admin.
Type netsh winsock reset and press the enter key.
Restart the computer.
Manual removal of threats is recommended for advanced users only. If you don’t know for sure what you are doing, then you risk system damages and data lost.
No comments:
Post a Comment