38
Hey all, Steve here on a blog about how to remove viruses from your PC!
Virus removal is usually simple, by doing a full scan in your anti-virus, or downloading another anti-malware program, but it can get quite hard, for instance, going into the registry editor or even re-installing Windows!
So, let's start:
If you get no detection, you may have to go into the Registry editor. I would do and recommend this only IF it is un-detectable, and if you have experience deleting & viewing system/progream files in Windows, and I am a pro at that, and I am also a professional at computer stuffs, but mainly Windows and Linux
1. Go into the start menu and search "Regedit"
2. Click "Yes" in the UAC prompt (Windows Vista and later)
3. Search through the registry for suspicious keys. If you see one, don't immediately delete it. You should make a backup of the registry just in case it causes problems.
4. Delete those keys. (Also, before deleting any keys in case you have a virus, I suggest you contact me to confirm it)
5. Any problems? Restore the registry in Regedit, with the backup you made
* Is there stopping regedit from working, and NOT because your system administrator disabled it? Well, go to the System32 subdirectory (C:\Windows\System32) and rename Regedit to something else, and try again.
* Is the registry editor disabled by your system administrator? Contact your system administrator in that case.
Is the virus still not removed? You should backup all files, or have an existing backup, and reinstall Windows, and restore from the backups.
Virus removal is usually simple, by doing a full scan in your anti-virus, or downloading another anti-malware program, but it can get quite hard, for instance, going into the registry editor or even re-installing Windows!
So, let's start:
- Restart your PC
- Press F8 and select "Safe mode with networking"
- If you failed, restart and press F8 until it works (You get there).
- Log on
- Do a full scan on all antivirus programs
- Download another antivirus utility, such as Malwarebytes, and execute a full scan
If you get no detection, you may have to go into the Registry editor. I would do and recommend this only IF it is un-detectable, and if you have experience deleting & viewing system/progream files in Windows, and I am a pro at that, and I am also a professional at computer stuffs, but mainly Windows and Linux
1. Go into the start menu and search "Regedit"
2. Click "Yes" in the UAC prompt (Windows Vista and later)
3. Search through the registry for suspicious keys. If you see one, don't immediately delete it. You should make a backup of the registry just in case it causes problems.
4. Delete those keys. (Also, before deleting any keys in case you have a virus, I suggest you contact me to confirm it)
5. Any problems? Restore the registry in Regedit, with the backup you made
* Is there stopping regedit from working, and NOT because your system administrator disabled it? Well, go to the System32 subdirectory (C:\Windows\System32) and rename Regedit to something else, and try again.
* Is the registry editor disabled by your system administrator? Contact your system administrator in that case.
Is the virus still not removed? You should backup all files, or have an existing backup, and reinstall Windows, and restore from the backups.
Tags |
tools/tracking
3384629
6
windows-how-to-remove-viruses-from-your-pc
Create an account or sign in to comment.
Sure, but common rule is don't do that since it's pretty hard on your computer and can cause corruption with system files. Just shut it down normally, no risks there.
"Do a full scan on all antivirus programs."
If you have multiple antivirus programs, then that's part of your problem. Too many and they start to fight for control and viruses can slip in. In this sense, more isn't better.
"Download another antivirus utility, such as Malwarebytes, and execute a full scan."
If you're going to do that, uninstall the other one first to remove conflicts. However, prior to all of this, make sure your anti-virus definitions are up to date.
Overall Reg Edit stuff, is a super super bad idea. Never do a reg edit unless you know EXACTLY what you're doing. If you got no detections, that's probably because there's nothing there. Messing with keys that "look like they don't belong" isn't going to help. You'll only mess things up more and you won't be sure how to fix it then.
Perhaps people can consult you, but it would be better if they contact a professional in the field with credentials behind their name or to do serious research online before doing it. A single source (you) is not the best course of action.
Final note, a lot of people think they have a virus when they really don't. Befone any reg edits are made, you should consult an IT professional before making edits to ensure that's not just a user error or misunderstanding.
and also, some A/V's may not detect other viruses that others can, and also,
I would shutdown & restart, in safe mode, to prevent the virus from starting, and also, either, uninstall, or disable one AV program, and I have seen some suspicious keys as a result of a virus, but I even searched them up and also do have experience with the Windows registry, and know how to view and delete system & program fiels in Windows, and I ONLY do and recommend that only IF it cannot be detected by an AV.
Provide me with proof that "hackers" (better referred to as crackers) have developed that system forms a back-door. When you shut down, no matter what the means, once your computer hardware shuts down, they can do nothing. Why would they wait for the shut down sequence to be their trigger when it would be much wiser to initiate it as soon as possible since they already have the virus pushed past AVs?
Yes, I agree to using using multiple AVs when making your scans in safe mode. Otherwise, any other time, it's unwise to use more than one as it creates security flaws.
And also, still I would shut down normally, but the only hard- shut down is if I would go on the Internet, for instance, to use an online scanner.
http://i.imgur.com/OMScNUj.png
In regards to why multiple AV's is a bad idea:
An article from Kaspersky, a leading AV program.
An article on PCWorld, a generally trusted website for IT information.
And a third and final article, that covers the few exceptions to the Single AV Rule.
Again, I can't find any other sources in the shutting down thing. And certainly none that are distributed by respectable AV companies who's job is in that field.
Standard procedure is that if you suspect you have a virus, disconnect from the internet and networks instantly until you are in Safe Mode and only update AV definitions for that. Connecting to the network creates the potential for the virus to pass to other devices.
Pretty much, unless the computer is unresponsive, never force a shut down.