This guide will help you to remove just about any PC Virus! You will need access to the internet, either on the computer you are cleaning or on a different computer.
N.B. Some viruses make it tricky to install antivirus software, or programs generally. If you can’t, then download it onto another computer and use a flash drive (USB) to move it.
STEP 1: Do you actually have a virus?
Often, many people will assume that they have a virus when their computer begins to run slowly. They may have one, but it is not always the case. If you’re certain that you do, skip to the next section. If your browser homepage or search bar has been changed, you probably have a virus
If you are using a fairly old computer which is running slowly, then the first thing you should do is download and install two different programs: CCleaner and Defraggler, both made by Piriform. Don’t worry – you only need the free versions! I wouldn’t bother upgrading at all, it just isn’t necessary. Once they are installed, run CCleaner. (Make sure you read the list to check nothing important is being deleted. Office templates, desktop shortcuts, thumbnail cache and registry-related check-boxes should NOT be ticked unless you know what you’re doing.) Now “Analyze” and then “Complete Defrag” your PC with Defraggler. This can take a bit of time.
If your PC was very fragmented, you should see some improvement. If it wasn’t fragmented, or you can’t see and improvement, you most likely have a virus or piece of malicious software.
STEP 2: Check your list of installed programs
To do this on Windows 7 and earlier, go to Control Panel and then Programs and Feature (Or Add or Remove Programs). On Windows 8, right click at the bottom left of the screen and select Programs and Features (It should be the first option).
Now, read through the list and see if there are any programs that you do not remember installing. If you see one, Google it to find out more about it. It could be something that came with the computer.
If not, then you need another download: Revo Uninstaller. Use this to uninstall the suspicious program. Conventional uninstall methods don’t work with malicious software. Once you have uninstalled it, restart your computer. Check to see that the program has gone. You might want to check if it left anything in program files, which you should delete. Remove any desktop, Start menu or Taskbar shortcuts to it.
Now repeat this step, making sure that all your PC software is legitimate.
If you are unable to delete the files remaining in program files, if the computer says “These files are in use” or something similar, then you need to use safe mode to delete the files. A Google search should tell you how, or you can quickly read the beginning of step 4 (And come straight back)
STEP 3: Use an Antivirus program
It is almost a requirement for Windows users to have a paid antivirus program. It doesn’t really matter which one you use (I use McAfee as it came on my laptop) but Norton 360 is perhaps the best. Run a “Complete” or “Full” on your software. Be patient! It can take several hours. Make sure you have altered your preferences so as much as possible is scanned: i.e. not only recently modified software or smaller files. If you have any difficulty with this it’s best to contact your vendor as different antivirus programs work differently. If the program finds anything, leave it to finish the scan.
Now, this is important: Write down the names of all malware/spyware it detects! You may need this later. Then tell it to remove all the threats. Now restart your computer and repeat the scan (tedious, I know).
If they still show up, move on to step 4.
This should catch most things, but it isn’t enough to catch the best viruses. (I say best, what I mean is worst, obviously!)
Enter backup: SuperAntiSpyware and Malwarebytes Anti-Malware. You need both, as they look for different things. (Free versions only). Download them and set them to work. Follow the same steps as above (again noting down the names of viruses, AND which program detected each one), and remove the threats. Restart the computer and repeat the scans. If the virus persists, keep reading.
This should get rid of nearly any virus. If it does, go to step 8. If, however, they still show up (or different ones show up) after removing them, something is wrong.
STEP 4: Enter safe mode
You need to use safe mode to isolate the virus. There are different ways to do this depending on your OS:
Windows 8: Press WIN + R and type “msconfig”. Go to the “Boot” tab and select Safe mode. Also select networking, unless you think the virus is interfering with your internet. Now restart the PC. To set it back to normal, repeat the process but deselect the boxes.
If you cannot login, then hold down shift and press the restart button on the sign in screen.
Windows 7/XP: Press WIN + R and type “msconfig”. Go to the “Boot” tab and select Safe mode. Also select networking, unless you think the virus is interfering with your internet. Now restart the PC. To set it back to normal, repeat the process but deselect the boxes.
If you cannot login, then restart and press F8 when your manufacturers logo appears. If the Windows logo appears, you were too late and need to start this step again.
STEP 5: Use Antivirus again
Repeat step 3, only this time in safe mode. Note down the names of any new viruses that were found (and which program found them). When you restart, make sure it is into safe mode again. If the virus is still found, move onto step 6.
STEP 6: Delete the Files Manually
This is where it gets tricky.
If for some reason none your antivirus software can remove the virus, you need to do a little more research. You’ll need to research each of the files that you noted down online using the appropriate Internet security firm. Make sure to use the same company that produces the antivirus software you’re using (Different firms sometimes give the same virus different names).
Most Internet security firms will list all the files associated with a particular virus and tell you where you can expect to find those files. You may have to do some digging to find each file. Before you delete any files, you should save a backup copy of your Registry folder. If you accidentally delete the wrong file, you may make it difficult or impossible to run your computer properly.
Delete all the files associated with the malware on your list. Once that’s done, you’ll need to reboot your computer (into safe mode, again) and run your antivirus software again. Hopefully nothing else will pop up. Now, run it out of safe mode and repeat the scans. Clear now? If so, go to step 8.
STEP 7: Last Resort
If nothing seems to have worked, you need to perform a complete system wipe. This involves formatting your hard drive and reloading the operating system. Before doing this, I would recommend taking the PC to an expert: They will be better at virus hunting than you!
Don’t forget to save any important files (Certified Virus-Free ones only) onto a USB stick or DVD, or even better, onto a cloud service such as Dropbox or Skydrive. Don’t save any software – you can reinstall this. Only keep documents, pictures, videos, etc.
You should use another guide when you perform a system wipe.
STEP 8: Clearing Up
Once the virus is gone, it might be worth changing your online passwords in case one of the viruses was a keylogger. Also, you may need to change your browser homepage back to what it was before the virus turned up. Checking your computer security is probably a good idea, too!
That’s it folks! You should be able to get rid of just about any piece of spyware or malware.
If you are at all unsure about anything, you can contact me here.
If you are ever in doubt, talk to an expert!