How To Remove a Virus

Revision as of 08:47, 6 August 2013 by Nehringtb ws (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Tools You Will Need

There are several different programs you will need for this howto. These are the programs ResNet techs use at Computing Services, however, if you have a program you prefer you may try it instead.

Detecting Malicious Processes

Every program on your computer has a process associated with it. There are processes running that you don't even know about. Malicious software may be one of these processes. While the program is running it may evade detection by or even disable antivirus and antispyware programs. Rkill is designed to detect and stop these processes. This will allow you to more effectively scan your computer.

Note that some Malicious software may prevent all programs from running, except for the programs it wishes to run. However, there is one program most, if not all, viruses want you to run: explorer.exe. Before running Rkill it is recommended you rename the rkill file as explorer.exe. This will ensure the malicious software will allow the program to start.


Cleaning Up Temp Files

Many viruses live in temp files and browsing cookies. Because of this it is a good idea to clean these out. Ccleaner will do this for us. When launching Ccleaner, be sure the "Cleaner" tab is selected in the upper left corner of the screen. Once this is done select the "Run Cleaner" button in the bottom right corner of the screen.


The registry contains information vital to your computer. However, sometimes registry keys point to files that may have been deleted. Malicious software may use these keys to further manipulate you computer. Therefore, it is a good idea to locate and fix these keys. Once the cleaner has finished, select the registry tab on the left side of the screen. Select the "Scan for issues" button along the bottom of the screen. Once all issues have been found, select the "Fix selected issues" button. A button will appear asking if you would like to backup the registry before continuing. I have never had an issue with Ccleaner breaking the registry but I would recommend backing it up just in case just in case something goes wrong. Once you have made a backup, a window will appear that runs through each individual issue with a description of the problem. However, most of the time there are several hundred issues. If you don't want to run through each one, just click the "fix all issues" button. Many times fixing registery issues will create more. Run this scan multipe times until no other errors are found.


Removing Malicious Software

Now that you computer is cleaned lets remove the viruses themselves. You will now want to run Malewarebytes and SuperAntiSpyware. Here is a link to another wiki site describing how to properly run Malewarebytes. Both SuperantiSpyware and Malewarebytes run almost exactly the same. Both will update themselves as soon as they are installed. If the malicious software on your computer has disabled your internet connection, the programs will not update. Run the scan anyways to see if it will still catch the malicious software.