Computer Virus Removal

The following computer virus removal flowchart demonstrates the difference between simply reinstalling Windows versus attempting to remove a virus yourself. While some will contest different ways to approach virus removal, these are tactics we have successfully used in the past. All virus, spyware and malware will act differently and pose their own unique problems for removal.

When approaching your decision to combat a virus, you should take into consideration the time and money it will take to disinfect your PC.

computer virus removal

computer Virus Removal Flowchart by PCTechBytes.com

Quick Computer Virus Removal

The easiest way to perform computer virus removal and feel confident in believing it’s gone is to format and reinstall Windows. This can be easy for some people and difficult for others. If you have a recovery CD, you should have no problems. Insert the disk and follow the onscreen prompts. If you do not have a recovery CD, your computer might have a recovery partition through which you can perform the installation–watch closely when booting for text that says something like Press F11 for recovery.

Keep in mind you will lose your data, so be sure to back up your documents, picture,movies, etc before you begin.

  • Backup your data
  • Reinstall Windows
  • Update Microsoft – Before anything else, immediately visit Microsoft Update to get the security patches you are missing since your reinstall. Otherwise, you could find yourself infected again. At this step, you should also install an anti-virus if you haven’t already. We recommend Microsoft Security Essentials — it’s free.
  • Put your data back on. At this point, reinstall any applications or data you backed-up prior to the reinstall.
  • You’re all done.

The Long, Painful Road To Computer Virus Removal

  • Backup your data
  • Run a system restore–this can either quickly fix it or not. Go to Start, Programs, Accessories, System Tools, System Restore. Go back to date you feel you were not infected. If that doesn’t work proceed to next step.
  • Download Malwarebytes from http://www.malwarebytes.org. Install it, run a thorough scan. Remove anything it finds.
  • If still infected, continue computer virus removal by removing any temp files in the temp folder of the Windows directory. (Look in the C drive).
  • Prevent programs from loading at boot. Since the virus can be loading itself into memory each time you boot, try disabling it from loading. Go to Start and type msconfig in the run box and hit OK. Look for the start-up tab and uncheck all boxes. Reboot.
  • Next, visit eSet’s online virus scanner and run the scan from Internet Explorer at http://www.eset.com/online-scanner.
  • If it works, you can re-enable the start-up items using msconfig.
  • Immediately get all updates from Microsoft, your antivirus program, Flash, Adobe Reader, etc, as there is no telling what exploit was used to infect your machine.
  • If that fails, you simply must reinstall Windows or call in a technician who will deploy his own tactics for dealing with the malware.

As you can see the two ways to perform computer virus removal really depend on your experience level and your patience. Sometimes a complete format is not an option, so the longer method may be the only choice.

Category: Security

About the Author ()

David is a tech professional with over fifteen years of experience in the IT fields of hardware, software and system administration.

Comments (6)

Trackback URL | Comments RSS Feed

  1. Michaelr says:

    Wipe and reinstall may work just fine for your own computer. However, when servicing a client’s computer, wipe and reinstall isn’t really the optimal choice. First, are you going to reinstall all of their software for them? Are you going to ask the client to reinstall all of their software (outside of the original recovery disk)? Next, consider that some applications store data outside the “My Documents” folder… Thunderbird is a perfect example of this. Are you as the tech going to go hunting for all of these locations? If not, are you going to tell the client that the only data you can save is the data in the default location of “My Documents”? Just some food for thought.

    • Yep, it’s a slippery slope. I suppose all cases are different. In some instances, it would be better, but if the client doesn’t have reliable backups and programs disks, it’s probably best to manually remove the virus and hope you got it all. Personally, knowing there was hacker code on my PC I’d definitely want to reformat no matter what the inconvenience. But you bring up a valid point, certainly.

  2. Steven M says:

    You forgot an option that might be the best of both worlds: Take infected hard drive and attach to a another PC with autorun disabled as a slave drive, then scan it (so the malware has not had a chance to run). Also you can boot from a live CD containing AV, update the AV and scan the local hard drive while it is effectively ‘offline’ (this saves you extracting the hard drive).

  3. Jake Ruddy says:

    This is really poor information. Wipe is a last resort is all cases.

    First off a system restore is not going to work in most cases, nor is recommended. The first step should be to disable system restore period. Viruses live in there and can easily reinfect the system.

    Second, malwarebytes? There is a ton of free programs out there that are far superior.

    Create a new user account, clean your temp files first, try tdsskiller to see if you have a rootkit, reseach that rootkit, see if there is a specific tool, use combofix, run a spyware scan with a superantispyware / spybot / malwarebytes, run complete virus scan, more often than not repair the master boot record to make sure it’s not hiding in there.

    Don’t forget to update JAVA… one of the most important updates today.

    I realize this is for home users, but you need to realize they don’t know how to backup all of their data properly in the first place. What about various email files, iTunes playlists, favorites, program settings. These are things people aren’t going to know how to backup and in the end will be upset they are missing key components in their backup when they go to restore.

    It would be better to have a flowchart of the proper steps to remove a virus properly. There is a wealth of info out other and many helpful sites.

    • Dave says:

      I disagree, but you are entitled to your opinion. Struggling to yank a virus out by the roots–and just like a weed never really knowing for sure if you got it all–leaves many with a bad feeling deep in their gut. We preach backing up here, so hopefully our readers know how to do a thorough job with that. With that said, I’d rather lose all of my data than lose my credit card or banking information because of a keylogger I didn’t quite eradicate. Many people can backup and reinstall their operating system ten times over by the time they finished using your method.

      The article was really about visualizing how long it takes to perform both tracks, not about the numerous methods there are to get rid of viruses.

      I do endorse combofix and tdsskiller, though. They are great programs to use if you have no recovery disk or Windows Install disk.

Leave questions or comments here!

%d bloggers like this: