How to Clean a Computer from a Virus
Level of difficulty: Intermediate
Virus programs and other malware applications can infect the system in a number of ways. These can be transmitted via the Internet or network connections. Even computers with installed anti-malware applications may have malware applications. Users should check the system when unauthorized changes are made to their programs, files, and settings.
Materials Needed:- Administrative access to the computer
- anti-malware program
- system scanner
- pen and paper (if needed)
Step 1
Disconnect from the Internet or any network connections. This will prevent the virus program from contacting remote servers. An Internet connection can also allow it to download files to the system. This also prevents the infection from spreading.
Step 2
Use an up-to-date anti-malware program. Scan the system to check for malicious components. If any are detected, delete or quarantine the components. Continue the process until all viruses found are removed from the computer.
Step 3
Some viruses may not show up on anti-malware applications. In this case, try to run a system or file scanner. This simply checks the system for all the processes installed and registry entries created. Users can check the file names and locations of the files. This helps if the malicious files are hidden or stored in unusual subfolders.
Step 4
Check the startup processes. This can be done by typing 'msconfig' in the Run command prompt. Click the 'Startup' tab. This will show if there are any unknown programs running on startup. Most viruses run at system startup. Disable any unknown processes found.
Step 5
Try using the Task Manager program to end any running malicious processes. Check the location of the files if they can be deleted manually. If the files cannot be removed, write down the file name and location of the files to be deleted.
Step 6
Restart the system. During system boot, press F8 before the Windows system loads. This will lead to several boot options. Choose to run Windows in Safe Mode.
Step 7
Once in Safe Mode, delete the malicious files found before. Make sure all the virus processes and configuration files are removed. Empty the Recycle Bin so that there is no chance for the components to be restored. Reboot the system to check if the malicious processes are still running.
Step 8
To completely remove traces of the virus, entries made in the system registry must be deleted. This can be done manually or via a legitimate registry cleaner. Before making any changes to the registry, make sure to back-up the current registry. This allows the original settings to be restored if any problems happen after the change.
Step 9
The most common way of backing up the registry is by setting a System Restore point. Simply access the Accessories option from the list of programs. Then, select 'System Tools' and then 'System Restore'. Select the option to create a restore point, type in a name and click 'Create'.
Step 10
Open the Run command prompt. Type 'regedit' and press 'Enter' or click 'Ok'. Search for the registry entries added by the virus and delete them. Reboot the system to make sure it is running properly again.