DIY Virus removal

It seems that getting viruses is an inevitable part of computer ownership anymore.  I’ve spent many a night cleaning viruses of of our family’s computers, and have often been thankful that I have had the skills to do it myself, rather than having to pay someone $100/hr.  In the spirit of sharing, here are four quick and easy virus removal tips you can do yourself:

Step ONE – Install anti-virus software:  As simple as this may seem, about 25% of the computers I see don’t have antivirus installed.  Some viruses are “tricky” enough to block installation of AV software, but for many this is all of the cleanup you need.  The anti-virus software I’m currently reccomending is:

  • Avira Free
  • Avast Home
  • FortiClient Standard

    Pick one of the above – all of them are free.  (I’m partial to Avira, but all three work well).  Download it to your computer and start the installation.  Follow the prompts, hitting “Next” or “Ok” as needed.  You’ll probably need to reboot to finish the installation

    Step TWO – Clean up your temporary files: Often viruses keep their files in your computer’s temporary files.  Cleaning out these unneeded files can be a big help.  The easiest way I’ve found is to download and run TFC.  Here’s how to run it:

    • Download TFC here, and save it to your computer.
    • TFC will close all programs when run, and reboot your computer when it’s done, so save and close your work first, and make sure to let TFC run uninterrupted.
    • Start the program by double-clicking on it.
    • Click the Start button (in TFC) to begin cleaning.  It’s going to take a long time, so be patient!
    • TFC should ask to reboot your machine when it’s done.  If it doesn’t, do it yourself to ensure a complete clean process.

    Step THREE – Install and run Maywarebytes’ Anti-Malware:

    • Download Malwarebytes’ Anti-Malware here, and save it to your computer. Download the Free Version.
    • Double-click mbam-setup.exe and follow the prompts to install the program.
    • At the completion of the install, be sure a checkmark is placed next to
      [✓ ] Update Malwarebytes’ Anti-Malware
      [✓ ] Launch Malwarebytes’ Anti-Malware
    • then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select Perform Quick scan, then click Scan.
    • When the scan is complete, click OK, then Show Results to view the results.
    • If the scan finds any malware, be sure that the boxes near them are checked, and click Remove Selected. If it finds a particularly “evil” file, it may have to restart your computer to remove it.
    • When completed, a log will open in Notepad. and you may be prompted to Restart.

    Step FOUR – Download and run GMER rootkit removal: rootkits are extremely sneaky viruses that can hide from most antivirus software by pretending to be legitimate parts of your comuter’s operating system, or even the antivirus software itself.  GMER doesn’t run under Windows7 64 Bit mode, so skip this if that’s what your computer runs.

    • Download GMER from here and extract it to your computer.
    • Disconnect from the Internet and close all running programs.
    • Temporarily disable your antivirus software, so it will not conflict with GMER.
    • Double-click on the GMER file and allow the gmer.sys driver to load if asked.
    • Make sure the tab at the top says “Rootkit/Malware” and press the “Scan” button.
    • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system click YES
    • Detected Rootkits/malware will show up in red in the results – right click on them to uninstall/delete them
    • Exit GMER and re-enable antivirus protection when done.
    • If you encounter any problems, try to uncheck “Devices” in the right pane. If it still doesn’t work, try running GMER in Safe Mode.
    This screenshot http://www.gmer.net/faq.php will show you how the display will come up.

    If  your computer is particularly messed up, you can download the files above onto a CD-R or Flash Drive on another computer, and try the above steps in “Safe Mode”.  Microsoft has Safe Mode startup instructions for Windows XP, Windows Vista, and Windows 7.

    http://tjschmitz.com/blog/2010/09/01/diy-virus-removal/

    One Trackback

    1. By Keep getting redirected to random sites... on March 13, 2011 at 9:19 am

      […] Corrine, I come across to this article, DIY Virus removal from T.J. Schmitz.com and I wanted to know your ideas about that. About step two, what are your […]

    Post a Comment

    Your email is never shared. Required fields are marked *

    *
    *