How to remove a virus: what to do if you’ve got malware on your laptop or PC
Is your computer running slowly, crashing frequently and generally behaving a little oddly? If you fire up your web browser, are you redirected to sites you haven’t asked to visit? Do pop-ups appear even when you’re not using your browser?
If you’ve checked for rogue search-engine add-ons and other undesirable browser extensions, and you’ve run a “crap cleaner” to rid your system of temporary files and other bloat, and it’s made little to no difference, it may be time to think about infection detection and removal.
If that’s the case, follow our guide below: it explains what to do to get your PC back up and running.
How to remove a virus – step one: disconnect router
There’s plenty of advice out there suggesting that your first move should be to go online and run a scan using one of the many free tools available from OS and antivirus vendors.
While this appears to be common sense – after all, you need to know what you’ve been infected with in order to remove it effectively – the truth is that malware has evolved to the point where an active internet connection is the last thing you should do during a potential live infection.
Besides, it’s likely that some malware will block the best-known security vendor sites, as well as those offering the tools to scan for and remove infections, making going online a waste of time. Err on the side of caution as far as internet connectivity is concerned and simply pull the plug on your router to prevent further data compromise.
How to remove a virus – step two: download malware scanner
If you do have an antivirus scanner running, but malware is running on your system, assume that the software has been compromised: it could be that the malware has managed to disable updates or prevent it from loading properly.
Whatever the situation, you’d be silly to trust the scanner during the malware identification and removal process.
Regular PC Pro readers will be aware from our Labs tests and reviews that no security suite or antivirus scanner is perfect, and none can detect every malware threat.
Combining two or three free tools will serve you better: run one, follow any removal recommendations, then – once the system has rebooted – do the same with the next antivirus tool, and so on.
At the end of this process, if all three show a clean system, you should be able to get on with your life. I have a licensed copy of Malwarebytes Anti-Malware (MBAM) sitting on a USB thumbdrive for such an emergency situation, but a free version that features all the necessary malware-removal functionality is available for non-commercial use; all it’s missing compared to the Pro version is real-time prevention and priority updates.
If you don’t have the necessary tools to hand, download the executables onto a clean (newly formatted) USB drive from another computer that’s free from infection. Don’t expect the scanning process to be quick: you want the full, deep-scan option ticked, so be prepared to wait a few hours for the results.
Alongside MBAM, I also recommend using Kaspersky TDSSKiller, which is a free malicious-
rootkit detection and removal utility. Rootkits can be particularly troublesome, since they penetrate deeply and intercept the Windows API at a low level.
By hiding folders, files, processes and Registry keys, a rootkit can ensure that malware remains invisible to the user and antivirus scanners alike. Unlike most malware scans, a rootkit scan is quick – it only takes a minute or so – and TDSSKiller makes removal a simple matter of pressing a button and rebooting the PC after it’s finished.
Continue reading to learn how to remove a virus in Safe Mode and what to do when all else fails