Browse All Articles > Virus Removal Methods
A very common problem I get from the average user is they have an issue with viruses, malware, and spyware. There are numerous articles out there on how to remove viruses and over the course of time I have developed my own little method that has worked out for me with a great percentage of success.
A very common problem I get from the average user is they have an issue with viruses, malware, and spyware. There are numerous articles out there on how to remove viruses and over the course of time I have developed my own little method that has worked out for me with a great percentage of success. I have been removing viruses, malware, and spyware pretty much ever since I became a technician and here is my method.
System Restore
Perform a System Restore: Boot up in safe mode with command prompt.
**Note** Restore the system to a date before the infection occurred or was 1st noticed.
Virus Removal Tools
Download the Following Tools
CCleaner: http://www.filehippo.com/download_ccleaner/
TDSSKiller: http://www.bleepingcomputer.com/download/tdsskiller/
RogueKiller: http://www.bleepingcomputer.com/download/roguekiller/
Adwcleaner: http://www.bleepingcomputer.com/download/adwcleaner/
Malwarebytes: http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/
Run the tools in this order
1) TDSSKiller
2) RogueKiller (scan, fix host, fix proxy, fix dns)
3) Adwcleaner: (Scan, Clean)
4) Malwarebytes: (download all updates and run a full scan)
5) CCleaner
Boot Sector Virus
If you have trouble since some viruses cannot be detected in Windows (Boot Sector). You can burn a bootable antivirus to scan your system before loading windows.
Crypto-Locker
This is a nasty virus that encrypts your files and demands payment to decrypt those files. At this time there is no method of decrypting the files and only way of getting your data back is from the following options.
1) Restore files from backup (having a backup is always advised)
2) **Use at Own Risk** is to pay the ransom. Some cases have reported roughly a 2 - 4 hours for the decryption process while others state the decryption failed so they lost money regardless.
Methods of handling the Crypto-Locker can be found here: Crypto-Locker Guide
Final Note
At this point if none of the above worked to resolve the issue, I take a backup of the data and do a wipeout and reinstall of the operating system (can't win every battle). In essence you have spent an hour or so to remove the virus and typically a wipeout and reinstall + data transfer only takes about 1 1/2 to 2 hours.
**Advisory** Recommend loading an antivirus and scanning data before transfering it back onto the fresh install to prevent a possible chance of transfering the virus/malware back onto your system.
Thank you and if you like my articles please check yes if it was helpful :).
Best,
Nick Rhode
System Restore
Perform a System Restore: Boot up in safe mode with command prompt.
Type rstrui.exe and restore your computer to a few days ago.
**Note** Restore the system to a date before the infection occurred or was 1st noticed.
Virus Removal Tools
Download the Following Tools
CCleaner: http://www.filehippo.com/download_ccleaner/
TDSSKiller: http://www.bleepingcomputer.com/download/tdsskiller/
RogueKiller: http://www.bleepingcomputer.com/download/roguekiller/
Adwcleaner: http://www.bleepingcomputer.com/download/adwcleaner/
Malwarebytes: http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/
Run the tools in this order
1) TDSSKiller
2) RogueKiller (scan, fix host, fix proxy, fix dns)
3) Adwcleaner: (Scan, Clean)
4) Malwarebytes: (download all updates and run a full scan)
5) CCleaner
Boot Sector Virus
If you have trouble since some viruses cannot be detected in Windows (Boot Sector). You can burn a bootable antivirus to scan your system before loading windows.
AVG Bootable Scan
http://www.avg.com/eu-en/download.prd-arl
http://www.avg.com/eu-en/download.prd-arl
Kaspersky Rescue Disk
http://support.kaspersky.com/us/4162
Burn the Image out to disc or load onto a bootable flash drive. Run a scan, delete viruses, and reboot.
http://support.kaspersky.com/us/4162
Crypto-Locker
This is a nasty virus that encrypts your files and demands payment to decrypt those files. At this time there is no method of decrypting the files and only way of getting your data back is from the following options.
1) Restore files from backup (having a backup is always advised)
2) **Use at Own Risk** is to pay the ransom. Some cases have reported roughly a 2 - 4 hours for the decryption process while others state the decryption failed so they lost money regardless.
Methods of handling the Crypto-Locker can be found here: Crypto-Locker Guide
Final Note
At this point if none of the above worked to resolve the issue, I take a backup of the data and do a wipeout and reinstall of the operating system (can't win every battle). In essence you have spent an hour or so to remove the virus and typically a wipeout and reinstall + data transfer only takes about 1 1/2 to 2 hours.
**Advisory** Recommend loading an antivirus and scanning data before transfering it back onto the fresh install to prevent a possible chance of transfering the virus/malware back onto your system.
Thank you and if you like my articles please check yes if it was helpful :).
Best,
Nick Rhode
Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.
Comments (3)
Commented:
Author
Commented:Cheers!
Commented: