A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes.
About 32% of computers around the world are infected with viruses and malware, according to Panda Security.
Virus removal can involve a lot of work and be a lengthy process.
What is involved when removing viruses?
- The first step before any virus removal commences is to make sure the customer’s data is backed up and secure (this may have been done already by the customer). We would normally attempt to start the computer in safe mode and attach an external hard drive to the computer, and then start to transfer the data across. If we cannot access safe mode (because of viruses) we would remove the Hard Drive and dock it to a workshop machine and then rescue the data that way. We cannot guarantee the recovery of data in extreme cases
- The second step when removing viruses is to start the computer in what’s called ‘Safe Mode’ which is a bare bones state where the viruses would normally (but not always) be passive
- The next step would be to run a software tool we use called Malwarebytes – this is an excellent tool for finding and removing hidden viruses, malware and spyware within the system. This scan normally takes a good couple of hours or more because of the depth of the scans
- Once the scan has completed it would be a case of saving the report to the desktop and then running our second tool which is called TDDS Killer, which is designed specifically to find and eliminate Rootkits. (These are normally missed by standard Antivirus software and even Malware removers) Depending on the state of the system after running these two tools it would be on to the next stage
- The next stage would consist of restarting in normal mode and monitoring the system carefully. The real risk when removing viruses, malware & Spyware is that sometimes system files can become corrupt. In other words the virus is removed but Windows is now corrupt due to the removal of infected system files. In this case we would run system (Windows) file integrity checks to repair and or replace the corrupt system files
- We would run Malwarebytes again but this time in normal mode, and this is just to see if there were any infections that weren’t running or detected in safe mode
- The last process to virus removal would be to run one more tool which is called Super Anti-Spyware, this is the same sort of program as Malwarebytes but can sometimes pick up on additional threats.
In extreme cases the system can become completely corrupted by the virus infections and the only course of action is to complete a full factory re-install of the Operating System and re-load all software and the customer’s data.
For help and support with keeping your computer safe online there is a lot of very useful information on the following government sponsored website:- https://www.getsafeonline.org/