How to Delete a Computer Virus
Level of difficulty:
Malicious codes by design are intended to make their detection and removal from the infected machine tedious, annoying, aggressive, and very difficult not only for the average user but for computer experts as well. Manual detection of viruses is virtually impossible. This highlights the need not only for a competent but updated protection program but also to provide real time security with the capability of automatically updating its virus database engine. Because malicious codes differ from one another not only in payload but also in the manner of execution, the same can be said about anti-virus programs in their ability to detect and remove perceived threats from compromised machines. Majority of computer viruses in the market target the Microsoft Windows Operating System platform not only because it is the most widely used but also it is perceived to contain a lot of security loopholes and vulnerabilities which can also be found in the Internet Explorer Web browser.
- Web browser
- Internet connection
- recovery disc
- Windows CD installer
- anti-virus program
- malware scanner software
To remove an infection caused by a virus code, it is necessary to first reboot the machine into safe mode. This may be done by clicking on the 'Start' button, choosing 'Turn Off Computer', and selecting the 'Restart' option.
During the reboot process, after the 'Power On Self Test' procedure, press the 'F8' key until the boot option window comes up. Select the 'Safe Mode with Networking' option and press the 'Enter' key.
When the Operating System loads, go to the Sysinternals website to download and install the Autoruns tool to the root directory of the local storage.
Upon completion of the installation process, launch the Autorun application by clicking on the autoruns.exe file.
Click on the program’s Options Menu and make sure to click on the Include Empty Locations, Hide Signed Microsoft Entries, and Verify Code Signature options to enable them.
Press the F5 key on the keyboard in order to refresh the status of the startup list and implement these new settings.
Look under the Services or the Logon tabs for suspicious file names and processes. Check also the other tabs in case there are multiple occurrences of the malicious files. Click on the questionable files. Consult the Startup Database website in case of doubt. In most instances, these malicious files attempt to mimic legitimate Windows processes.
Right click on the chosen malicious files and select the Delete option. They will be removed from the startup entry of the Windows Registry.
Click on the 'Start' button and choose the 'My Computer' option. Navigate to the folder identified to be used by the virus and right click on it. Choose the 'Delete' option and click on the 'OK' button.
Right click on the 'Recycle Bin' and choose the option 'Empty Recycle Bin' to permanently remove the malicious files.
Click on the 'Start' button, select 'Turn Off Computer' and choose the 'Restart' option. Allow the machine to boot into normal mode by just waiting for the desktop to load.
Part of the removal process is to make sure that future infections can be prevented. Open the Web browser and go to the Microsoft website.
From the Microsoft Download Center, download and install the Windows Defender (bundled with Windows Vista but not with Windows XP) as well as the Malicious Software Removal Tool. The Malicious Software Removal Tool is not designed to prevent virus infection but to remove existing ones. Also, download any available updates for the Operating System and the Internet Explorer browser.
After completing the download and installation process, run these tools to make sure that there are no more remnants of the virus.