I get called quite often by a friend or family member to help remove a virus or malware. All viruses are quite annoying and the way to remove a virus isn’t always the same. Over time, I have been able to find a pretty solid step-by-step process for removing a virus. In my process, I perform the easiest most likely to work actions first and move on to the harder steps later. In this post, I want to share my process so that it can hopefully be of some assistance if you ever need to rid your PC of a virus or malware.
1) Run a Virus Scan in Safe Mode
The first thing I always do is run a virus scan in safe mode. To access safe mode, simply restart your computer and press F8 while your PC is starting up. Most users know to run a virus scan. However, by running it in safe mode, you give your virus protection software a better chance of being able to remove the virus. This is due to the fact that parts of the virus may be inactive in safe mode. Hopefully, your virus protection software is able to find an remove the threat.
2) Run a Scan with Malwarebytes
Even if the antivirus is able to find and remove the virus, I still like to run a scan with malwarebytes as well. Malwarebytes is a free utility that does an awesome job at finding and removing viruses and malware. Many times, I find that Malwarebytes works better than many virus protection software at removing threats. Yet again, I would recommend running the scan in safe mode. As a side note, I am a user of Malwarebytes Pro and would highly recommend it to anyone. Hopefully, after Malwarebytes has done its thing, you will be malware free. If not, the process may get a bit tougher in step 3.
3) Identify the Virus and Find a Way to Manually Remove It
If you still have had no luck removing the virus, you may have to remove it manually. This can be pretty tough to do. First, you need to identify what the virus is. It is possible that your antivirus or malwarebytes has already identified it for you, but just couldn’t remove it. You may be able to use the task manager to find the virus as well. A third option is to use a program called hijackthis. Generally, with hijackthis, you may need to go a forum of experts so they can help sort through the log hijackthis produces.
After you identify the virus, you can simply run a Google search to find out how others have removed the threat. Most times someone else has been infected by the exact same virus you have and has found a way to remove the virus. Don’t get me wrong, if you need to remove it manually, it can be a pretty daunting task. You may find yourself changing the registry and deleting buried files and folders. However, if you just take your time and perform the steps as listed, you can often remove the threat successfully.
4) Reinstall Windows
Generally speaking, you should be able to solve your problem in steps 1-3. I have never absolutely needed to reinstall Windows to solve a virus issue. However, sometimes it just makes more sense. For example, if you have a PC that is very new or a PC that has very few important files or programs on it, it may make more sense to reinstall Windows. Reinstalling Windows takes about an hour. So, if you have very little on the PC, it may be more time efficient to just reinstall.
Also, if you get to the point where you are absolutely stumped on how to remove a virus, reinstalling Windows will surely get rid of the threat. If you go this route, make sure you have a copy or backup of your critical files before reinstalling.
Hopefully this guide will be useful. After you get the virus removed, you can also check out my guide on how to avoid getting a virus in the future. Also, if you think a step should be added to this guide, please feel free to let us know in the comments!
Might I add, if a virus is causing pop-ups, like “Happy2Save”, you can go to task manager to end task, which would stop all the pop-ups, giving you enough time to go into settings. Once in settings, you just remove the extensions, and you will know instantly what extensions are Ad Ware.