Clean up infected computer from viruses

All we need is an easy explanation of the problem, so here it is.

Possible Duplicate:
What to do if my computer is infected by a virus or a malware?

I have a computer which had AVG Free installed from day one.
After several months of operation, it starts detecting viruses and trojans all the time.

Besides running a full scan, what should I do to clean the computer? Should I install another anti-virus or anti-malware tool (can it help?), or once viruses infect a system the only real solution is a clean format?

(Lately I’ve heard of viruses that burn themselves in the BIOS, so a clean format might not always work … how common is this technique? Should I burn a fresh BIOS as well?)

How to solve :

I know you bored from this bug, So we are here to help you! Take a deep breath and look at the explanation of your problem. We have many solutions to this problem, But we recommend you to use the first method because it is tested & true method that will 100% work for you.

Method 1

once viruses infect a system the only
real solution is a clean format

This. Once your system is infected, you cannot trust any program it’s running not to be interfered with by the virus – including all antivirus software. Theoretically, you could boot an antivirus system from CD, but even then, you can’t be sure that the virus hasn’t hidden a copy of itself deep in some executable from where it can reinfect the system.

Lately I’ve heard of viruses that burn
themselves in the BIOS, so a clean
format might not always work … how
common is this technique? Should I
burn a fresh BIOS as well?

Pointless, since you’d be doing so while a hypothetical BIOS-resident virus is running. The only way to be certain would be to remove the BIOS flash chip and rewrite it using dedicated flashing hardware.

But I think BIOS-resident viruses have so far occurred only as proof-of-concept implementations and not been spotted “in the wild”. It sounds nasty but is not actually very attractive to virus writers, since it would have to deal with (at least) dozens of different motherboard families, each with its own proprietary BIOS flashing protocol.

Method 2

To avoid reinstalling, simply pull your infected hard disk and disinfect it from another (known clean) PC, attaching it either with a USB/IDE/SATA converter or directly on the IDE or SATA as a second drive.

This absolutely prevents the virus from defending itself, since it isn’t running anything on the new host computer. Be sure to avoid auto-run if using a USB adapter.

I’ve had complete success with this method with several computers. As for the BIOS virus, I’ll believe it when I see it.

Method 3

I agree with Michael’s answer — clean install is the only way that really makes sense.

On a side note, don’t install more than one antivirus. They have to dig deep into the operating system and they usually don’t play very well with each other.

Method 4

Method: A

1) Change you AV(anti-virus) to Avast, Avira or some paid variant (Kapersky).
Download you AV of choice before hand and put it on some media if possible.

2) Before formatting C:\ or whatever drive you XP resides on , you might want to consider the following: do you have any wedding pictures or music files that are important and need to be backed up to some external HD?

4) If so, back them up first, and then scan the external HD to make sure there is nothing on it, after backing up all the important stuff.

5) Make sure you have access to all the drivers(sound, video, etc) via online or some CD on hand, cause you will need to re-install a majority of them if XP does not pick some of them up.

6) Backup this file: wpa.dbl found in C:\windows\system32 .
Wpa.dbl allows you to not have to activate your XP again or have issues
activating XP, since you already did it, you just copy this file back into the same folder after re-install.

Method: B (lazyman/I don’t want to formact C:\ but have some time on my hands):

1) Physically remove the HD from the infected computer, and change the jumper settings to slave.

2) Install in a working PC, preferably one that is not infected with viruses or a Linux or Unix box and mount infected drive.

3) Use a ton of standalone scanning tools for both malware and viruses to scan the infected HD.

4) When this is done, switch over to some online tools and do the same thing, scan for malware and viruses.

[Disclaimer: complete list of some tools I use for this are furnished upon request.]

Method 5

In couple of cases I have successfully cleaned up my computer from viruses with the help of Sysinternals’ “Autorun”, and a good anti-virus software.

On the following pages you can find comparisons of anti-virus software:

http://www.freewaregenius.com/2009/04/07/the-best-free-antivirus-a-comparison/

http://www.sunbelt-software.com/ihs/alex/Results_2D2008m3b_US.htm

http://virusinfo.info/index.php?page=testseng

Basically, Avira, Avast, and AVG tops the charts, and the free versions are as competent as the priced versions.

Method 6

www.nod32.com

Thats the virus program i would recommend, that or Kaspersky one. Download the trial/buy it and do a full scan. After that id recommend using spybot to remove any doggy adware/spyware, this tools is free ( I would NOT install any of the real time protection things ).

Its true that some proof of concept virus put them self between the BIOS and OS, i have not heard of any of those in the wild so unless your the target spesfic attack ( And thats unlikly considering your running a “free” virus program).

If your computer is heavly infected then its possible you need to reinstall. I would do that after i had clean out the viruses with www.nod32.com and spybot if the computer was still crashing / misbehaving.

Note: Use and implement method 1 because this method fully tested our system.
Thank you 🙂

All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

Leave a Reply