Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How to remove virus and spyware


  • Please log in to reply
38 replies to this topic

#1 themnkidd

themnkidd

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:31 PM

Posted 29 May 2015 - 10:11 AM

what's the best way to remove a virus and or spyware from Windows based computer


Edited by computerxpds, 29 May 2015 - 12:36 PM.
Moved to Gen Sec. from AII


BC AdBot (Login to Remove)

 


#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:11:31 PM

Posted 29 May 2015 - 10:15 AM

Hi there,

Are you infected? Or is this a general question?

#3 themnkidd

themnkidd
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:11:31 PM

Posted 29 May 2015 - 10:41 AM

General question

#4 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 PM

Posted 29 May 2015 - 10:48 AM

Personally, I would say that it's combinaison of manual removal and logs analysis, with automated scans (and analysis of their logs). Without going in much details, I have a standard procedure when I remove malware, and depending on what kind of malware I face, or the issues I encounter with the system, I adapt my procedure and use various tools and programs. This is for me, it doesn't means that it's the best way to remove malware/virus from a system, but what I do is pretty close to what the helpers do in AII and MRT section (althought the ones in the MRT are way more experienced than I am).

Edited by Aura., 29 May 2015 - 10:48 AM.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#5 RolandJS

RolandJS

  • Members
  • 4,539 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:04:31 PM

Posted 29 May 2015 - 11:08 AM

Well-configured [AV, A-S, A-M, FW, etc.], well-balanced, real time protections, scheduled scans, checking reports, making adjustments on the fly [configurations & settings] -- on a routine basis is the 2nd best defense.

User common sense, carefulness, is the 1st best defense [if used along with the 2nd] - paraphrasing quietman7

Adding a 3rd defense line:  having and using two external HDs to routinely make restorable OS & data images.


Edited by RolandJS, 29 May 2015 - 11:10 AM.

"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 PM

Posted 29 May 2015 - 12:01 PM

These are mostly defense measures, and not removal. It's rare that with an Antivirus and Antimalware scan you'll be able to fully clean a system.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,918 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:31 PM

Posted 29 May 2015 - 01:24 PM

what's the best way to remove a virus and or spyware from Windows based computer


It depends on the type of and severity of infection which will vary from system to system, some causing more damage than others, especially when dealing with backdoor Trojans, Botnets, IRCBots and rootkits. These types of infections are especially dangerous because they not only compromise system integrity but the longer they remain on a computer, the more opportunity they have to download additional malicious files which can worsen the infection. Therefore, each case should be treated on an individual basis. Severity of system infection will also determine how the disinfection process goes. Since infections and severity of damage will vary, it may take several efforts with different, the same or more powerful security scanners/tools to do the job. Even then, with some types of infections, the task can be arduous and still is impossible to be 100% sure that all malware has been removed.

When dealing with Remote Access Trojans (RATS), there is a greater chance the computer has likely been compromised and there is no way to be sure the computer can ever be trusted again. It is dangerous and incorrect to assume the computer is secure even if your anti-virus reports that the malware appears to have been removed.

In some cases, such as with polymorphic file infector, the infection may have caused so much damage, the safest solution and only sure way to remove it effectively is to reformat and reinstall the OS.

In fact, many experts in the security community believe that once a computer has been compromised or infected with a file infector, the best course of action is to wipe the drive clean, reformat and reinstall the OS...with your Windows CD/DVD installation disk, a disk image or factory restore (system recovery) disks provided by the manufacturer.

This is what Jesper M. Johansson, Security Program Manager at Microsoft TechNet has to say: Help: I Got Hacked. Now What Do I Do?.

The only way to clean a compromised system is to flatten and rebuild. That’s right. If you have a system that has been completely compromised, the only thing you can do is to flatten the system (reformat the system disk) and rebuild it from scratch (reinstall Windows and your applications).


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 RolandJS

RolandJS

  • Members
  • 4,539 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:04:31 PM

Posted 29 May 2015 - 03:05 PM

These are mostly defense measures, and not removal. It's rare that with an Antivirus and Antimalware scan you'll be able to fully clean a system.

aura, you're right!  I was thinking of increasing the prevention success percentage much more to the user's favor.  Removal often is akin to firefighting a burning house, one can put the fire out, however, water damage and fire-fighting damage will happen -- meaning sometimes data, pics, spreadsheets, text & doc files are saved, but the OS is figuratively hosed, OS house has to be rebuilt.


"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,918 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:31 PM

Posted 29 May 2015 - 03:27 PM

Yes prevention is the best solution to not getting infected but that is not the question asked by the OP which he advised was a general question. Folks could go on and on about various prevention tips which do not address the question that was asked.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#10 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 PM

Posted 29 May 2015 - 04:17 PM

Exactly what quietman said. Prevention isn't the same as removal. And often, what is used for prevention won't be used for removal (except for Antivirus and Antimalware).

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,918 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:31 PM

Posted 29 May 2015 - 06:29 PM

We have self-help guides for removing common malware with step by step instructions. Please see Spyware And Malware Removal Guides Index and the Virus, Spyware, & Malware Removal Guides which are listed in order of the most current threat. At the bottom of each page, there is a link to view Previous Entries.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#12 RolandJS

RolandJS

  • Members
  • 4,539 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:04:31 PM

Posted 29 May 2015 - 08:38 PM

Saving those articles onto hard-drive for later reading! Thanks, Qn7!
Let's remember that Avast, Avira, Comodo, and many other GOOD antivirus programs almost always offer: fix/repair, quarantine [as well as ignore/do nothing but notify/log]. Malwarebytes, Emsisoft also offer fix/repair, quarantine, etc. Spybot - ditto. In short, the same programs used for protection also offer removals of at least two types: repair or quarantine.
Now, within our respective experiences with said tools -- we come away with slide-scales between X worked/fixed great! all the way to...X could certainly stand improvement. This variance slide-scale is why great forums, such as BC and others, exist -- to help move OPs from so-so to repaired!
Finally, most OPs have to do more than simply run removal program[s]; most need to follow the expert directions of the seasoned staff here...because removal often is a process.

Edited by RolandJS, 29 May 2015 - 08:40 PM.

"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#13 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 PM

Posted 29 May 2015 - 08:58 PM

Pretty much every decent Antivirus products offer a "fix/quarantine" option, it's one of the basics of such programs. It's not unique to certain brands too. Also, Malwarebytes and Emsisoft are two companies which I would use their programs for malware removal: Malwarebytes Anti-Malware, Malwarebytes Anti-Rootkit, Emsisoft Anti-Malware, Emsisoft Emergency Kit.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#14 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,918 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:31 PM

Posted 29 May 2015 - 09:28 PM

The complexity of finding, preventing, and cleanup from malware
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#15 PhotoAce

PhotoAce

  • Members
  • 165 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Zealand
  • Local time:11:31 AM

Posted 30 May 2015 - 02:47 AM

Quietman - that article is almost enough to make one shut down the computer, and hide under the bed!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users