How To Identify and Remove a Virus.

Knowing Your Virus and How to delete it.​

If you have ever used computer you should know about viruses or other malware. Malicious programs are very chaotic, once they infect your computer you will most likely know. What many people don't know is that there are many types of malicious programs that can all cause different affects on your PC​

Maleware - Malware is program or file that is developed for the purpose of harming your PC. Ex. viruses, Trojan horses, spyware, worms , hijackers, and some types of adware.

Adware - A program that creates pop-ups on your PC or displays advertisements. It is important you know that not all adware programs are considered malware or even harmful. There are lots of legitimate programs that are used to gather information based on the websites you visit. As long as the information is provided up front (In the Agreement) then it generally is not considered malware.

Backdoor & RAT - Allows another person to execute commands and tasks on your computer w/o permission. These types of programs are typically used to attack other computers. They can acquire every bit of information on your computer once executed.

Spyware - A A program that monitors your computer and sends the information to a remote computer without you knowing. Not usually harmful. Often used for advertisements.

Trojan - A program that has been created to appear clean but was intentionally designed to cause malicious activity or to execute a back door on your PC.

Virus - When you run a virus it has the ability to replicate its self and can spread by infecting other programs and files on your computer

Keylogger - A program used to recored every little keystroke made by the user of the PC. These can also steal personal data and application data.

Removing the Virus -
Personally I do not use a virus protection of any type. I'm sure that is the goal for all of you to? Follow these simple steps on how to find and remove almost any Virus.

The first step to cleaning your PC

Free ESET online Scanner: Can be found at http://www.eset.com/us/online-scanner

Configuration:


The Outcome:
​

Not the same results as the above picture? Still think your infected. Lets continue.

Comodo Internet security: can be found at
http://www.comodo.com/home/internet-security/free-internet-security.php



To my Knowledge this program can not be bypassed by many viruses, It will detect them but not always know how to delete it correctly.

Finally Located the hidden virus but cant delete it? This is the step that will tell you if have to restore to factory default or not



1. Open Task manager and locate the virus:
2.Go to the location and delete the file.
3.Restart your computer
4.Check to see if the File is still there

If the File is still there that means the file is persistent and this could be bad.
Now you have to remember the location of the file and go into safe mode. You can get into Safe mode by holding down the F8 key while restarting your computer.



Now that you are in safe mode delete the file and restart your computer again.

If the file is still there after all of that you have a problem and have to restore to factory default. You do this by inserting the disk that was distributed to you when purchasing your PC or the ones it asked you to create.

I do not advise using system restore if it is a persistent file because they often have features to infect older files.​

 

Very nice guide, just make it more easy to read (change the text style/colour).

 

Decent Guide. There is nothing wrong with your text. It looks fine.

 

Fixed it up a bit, any feedback?

 

Cool guide, although if a virus keeps comming back (and a good one always will) Hope isn't lost

2nd, you should use Blink Personal security. I've been using it on my windows machine for a little over 5 years. I've never had a virus. The company that makes Blink, EEYE, are amongst the most saught after security professionals world wide.

Pros: Guess what! they're pretty angry with microsoft at the moment... so they updated their Service, you get a month (no drm)-trial. when the trial wears off they continue to provide you with service, you simply aren't allowed updates. (no drm.. delete/reinstall. They did it on purpose like that.) They probably have the most flexable security rules for any av available. Their software has 0 known exploits. (plz find anything else PERIOD that has 0 (zero) known exploits).

Cons: There really aren't any, nothing is perfect,.. if you're horsing around as admin on safe-mode you can still get a virus running.

Although for windows I have for years kept a disk-image of windows on a backed up ufs. A UNIX FileSystem cannot be handled by windows, or even identified so there is no risk of cross contamination. But I can always do a "restore" off my image.

Anyway OP, nice thread.

 

If you have a RAT the person who sent you the RAT most likely won't let you do any of that shit. So basically if your infected, theres not really a way to get out of it.
Nice guide.

 

Sure there is, there are secret admin accounts, safemode, You could run helix && BSD live. There's almost nothing you can't do.