It's OK don't panic. Take a deep breath and think "I can fix this" My tips on how to clean your system on this nasty fellah.
Computer viruses come in many forms and install themselves differently according to each virus group. This means there is not always one foolproof way of cleaning your system of them. The best thing to do is use a variety of simple methods first and see if it's as easy to remove as point and click.
Step 1.
If you have Anti Virus, update and run it, then do a full and deep system scan. Hopefully this will remove it straight away.
This will give you a level 1 chance of removing it. It could be that your AV program detects it but cannot remove it yet. Or, it could be that it is a new virus and your AV does not have a signature for it yet. The virus managed to get onto your computer and bypass your AV in the first place so it is highly likely that this is a strain that your AV has no defences against yet. Unless of course it was simply due to your AV signatures being out of date. If this step did not remove the virus we move on to step 2.
Step 2.
Run a different virus scan. I recommend Trend Micro Online Scan. This is an up-to-date virus scanner service provided for free online.
Log onto the website and follow the instructions - this will do a full, deep scan and most probably come up with a whole range on little nasties you never knew you had. Not to worry though, most of the little nasties it will find are not too nasty at all.
What you want to look out for are the danger signs for malware. Believe me, you will know your virus when you see it. Trend Micro may, like your other AV, not be able to clean it but fingers crossed it does. If however you still have the virus go to Step 3.
WARNING - IF you cannot connect to Trend Micro then try loading the webpage http://www.f-secure.com IF this does not load either then you have a real nasty. This virus is stopping you from connecting to any computer security websites in the hope of prolonging it's miserable life. IF this is the case then it's ALERT time. Go to step 4
Step 3
System restore - A basic option and one that is unlikely to work, but, sometimes it does. Run system restore and then rescan for your virus using step 1 and 2. You may get lucky and find it was a simple clean. If not go to step 4
Step 4
Ask yourself these questions.
What do you know about your virus?
How do you know you have one?
Do you know the name of your virus?
What features does it appear to have?
What is it doing to your system?
Arm yourself with some knowledge about it then prepare for the hunt. Google is now your best buddy and will help you remove this bad dude from your life.
Google the virus name if you have it, Google "Removal instructions for Virus Name" hopefully this will bring you up some options. If you do not know it's name then Google for what you do know about it, search and read and find it's name. If it's a real bad boy you may not be able to access a lot of the top sites with removal instructions so keep trying, look down the list at the less popular sites and eventually one with removal instructions will load. Read the instructions carefully. Is this something you think you can do? It is going to tell you to do some of the following things.
Boot to safe mode.
Change the computers registry
Use Task Manager.
Navigate to weird directories you have never been to before!
You need to be comfortable with doing these things as this is what it's gonna ask you to do. The instructions are for you though and it you want to remove this orrible thing then you either need to try and follow them or get someone in that can.
So, you have your computer back. What next? How can I stop this from happening again?
It's about knowledge.
The Internet can be a pretty dangerous place with nasties lurking round every corner. While you are enjoying the benefits of Internet shopping, subscription websites, free downloads and Internet banking, there are unscrupulous people out there just waiting to pounce.
Hackers, fraudsters, identity thieves and many others would love to get hold of your personal details or take hold of your computer. What stands between you them and certain disaster?
A little knowledge!
Here's a few tips to keep relatively safe, remember, most of these people are looking for easy targets so don't make yourself one..
Your password
Avoid the obvious and never use dictionary words, these can be brute forced in minutes. Names, DOB or any other forms of personal information can be easily guessed so avoid them too. A secure password is one which is over 8 chars long, contains UPPER and lower case letters and has non alphabetical characters such as $ ^ - " etc. A good example would be F$a4%Cm*--d32. Now this may seem difficult to remember and you are right, it is, you could devise a formula in your mind to remember yours. In the long run it may save you a whole lot of trouble. You may want to use a secure password storage facility if you have many passwords like this.
Secure your PC
1. Make sure you have a firewall installed. Many hackers scan IP addresses for ports that host known access points into your PC, a firewall can hide these and the hackers won't even know you are there. If you are invisible to them then what can they do to harm you?
2. Have an Anti-Virus application running at all times and make sure it is scheduled to update itself daily. These cannot protect you from unknown viruses but a virus that has been doing the rounds for a day or more will be detected by "most" AV applications. Some run on what is called heuristics and can detect new Viruses of similar designs..
3. Keep your Operating System up to date. Hackers are always finding new ways of breaking into an O/S. When they do, the O/S manufacturers release a patch to make sure the hackers cannot get in, always update your O/S and make sure you are fully patched against any new holes into your system.
Be wary of email
If you receive an email from someone you don't know, asking you to download a greetings card, a PDF file or visit a site, then beware. Check it over carefully, do you know this person, were you expecting something like this?
If the website address they are asking you to visit looks like this http://172.232.124.432 then it is more than likely to be a site hosting malware, just itching to exploit your computer and fill it full of nastys. Sometimes they will try to fool you be using a dynamic redirect or simply by making the link as text, Click here to see my photos hover the mouse over the link and see where it leads. If it looks suspicious then do not click on it.
Check over all files sent to you, if what looks like a PDF/Word/Excel file lands in your inbox and it ends in .exe .com .scr .pif (there are many more but these are some of the most common) then avoid it like the plague, these are executable files and more than likely to contain a virus/worm/Trojan just waiting for you to launch it.
You may even receive email from a colleague which contains a virus, someone may have hjacked/spoofed their email address and sent you a very plausible message, laden with viruses. Always have a think. Were you expecting it? Is the attachment an executable one? Does the link look dubious in any way?
Watch what you download
Peer 2 Peer (P2P) applications such as Limewire, Kazza and eMule are FULL of viruses, if you use these programs then always check the following.
1. If you are downloading music, say an mp3, make sure it has the mp3 extension (nirvana.mp3). Never download a music file that has .exe .zip .com .pif .scr etc. Nirvana.exe = BAD NEWS.
2. Movies, the same goes. I will include a list of extensions to watch out for.
3. Applications. NEVER download an application using Peer 2 Peer, hackers regularly update their viruses and launch them on P2P and many of them will easily avoid your Anti Virus, 90% of applications on P2P are laden with viruses.
If you follow these tips, and are always on the lookout, aware of what you are doing, downloading, browsing etc then you should be relatively safe. These things should come to you naturally after time and just be a daily part of your safe Internet experience.
