Monday, 18 May 2015 00:00

Dealing With A Virus (Or Determining If You Have One)

  Tips and Hints
 
Rate this item
(0 votes)

b2ap3_thumbnail_virus.jpgYour computer has a virus. Uh-oh. Now what do you do?

For many people, their first instinct is to take their computer to some place like Geek Squad - a big, name-brand chain that they know and trust, even though they've never taken their computer there to be repaired before. The money spent on advertising by places like this have done their job. This course of action is probably the worse choice you could make. I say this from first hand experience.

A number of years ago, I worked for an internet service provider that was implementing a new service that would help with computer problems that didn't fall inside the scope of the internet help desk. They offered virus removal, program installation and removal, computer tuneup services, and more. If you needed help with something on your computer, and it could be done remotely, we likely offered it as a service. I worked in this department for a number of years, and the number of customer I spoke to that had already taken their computer to a big-name chain repair company for virus removal and yet still had a virus was unbelievable. Many of these type of repair stores (and I call them stores on purpose) are not designed to help you keep your current computer running for as long as it can - they are designed to convince you that you need to buy a new computer. Very few true repairs are actually completed in these types of places, at least in my experience. If you take a computer that won't boot (for argument's sake, let's say it is showing you a blue screen) to one of these big chain places, they are more likely to tell you that the computer is scrap, here why don't you buy this overly expensive replacement? than they are to make the necessary repair, such as replacing the faulty hard drive. This actually happened to my grandfather. He didn't have the money to buy the new computer (luckily), and when I came back to visit, it took me less than an hour to get a new hard drive in and start the process of Windows reinstalling.

So since we've determined that you shouldn't go to a big name chain store to remove this virus you have, what SHOULD you do? You have two options:

Pay a small company or individual to do the repair

or

Remove the virus yourself

More than likely, you have a small computer repair shop that you drive by every day. They tend to appear in small shopping strips. Rarely are they in stand alone buildings. Often, if you pay attention at your favorite shopping locations, there will be a bulletin board that has advertisements for services offered. Small computer repair shops, as well as individuals that work for themselves, often advertise on these type of boards. If you don't know where a computer repair shop near you us, take a look on your next drive to work. You probably pass one daily and don't even notice.

If you're looking to save some money, and maybe learn something, skip the repair guy, and keep reading. You may be able to fix this infestation yourself!

Recognizing A Virus

Unfortunately, most people don't know they have a virus until it is too late. Viruses can be created for a variety of reasons, and can range from doing no damage to your computer to damaging your hard drive beyond repair. Here are a few reasons that viruses are created:

  • Steal sensitive information (credit card numbers, un/pws, personal details, company data, etc)
  • Generate money
  • Control and utilize a computer for a specific task
  • Cause damage
  • Prove it can be done

There are a variety of ways a virus can be introduced to a computer. The most commonly known way is via email attachments, where the virus disguises itself as an image, greeting card, audio file, or video file. As soon as you open the attachment, a program executes in the background and installs the virus. Viruses can also be introduced to a computer through other means. A virus can be placed on a webpage and directed to install as soon as a computer access the webpage. Viruses can disguise themselves as other programs, convincing you that they need to be installed so you can view a webpage, picture, or video or play a game. Still other viruses are attached to programs or files you download from sources that are not legitimate.

Since many viruses are designed to run silently once they have installed, how can you know you have a virus? Obviously, the best way to ensure your computer is virus free is to use an antivirus/firewall program. If you missed my blog a few weeks ago on choosing an av/fw, you might want to check it out now. Whether you have an av/fw installed or not, there are a few things that may indicate your computer has a virus.

Slow Performance: If your computer is running slowly, with no explanation this can often be due to a virus infection. Because the virus is running on your computer without your knowledge, it is using your computer's resources, which leaves less resources for you to use. Often, you can see tasks running that you do not recognize or that seem suspicious.

Windows Errors, Windows Crashes, Programs Starting/Stopping Randomly: If these symptoms are due to a virus, they are occurring due to damage done to your computer/operating system. It is important to remove any viruses immediately to limit damage that is done. Even after the virus is removed, the damage will not be automatically undone. Depending on the type of damage (software or hardware), as well as the extent of the damage, will determine if the damage can be repaired or not.

Modem or Hard Disk Working Overtime: If a virus is designed to utilize your computer as a resource for something bigger, to email itself to your address book so that others are infected, to provide the virus creator with your personal information, or a variety of other functions, you may see both your modem and your hard disk working more than normal as the viruses sends and receives information and instructions.

Determining If You Have A Virus

Your computer, virus free or not, will fall into one of two categories able to connect to the internet and not able to connect to the internet. Let's start with what to do if you are able to connect to the internet.

The first step is to determine if you have a virus. You can opt to use an online scanner, such as Microsoft Safety Scanner,ESET Online Scanner, TrendMicro HouseCall, McAfee Security Scan Plus, or some other online scanner. The problem with these scanners are that they do not actually remove the virus for you. In fact, they are mostly designed to get you to buy an av/fw software.

My recommendation, if you are unsure if you have a virus, if you think your av solution may have missed a virus, or if you already know a virus is present, is to use Malwarebytes. This program will scan for all varieties of infections and remove any infections found present. For Free. There are no strings attached, you do not need to pay money to remove the viruses. The free version only works when you tell it to - it is not an automatic scanner and real-time prevention solution. If you're looking for that, opt for the paid version. Unlike many av solutions, though, Malwarebytes can and will remove existing infections. You can use the free version of Malwarebytes, no matter what solution you are already using. The University of Delaware has a great walkthrough for using Malwarebytes if you need it.

Once your computer is virus free, install an av/fw solution (remember the ll-pr blog. If you already have an av/fw, and you got an infection, consider using a different solution (since it seems your current one isn't working well!) My personal recommendation is Comodo - they offer both a free and a paid version. The free version should be enough for most users, as it is a fully functional version of the program. If you opt for the free version, you will not have access to live support in the event that you do get a virus (which I've never personally seen happen with Comodo).

If you can't connect to the internet, checking for and removing viruses becomes infinitely harder. If you have access to a computer that does have internet access, as well as to a removable drive (ie thumb drive) that is large enough to download Malwarebytes onto, you may be able to install Malwarebytes via the thumb drive and remove the virus that way. If the virus is blocking your ability to download or install the program, then you'll need to boot your computer into Safe Mode with Networking. Microsoft gives us these directions:

  1. Restart your computer.
  2. When you see the computer manufacturer's logo, repeatedly press the F8 key until the Advanced Boot Options screen appears.
  3. On the Advanced Boot Options screen, use the arrow keys to highlight Safe Mode with Networking, and then press Enter.
  4. Log on to your computer with a user account that has administrator rights.

If you need some more detailed steps, try this walkthrough from ComputerHope. It is customized for all versions of Windows, and includes screenshots.

Once you are in Safe Mode with Networking, you should be able to connect to the internet, download Malwarebytes, and remove any viruses present on your computer. If you are still unable to download the program, or the Malwarebytes does not remove the infection, then you'll need to take your computer to a repair shop. Just remember - if you couldn't do it yourself, your big chain store likely won't be able to do it either.

What To Do When A Virus Damages Your Computer

As I mentioned earlier, some damage can be repaired. If the damage is strictly to your software, the software can likely be repaired or re-installed without any data loss. If the damage is to your hard drive, recovering from the damage can become infinitely harder very quickly. Best practice is to backup data on any drive that is known to be damaged. This serves to limit data loss. If you are unable to do this, or the data is already lost, don't fret. Often, we are able to recover lost data, even when the data loss is due to a virus. If you're suffering from this, please don't hesitate. The sooner we are able to start the recovery process, the more likely we are to be able to recover all your data. We can also recover data from hard drives that are partially working, so even if the computer is working, if you have lost data, let us get started recovering it for you right away. Call us now, we have customer service representatives available 24/7.

Last modified on Monday, 18 May 2015 14:16
Data Recovery Expert

Viktor S., Ph.D. (Electrical/Computer Engineering), was hired by DataRecoup, the international data recovery corporation, in 2012. Promoted to Engineering Senior Manager in 2010 and then to his current position, as C.I.O. of DataRecoup, in 2014. Responsible for the management of critical, high-priority RAID data recovery cases and the application of his expert, comprehensive knowledge in database data retrieval. He is also responsible for planning and implementing SEO/SEM and other internet-based marketing strategies. Currently, Viktor S., Ph.D., is focusing on the further development and expansion of DataRecoup’s major internet marketing campaign for their already successful proprietary software application “Data Recovery for Windows” (an application which he developed).

Latest from Data Recovery Expert

More in this category: « Support for multiple storage tiers Password Security »

Leave a comment

Make sure you enter the (*) required information where indicated. HTML code is not allowed.

back to top
Copyright © 2024 DataRecoup Recovery Services. All Rights Reserved. Designed by DataRecoup Lab.

Get Help Now

800.659.3012
Thank you for contacting us.
Your Private Investigator will call you shortly.
Click to Text Us!