Q. What is a computer virus?

A computer virus is a type of malware (malicious software or code) that is

designed to spread from computer to computer and perform harmful activities such
as corrupting and disrupting systems or destroying data. (1)

Computer viruses can also copy (duplicate) themselves.

Definition of 'Computer Virus'

Definition: A computer virus is a malicious software program loaded onto a user’s

computer without the user’s knowledge and performs malicious actions.

How does a computer virus operate?

A computer virus operates in two ways. The first kind, as soon as it lands on a new
computer, begins to replicate. The second type plays dead until the trigger kick
starts the malicious code. In other words, the infected program needs to run to be
executed. Therefore, it is highly significant to stay shielded by installing a robust
antivirus program.
Computer virus types 1:

A list of well-known computer virus types:

 Memory Resident Virus (2) - stays in memory after it executes and after its
host program is terminated. In contrast, non-memory-resident viruses only
are activated when an infected application runs.
 Overwriting Virus (3) - will copy its own code over the host computer
system's file data, which destroys the original program.
 Direct Action Virus (4) - is considered to be “non-resident” and functions by
selecting one or more files to infect each time the code is executed. The
primary intentions of this virus is copying itself and to spread infection
whenever the code is executed.
 Boot Sector Virus (5) - infects computer systems by copying code either to
the boot sector on a floppy disk or the partition table on a hard drive. During
startup, the virus is loaded into memory. Once in memory, the virus will infect
any non-infected disks accessed by the system.
 Cluster Virus (6) - associates itself with the execution of programs by
modifying directory table entries to ensure the virus itself will start when any
program on the computer system is started. If infected by this virus it will look
like every program on your PC is infected; however, this virus is only in one
place on the system.
  Macro Virus (7) - is written in a macro language and infects Microsoft Word
or similar applications (e.g., word processors and spreadsheet applications)
and causes a sequence of actions to be performed automatically when the
application is started or something else triggers it.

Types of Computer Viruses 2:

A computer virus is one type of malware that inserts its virus code to multiply itself
by altering the programs and applications. The computer gets infected through the
replication of malicious code.
Computer viruses come in different forms to infect the system in different ways.
Some of the most common viruses are
Boot Sector Virus – This type of virus infects the master boot record and it is
challenging and a complex task to remove this virus and often requires the system
to be formatted. Mostly it spreads through removable media.
Direct Action Virus – This is also called non-resident virus, it gets installed or
stays hidden in the computer memory. It stays attached to the specific type of files
that it infect. It does not affect the user experience and system’s performance.
Resident Virus – Unlike direct action viruses, resident viruses get installed on the
computer. It is difficult to identify the virus and it is even difficult to remove a
resident virus.
Multipartite Virus – This type of virus spreads through multiple ways. It infects
both the boot sector and executable files at the same time.
Polymorphic Virus – These type of viruses are difficult to identify with a traditional
anti-virus program. This is because the polymorphic viruses alters its signature
pattern whenever it replicates.
Overwrite Virus – This type of virus deletes all the files that it infects. The only
possible mechanism to remove is to delete the infected files and the end-user has
to lose all the contents in it. Identifying the overwrite virus is difficult as it spreads
through emails.
Spacefiller Virus – This is also called “Cavity Viruses”. This is called so as they fill
up the empty spaces between the code and hence does not cause any damage to
the file.
#File infectors:
Few file infector viruses come attached with program files, such as .com or .exe
files. Some file infector viruses infect any program for which execution is requested,
including .sys, .ovl, .prg, and .mnu files. Consequently, when the particular program
is loaded, the virus is also loaded.
Besides these, the other file infector viruses come as a completely included
program or script sent in email attachments.
#Macro viruses:
As the name suggests, the macro viruses particularly target macro language
commands in applications like Microsoft Word. The same is implied on other
programs too.
In MS Word, the macros are keystrokes that are embedded in the documents or
saved sequences for commands. The macro viruses are designed to add their
malicious code to the genuine macro sequences in a Word file. However, as the
years went by, Microsoft Word witnessed disabling of macros by default in more
recent versions. Thus, the cybercriminals started to use social engineering
schemes to target users. In the process, they trick the user and enable macros to
launch the virus.
Since macro viruses are making a come back in the recent years, Microsoft quickly
retaliated by adding a new feature in Office 2016. The feature enables security
managers to selectively enable macro use. As a matter of fact, it can be enabled
for trusted workflows and blocked if required across the organization.
#Overwrite Viruses:
The virus design purpose tends to vary and Overwrite Viruses are predominantly
designed to destroy a file or application’s data. As the name says it all, the virus
after attacking the computer starts overwriting files with its own code. Not to be
taken lightly, these viruses are more capable of targeting specific files or
applications or systematically overwrite all files on an infected device.
On the flipside, the overwrite virus is capable of installing a new code in the files or
applications which programs them to spread the virus to additional files,
applications, and systems.
#Polymorphic Viruses:
More and more cybercriminals are depending on the polymorphic virus. It is a
malware type which has the ability to change or mutate its underlying code without
changing its basic functions or features. This helps the virus on a computer or
network to evade detection from many antimalware and threat detection products.
Since virus removal programs depend on identifying signatures of malware, these
viruses are carefully designed to escape detection and identification. When a
security software detects a polymorphic virus, the virus modifies itself thereby, it is
no longer detectable using the previous signature.
#Resident Viruses:
The Resident virus implants itself in the memory of a computer. Basically, the
original virus program is not required to infect new files or applications. Even when
the original virus is deleted, the version stored in memory can be activated. This
happens when the computer OS loads certain applications or functions. The
resident viruses are troublesome due to the reason they can run unnoticed by
antivirus and antimalware software by hiding in the system’s RAM.
#Rootkit Viruses:
The rootkit virus is a malware type which secretly installs an illegal rootkit on an
infected system. This opens the door for attackers and gives them full control of the
system. The attacker will be able to fundamentally modify or disable functions and
programs. Like other sophisticated viruses, the rootkit virus is also created to
bypass antivirus software. The latest versions of major antivirus and antimalware
programs include rootkit scanning.
#System or Boot-record Infectors:
The Boot-record Infectors infect executable code found in specific system areas on
a disk. As the name implies, they attach to the USB thumb drives and DOS boot
sector on diskettes or the Master Boot Record on hard disks. Boot viruses are no
more common these days as the latest devices rely less on physical storage media

Q. Where are the virus risks?

Viruses can reach your computer via all the routes shown here. You can read
more details on the pages that follow.
CDs and floppies
Floppy disks can have a virus in the boot sector. They can also hold infected
programs or documents. CDs may also hold infected items.
Programs and documents
Programs and documents can be infected with viruses. When you share
them with other users, by putting them on your network or intranet, or by
sending them out, the infection can spread.
Email
Email can include infected attachments. If you double click on an infected
attachment, you risk infecting your machine. Some emails even include
malicious scripts that run as soon as you preview the mail or read the body
text.
The internet
You may download programs or documents that are infected. Security
vulnerabilities in your operating system can
also allow viruses to infect your computer via the internet connection, without
your having to do anything at all

Email viruses
Many of the most prolific viruses are email-aware: they distribute themselves
automatically by email.
Typically, email-aware viruses depend on the user clicking on an attached
document. This runs a script that can forward infected documents to other
people. The Netsky virus, for example, searches the computer for files that
may
contain email addresses (e.g. EML or HTML files), and then uses the email
program on your computer to send
itself to those addresses. Some viruses, like Sobig-F, don’t even need to use
your email browser; they include their own “SMTP engine” for sending mail.
Email viruses may compromise your computer’s security or steal data, but
their most common effect is to create excessive email traffic and crash
servers.
Email attachments
Any attachment that you receive by email could carry a virus; launching such
an attachment can infect your
computer. Even an attachment that appears to be a safe type of file, e.g. a
file with a .txt extension, can pose a threat.
That file may be a malicious VBS script with the real file type (.vbs) hidden
from view

Q. Which files can viruses infect?

Viruses can attach themselves to any code that runs on your computer: programs,
documents, or the files that start up the operating system.
Boot sectors
When you switch on your computer, it accesses a part of the disk called the “boot
sector”and runs a program that starts the operating system. The earliest viruses
replaced this boot sector with their own, modified version. If the user started up
their computer from an infected disk, the virus became active.
Programs
Some viruses infect programs. When you start the infected program, the virus is
launched first. This type of virus appeared early in virus history but still poses a
threat, as the internet makes it easy to distribute programs.
Documents
Word processing or spreadsheet applications often use “macros” to automate
tasks. Some viruses take the form of a macro that can spread from one document
to another. If you open a document that contains the virus, it copies itself into the
application’s startup files and infects other documents you open with that
application.

Q. Computer virus symptoms (signs)

A few computer virus symptoms are:

 Computer and/or internet suddenly slower

 Computer behaves weird
 PC freezes and crashes a lot
 Unusual error messages appear
 Files have been automatically deleted or added
 Unwanted advertisements appear
 Emails have been sent from your account to your contacts (which you know
you didn't sent)
 Sudden hardware problems (e.g., display acting weird)
 Antivirus software and/or its shields are turned off automatically
 PC automatically restarts (reboots) by itself

2.

8 Symptoms of an Infected Computer

 1. Slower Internet and Processing

A slower computer doesn't necessarily mean you have a virus, but if it's a
sudden enough change in speed, it may be worth checking out. Use a speed
test to check your internet speed and use your computer's task manager to
measure processing power. If either seem slower than usual, perform a scan
with your antivirus software.
  2. Unexpected Computer Behavior
Viruses can do all kinds of strange things to your computer. If your computer
stops responding to clicks, decides to open files on its own, scrolls or acts as
if a key's been pressed when it hasn't, you may be experiencing computer
virus symptoms. Your computer shouldn't seem like it's thinking for itself.
 3. Sudden Freezes & Crashes
Because viruses damage your hard drive, they can cause your computer to
experience a catastrophic failure. If you're lucky enough that your computer
still turns on after a crash, make sure to run antivirus software to determine
whether a virus was the cause.
 4. Error Messages
Your computer knows something is wrong before you do. One of the most
noticeable symptoms of a computer virus is the sudden appearance of pop-
up messages warning you about missing system or application files.
Research messages by putting them in a search engine to see if you can
diagnose a virus.
 5. Advertisements
It's common to see ads as you browse the internet, but if you start seeing
them when you're not actively browsing, that is a telltale sign of a virus. Do
not click on these ads, even if they say they are for antivirus software.
 6. Outgoing Emails
Viruses try to spread themselves by email. If you notice emails in your sent
box that you didn't send, you probably have a virus. If you get an email from
a friend that seems suspicious, they might have a virus. Do not click on any
links or open any attachments in questionable emails.
 7. Missing or Extra Files
Keep track of the size of your hard drive. A virus may install copies of itself or
unwanted files on your computer. Viruses also delete files unexpectedly.
When you start seeing something strange or missing, it's time to run a virus
scan.
 8. Hardware and Accessory Problems
If you suddenly have a problem with your computer's display, such as mixing
pixels or color problems, this can be a sign of a virus messing with your
system. A networked printer may also start acting up if it becomes infected.
 Remember, your computer will not always show symptoms if it's infected.
Always perform regular system checks and virus scans to make sure your
computer is clean. Also, practice preventive care. Never click on unfamiliar
links in emails or pop-up ads to keep your computer safe from exposure.

3.
How does computer infected by viruse?

 A virus program has to be run before it can infect your computer. Though
viruses have ways of making sure that this happens. They can attach
themselves to other programs or hide in code that is run automatically when
you open certain types of file. Sometimes they can exploit security flaws in
your computer’s operating system to run and to spread themselves
automatically. You might receive an infected file in an email attachment, in a
 download from the internet, or on a disk. As soon as the file is launched, the
virus code runs. Then the virus can copy itself to other files or disks and
make changes on your computer.

Trojan horses

 Trojan horses are programs that pretend to be legitimate software, but

actually carry out hidden, harmful functions. For example, DLoader-L arrives
in an email attachment and claims to be an urgent update from Microsoft for
Windows XP. If you run it, it downloads a program that uses your computer
to connect to certain websites, in an attempt to overload them (this is called a
denial of service attack). Trojans cannot spread as fast as viruses because
they do not make copies of themselves. However, they now often work hand-
in-hand with viruses. Viruses may download Trojans which record keystrokes
or steal information. On the other hand, some Trojans are used as a means
of infecting a computer with a virus.

Worms

 Worms are similar to viruses but do not need a carrier program or document.
Worms simply create exact copies of themselves and use communications
between computers to. Many viruses, such as MyDoom or Bagle, behave
like worms and use email to forward themselves.
 What can viruses do?
 Viruses used to play pranks or stop your computer working, but now they
compromise security in more
 insidious ways. Here are the things that viruses can do.
 ■ Slow down email. Viruses that spread by email, such as Sobig, can
generate so much email traffic that servers slow down or crash. Even if this
doesn't happen, companies may react to the risk by shutting down servers
anyway.
 ■ Steal confidential data. The Bugbear-D worm records the user's
keystrokes, including passwords, and gives the virus writer access to them.
 ■ Use your computer to attack websites.
 MyDoom used infected computers to flood the SCO software company's
website with data, making the site unusable (a denial of service attack).
 ■ Let other users hijack your computer. Some viruses place “backdoor
Trojans” on the computer, allowing the virus writer to connect to your
computer and use it for their own purposes.
 ■ Corrupt data. The Compatable virus makes changes to the data in Excel
spreadsheets.
 ■ Delete data. The Sircam worm may attempt to delete or overwrite the hard
disk on a certain day.
 ■ Disable hardware. CIH, also known as Chernobyl, attempts to overwrite
the BIOS chip on April 26, making
 the computer unusable.
 ■ Play pranks. The Netsky-D worm made computers beep sporadically for
several hours one morning.
  ■ Display messages. Cone-F displays a political message if the month is
May.
 ■ Damage your credibility. If a virus forwards itself from your computer to
your customers and business partners,
 they may refuse to do business with you, or demand compensation.
 ■ Cause you embarrassment. For example, PolyPost places your
documents and your name on sex related newsgroups.

Q. Computer virus prevention tips

 Keep your operating system and software always up-to-date

 Use a firewall
 Use antivirus software
 Don't ignore security warnings from Windows or your antivirus software
 Don't install and use pirated software
 If you don't use Java, then remove or disable it
 Don't click on OK, Yes or Run when a pop-up window appears and ask you
to install unknown software. Here's one example: “Your windows computer
could be at risk! Install this repair tool to protect and clean your system by
clicking Secure Now as soon as possible” Don't fall for this trick!
 Before you want to install free software (freeware) first check if its reliable by
reading reviews about it
 Always download software from the official link or from a trusted website
 Don't click on a link (in emails or web pages) if you don't trust it.
 Use a secure and safe web browser like Google Chrome or Mozilla Firefox
and keep it updated
 When installing software, always pay attention and always read everything
clearly before clicking Next, OK, Install, Continue, etc.
 Microsoft recommends that you disable SMB1 on Windows for security
reasons.
 2.

Q. How To Deal with Computer Viruses

Computers have made our lives a whole lot easier. It’s a simple, undeniable fact.
Using these devices, however, also means dealing with another undeniable fact:
malicious software, a.k.a. malware. Viruses, Trojans, computer worms and other
sorts of malware can infect your device any time, and they can be a hassle to get
rid of.

If you think your computer is infected with malware, here’s how to handle it.

Step 1: Use a reliable antivirus program

If you already have antivirus software installed on your computer and it still got
infected with a virus, the software you were using is most likely unreliable. Uninstall
it, and get a new one. You can download one online or buy an installer from your
local tech shop. Either way, it’s best to get the paid version of your preferred
program rather than its free counterpart, so that you can get access to its full host
of features.

Some of the best antivirus software programs in the market right now
include Norton Security, McAfee Antivirus, Kaspersky Anti-Virus, Bitdefender,
and Webroot.

Step 2: Scan your computer

A wide variety of malicious programs exist today, and some of the most common
include trojans, viruses, worms, and ransomware. In order to check if your
computer is actually infected with any of these (as well as identify which of them
may have infected your computer), perform a full scan of your computer using your
new antivirus software, and make sure that the antivirus is fully updated before you
start the scan.

This may take a while, depending on the number of files on your computer and the
number of drives on it, so be patient. Once it’s done, you’ll know exactly which file
on which drive is infected.

Step 3: Remove the malware

Once your software identifies the infection, it will provide you with prompts on how
to treat it. Antivirus programs all have different methods, but some of the
most common options include permanent deletion of the virus or storing it in a
secure folder (a.k.a. “quarantine”) where it won’t be able to cause more damage.

Step 4: Stop future infections

When it comes to virus protection, prevention is always better than cure. You can
prevent your computer from getting infected by taking these precautionary
measures:

 Perform scans using your antivirus software at regular intervals. Most

programs have the option to schedule automatic scans based on your
preferred degree of frequency: daily, weekly, bi-weekly, and so on.
 Do not open suspicious-looking emails. They could be infected with spyware.
 Only visit secure websites. (URLs beginning with https://)
 Download Virtual Private Network (VPN) software. You’re probably
wondering: “Does VPN protect against viruses?” A VPN encrypts your online
traffic, which means hackers won’t be able to inject malware into your
systems through an insecure connection.

Follow all of the aforementioned steps, and won’t have to worry about computer
viruses again.

Protect yourself with HotSpot Shield.

If you want complete computer and internet security, pair your antivirus software
with a high-quality VPN like Hotspot Shield. Our VPN uses the toughest security
protocols, such as TLS 1.2 with perfect forward secrecy and 128-bit AES data
encryption, to make sure hackers won’t be able to access and infect your device.

Visit our website and download Hotspot Shield today. It’s available on Windows,

Mac OS, Android, and iOS. You can also check out our blog to read up on more
tips on internet safety and security.

3.
10 Tips on How to Prevent Malware From Infecting Your Computer

When our computers start slowing down or behaving in an unusual way, we are
often quick to suspect that we have a virus. It might not be a virus, but it is likely
that you have some sort of malware. Some are malicious, and others are just
annoying. The worst culprits are the hijackers—malware programs that take over
your browser, or worse yet, your computer. I have had to remove these types of
evil programs from personal computers and work computers in the past, and I’m
sure you have, too. Here are 10 tips on how to prevent malware from infecting your
computer, keeping your hardware safe.

1. Install Anti-Virus/Malware Software.

This tip may go without saying, and I almost just casually mentioned it in my
opening paragraph. However, I have seen many computers—especially home
computers—that don’t have anti-virus/malware protection. This protection is a
must-have first step in keeping you computer virus free.

2. Keep Your Anti-Virus Software Up to Date.

Having protection software is the first step; maintaining it is the second. Free anti-
virus software is better than nothing, but keep in mind that it’s not the best solution.
Microsoft does provide a security package for “free.” It’s free in that if you have
Windows on your machine, you are granted access, but you did pay for your
Windows license. Many users aren’t aware of this program, but it’s actually decent
protection.

3. Run Regularly Scheduled Scans with Your Anti-Virus Software.

This too may seem like a no-brainer, but many of us forget to do this. Set up your
software of choice to run at regular intervals. Once a week is preferred, but do not
wait much longer between scans. It’s difficult to work on your computer while your
anti-virus software is running. One solution is to run the software at night when you
aren’t using your computer. However, we often turn off our computers at night, and
so the scan never runs. Set your anti-virus software to run on a specific night, and
always leave your computer running on that day. Make sure it doesn’t shut off
automatically or go into hibernation mode.

4. Keep Your Operating System Current.

Whether you are running Windows, Mac OS X, Linux, or any other OS, keep it up
to date. OS developers are always issuing security patches that fix and plug
security leaks. These patches will help to keep your system secure. Similarly, keep
your anti-virus software up to date. Viruses and malware are created all the time.
Your scanning software is only as good as its database. It too must be as up to
date as possible.

5. Secure Your Network.

Many of our computers connect to our files, printers, or the Internet via a Wi-Fi
connection. Make sure it requires a password to access it and that the password is
strong. Never broadcast an open Wi-Fi connection. Use WPA or WPA2 encryption.
WEP is no longer strong enough as it can be bypassed in minutes by experts. It’s
also a great idea to not broadcast your SSID (the name of your Wi-Fi network). You
can still access it with your device, you will just have to manually type in the SSID
and the password. If you frequently have guests who use your Internet, provide a
guest SSID that uses a different password, just in case your friends are evil
hackers.

6. Think Before You Click.

Avoid websites that provide pirated material. Do not open an email attachment from
somebody or a company that you do not know. Do not click on a link in an
unsolicited email. Always hover over a link (especially one with a URL shortener)
before you click to see where the link is really taking you. If you have to download a
file from the Internet, an email, an FTP site, a file-sharing service, etc., scan it
before you run it. A good anti-virus software will do that automatically, but make
sure it is being done.
7. Keep Your Personal Information Safe.
This is likely the most difficult thing to do on the Internet. Many hackers will access
your files not by brute force, but through social engineering. They will get enough of
your information to gain access to your online accounts and will glean more of your
personal data. They will continue from account to account until they have enough
of your info that they can access your banking data or just steal your identity
altogether. Be cautious on message boards and social media. Lock down all of
your privacy settings, and avoid using your real name or identity on discussion
boards.

8. Don’t Use Open Wi-Fi.

When you are at the local coffee shop, library, and especially the airport, don’t use
the “free” open (non-password, non-encrypted) Wi-Fi. Think about it. If you can
access it with no issues, what can a trained malicious individual do?

9. Back Up Your Files.

The best thing you can do is back up your files—all of them. Ideally you will have
your files (your data) in at least three places: the place where you work on them, on
a separate storage device, and off-site. Keep your files on your computer, back
them up to an external hard drive, then back them up in a different location. You
can use a backup service or simply get two external hard drives and keep one at
work, at a friend’s house, at a family member’s house, or in a safe deposit box.
Why is data backup important?

10. Use Multiple Strong Passwords.

Never use the same password, especially on your bank account. Typically, we use
the same email address or username for all of our accounts. Those are easy to see
and steal. If you use the same password for everything, or on many things, and it is
discovered, then it takes only seconds to hack your account. Use a strong
password. Use lower case, upper case, numbers, and symbols in your password.
Keep it easy to remember but difficult to guess. Do not use dates or pet names.
 4.
Q. Computer virus protection

The BEST protection against computer viruses is YOU.

Look:

You can have the best protection there is, but even the best antivirus software can
fail to detect new malware (e.g., computerviruses, ransomware, spyware, etc.).

Malware threats grow so fast, that antivirus programs take too long to catch up with
malware (even the best free or paid ones).

Therefore, the best protection is yourself.

If you do any of the following:

 Ignore Windows and software updates

 Don't use antivirus software
 Use pirated software
 Install free software without checking if it's reliable
 Click on every link you see
 Ignore security warnings from Windows or antivirus software
 Click on buttons in pop-up windows that appear

Then there's a good chance that your PC will get infected one day.

Antivirus software

It's recommended to always use an antivirus program on your PC – even when

antivirus software can't protect your computer against all viruses.

It's better to have some protection than no protection at all.

You should only use one antivirus program on your computer.

The free antivirus programs I recommend are:

 Bitdefender Antivirus Free

 Kaspersky Free Antivirus
 Kaspersky Security Cloud Free

If you need more functions (e.g., multi-layer ransomware protection) and settings,
then you can try a paid antivirus program.
Most antivirus companies offer the option to download and try their paid antivirus
programs for free for 30 days.

The paid antivirus programs I recommend are:

 Bitdefender Antivirus
 Kaspersky Antivirus
 ESET Antivirus (one of the lightest antivirus programs there is)
Free second opinion virus scanners

It's also recommended to use second opinion virus scanners to get more complete
detection coverage, because some programs may detect viruses that others might
miss.

The free virus (malware) scanners I recommend are:

 Malwarebytes (note: to download the free version, you will have to scroll

down to the bottom of the page and then click on DOWNLOAD 14 DAY
TRIAL. You will get the Premium version for the first 14 days and after the 14
days it will turn into the free version – which is an on-demand malware
scanner)
 Zemana Antimalware
 Emsisoft Emergency Kit
 HitmanPro (I use the free version only for scanning for malware. Visit the
product page and click on the Free 30-Day Trial button to download it. You
can try the premium version for free for 30 days. After the trial period, you
can only use it for scanning for malware)

If you think that your PC has a virus (malware) infection, then you can also try the
following free virus (malware) scanners:

 Kaspersky Virus Removal Tool

 ESET Online Scanner
 Norton Power Eraser

You can use these virus (malware) scanners alongside your current antivirus
software.

You can use these scanners to scan your PC periodically (e.g., once a week) or
when you think your PC is infected with a virus or another type of malware.

5.
Q. Computer virus detection and removal

I will show you how to detect and how to get rid of a computer virus for free.

But first:

The first thing you want to keep in mind when your PC is infected by a computer
virus is whether or not you want to clean it. Because sometimes it may be a better
idea to back up any data that you might have and reinstall Microsoft Windows
or restore a system image backup that's 100% clean.

Why?

Well, if your antivirus (antimalware) software detected a computer virus or other

malware, then you will never know for sure if that's the only piece of malware that
has infected your system.

Malware can nestle itself deeper into your system and hide so that it can't be
discovered by your security software and it can also open doors to other malware.

And:

You also may end up with a damaged Windows installation.

Considering time and effort, sometimes it's better to wipe everything and start all
over again. But, if you wanted to do that, you probably wouldn't be reading this
article, so, follow the steps below.

With the following steps, I assume that you have access to your system or at least
can boot Windows into “Safe Mode with Networking”.

But: If you cannot access your computer then I recommend Kaspersky Rescue

Disk (located in the “Free Tools” section).

Once you have the ISO file you can install it on a USB flash drive with the help of a
free tool called Rufus and then you can boot from the USB drive and use the
rescue disk.

Let's continue with the next step.

Step 1: Find out if your files are affected by Ransomware

If you cannot open some files on your computer or you see files with missing or
weird file extensions (e.g., .cry, .crypto, .locked, .kraken, etc.), your system is
probably infected by Ransomware.

If your system is infected by Ransomware, the first thing you should do is to check
if your files can be decrypted.

But to do this, you first need to find out which Ransomware has infected your PC.
To find out which Ransomware has infected your PC, look at the ransom note, or
look at any messages on the screen or look at the encrypted files and the
extension they have.

If you cannot find out which Ransomware infected your PC you can visit ID
Ransomware by MalwareHunterTeam and upload the ransom note or an encrypted
file.

You can also visit a cybersecurity forum like BleepingComputer.

On this forum, you can find a lot of malware analysts that you can talk to.

You can post something in the forums and upload one of your encrypted files.

They might be able to tell you whether or not you can decrypt your files.

You can also download the Bitdefender Ransomware Recognition Tool to find out
which ransomware has encrypted your data and then get the appropriate
decryption tool if it exists.

You can visit NoMoreRansom.org or the free ransomware decryptors page

on Kaspersky.com and check if they have a decryptor tool for the ransomware that
infected your PC.

Step 2: Make a backup of your files

If your files were not affected by ransomware or you were able to decrypt your files,
then you should make a backup of your files.

You can use a free backup program like AOMEI Backupper Standard or copy your
files to a USB flash drive or external hard drive.

Step 3: Disable startup programs in Windows

1. Open Windows Task Manager.

Three ways to open Task Manager:

 Press the [ctrl] + [alt] + [delete] (del) keys on your keyboard and then click
on Task Manager.
 Press the [Windows] + [R] keys on your keyboard, type taskmgr and then
click on the OK button or press [Enter].
 In Windows 10, you right-click on the taskbar or start menu button and then
click on Task Manager.

2. Click on the Startup tab.

3. Disable everything that you see here, including your antivirus software.

To do this, right-click on the program and then click on Disable.

Step 4: Disable services in Windows

1. Open Windows System Configuration.

Three ways to open System Configuration:

 Press the [Windows] + [R] on your keyboard, type msconfig and press

[Enter].
 Search for msconfig using the Windows search box and then click
on System Configuration when it appears.
 Click on the start menu button, click on Windows Administrative Tools and
then click on System Configuration.

2. Click on the Services tab.

3. Check (select) the Hide all Microsoft services option located below the list.

4. Click on the Disable all button.

5. Click on the Apply button.

6. Click on OK.

7. Click on Restart to restart your computer.

Important! The order of the following steps are very important, so don't do these
steps in a different order.

Step 5: Kaspersky Virus Removal Tool

Download and open Kaspersky Virus Removal Tool.

Scan your PC with Kaspersky Virus Removal Tool and follow its instructions if it
found something.

Step 6: Malwarebytes

Download, install and open Malwarebytes (note: to download the free version, you

will have to scroll down to the bottom of the page and then click on DOWNLOAD
14 DAY TRIAL. You will get the Premium version for the first 14 days and after the
14 days it will turn into the free version – which is an on-demand malware scanner).

Scan your PC with Malwarebytes and follow its instructions if it found something.

Step 7: Zemana

Download, install and open Zemana Antimalware (for the download button of the

free version you will have to scroll down to the comparison table).

Scan your PC with Zemana and follow its instructions if it found something.
Step 8: ESET Online Scanner

Download and open ESET Online Scanner.

Enable detection of potentially unwanted applications, scan your PC with ESET

Online Scanner and follow its instructions if it found something.

After these steps, your computer should be relatively clean.

If you want to scan your computer with more virus scanners, then you can also try
the following virus scanners:

 Emsisoft Emergency Kit

 Norton Power Eraser

Thank you for reading this article. Hopefully, you learned enough about computer
viruses to keep your PC clean and safe. If you want to learn more about computer
and Internet security (cybersecurity), then visit thi

Here are eight ways you can avoid being the victim of a computer virus:
1. Don't start your computer when there is a USB (thumb) drive or other
type of removable media in a port or driver, especially if that media came
from someone you don't know or trust 100%. Why? Because if there is a
virus on that media, it will load onto your hard drive when you start up.
2. Think twice before opening any attachment that comes in an email. Ask
yourself, "Do I know the sender?" If the answer is "yes," are you sure their
email address is correct? Were you expecting the attachment?
3. If you receive an email from a stranger, either mark it as spam
immediately or delete it without opening the email. If there's an attachment,
do not open the attachment under any circumstances!
4. If you receive an email with an attachment from someone you do know—
but that you weren't expecting—inspect it closely. Check the spelling of the
sender's name and examine the message carefully for spelling errors,
which is often a tipoff that it's not genuine. (Even if a message you weren't
expecting is error-free and seems legitimate, you may want to check with
the sender to make sure he or she sent it.)
5. Learn how to disable and enable macros, which are instructions saved in
spreadsheet and word processing programs. A macro isn't bad, unless
someone who wants to infect your computer puts one there.
6. Make sure you have an antivirus program running on your computer, and
keep it updated. It will identify and remove viruses in your memory, storage
media and any incoming files. Most importantly, an antivirus program
automatically scans files you download from the Internet, email
attachments and open files.
7. Think about installing a software or hardware firewall. A router is an
example of a hardware firewall. Microsoft includes a personal software
firewall in its operating system.
8. Keep your guard up! There are websites that publish lists of the latest
known virus alerts and virus hoaxes.