“My computer is acting funny! I think I have a virus! Why didn’t my anti-virus program catch it?!”
First off, getting a virus is NOT the end of the world. To some this may seem to be the case. Warning screens, threats of potential file corruption or loss, and even total loss of peripheral control can feel terrifying when you are attempting to get something urgent done or have sensitive information residing only on that sole system; but from experience almost every infection, if not all infections are curable. In the rare cases where the system is severely affected by a virus you will at the very least be able to get to a point where you can back up essential files.
As for your anti-virus program, not every anti-virus is able to catch every virus. Most basic anti-virus programs and their respectable suites rely on updates from a database that the company hosts and periodically updates. Typically when a virus is making its way around the Internet it will take a number of infections before the company who owns your anti-virus program to add the new virus definition to the detection database – and by then it could already be too late.
On top of that, it’s up to you to make sure the application is continually updated. Sure, these programs have built in “automatic updates”, but this isn’t something you should rely on. For any number of reasons the automatic update could have failed the day you got infected; or even worse, it could have failed weeks ago unbeknownst to you. This happens quite often even with Windows Updates that could potentially protect you! Not just anti-virus programs.
If the computer boots up into Windows and you still have Internet connectivity then it’s a very mild virus. Downloading the proper program of the tools listed below should help you remove the infection with ease. If you can’t get into Windows or it seems like you cannot connect to the Internet – don’t worry – there are workaround methods to get past a virus that attempts to cripple your system that I will highlight.
http://www.surfright.nl/en/hitmanpro – Hitman pro is a cloud assisted, forensic based anti-virus scanner. Running this program once every few weeks or when you suspect there might be an issue is very effective for ensuring your system stays virus free. It also has a “kick start” features which will allow you to create a bootable USB drive in the event that your operating system becomes crippled by malware. This is an option you can use to clean up a system that has been crippled and unable to boot into Windows.
It comes with a free 30 day trail and is useful if you find yourself infected and need an intimidate remedy free of cost. If you do choose to purchase Hitman Pro it only costs $20-25/yr based on how many licenses you buy and for how many years.
https://www.malwarebytes.org – Malwarebytes is similar to Hitman, but boasts a few extra features. It’s closer in line with your typical anti-virus as it offers malicious website blocking, real-time scanning, and a scan mode which targets only running processes resulting in an extremely fast scan that may catch a virus currently running on your system. I mention it in this list because it’s extremely effective at detecting remnants left over from previous infections you may have suffered. Malwarebytes offers a free version and a premium version for $25/yr or $40 for 2 years.
http://support.kaspersky.com/viruses/utility#TDSSKiller – Kaspersky’s TDSSKiller is a standalone root kit detector and remover. It can be helpful when other programs are detecting you’ve got a rootkit, but fail to remove it. Rootkits can be particularly hard to remove since they latch onto processes that are part of the system and are currently running.
If you find yourself unable to connect to the Internet to download any of these tools you have a few options. You can download them from another device and transfer them to the infected computer with a flash drive or you could check to see if the virus is blocking your Internet connection by checking a few settings in your Internet browser.
If you’re using Internet Explorer – You’re going to want to open Internet Options. That should open Internet Properties, from there you will want to click on the connections tab. If you’re using Google Chrome you’ll have to open settings from the upper right, scroll down, click on “Show advanced settings” and then on “Change Proxy Settings”. Google Chrome should already have the connections tab selected. From here you’ll want to press on “LAN settings”. Once you’ve done this you should see what is in the picture below.
Now, if you’ve got a virus that seems to have disabled your Internet then it has most likely turned on the “proxy server setting” you see unchecked in my picture. You’ll want to uncheck it and recheck “Automatically detect settings”. After that you can press OK on each prompt and you should be able to open up web pages now. If you can’t, you’ve got a more advanced virus that will require additional troubleshooting.