How to Remove a Virus That Corrupts & Renames Files

by Kim Schulman

You've been invaded. A seemingly invisible trojan horse has infiltrated your computer, which is now slow and weak. Internally, this duplicating virus is wreaking havoc on your system, corrupting and renaming files and threatening your personal security. If you have antivirus software installed and your Windows operating system is still infected, a few steps can ensure that you are back up and running a healthy PC. This includes disconnecting from the Internet, disabling System Restore and running a full system scan within the Safe Mode environment.

Removing a Virus

Double-check that your virus definitions are up-to-date before disconnecting from the Internet. Current and registered antivirus applications (such as those from Symantec, McAfee and AVG) are self-updating as long as you are connected to the Internet.

Configure your antivirus software settings to scan all files so that no data is excluded, which may be why the virus was not detected in the first place. For instance, Symantec's Norton 360, Norton Internet Security and Norton Antivirus Heuristic protection settings should be set to Aggressive and the Scan Performance Profile should be set to Full Scan. McAfee's Total Protection, Internet Security and VirusScan Plus settings should be set to scan Archive Files, Stealth Programs and All Threats in All Files.

Temporarily disable System Restore. Click "Start," right-click "My Computer" and then click "Properties." On the "System Restore" tab, check Turn off System Restore and click "Apply." Select "Yes" to confirm, and then click "OK." This step is crucial because a virus can damage system restore data, and Windows prevents antivirus software from accessing and repairing these files.

Start your computer in Safe Mode. This will ensure that no programs are running when you subsequently run a full system scan. First, exit all active applications. Then navigate to the "Start" button, click on "Run," type "msconfig" into the box that appears and click "OK" to open the System Configuration Utility. Select the Boot.ini tab, check the "/Safeboot" box and click "OK." You will receive a prompt to "Restart" your computer in Safe Mode.

Run a full system virus scan in Safe Mode, which will detect, remove and quarantine all viruses.

Restart your computer in Normal Mode by returning to the System Configuration Utility, unchecking the "/Safeboot" box and clicking "Restart." Then reconnect your wireless or wired network and re-enable System Restore by unchecking the "Turn off System Restore" box.

Tips

  • check If you do not have antivirus software installed on your computer, Symantec, McAfee and AVG offer free 30- and 90-day trials of several of their antivirus applications. AVG even offers a free basic version of its antivirus software (see Resources).
  • check AVG.com and Symantec.com offer specialized utilities that may help detect and remove specific viruses, trojan horses and worms. These can be found by going to each website and typing "Removal Tools" in the site's search box and then searching for the virus that is infecting your computer.

Items you will need

About the Author

Based in New York, Kim Schulman has been writing and editing health and consumer-related content since 1998. Her work has appeared in “Reader’s Digest,” “More,” “PC Magazine” and a variety of nonprofit and academic newsletters, journals, books and websites. She holds a B.A. in English from Boston University.

Photo Credits

  • photo_camera computer being attacked by bugs image by patrimonio designs from Fotolia.com