HomeDownloadsVirus HelpVirus LinksMacintoshSimTel

Kerry Sandrin Realtor for real estate services in the Tri-cities area including Coquitlam, Port Coquitlam and Port Moody.

Free Comparative Market Assessments (CMA) available!

THE SANDRIN ANTI VIRUS CONNECTION

STEPS TO REMOVE A VIRUS

What should I do if I have a virus? (Steps for Virus Removal)

The steps involved in removing a virus is very much dependent on what type of virus it is and what items have been contaminated.

  1. It is universally agreed upon by all computer virus professionals that the first step when assessing and removing viruses is…stay calm and don’t panic. It’s safe to say that the most viruses can be easily removed with no loss of data.
  2. Ensure that you are indeed dealing with a virus. It is more common than not that many of the symptoms that people perceive as being a virus stem from other problems. Operating system glitches, hardware conflicts, improper connections, odd behaving software, and improper installation and removal of software are common problems that sometimes produce virus-like characteristics but in fact are not viruses.
  3. If you are convinced that you do have a virus, the next step is to determine exactly what type of virus you are dealing with. If you have a virus scanner installed already, use it. If you don’t have a scanner installed but you still have Internet access on your machine, an excellent way to scan your computer is with McAfee’s VirusScan Online, which is an online scanner that is always kept up-to-date for detecting the latest viruses. Although, it may not be able to cleanse the virus, it will at least tell you what virus you have so you may take the appropriate action.
  4. If you believe your machine has a virus, do NOT use an infected machine for anything before disinfecting it. That means you should not download and install anti-virus software or a boot diskette from the Internet on to your infected machine as you could contaminate the very software that you are using to detect/remove the virus. Also, a computer cannot detect some viruses once they have been loaded into memory.
  5. Create at boot diskette if you don’t already have one that had been made on a virus-free machine.  A start-up or boot diskette may have come with your purchase of Windows 95/98/NT operating system.
  6. Download an emergency rescue diskette from McAfee or an anti-virus program such as the DOS version of F-Prot from a non-infected computer.
  7. With the McAfee emergency rescue diskette, simply follow the directions outlined on the McAfee site and then restart your computer with the McAfee emergency diskette in your floppy drive. Remember to write-protect the diskette (slide the little black notch on the corner the diskette so you can see through it) before starting your computer or you may end up infecting the floppy.

If you have downloaded F-Prot, follow these instructions as provided by F-Secure:

  1. Unzip the archive and copy the following files to a clean diskette:

    f-prot.exe
    english.tx0
    sign.def
    sign2.def
    nomacro.def

  2. Rename NOMACRO.DEF to MACRO.DEF for F-Prot to work properly. Type at command prompt (mind spaces and press 'Enter' after typing):

    ren a:\nomacro.def a:\macro.def

  3. Write-protect both floppies (slide the little black notch on the corner the diskette so you can see through it)

  4. Start the infected computer with a boot diskette (not the anti-virus diskette you just created).

  5. Once your machine has completed being booted, switch to the F-Prot floppy and type the following command at the DOS prompt: (mind spaces and press 'Enter' after typing):

    f-prot /hard /disinf /auto

  6. After it's done removing the virus repeat steps ‘iv’ and ‘v’ as a safety precaution.

For macro viruses you don't need to perform a clean boot as for regular binary viruses. You can use F-Prot for DOS in a DOS session under Windows. In case a macro virus drops and executes a regular binary virus or Trojan you will have to use the above listed procedure. The latest macro virus definition file is available on the F-Secure ftp site.

*Note: the above virus removal procedure is just a generic way of removing viruses. Certain viruses may require a specific way of removing it or a special program. If you have diagnosed what virus you have and wish to find out more information about it, you may investigate it further by searching for it by name through our list of anti-virus manufacturers’ databases.

Alternatively, if you have determined that you require a very specific anti-virus program to remove an infection (ie.; killmonk) you may likely find it at the SimTel repository. (Hint: Try looking in the DOS section of SimTel first even if you are running Windows)

If all else fails, you may have to accept the fact that you may require reformatting your hard drive (high-level DOS logical formatting) which wipes your whole hard drive clean. This will result in the loss of all your programs and data files. It is for this reason you should always back-up your data in the event of a disaster. It has been recommended that you avoid low-level formatting as it can sever access to certain IDE hard drives.

Copyright© 1994-2008
This page was last updated