Removing a Computer Virus

www.ethanwiner.com - since 1997

Home & Contact	Audio & Music Bio	Programming	Wisdoms & Quotes	Funny Names
Magazine Articles	Cello Page	Ethan's Tunes	Oxymorons	Family Photos

Removing a Computer Virus

In all the years I've owned a computer, I have never gotten a computer virus even though I don't use anti-virus software. I know what I'm doing with computers, and I know not to open email attachments - even from friends - or click unknown links in a web forum. I currently use two web browsers - Internet Explorer set to Medium security, and Firefox with all add-ons such as Flash disabled. This way I can go anywhere on the web with confidence using Firefox, or use IE when I want to see videos on YouTube or other sites I know are safe. My earlier article Avoiding Email Viruses explains some of this in more detail.

Yet somehow, even with all these precautions, I recently got a virus anyway. It was the one that redirects your Google searches to spam sites. My friend, black belt Windows expert Jeff Prosise, suggested the free AVG anti-virus program, which I downloaded and ran. AVG said it deleted six virus and Trojan programs, yet the problem remained. So I called AVG, and after speaking with a tech I bought the paid version for $40 which I was told would fix the problem. But the paid version didn't find anything the free version missed, so I called AVG again. This time tech support said their anti-virus program can block viruses from getting into your computer, but once they're on your hard drive it can't always remove them. They promised that for $130 more, one of their tech experts would log into my computer remotely and clean up everything, guaranteed. So I paid that too.

It took the AVG tech three hours to examine and repair my computer, and I learned a lot. So I'm sharing what I learned, to save others the hassle and expense of hiring a technician. The first thing I noticed was the tech used only freeware, shareware, and trial programs! She downloaded and ran seven different programs, all of which anyone can obtain for free. I'm not bitter, because I didn't know about these programs, and in the end she did fix the problem. So I got my money's worth.

I'll mention that I always have at least two copies of a system "image" backup, which contains the state of my entire C: drive. In the past I used Norton Ghost, but my current computer has Windows 7 which includes an image backup feature. When I realized I had a virus and tried to restore my C: drive, Windows failed to find either backup! I could see the folders in Windows Explorer, but Image Restore said I had no backups. My partner Doug told me he had the same problem when he tried to restore. This stupid backup program doesn't work at all! So now I have Acronis True Image, and this will never happen to me again.

Below is a list of programs that will remove most computer viruses, or clean up possibly rogue temporary files. I didn't link to specific pages on each web site in case they change, so you may have to search a site for the named program. And obviously you should download the latest versions. Be sure to download the programs only from the sites linked below, or through a link on the site! A common scam offers popular programs which people find by searching, but the program you download is a fake, or another virus.

Windows Repair Utilities
Hitman Pro
SUPERAntiSpyware
Hijack This
Steven Gould Cleanup!
ATF Cleaner
MBR Check (MBR=Master Boot Record)

One other thing the AVG tech did to ensure the redirect problem didn't persist was to flush the local DNS cache on my computer using this command, which you type manually at a Command prompt:

ipconfig /flushdns

DNS stands for Domain Name System, which relates site names such as mysite.com to the physical IP address at the location where the site's server resides.

Another potential cause of web site re-direction is errant or rogue entries in the Windows HOSTS file, which is located here:

C:\Windows\System32\drivers\etc\HOSTS

You can open this file in Notepad or any other text editor, and it should contain only sample entries preceded by the "#" comment symbol. If there are any other lines, delete them and re-save the file.

Ethan Winer has been an audio pro and skeptic for most of his adult life. He now heads up RealTraps, where he designs acoustic treatment products for recording studios and home listening rooms.