How to clean an infected computer

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hello and welcome to the PC security channel in this video we'll be going through the step-by-step procedure that I recommend for cleaning and infected computer in this day and age I noticed that all Dee tutorials on this topic are extremely out-of-date and we need to clear out some information now before we proceed though I want to make clear that I will not be going through each and every one of the individual steps I mean some of these things you should be able to google the resources I will talk about are all easily accessible and if you still have any issues you can always post them in the comments but following the instructions I'm going to give you is going to be relatively straightforward so the first thing that you want to keep in mind when you have an infected system is whether or not you want to clean it because sometimes it may just be a better idea to backup any data that you might have and do a full system reinstall why do I say that it's because even if you clean up a system there's always a chance that you're going to leave some trace maybe some spyware that could potentially cause issues in the future also you may leave behind a damaged Windows installation so considering time and effort sometimes it's just better to wipe everything and start all over again but if you were to do that you probably wouldn't be watching this video so let's proceed now the first thing you want to keep in mind is whether or not your files are affected by ransomware these are regular files these are not affected by ransomware however if you see some files with a separate extension images that don't open you are probably infected by ransomware if that is the case the first thing you want to make sure before you delete all that data is whether or not it can be decrypted now where can you know whether or not something can be decrypted now first you can go to No More ransom and over here you can check if the ransomware that you are infected by has a decryptor how do you know what ransomware you're infected by just look at the ransom note look at any messages on the screen or look at the encrypted files and the file extension that they have very often that's going to give you the name of the ransomware if not you can always hop into some security forums like bleeping computer that is one of my favorite places so you can head on over here they're going to be a lot of malware analysts that you can talk to you can just post something in the forums and link your sample you can upload your sample and buy sample I don't mean you don't have to have the actual ransomware sample you can just give them the encrypted files any of the encrypted files and they will probably figure out what ransomware you were affected by and accordingly they might be able to tell you whether or not you can decrypt your data once we've got that out of the way we can proceed with the next steps so this is all assuming that you have access to your computer and you can at least boot into safe mode if you cannot do that then the solution I would recommend to get around that is going to be Kaspersky rescue disk so you can just google it and you're going to find it straightforward first result once you have the ISO image you can just mount it with the help of a tool called Rufus again I'm just gonna show you how easy it is to get this stuff and once you download it you'll see it's you I like this and you just want to select a USB stick or a disk whatever you want to use and then mount the image onto that and then you can boot off of that and use the rescue disk but in most cases you probably won't need this because you'll still have access to the system which is going to be the main part of this tutorial I'm going tell you the exact process with which you should approach a situation like this because there are a lot of things that can go wrong so the first thing you want to do it's just open up task manager go to startup and disable everything that you see here everything including any AV product that the user might have because well you don't want it getting in the way of the second opinion scans once you've done that you can again go into Emma's config and you can go through selective startup or you can just go to services and after you've hidden all Microsoft services all the other stuff you have here you can disable temporarily while you fix the computer what these two steps will do is they will reduce the amount of headache that you're going to get while removing some of this malware maybe so now the important part what scanners do I recommend and in what order and this is important because you don't want to destroy the system along with removing the malware so the first scanner that I'm going to recommend is Kaspersky virus removal tool again you can find it very easily by just doing a simple Google search now you might question why do I recommend using this first why not hitman pro why not malwarebytes because those scanners are not as reliable the nice thing about Kaspersky is that their signatures are very specific they usually have really understandable detection names and they're not just gonna give you trojan generic for everything for example if something is an adware or a toolbar or something like that they will tell you not a virus toolbar so it's much easier for you to go through the scan results and notice any false positives and have a good idea of exactly what you are removing another very important reason to use Kaspersky virus removal tool is that their engine has a really nice ability to disinfect any files that are patched by viruses so you're not going to lose your existing programs or anything that has been infected these are the two main reasons I always recommend Kaspersky for disinfection or use on an infected system they're not necessarily very important when it comes to choosing a product to protect your system but when you're trying to remedy one the features of Kaspersky's engine are paramount and no I don't say that because I'm a Russian spy or I work for Putin so how do you scan pretty straightforward just select everything click ok and start scan and once you are done with this just go through each of the threats try to disinfect everything only delete or quarantine threats that cannot be disinfected once you're done with this you want to go ahead and Malwarebytes why Malwarebytes because they are really good at detecting pee ups so if there are any toolbars bundlers adware on the system malwarebytes will likely catch a lot of it once you're here again you can just update and scan I'm not showing you all the nitty-gritty I don't want this to be a one hour video of me guiding you through I'll click this button click that but I mean come on you can figure that stuff out now once you're done with malwarebytes you can go ahead and use something like hitman pro or Ximena or both but just keep in mind that these scanners are likely going to do a very destructive removal so any malware that you remove using these will likely be completely deleted from the system possibly damaging your Windows installation if any important files are infected so just be careful with these scan results if you're in doubt and you've already gone through Kaspersky do not remove anything unless you're absolutely sure this malware after all of these steps your system should be relatively clean and you should be able to start using it again if not it might be a good idea to use some sort of registry cleaning to remove some of the remaining traces you can use AA slovaks registry cleaner and yeah be sure to run ccleaner on an infected system there's probably a ton of junk there so there you have it that's how you clean an infected system and keep in mind the order of these steps is very important so don't do them in Reverse don't first scan with hitman pro and then scan with Kaspersky or you know scan with hitman pro and remove all your encrypted files and then go to No More Ansem and find out that oh wait that ransomware was decrypted and I've seen a lot of people make the simple mistake and not follow the right order of operations which is why I thought this video could be quite useful so let me know your thoughts in the comments below please like and share if you enjoyed it this is leo from the pc security channel thank you for watching thank you to all my patreon and as always stay informed stay secure
Info
Channel: The PC Security Channel
Views: 147,472
Rating: undefined out of 5
Keywords: TPSC, The PC Security Channel, security, cybersecurity, Internet Security, Antivirus Reviews, test, malware, prevention, detection, removal, AntiMalware, tutorial, virus, trojan, PUP, Ransomware, 2018, finance, antivirus, free, How to clean an infected computer, How to clean an infected PC, How to clean a computer, decrypt ransomware, remove malware, malware removal, malware removal tool, remove virus, virus removal, remove adware, adware, remove ransomware, PC, infected computer, Windows 10, Delete
Id: K0WAYRTbC88
Channel Id: undefined
Length: 8min 59sec (539 seconds)
Published: Wed May 09 2018
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.