My computer has a virus—what should I do? (Preliminary malware troubleshooting)

KB Solution ID: SOLN2505|Last Revised: November 11, 2014

Issue

  • You suspect that your computer is infected with a virus or malware (such as Poweliks)

    OR
     
  • You were directed by ESET Customer Care to complete Preliminary malware troubleshooting

 

Solution

Before proceeding

  • Back up any important or valuable files on your computer.
  • If you cannot connect to the Internet on the infected computer, see the following Knowledgebase article before completing the steps in this article:

ESET Support Services can help

You can contact our ESET Support Services team to have them remove malware for you (charges may apply). 

 

  1. Bookmark/save this article
    Before proceeding we highly recommend that you bookmark this article in your web browser , print it for reference or view it on another device so that you can easily return to it and continue on to the next given step (for example, in step 4 you will have to access this article again after restarting your system in Safe Mode).
     
  2. Rule out currently trending threats
    Win32/Poweliks.A is a trojan which tries to download other malware from the Internet, and can be controlled remotely. To check for, and remove (if present) this threat, follow the steps in the following Knowledge

  3. Win32/Rovnix is a trojan that steals sensitive information. The trojan attempts to send gathered information to a remote machine. It uses techniques common among rootkits. To check for, and remove (if present) this threat, complete the steps in the following Knowledgebase article:

    Once you are finished running these tools, proceed to step 3.

  4. Run ESET Rogue Application Remover (ERAR)
    The ESET Rogue Application Remover (ERAR) will detect and attempt to remove rogue applications that are infecting your computer or making undesired changes to your registry.

     
  5. Scan your computer
    If you have an ESET product installed, run a Computer scan. If you do not have an ESET product installed, run the ESET Online Scanner (using default settings). The ESET Online Scanner looks at your system from a different perspective than a typical ESET Computer scan. To run the online scanner, follow the steps in the Knowledgebase article below: 

     

    Leave detected threats in the quarantine

    Files in the quarantine will not run on your computer again as they are stored there in an inert, encrypted format that is useful for analysis.
     
  6. Restart your computer and observe system behavior
    If, after completing steps 1-4, you restart your computer and no longer notice the issues / symptoms that brought you to this article, you do not have to continue to step 6. If your issue / symptoms persist, continue to step 6 below.

    Complete all steps

    If steps 1-4 alleviated the symptoms you were experiencing, but you were unable to complete one of the steps above, we strongly recommend that you go back and attempt that step again.

  7. Gather logs and contact ESET Customer Care
    To complete this step, send a copy of a Scan log, Detected Threats log and SysInspector log to ESET Customer Care following the steps in the Knowledgebase articles below: 

Need Personalized Assistance in North America?

If you're not already an ESET customer, ESET Support Services are available to clean, optimize and secure your system. Call 866-944-3738 or click to schedule an appointment with ESET Support Services today!

Rate this article:
1 2 3 4 5
Please comment on your rating...
We cannot respond to feedback from this form. Requests for assistance should be submitted through your normal support channel.
5 - Definitely
4 - Mostly
3 - Somewhat
2 - Not Really
1 - Not At All