ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

How to Remove a Worm or Virus from Your Computer

Updated on November 23, 2012
Illustration by Author/eHealer
Illustration by Author/eHealer | Source

In the past few months, I have received more phone calls than usual from my friends who are on the verge of hysteria-- "my computer has a virus and it's from the FBI!" The recent attacks from the virus, known as Reventon Ransomeware, promises its victims to free them from the virus (and prosecution) if they pay a fee. After inadvertently downloading the Ransomeware, by Citadel Malware, on their computer, the unsuspecting web surfer is suddenly presented with warning that they have been frozen because of their "illegal activities" on the internet.

The Bogus FBI Virus from Citadel

Although my friends would never do anything to cause an intervention from a legal authority...(okay, maybe), the FBI logo is displayed proudly on their "we locked your computer" page, as well as the information that instructs you to send your payment and be freed from further charges. Although the threats are obviously bogus and not exactly the most convincing proposal of extortion, people infected with the virus are paying their ransoms and hoping to free their computer from the FBI's jurisdiction-- only to find their computer is still behind bars and locked up forever. The scam artists quickly change tactics and move on with no way for anyone to track them. Cybercrime at it's best is a snatch and grab-- then flee!

Reventon Ransomeware


Variations of the Reventon Ransomeware

In addition to the virus being identified by the FBI,some of the similar bogus threats disguise themselves as the Department of Justice’s Computer Crime and Intellectual Property Section, as having been associated with illegal online activity. To unlock their computers, users are required to pay a fine using a prepaid money card service, such as a "moneypack" option that is displayed on the locked screen. It's a despicable act of cybercrime, and these criminals really need to be found by the actual FBI and prosecuted as quickly as possible.

Citadel Malware: Reventon Demands

“The malware lists the fines and penalties for each infraction and instructed me to pay $200 with a MoneyPak debit card purchase. The instructions included how to load the card and make the payment to the FBI. The instructions included that if the payment was not made, criminal charges would be filed and my computer would stay locked on that frozen screen from the FBI.”

The FBI Renounces Blame and Asks You Report the Crime

Called "malware" by the FBI, they have recently put out an official podcast in the response to the barrage of complaints they've received. "We would never ask anyone to pay an online fine to free their computer," says Special Agent Herbert Stapleton. The FBI podcast encourages you to take your computer to a computer professional and asks you to report the crime to the IC3 website.

Steps to Computer Rehabilitation


Unlock Your Computer and Live in a Free Society

Although the Reventon Ransomeware virus is used as an example in this article, you can free your computer from any virus or malware with these steps. The Reventon is very sophisticated, at least I found it challenging to figure out, and most other malicious malware aren't as robust, so you should be able to remove anything from the laptop with these instructions.

Run any Malware or Virus Software you Already have Installed

If you have any malicious removal programs, like windows defender, AVG, Kapersky, or any other programs, turn them loose and let them scan the entire computer directory. If this isn't possible, you may try system restore.

Prepare Your Computer for System Restore

Important: Back up your computer if you recently downloaded a new program. Although your documents, photos and other work will not be affected, your new programs may be removed if you installed them prior to the restore date. In other words, if you loaded a software program on Dec 8th, and you are restoring your system to Dec 2nd, that program will be removed. System restore will not remove anything on your computer with an installation date prior to the restore point.

If you can remember when the virus or worm appeared, go back a few days on the restore point to be sure you get it and kill it!

System Restore Process


System Restore Complete


Section A: Go to Start, and Type in "System Restore" in the Search Box

For Windows 7 and Vista

In a few moments, System Restore will appear and ask you if your sure you want to do this? Click next. It is better to use the automatic store point if the virus was recent, your computer can detect when something was downloaded--usually a Microsoft Update will trigger the restore point setting--and hit next.

Use Automatic Restore Point

Depending on when the virus, worm or malware appeared, click on the restore point setting and click, Next.

Confirm the Restore Point

After you have selected the Restore Point, the program will ask you to "Confirm" the point and hit, Finish

Wait for the Program to Finish the Restore Point

The computer will take some time to process your request and may even close and start again a few times, so don't panic. After the computer has finished and has rebotted, sign in and ensure the computer is cleaned of viruses or malware. If not, you may have not gone back far enough on the restore point, and you may want to try again with a different restore date.

Once the Restore Date is Completed, the Restore Point may be Reversed

Don't worry, you can restore the past on your computer, but chance are you won't want to. If you cannot get into System Restore, you will have to use the Safe Mode to get into the program and turn back the hands of time. Once in Safe Mode, follow the instructions in this section to restore your computer to a working machine. Follow the instructions below to get into Safe Mode through an alternate route.

You May Need to Go Into Safe Mode

How to get into Safe Mode


Section B: What if the Virus won't let me in System Restore?

Citadel malware, the one responsible for Reventon Ransomeware, may not allow you into System Restore to wipe it out. Unfortunately, this designer malware is very sophisticated. But, you can get them. Don't Panic, and follow these instructions to free your machine.

You will have to go into Safe Mode to bypass the Virus

1. Restart your computer and tap on the F8 key until the Windows Advanced Options Menu comes up on the screen.

2. Use the arrow keys to choose Safe Mode and hit enter.

Your Computer is Now in Safe Mode

The Icons will look different, they may be larger or skewed on the screen because the usual drivers and files were not used to load the computer.

3. Type in System Restore in the Search Window and Follow the Steps Provided in Section A of this article.

After you have completed the restore point, your computer should be free of any malware, viruses or worms you have downloaded after that date. However, if your computer is running slow, showing signs of disobedience or has other problems that may be attributed to malicious downloads, you need to update or install better software that will protect you. Free antiviral programs are available if you're in a crunch for bucks ( who isn't?) and many do a great job, although you may have to put up with their ads and pop-ups.

Protect Yourself with Up-to-Date Antiviral Software

Be sure you have a good protection program because new and improved viruses and malware programs are showing up all the time. To keep your computer safe, ensure you are well protected in this age of ever increasing cybercrime.

System Restore at a Glance

For Windows 7 and Vista
Restart Computer and tap F8 until the Advanced Menu appears
Use arrow keys to choose SAFE MODE option
This Mode bypasses the usual drivers and programs that have been blocked by the virus
Sign in and t type "System Restore" in search box under START MENU
Wait for System Restore to load, it may take a few moments
You are going to restore the computer programs and files to a date before the virus loaded
Choose a Restore Date
Hit "Next" and wait for the next screen
Ensure the date you choose for restore is before the day the virus appeared
Confirm the Restore Point
Hit "Next" on the System Restore Menu
Wait for System Restore to complete
Computer will restart on its own
Sign in and check for the removal of the virus
If the virus is still on your machine, retry the System Restore with a date further in the past

How to Remove a Facebook Virus or Reclaim Your Account


    0 of 8192 characters used
    Post Comment
    • Anita Hasch profile image

      Anita Hasch 

      3 years ago from Port Elizabeth

      Thank for the helpful info.

    • profile image


      5 years ago

      hello, got the facebook bypass, facebook proxy and one virus which make the vedio clip in any flash drive..

      So, plz can u help me to remove those virus but without using antivirus

    • profile image

      Joao Bernd 

      7 years ago

      Hello, got the reveton virus on my mac... How i can get it out ??? Im going crazy here!

    • eHealer profile imageAUTHOR


      8 years ago from Las Vegas

      Hey Silv, I am so glad this information was helpful! It is an excellent way to get rid of any virsus, worms, malware, or anything else you can inadvertently download. Thanks for your support!

    • profile image


      8 years ago

      You are a life saver !!! Thank you very much

    • eHealer profile imageAUTHOR


      8 years ago from Las Vegas

      Hey Mizjo, thanks for stopping by, I am so glad you may find it useful, but hope you never do. This technique will get rid of virtually any virus or software, so if you need it, it's here for you to use! Thanks and see ya soon at the hubs.

    • mizjo profile image


      8 years ago from New York City, NY

      Does the System Restore work on a Mac?

      Thanks for all the information. I'll bookmark this for future reference. I hope never to have to face that Reventon Ransomeware. 'Ransom' is what it is. I wonder, why so much evil in the world?

    • eHealer profile imageAUTHOR


      8 years ago from Las Vegas

      Thanks Tips, so nice to see you! I am glad you can find a use for it, and thanks for the vote of confidence!

    • tipstoretireearly profile image


      8 years ago from New York

      System Restore is a great last-ditch tool to remove viruses. I hate to use it, but it does the job. This hub will make a great reference tool for my computer's next virus.

    • eHealer profile imageAUTHOR


      8 years ago from Las Vegas

      Thanks WillStarr, I appreciate your comments. Thanks for sharing!

    • WillStarr profile image


      8 years ago from Phoenix, Arizona

      Excellent, and bookmarked for future reference.

    • eHealer profile imageAUTHOR


      8 years ago from Las Vegas

      Hi Pam, thanks for stopping by. XP will work the same for virus removal, getting into System Restore is a little different but it is also easy. I always appreciate the support from my fellow females! Thanks

    • eHealer profile imageAUTHOR


      8 years ago from Las Vegas

      Hi Rajan, Avast is a great program and it updates its software on a regular basis. Great stuff and thanks for sharing!

    • eHealer profile imageAUTHOR


      8 years ago from Las Vegas

      Hello Sue, thanks for your kind and encouraging comments. I hope you never need this, but if you get a virus, it's an easy way to remove it, and lot less expensive to1

    • eHealer profile imageAUTHOR


      8 years ago from Las Vegas

      Hey Mhatter, thanks for stopping buy and have a safe journey in cyberspace!

    • eHealer profile imageAUTHOR


      8 years ago from Las Vegas

      Hey Moonlake, what a mess these viruses make, and so few criminals get caught. Cybercrime just keeps getting more sophisticated and no one seems to be able to keep up with them. It's not an excuse, it's just an observation. Thanks for sharing your experiences with us online. I appreciate your comments.

    • moonlake profile image


      8 years ago from America

      I went to my account on hubpages a few weeks ago and opened up one of my hubs and instantly got the FBI virus. It turned my whole screen white and I couldn't get to anything. I hate to say I got it from here but the minute I opened that hub it was there. I may get banned for saying that and I have no idea how a virus ended up on my hub. My start was gone all my toolbars gone. I had to turn my computer off and go into the safe mode to get rid of it. What a pain and some people will pay the money thinking it will help. Google is so good at knocking us down for our hubs why can't they figure out how to detect viruses on websites. I was once looking for "How to remove yellow foam pad from pulled up carpet." I went on a website for that and got the virus Microsoft Security Essentials also could not get rid of it until I went into safe mode. It froze everything on my computer.

      Voted up on your hub.

    • Pamela Kinnaird W profile image

      Pamela Dapples 

      8 years ago from Arizona now

      Thanks for such useful information. I don't think my computer is Windows 7 or Vista, though. It's XP but maybe it's an XP on a Vista?

      It's very nice to see a lady computer expert.

      Voting up and useful.

    • rajan jolly profile image

      Rajan Singh Jolly 

      8 years ago from From Mumbai, presently in Jalandhar, INDIA.

      Deborah, I have Avast on my desktop and laptop for years and it's worked beautifully well in catching these culprits. I always make a system restore point in case... though.

      Voted up, useful and interesting. Shared.

    • profile image


      8 years ago

      Hi eHealer

      Thank you for this very informative and useful hub.

      Bookmarking and sharing.

      Voted up and awesome

      Take care :)

    • Mhatter99 profile image

      Martin Kloess 

      8 years ago from San Francisco

      Thank you for this. I use CA Security. I won't recommend it, because it is a real pain in the neck. But for 4 years it has caught everything that shouldn't be on my computer.

    • eHealer profile imageAUTHOR


      8 years ago from Las Vegas

      If anyone needs help with XP, please email me and I will assist you with a System Restore for XP Email. Thanks and have a safe surf today!


    This website uses cookies

    As a user in the EEA, your approval is needed on a few things. To provide a better website experience, uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

    For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at:

    Show Details
    HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
    LoginThis is necessary to sign in to the HubPages Service.
    Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
    AkismetThis is used to detect comment spam. (Privacy Policy)
    HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
    HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
    Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
    CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
    Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the or domains, for performance and efficiency reasons. (Privacy Policy)
    Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
    Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
    Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
    Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
    Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
    VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
    PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
    Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
    MavenThis supports the Maven widget and search functionality. (Privacy Policy)
    Google AdSenseThis is an ad network. (Privacy Policy)
    Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
    Index ExchangeThis is an ad network. (Privacy Policy)
    SovrnThis is an ad network. (Privacy Policy)
    Facebook AdsThis is an ad network. (Privacy Policy)
    Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
    AppNexusThis is an ad network. (Privacy Policy)
    OpenxThis is an ad network. (Privacy Policy)
    Rubicon ProjectThis is an ad network. (Privacy Policy)
    TripleLiftThis is an ad network. (Privacy Policy)
    Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
    Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
    Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
    Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
    ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
    Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)
    ClickscoThis is a data management platform studying reader behavior (Privacy Policy)