The process of cleaning up a computer infected with a virus or other malware can be frustrating and more than a little scary. Getting rid of malware is not easy. Removing it yourself can take hours, and there are times when a malware infection requires professional help.
The first step is to avoid infection in the first place, by any means necessary. The best way to do this is with a smart computer - for example, don't click on unknown attachments, and verify links before clicking on them - and have good antivirus software.
But even the savviest computer users can be fooled by a good phishing scheme. And while antivirus programs do a good job of preventing infections, they can't always defend against malware they don't know about. Some forms of malware even attempt to disable antivirus software as part of their attack.
Fortunately, there are some simple steps you can take to clean up an infected computer.
Step 1: Check your system with a free scanner
Many antivirus software manufacturers have free scanners on their websites that detect and remove many types of malware. These can be downloaded or run through your browser.
Some online scanners include Bitdefender QuickScan and ESET Online Scanner, the latter of which requires a small download to start scanning.
"These online scanners have the advantage of not being on your computer when you're infected, so they're not compromised like existing antivirus software," - said Brendan Ziolo, head of marketing at networking giant Alcatel-Lucent. "If the scanner removes the threat, you're well on your way to fixing the program."
But you may be better off running a downloadable tool such as Norton's Power Eraser, or installing and running free antivirus software such as Malwarebytes Anti-Malware.
Step 2: If the first step does not work, use a rescue disk
Sometimes malware can take control of your system and/or hide from these tools. If you are unable to remove the malware with a scanner, or do not have access to scanning tools on the Internet, then you will need to use a rescue disk.
Rescue disks, which are usually free, contain a full operating system (usually some form of Linux) and boot your computer from the disk itself. They allow you to repair a broken system, recover data, or scan your system for malware infections. (You may need to change the BIOS settings by pressing the F2 key at startup to allow you to boot from CDs or USB drives.)
Most antivirus companies provide downloadable rescue disk images; it's worth checking to see if they include Kaspersky's Rescue Hard Drive or F-Secure's Rescue CD. There is also a Hiren bootable CD that contains dozens of malware scanners, cleanup tools, recovery tools, and other utilities in a single disk image.
Many antivirus programs suggest that you create a rescue disk before your computer gets infected, Ziolo said.
"If you need to use a rescue disk, create it on a CD or USB drive from an uninfected computer," Ziolo said. "Once the rescue disk is created, boot the infected computer using the disk and follow the instructions."
Once the malware is removed, you will need to take further steps to prevent future attacks.
Step 3: Perform a vulnerability check on your system
Many security companies offer free programs that allow you to check that your computer's applications, plugins and operating system are up to date and that all vulnerabilities have been patched.
Two good ones are F-Secure's Web Scanner and Flexera's Personal Software Inspector.
Step 4: Install or update your antivirus software.
You should also make sure your antivirus software is up to date, and then run a full scan to make sure there are no further threats.
Don't have antivirus software? You really should. Take a look at our recommendations.
But there are times when you simply can't solve the problem on your own, said Aryeh Goretsky, a researcher at security firm ESET.
"Nowadays, malware is sneaky, it creates all sorts of underpinnings in the system and can make many different changes to the system that may not be obvious and cause seemingly unrelated and difficult to solve problems," Goretsky said.
If you have taken these steps and are still not satisfied, or if you have concerns about the damage the infection may have caused, it may be time to seek outside help.
You should contact your antivirus software manufacturer's help desk and work with a support engineer to examine your system for possible damage. The technician may be able to determine what the malware did while it was on the system.
"If the computer is being used for something important and/or sensitive, the best solution may be to back up valuable data, format the hard drive, and then reload the operating system and applications," Goretsky said.
After reinstalling operating systems and applications, patch them by installing updates to the latest available versions. Then restore data from backups.