My older brother just called. His computer has been infected with some sort of malware and he wanted advice on how to get rid of it. I’ve been meaning to write this post for a few weeks, but have been putting it off. Now that the Bro needs help, it’s time to get crackin’.
So, you think you’ve got a computer virus or Trojan horse, or some other malware mucking up your system? (Check out the signs to be sure. Website links that redirect you to “spammy” websites can be one clue.)
While I have found plenty of instructions online for removing specific infections, I have not yet seen a rundown of a mental strategy for dealing with an infection. And, trust me, you will need a mental strategy because computer infections are hair-pulling, f-word-inducing experiences.
The Critical Step
First of all, if you think your computer has an infection, Disconnect It From the Internet!
This piece of advice came from my younger brother, although my older brother said he had done this immediately, as well. The reason you want to do this is so that whatever has gotten into your computer can’t be sending info back to the malware creator (passwords, credit card numbers, etc.) or using your computer as some sort of spam robot (wherein your computer is given instructions to spam everything it comes into contact with). These infections are meant to spread. By disconnecting from the internet, you limit the infection’s ability to cause havoc on other machines.
Decide Whether You Are Able (or Want to) Tackle the Virus
Next, if you do not know anything about the inner workings of a computer, like what the Registry is, or how to find System Restore, or even how to open and run your antivirus program, the best thing you can do is take your computer to an expert, someone who does understand all this stuff, and have him or her fix it for you. You can also choose this option if you do understand computers, but don’t have the time or desire to deal with the infection.
Back Up Your Important Files
If you can, back up any important files on a CD or flash drive. You should be doing this regularly anyway, just in case this sort of thing happens. It will save you from suffering most of the stress of an infection simply to know that you have a backup.
Before loading these files onto a clean computer, you may want to have them tested for the infection because malware can easily hitch a ride onto your files. If you’re having someone disinfect your computer for you, mention that you’d like your backup files checked too.
Plenty of Time & Access to a Second Computer
If you’ve decided to tackle the infection yourself, give yourself a huge chunk of time in which to do the work necessary. I’ve discovered it can take a good half a day. Much of this time will be spent waiting for scans, so have a book on hand or some music to listen to in order to alleviate boredom.
You will also need a second computer, one that has access to the internet. You’ll see why this is handy momentarily.
Run Your Virus Scanner
Using whatever virus scanner you have loaded onto your computer (you do have one, don’t you?), run a scan of the computer. Sometimes, the scanner will be able to catch the infection and disable it. (If it does, yay! You’re done!) Likely, though, the infection is pernicious and your virus scanner won’t be able to handle it. What you want to discover from this scan is the name of the infection. Is it a virus, a Trojan horse, a worm?
Write down the full name of the infection. If it appears to have more than one name, or you can’t quite identify the name, write down whatever info your scanner gives you in relation to the infection.
Look Up Your Infection Online
Here’s where the second computer with internet connection is necessary. Type the name of your infection into your favorite browser and include the word ‘removal’. You will typically get a number of results that walk you through steps to get rid of your infection.
Read several websites before proceeding. You want to get a sense of what others have tried (did it work, or not?), plus you will need instructions that are clear and complete. Likely, you will find a forum discussion thread that has hashed over the infection. Forums can give you hints that other sites might not. If you don’t understand a set of instructions, either ignore them or read other sites for clarity.
Bookmark any sites you think will be useful so that you can refer back to them.
Many of the instructions you’ll find on infection removal will suggest that you download particular programs and run them on the infected computer. Forgo any versions of software that you have to pay for at first. You’ll probably be too frazzled by the infection to analyze these properly. You can always come back to them after trying free malware removal tools. If you decide to use software you need to pay for, ask your tech friends for suggestions.
When downloading malware removal programs, download them on your second computer (the clean one), save them to a CD or flashdrive and then install them from there onto the infected computer. (This is Sneakernet because you can walk the disc or flashdrive across the room to another computer. Thanks to Younger Bro for that term.)
Follow the Instructions
Follow whatever instructions you’ve been given and allow the malware removal software to run complete scans. Be sure to quarantine and/or heal any infections found. Hopefully by the time you are done with this, your computer will be free of its infection. Congratulations! Now, walk away from the computer and give yourself a much-needed break.
Know When to Give Up & Seek Professional Help
If at any point in the process, things don’t seem to be working properly (infections can disable anti-malware programs), or some step in the instructions seems beyond your skill (for example, editing the Registry), stop where you are, write down all the steps you’ve taken thus far (including the full text of any error messages), and contact someone with the technical skill to assist you.
There is no reason to stress yourself out over a computer infection. If you’ve already lost information, take a deep breath and think about ways to recover at least some of it.
Did you email an important document to someone? You may have it in your email sent file, or that someone may still have it and can send it back to you. Did you make any backups at all? Even old ones? Did you print anything out?
If you’re still vibrating over lost information, take another deep breath (or several – just don’t hyperventilate) and realize that this is an opportunity to start anew. Most of what you’ve lost probably wasn’t all that important anyway and the infection has just provided you a quick way to clean your computer’s closet, so to speak. Rejoice in the fresh start.
And remember to back up those files!
A Few Sites to Get You Started