We all know malware is out there. Malware includes applications that spy on you, corrupt your data, destroy your hard drive or give control of your machine to someone thousands of miles away. No matter what form it takes, it's bad business. And since there are a lot of examples of malware in the wild, it may only be a matter of time before you become the victim of a malware attack.
The most important advice we can give anyone who believes he or she has a computer with malware on it is this: Don't panic. Also, don't assume that you need to wipe your computer clean and start from scratch. Often you can remove malware without having to erase everything else. You may lose some data in the process, but you probably won't lose everything.
First you need to determine if your computer has a virus at all. You might suspect your computer of having a virus if it seems to be sluggish. If your Web browser suddenly looks different or automatically goes to a site you don't recognize, that's a good indication that you've got some malware. If your computer is unstable and crashes fairly often, you may have a problem. And if you try to access files but receive a message saying they're corrupted, that's another sign.
If you do think your computer has a virus, you need to run antivirus software to weed it out. Some viruses disable antivirus software -- they're clever that way. If you don't have any antivirus software, now's a good time to purchase or download an application. A few malware variants will try to block you from downloading antivirus software. If that's the case, you may need to download the software on another computer and transfer it to disk or a flash drive.
Detecting and Removing a Computer Virus
Antivirus software is practically a requirement for anyone using the Windows operating system. While it's true you can avoid computer viruses if you practice safe habits, the truth is that the people who write computer viruses are always looking for new ways to infect machines. There are several different antivirus programs on the market -- some are free and some you have to purchase. Keep in mind that free versions often lack some of the nicer features you'll find in commercial products.
Let's start with the assumption that you're able to run antivirus software -- we'll look into what to do if this isn't the case a little later. Assuming your antivirus software is up to date, it should detect malware on your machine. Most antivirus programs have an alert page that will list each and every virus or other piece of malware it finds. You should write down the names of each malware application your software discovers.
Many antivirus programs will attempt to remove or isolate malware for you. You may have to select an option and confirm that you want the antivirus software to tackle the malware. For most users, this is the best option -- it can be tricky removing malware on your own.
If the antivirus software says it has removed the malware successfully, you should shut down your computer, reboot and run the antivirus software again. This time, if the software comes back with a clean sweep, you're good to go. If the antivirus software finds different malware, you may need to repeat the previous steps. If it finds the same malware as before, you might have to try something else.
Advanced Computer Virus Removal Tips
If you can't access your antivirus software or you keep seeing the same malware pop up scan after scan, you may need to try and start your computer in Safe Mode. Many computer viruses will store files in your Windows registry folder. This folder acts like a database of instructions and tells your operating system important information about the programs you have on your computer. It can also tell viruses to activate as soon as the operating system loads. Starting your computer in Safe mode allows you to work with your machine using only the core elements of the Windows OS.
Try running your antivirus software in this mode. If you see new malware pop up, you may have hit upon your solution. Some malware exists only to download other kinds of malware and install them on your machine. If you can remove all of these applications, you'll be in good shape.
If for some reason your antivirus software can't remove the virus on its own, it's time to do a little more research. Remember when we said you should write down the names of all the malware applications that your software discovered? Here's where that comes into play. You'll need to research each of those files online using the appropriate Internet security firm. Make sure to use the same firm that produces the antivirus software you're using. That's because different firms sometimes give the same virus different names. Not all firms will refer to the same virus the same way.
Most Internet security firms will list all the files associated with a particular virus and tell you where you can expect to find those files. You may have to do some digging to find each file. Before you delete any files, you should save a backup copy of your Registry folder. If you accidentally delete the wrong file, you may make it difficult or impossible to run your computer properly.
Delete all the files associated with the malware on your list. Once that's done, you'll need to reboot your computer and run your antivirus software again. Hopefully nothing else will pop up.
You may want to update your login information for your various accounts online. Some malware has keylogging software that can send your passwords and information to a remote user. It's better to be safe than sorry.
Computer Virus Protection
There are some simple rules you can follow that will help you avoid computer viruses. Most of these fall under the category of common sense.
Don't open strange e-mail attachments or click on hyperlinks in e-mail. Virus programmers love to trick people into clicking on links that will lead them to malicious software. Let people know that you don't click on hyperlinks in e-mail unless the sender includes a description of the link and what it leads to. If your e-mail client supports autolaunch, turn it off. Otherwise you might automatically activate a computer virus just by opening the e-mail.
The same applies to other messages you might encounter. Hyperlinks in message boards, Facebook messages or instant messages can sometimes lead to malware. Pay attention to the source of the message. Look for any unusual signs like misspellings or odd sentence structure, particularly if the person who sent you the message normally avoids errors. If you do see an odd link, you may want to let the sender know -- he or she might be the victim of a hacked account.
Don't visit questionable Web sites. This includes everything from software, music and video piracy sites to porn pages. Many current Web browsers will alert you if you try to go to a site that is known for hosting malware. Pay attention to these warnings and stay away from those sites.
Pay close attention to any windows that pop up while you surf the Web. If you see a notification claiming that you need to download the latest video driver to watch something, use caution. This is a common tactic used to distribute malware.
Run your antivirus software at least once a week. You should also make sure your antivirus software and OS remain current by downloading updates and patches on a regular basis. Most antivirus software updates at least once a week as security firms add more virus information to their databases.
Avoiding viruses might sound like a lot of work but keep in mind it's easier than fixing a computer that's been hit with a virus. Learn more about computer viruses and safe computing on the next page.
Related HowStuffWorks Articles
More Great Links
- Academic Computing. "What to do if your computer is already infected with a virus." University of Minnesota. (March. 26, 2009) http://www1.umn.edu/adcs/guides/security/infection_cleanup.html
- Dittrich, David. "Lifecycle: Preventing, detecting and removing bots." March 20, 2005. (March 19, 2009) http://searchsecurity.techtarget.com/tip/0,289483,sid14_gci1068906,00.html
- Microsoft Security. "How to remove a computer virus." Microsoft. Dec. 31, 2008. (March 25, 2009) http://www.microsoft.com/protect/computer/viruses/remove.mspx
- Robertson, Jordan. "How to tell, what to do if computer is infected." AP News. March 15, 2009. (March 17, 2009) http://hosted.ap.org/dynamic/stories/T/TEC_INSIDE_A_BOTNET_CHECKLIST?SITE=ILEDW&SECTION=HOME&TEMPLATE=DEFAULT