When malware strikes How to clean an infected PC

You work hard to protect your PC from the malicious thugs of our digital world. You keep your antivirus program up to date. You avoid questionable Web sites. You dont open suspicious email attachments. You keep Java !lash and "dobe #eader up$to$date%or better yet you learn to live without them. &ut against all odds a clever new 'ro(an horse slipped through the cracks and now youre the unhappy owner of an infected PC. )r perhaps a less$vigilant friend has begged you to clean up a plague$ridden mess. )bviously you need to scan the computer and remove the malware. *eres a methodical approach that you can use to determine what the problem is how to scan and what to do afterward to protect the PC from future invasions.

1. Verify the infection

+s the PC in question really infected, +ve seen people blame -another damn virus. for everything from a bad sound card to their own stupidity. 'he first step in restoring the systems health is to determine whether what youre dealing with is a virus rather than a problem with hardware software or user error. +f your PC is unusually slow or if it seems to do a lot of things on its own that you havent asked it to do you have reason to be suspicious. &ut before you decide that a virus must be responsible take a moment to launch the Windows 'ask /anager 0right$click the Windows taskbar and select Task Manager from the pop$up menu1. )pen the Processes tab and check for any strange or unknown applications running in the background%especially those with nonsensical names and no recogni2able authority listed in the description. 'he odd$looking -wuauclt. process is fine for e3ample because it belongs to /icrosoft 0its actually part of the Windows 4pdate service as you can tell from the description.1 )f course this is only general guidance5 there6s nothing to stop a piece of malware from masquerading as a legitimate process by sporting an inoffensive description. 'hat said you6d be surprised how often a piece of malware gives itself away with a line of strange characters or symbols where the process description should be.

2. Check for sure signs of malware

'ruly insidious malware will preemptively block you from trying to remove it. +f your PC suddenly wont load utilities that might help you manually remove malware%such as msconfig or regedit%be suspicious. +f your antivirus program suddenly stops loading thats a huge red flag.

like this one try to scare you into running a file to 6remove malware6 0read9 install malware1 or giving up your credit card information to pay for bogus antivirus software.

"78!ake warnings

:ometimes the attack is more obvious. +f a program you dont recogni2e suddenly pops up and starts displaying dire warnings and asks you to run an e3ecutable file or asks for your credit card number your PC is definitely infected with some nasty malware. ;ever fork over your credit card information or other personal data to a program or website that tries to warn you that your PC is about to die. /ore often than not its a rogue program fear$mongering malware that tries to scare you into giving up your private info by issuing doomsday warnings of imminent hard drive failure catastrophic viral infection or worse.

3. Check online for possible fi es

'he one benefit of those scary pop$ups is that they could point you toward a cure. 4se your favorite search engine to look for phrases that appear in the pop$up%youll probably find other people fighting the same infection. 'heir e3periences could help you identify your enemy or even find step$by$step instructions for removing the malware. &e prudent9 'ake advice only from sites that seem reputable and remember to perform a full scan of your PC after youve followed any instructions even ours. &arring any clues that lead you to a magic solution scanning becomes your ne3t and most important step.

!. "ssume that your old #irus scanner is compromised

<ont waste time scanning your hard drive0s1 with your regular antivirus program. "fter all that program probably failed to catch the malware in the first place. &ut dont be too hard on it. ;othings perfect and even the best antivirus program can occasionally miss a new or particularly cleverly designed virus. "nd once that virus slips through your antivirus program is compromised. You have to assume that the malware not the security software is in control. You need a fresh malware scanner%one thats not already installed on your computer. +t must be capable of detecting and removing malware from your PC and you need to run it in an environment where the malware cant load first. =inu3 is your best bet but before you (ump to that option try booting into Windows :afe /ode to see if you can outflank your virus infestation there.

$. %se a lightweight scanner inside &afe 'ode

Windows has a :afe /ode that boots a minimal version of the operating system with generic drivers and nothing else. +t doesnt load most startup applications and%most likely%it wont load the malware thats infesting your PC. 'o enter :afe /ode boot your computer and press the !> function key before Windows starts loading. 'he timing is tricky so its best to mash !> repeatedly from the moment the motherboard manufacturers logo appears onscreen until you get the boot menu.

4se the Windows boot menu to access :afe /ode. When you reach that menu select Safe Mode with Networking from the list of boot options. 'he with Networking part is important%youre going to need +nternet access to solve your virus problem. )nce in :afe /ode open +nternet ?3plorer 0using other browsers in :afe /ode is often problematic1 and run a reputable online virus scanner such as &itdefender. !or best results + recommend using the ?:?' )nline :canner a Web$based virus detection app that is always up$to$date and runs off a remote server. Youll have to accept a browser add$in but the scanner should remove it when its done. &efore you start the scan click Advanced settings and enable as many e3tra levels of scrutiny as you can including scanning file archives and browser data.

'he ?:?' )nline :canner runs in your browser and does a thorough (ob of rooting out malware from your PC.

You might also try 'rend /icros *ouseCall. 'hough it isnt a Web app it is portable so you can download *ouseCall on another computer and copy it to a flash drive thereby creating a portable PC virus scanner. 'hen when you run into trouble you can plug the flash drive into the infected PC and run the program from there 0youll still need an +nternet connection for a definition update however.1 When using *ouseCall dont run it on default settings9 &efore you click the big blue Scan Now button click Settings and select Full system scan.

'rend /icro6s *ouseCall utility is another e3cellent free virus scanner and malware removal tool. Whichever scanner you use dont rush to get through this part of the process. Check the options and select the slowest most thorough scan. 'hen once the scan has started step away from the PC. #ead a book. <o the dishes. :pend time with someone you love. 'he scan will%and should%take hours.

(. )emember* +he second scan,s the charm

When that first scan is done%(ust to be sure%run another one with a different scanner. +ts easy and youll sleep better after multiple scanners have assured you that your drive is clean.

-. .ook to .inu as your last line of defense

&ooting into :afe /ode may not short$circuit particularly malicious malware. +f you still have trouble with an infection after running multiple scans in :afe /ode youll have to bypass Windows altogether and avoid booting from the hard drive. 'o manage that trick use a bootable C< or flash drive running a =inu3$based antivirus utility. You dont have to know =inu3 to take this step. &ut you will want an +nternet connection since these scanners must go online to update their malware databases.

'he first step is to download a bootable virus scanner as an .iso file. !rom it you can easily create a bootable C<. +n Windows @ double$click the file and follow the prompts. +n Windows > right$click the file and select Burn disc image. !or earlier versions of Windows youll need a third$party program such as the free +:) #ecorder. With its Windows$like user interface the Aaspersky #escue <isk will make you feel at home. &ut you have to be careful in setting up the scan. !irst the Aaspersky #escue <isk doesnt update its malware dictionary automatically. 'o do this manually select the U date !enter tab and click Start u date. )nce the utility is updated return to the "#$ects Scan tab click Settings and set the security level to the highest position. /ake sure that all of your hard drives are checked before you start the scan and leave the room.

When you boot your PC with the Aaspersky #escue <isk utility you6ll find yourself in a custom =inu3 environment. :imply update the #escue <isk crank all the scan settings up to ma3imum power and let 6er rip. +f you want to boot the Aaspersky #escue <isk from a flash drive youll need to download the prosaically named 4tility to record Aaspersky #escue <isk BC to 4:& devices. :ave it in the same folder as the .iso file run the utility and follow the wi2ard. 'he !$:ecure #escue C< isnt as outwardly friendly as Aasperskys program. +n fact it may make you nostalgic for <):. &ut it works though you may receive the following 0unduly alarming1 warning message9 %f a &indows system file is infected' the com uter may not restart. +ve never heard of anyone whose Windows system failed to restart after an !$ :ecure scan and + suspect that the eventuality is very rare. + also suspect that if malware did infect a Windows system file%and if !$:ecure couldnt clean the file without destroying it%reinstallation might be your only option anyway.

'he !$:ecure #escue C< is a bare$bones cleaning utility for when you need to wipe every piece of malware from your PC without starting Windows. !$:ecure has a stripped down unattractive te3t$based user interface. &ut unlike Aaspersky it updates its definitions automatically 0if it can find an +nternet connection1 and starts a full thorough scan with no fuss%you have to do little more than agree to the ?4=". !$:ecure doesnt offer a special 4:& utility. +f you want to move a copy of it onto a flash drive youll have to download and run the 4niversal 4:& +nstaller. +n :tep B youll find F(Secure )escue !* near the bottom of a very long list. + suggest you go straight to the bottom and then look for it while slowly scrolling up.

/. Protect your newly disinfected PC

When youre satisfied that your drive is clean try rebooting into good old Windows. 'hen uninstall your old antivirus program%it has been compromised. )f course you dont want to stay unprotected. #einstall the program and update to the latest version or 0if youve lost all faith in it1 install a competitor. !or more information on how to choose the best antivirus program for your needs check out our full rundown%with empirical testing%of the best security software available today. &ecause when it comes to malware a byte of prevention is worth a terabyte of cure.

:hare on !acebook :hare on 'witter :hare on 8oogleD :hare on =inked+n :hare on Pinterest

We #ecommend

EiF 7alve (oin forces on a compact gaming PC for your *<'7 'he hunting rifle of the future is here at C?: 0video1 :ponsored /ust$*ave Products &eing :old !or ;e3t 'o ;othing 0=ife!actopia1 <isable 8mail6s inbo3 sorting :aving You'ube videos for offline views