10 Steps To Take When You Discover Malware On Your Computer

Ads by Google

Viruses are everywhere! And although we’d like to think that the Internet is a safe place to spend our time (cough), we all know that there are risks around every corner. Email, social media, malicious websites that have worked their way into search engine results, and ad pop-ups all can pose a threat. Although there are precautions you can take to limit the risk of infecting your computer, sometimes you simply have bad luck and get infected anyway. But thankfully, you can do it for completely free, although removing malware can be a painful process. And because of that, I’ve laid out all the steps of exactly how to do it.

It’s Not Just Viruses — Other Kinds Of Malware To Know About

2 Kinds of Malware

Because there are so many kinds, “virus” is typically the term used to describe all the nasty stuff that can infect your computer. But the correct term is actually malware, and there’s lots of it.  Chris Hoffman wrote an article differentiating between the three main types of malware: viruses, trojans and worms. In that same article, he also briefly explains what spyware and scareware are. Scareware, or ransomware, is simply a program that infects your computer and then prompts you to pay to get it fixed. Guy McDowell goes more in depth in what ransomware is and how to remove it. Lastly, there’s adware, i.e. unsolicited advertising installed on your computer.

How To Detect The Symptoms That You’re Infected

3 Symptoms

Why do you need to know how to detect symptoms – that’s what you have an antivirus program for, right? Well, that’s true – they help for sure. There have been occasions where mine has caught something and I’ve been able to get rid of it before it has been able to cause any harm. However, if an antivirus program isn’t updated with the latest definitions, it might not catch everything. Plus, it’s always better to know what to look for, rather than depending on what a program says.

1. Homepage And Search Engine Hijacking

Ads by Google

Ever wonder why your homepage, now redirects to some weird website? Or what about your default search engine now being some other search engine that you’ve never heard of or recognize? These are tell-tale signs of malicious activity on your computer.

2. You’re Redirected To A Different Site Without Warning

Similar to the previous one, another problem you might run into is being taken to another website, likely malicious, when you typed in or clicked something completely different that you know hasn’t taken you there before.

3. Pop-ups

Ah, yes. The notorious pop-ups — we all know what they are.

4. Crashes

This isn’t always related to a malware infection, but if this is happening along with some of the others mentioned here, you’ve most likely got something.

5. Unfamiliar Programs And Toolbars

Ever wonder how all of those toolbars got there in your browser? They are full of search boxes and loads of useless buttons. Frankly, no one needs toolbars anymore. But if one showed up unannounced, it was either your poor program installation habits, or it snuck its way onto your computer… or both.

6. Slow Computer Online And Offline

Internet connectivity issues are one thing, but if your computer is always running slow, whether you’re online or not, you better keep reading this article.

7. Browser Can’t Load Pages

I hate to be the barer of bad news, but if your browser(s) continue(s) telling you that pages can’t be loaded, yet your Internet connection is fine, I’d bet that there’s something fishy going on.

The Steps To Take If You Are Infected

There is a level of panic and worry that can overwhelm you whenever you realize that your computer has been infected – you feel vulnerable and open. However, it’s not over for your computer and all of your files that it contains. There are ten things you need to do to obliterate that virus, trojan, worm, or whatever else may be infecting your computer and restore it to the state that it was prior to the infection.

1. Back Up Your Personal Files

4 Backup

Hopefully you have already been backing up your files. But even so, I recommend that you copy your personal files elsewhere just to be safe. Secondly, you don’t want to back up everything on your computer, as there’s a risk that you could save some infected files along with it.

I’ve written several articles on backing up, but the two that you should refer to the most would be why you need to backup and recovery tips to help you prepare for a disaster.

2. Disconnect From The Internet

5 unplugging Ethernet cable and X over WiFi

A virus will try to call home via your Internet connection. Disconnecting from the Internet should be one of the first things you do in order to battle any form of malware. If you’re on a desktop, simply unplugging the Ethernet cable is the most certain way. If you are on a laptop, you can disconnect by unplugging the Ethernet cable, or if you’re wirelessly connected, disabling the WiFi by a physical button on your keyboard or in the Taskbar.

6 Disable WiFi

3. Boot In Safe Mode Or With A Live Antivirus Rescue Disk

7 safe mode

By booting in Safe Mode, you’re able to prevent any non-core components from running, allowing you to isolate problems easier. To do this, restart your computer, and press and hold the F8 key while your computer starts up. The first option, “Safe Mode”, should be already selected, but if not, you can navigate to it with your arrow keys. Then press Enter. Once you’re in Safe Mode, you can continue the malware-removal process.

If Windows won’t start at all, you can use an antivirus rescue disk. These are available for free from many antivirus companies such as Kaspersky, Avira, AVG, and others. Justin Pot has written several articles on this, including one on three live CD antivirus scanners, and two more detailed posts on how to create a BitDefender and Kaspersky rescue disks. Lastly, you have the option of using a Linux Live CD.

4. Get Another Computer With Internet Access

8 second computer with internet access

You will more than likely need the aid of another reliable computer connected to the Web in order to resolve your malware problems. This is because you will need to research the problems and symptoms of the specific infection, as well as download various programs to remove the infection. If you don’t have another computer, you might talk to a good friend or family member and explain your situation. Of course, if you are going to school at a college or university, or if you have access to a computer lab at a library, you might be able to use a public computer to do this as well.

When you download any executable programs on the clean computer, you will of course need a way to transport them to the infect computer. What I find best is a flash drive with no other valuable files on it. You might also use an SD card or portable hard drive.

5. Try To Identify The Actual Malware And Search For Fixes

9 ID

Often times when malware infects your computer, it isn’t just some generic virus, but a specific kind that needs to be removed with a certain procedure. There are articles and forums all over the Web that address all kinds of malware infections. Start with a basic search based on the little information you know about the infection. For instance, if it’s in the form of a fake antivirus program, what is its name? Once you have somewhere to start, you can keep searching and gathering more information about what to do. Ideally, you’ll find instructions to walk you through the entire process from start to finish.

In case you are completely lost at this point, you can also ask MakeUseOf Answers and we will point you in the right direction.

6. Scan With Multiple Programs Until No Infections Are Found

10 scanning

If you can’t find anything specific about the infection, don’t worry — there are a variety of tools you can use to remove infections. These tools range from antivirus to rootkit removers to anti-adware and antispyware to general antimalware programs.

On our Best Of Windows Software page, we have sections for antivirus, malware removal and firewall applications.

Some tools I recommend are the Kaspersky TDSSKiller for removing rootkits, Malwarebytes’ Anti-Malware and HitmanPro for removing all kinds of malware, and AdwCleaner for removing adware. All of these tools are free and can be used in conjunction with one another.

Again, you will have to download these on the clean computer connected to the Internet and transfer their executable files to the infected computer. Programs like Malwarebytes’ Anti-Malware often need Internet access to get the latest definitions, so I often use it to make one last swipe once I’m able to connect to the Internet once more and download the updates. I then return to Safe Mode to run the scans.

NOTE: You should know that although you can use multiple malware removal programs, you can’t use multiple antivirus programs, as they can conflict.

7. Clean Up Temporary Files And Worthless Programs

11 clean up

Once you’ve removed the nasty infections, it’s time to clean up any remaining files. The recommended program to do this is CCleaner. It’s not considered a “security program” by any means, but it can help during this process. However, CCleaner isn’t the only good cleaner available. IObit’s AdvancedCare, System Ninja, as well as others like Xleaner and DriveTidy, are several good alternatives.

This might also be a good time to comb through your programs list with an app like GeekUninstaller to remove unneeded or potentially risky software that snuck its way into your computer.

8. Remove System Restore Points

12 System Restore

Although System Restore can be very helpful and has proven to help me many times, system restore points do have the potential to contain malware, so it’s recommended that you delete those to ensure that all traces of malware are removed from your computer. If you know for sure when you contracted the malware, you can remove the restore points up to that time. However, to be safe, I recommend you remove all of them.

To do this in Windows Vista and 7 (and Windows 8 if you have a Start Menu tool, like Classic Shell), click the Start button, right-click Computer, and then Properties.

13 Start - Computer - Properties

Click System protection in the left panel, which may then prompt you for an administrator password or confirmation. Under the System Protection tab click Configure, then click Delete and OK.

14 system protection – configure – delete

If you’re using Windows 8 without a Start Menu tool, navigate your mouse cursor to the lower right-hand corner to display the Charms bar. Click Search (magnifying glass), type “recovery” and click Settings.  You should then see a result that says Recovery, for me it was the second result down in the right panel.

15.1 Charms bar

15.2 Search - recovery

Once you click it, you’ll be taken to a window with Recovery tools, where you will click the link that says Configure System Restore. Then follow the previous instructions.

16 recovery tools - configure system restore

If you use Windows XP, follow these instructions provided by Microsoft.

9. Fix Post-Malware Removal Problems

There may be some problems that you encounter after you remove the infections from your computer. A couple quick options you might try would be Microsoft’s Fix It tool and a tool called Re-Enable II. Below are some common problems and how you might be able to fix them.

Can’t Connect To The Internet
This guide by Select Real Security is invaluable and can suggests many steps you might take to fix this problem.

Search Engine Redirecting To Random Website
One of the primary reasons for this, if you have Java (which you likely don’t need), is the Java cache hasn’t been cleared yet, which Java shows you how to do.

If your primary search bar still goes elsewhere, that can be changed in the Settings of your browser, whether you use Chrome, Firefox, Internet Explorer or others.

Homepage Is Still Different
If your homepage, like your search engine, was changed, you can go into your browser settings and change what this is too.

Programs And Files Won’t Open
Select Real Security has another great guide on how to fix this as well and uses four different methods: a Registry file, an INF file that fixes executable file association, CleanAutoRun by Kaspersky, and Creating a new user account.

Missing Desktop Icons
If none of your icons are on your Desktop anymore, try the Unhide or Re-Enable II tools.

Windows Update And Firewall Won’t Work
If Windows Update and/or your Firewall aren’t working properly, you might try a tool called Windows Repair by Tweaking.com. It can do a lot, so when you use it, uncheck all of the options except for the following five:

  • Repair WMI
  • Repair Windows Updates
  • Repair Windows Firewall
  • Reset Registry Permissions
  • Reset File Permissions

Windows Repair comes in both portable and non-portable versions.

Computer Is Still Slow
If your computer is still slow, there are several things you can do.

  • Removing more temporary files
  • Fix Windows system files by typing sfc /scannow in the Run Window (Start key + R) and the restart the computer
  • Ensure you have only one antivirus program installed and running on your computer

For more advice, take a look at Bakari’s article on why you might have a slow computer or Tina’s guide on speeding up Windows.

Still Having Problems? Try MakeUseOf Answers
If none of these options help, you might turn to the MakeUseOf Answers forum, which has proven helpful for many, including myself a time or two.

10. Change Your Passwords

17 Change passwords

Lastly, you should change your passwords to ensure that no information that was potentially obtained while your computer was infected can be continued to be used against you and cause even more harm.

I personally recommend using a password management strategy and Yaara wrote an excellent article on how to create strong, yet easy to remember passwords, as well.

Conclusion: Preventing Further Infections

18 internet checklist

With so much on the Internet today, preventing every single thing can be pretty difficult, but there are ways to be safe. We’ve covered many of these in the following articles already:

Have you had the “pleasure” of removing malware from your or someone else’s computer? If so, do you have any additional insight or success stories to share? We’d love to hear them!

Image Credits: Vintage Computer via Shutterstock, Laptop With Stethoscope via Shutterstock, backing up securely via Shutterstock, Ethernet cable with forbidden sign via Shutterstock, High wireless signal via Shutterstock, Red forbidden sign via Shutterstock, Rescue Usb Flash Drive via Shutterstock, Infected computer next to non-infected computer via Shutterstock, internet email is open with various computer virus icons via Shutterstock, Scan for viruses via Shutterstock, Virus Cleaned By Programmer via Shutterstock, note pinned to a cork board with the text Change Passwords via Shutterstock, Checklist for computer security via Shutterstock

Join live MakeUseOf Groups on Grouvi App Join live Groups on Grouvi
Windows Hacks & Customization
Windows Hacks & Customization
274 Members
232 Members
Best Windows Software
Best Windows Software
165 Members
Windows Troubleshooting
Windows Troubleshooting
159 Members
Windows Security
Windows Security
74 Members
Comments (18)
  • Michael Weldon

    Any Linux LiveCD or LiveUSB can be an extremely useful tool, especially for rescuing data and files from an already-infected and/or ‘locked-down’ Windows machine. They can’t, of course, be infected by any of the malware already present, simply because it cannot run on them…

    But I’m teaching my grandmother to suck eggs; doubtless many of you are already aware of this. In my opinion, the only guaranteed way to restore an infected machine is to remove the data from it (which is the important stuff, after all)…..and then to re-install. I’m lucky in this respect, running ‘Puppy’ Linux as I do; restoring from backed up system files and save files, I can completely re-build and have a system up-and-running in less than an hour.

    Try doing that with Windows.

  • Joni

    Aaron, this was a great article! I have already started using some of these suggestions and looked up the “Best Windows software” page.

    • Aaron C

      That’s great, Joni! I’m always happy to help if you have any questions — you know how to reach me ;-)

  • sekreid

    cant you just clean the hard drive and reinstall the operating system.

  • Rusty Anvil

    Gordon’s use of both a User and Admin logon accounts is excellent, but some users just feel that there is something “better” about the Admin account and are tempted to use it as their “daily driver” for routine computing.

    To discourage this, I always set up the desktop with a high-contrast black-and-white theme. Few mortals can endure this for more than a few moments, and generally, the folks who call on me for assistance don’t know how to change the theme to something more palatable.

  • gregzeng

    After discovering malware is usually so late, that you are not really aware of the extent of the damage. So it helps to have updated REAL-TIME malware watchers. Paid or free virus protection is the most common, but will not work on the very latest versions of malware. Generally the various brandnames leapfrog over each other in the effectiveness ratings, but the losers in the race are consistently the loser brandnames.

    Less known freeware protectors that I use include Winpatrol & Process Lasso. But the best protection is to MULTI-BOOT my computers. Any Ubuntu-based operating system is compatible with Windows 7 & 8. All my data are on Windows NTFS partitions. This can be easily read-write friendly between Linux and Windows.

    Unknown to most Windows users: the ‘rescue-disks’ for Windows are using Linux. Most Linux installations will also allow experts to rescue a damaged Windows computer.

Load 10 more
Affiliate Disclamer

This review may contain affiliate links, which pays us a small compensation if you do decide to make a purchase based on our recommendation. Our judgement is in no way biased, and our recommendations are always based on the merits of the items.

For more details, please read our disclosure.
Affiliate Disclamer

This review may contain affiliate links, which pays us a small compensation if you do decide to make a purchase based on our recommendation. Our judgement is in no way biased, and our recommendations are always based on the merits of the items.

For more details, please read our disclosure.
New comment

Please login to avoid entering captcha

Log In