Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

When malware strikes: How to clean an infected PC

Lincoln Spector | May 31, 2013
Snuffing out viruses and malware is serious business. Here's how to diagnose, treat, and protect an ailing PC.

You work hard to protect your PC from the malicious thugs of our digital world. You keep your antivirus program up to date. You avoid questionable Web sites. You don't open suspicious email attachments. You keep Java, Flash, and Adobe Reader up-to-date—or better yet, you learn to live without them.

But against all odds, a clever new Trojan horse slipped through the cracks, and now you're the unhappy owner of an infected PC. Or perhaps a less-vigilant friend has begged you to clean up a plague-ridden mess.

Obviously, you need to scan the computer and remove the malware. Here's a methodical approach that you can use to determine what the problem is, how to scan, and what to do afterward to protect the PC from future invasions.

1. Verify the infection
Is the PC in question really infected? I've seen people blame "another damn virus" for everything from a bad sound card to their own stupidity. The first step in restoring the system's health is to determine whether what you're dealing with is a virus rather than a problem with hardware, software, or user error.

If your PC is unusually slow, or if it seems to do a lot of things on its own that you haven't asked it to do, you have reason to be suspicious. But before you decide that a virus must be responsible, take a moment to launch the Windows Task Manager (right-click the Windows taskbar, and select Task Manager from the pop-up menu). Open the Processes tab, and check for any strange or unknown applications running in the background—especially those with nonsensical names and no recognizable authority listed in the description. The odd-looking "wuauclt" process is fine, for example, because it belongs to Microsoft (it's actually part of the Windows Update service, as you can tell from the description.)

Of course, this is only general guidance; there's nothing to stop a piece of malware from masquerading as a legitimate process by sporting an inoffensive description. That said, you'd be surprised how often a piece of malware gives itself away with a line of strange characters or symbols where the process description should be.

2. Check for sure signs of malware
Truly insidious malware will preemptively block you from trying to remove it. If your PC suddenly won't load utilities that might help you manually remove malware—such as msconfig or regedit—be suspicious. If your antivirus program suddenly stops loading, that's a huge red flag.


AVG. Fake warnings like this one try to scare you into running a file to 'remove malware' (read: install malware) or giving up your credit card information to pay for bogus antivirus software.

 

1  2  3  4  5  Next Page 

Sign up for CIO Asia eNewsletters.