The unthinkable has happened – your PC has been infected by a computer virus and you need to ensure your files are safe, disinfect the system and do all you can to avoid this nightmare ever happening again.
BullGuard has provided a raft of advice to ensure you have the knowledge to protect yourself. It makes sense to be prepared for the worst, so, even if you are sure that your computer is clear of malware, read on to find out what you can do to prepare for an infection and how to reduce the risks of it succeeding. This includes setting up a backup system for your own data files, downloading security tools and making a few easy but effective changes to the way your PC is set up.
We need to state a couple of truths before starting. The first is that any computer is ‘hackable’ and avoiding viruses completely is difficult, though it can certainly be done: see, how to avoid viruses for more information. Your behaviour can also reduce the risk but keep in mind attackers who write malware are clever at tricking people. The second uncomfortable truth is that it is very hard to truly clean an infected system. Once you are sure your data is safe it makes sense to consider completely wiping the hard disk and re-installing Windows from the original disk or system restoration media that came with your PC (or that you generated when you first bought the computer).
It’s also worth pointing out that you should always run powerful, up-to-date security software, such as BullGuard Internet Security to prevent infections in the first place. As well as traditional signature based virus detection, it also incorporates behavioural-based detection to identify malicious code just released and not yet widely identified. This layered approach to security ensures the very best protection. You also get 5GB of free online storage so you can back up and keep important data, photos, music and more safe.
Some malware is designed to steal valuable data such as your usernames and passwords for your internet accounts such as your bank. If your PC has been infected with malware you should assume that some secrets have been stolen. Resetting all of your internet passwords will probably take longer than cleaning an infected PC but you should seriously consider setting aside a big chunk of time to the task.
STEP ONE: Recover data
If you back up your data frequently, either to a storage device such as an external drive or you use an online service, then your files will be safe and intact. Some malware, such as ransomware that encrypts documents and then demands payment for their recovery, can jump to external storage but online backup systems usually keep older versions of files and are a great way to avoid paying the ransom.
Be aware that some malware can also potentially infect office documents, PDFs and other apparently innocuous files. Ensure that when you clean up your computer (see below) you also scan your documents.
STEP TWO: Clean the system
Traditional advice states that you should disable Windows’ System Restore before scanning for malware. This is because a virus can end up being saved to this protected area and, even if a scanner detects the infected files, it won’t be able to delete them. However, we’re going to advise the opposite because disabling System Restore also removes an easy way to recover from damaged and infected system files. Only disable this feature if your scanner finds malware lurking in the protected area.
If your system has been infected by ransomware you may find it hard to use any security product. You can reboot Windows 7 and 8 into Safe Mode by pressing the F8 key as the system starts to power on. Choose Safe Mode with Networking if you need access to the internet for downloading tools and running online scans.
Install an anti-malware product such as BullGuard Internet Security or run a free online scan such as that available from http://virus-scan.bullguard.com. This will install a small add-on to Internet Explorer or an extension to Chrome.
It is often worth running what is known as a ‘second opinion’ scanner or rescue tool to double-check that the malware has been removed. Free tools are available from most anti-malware vendors’ websites. It’s worth downloading a few now as some malware interferes with victim systems, preventing them from accessing certain security websites when an infection has taken hold.
You can also check manually to see if any unusual programs start automatically when you boot your PC. Boot Manager is a new tool in BullGuard Internet Security and BullGuard Premium Protection. It is designed to enable you to speed up your computer’s performance but you can also see what applications start up when you boot the computer.
STEP THREE: Secure your internet accounts
This is technically one of the easiest steps but will probably take more time than the previous two combined. Make a list of all your internet accounts and reset the passwords for each one. Try your best not to use duplicate passwords and store the new list somewhere safe. Some people like to use password management software while others prefer to trust a piece of paper locked in a drawer.
The first account you should address is your email. Ensure that it has not already been compromised by checking the backup email address. If this has been set to an address that does not belong to you then change this before you do anything else. Reset your email account’s password and then you can begin the onerous process of resetting the other accounts. You’ll receive plenty of verification emails to your newly-secure email account.
STEP FOUR: Avoid the next infection
One of the most effective ways that you can protect your PC, aside from running anti-malware software, is to keep Windows and your other applications updated. Set Windows to update itself automatically and, where possible, set third-party applications like Flash, Java and Adobe products to update automatically - or at least alert you when updates are available.
A lot of automatic attacks on the web come in via Java running in the web browser. While this is a common type of attack, most people don’t actually need Java to run in the browser so you can disable it to secure yourself from such attacks. To do this click start and type 'Java Control Panel' and launch the matching application. Click on the Security tab and remove the tick from the 'Enable Java content in the browser' box and click OK. This will stop Java from running in your web browser.
To avoid being tricked into opening malicious files you can use this simple trick. Set Windows to show file extensions by opening Explorer, choosing Tools and then select the View tab. Untick the option called Hide extensions for known file types.
One further point avoid websites providing cracked software, that is software that has been modified or some of its features disabled, free pornography and pirated media content. These can by Trojans for malware.
Finally, be wary of all email attachments, unless you trust the source implicitly. Email attachments are a common way of infecting computers, particularly those sent by strangers.