Recovering From Malware

Recovering From Malware

How do you know your computer is infected?

Unfortunately, there is no particular way to identify that your computer has been infected with malware. Some infections may completely destroy files and shut down your computer, while others may only subtly affect your computer’s normal operations. Be aware of any unusual or unexpected behaviours. If you are running anti-virus software, it may alert you that it has found malware on your computer. The anti-virus software may be able to clean the malware automatically, but if it can’t, you will need to take additional steps.

What can you do if you are infected?

  1. Minimise the damage-If you have access to an information technology (IT) specialist or department, contact them immediately. The sooner they can investigate and “clean” your computer, the less likely it is to cause additional damage to your computer —and other computers on the network. If possible, disconnect your computer from the internet; this will prevent the attacker from accessing your system.
  2. Remove the malware-If you have anti-virus software installed on your computer, update the virus definitions (if possible), and perform a manual scan of your entire system. If you do not have anti-virus software, you can purchase it at a local computer store. If the software can’t locate and remove the infection, you may need to reinstall your operating system, usually with a system restore disk that is often supplied with a new computer. Note that reinstalling or restoring the operating system typically erases all of your files and any additional software that you have installed on your computer. After reinstalling the operating system and any other software, install all of the appropriate patches to fix known vulnerabilities.

How can you reduce the risk of another infection?

Dealing with the presence of malicious code on your computer can be a frustrating experience that can cost you time, money, and data. The following recommendations will build your defence against future infections:

  • use and maintain anti-virus software – Anti-virus software recognises and protects your computer against most known viruses. However, attackers are continually writing new viruses, so it is important to keep your anti-virus software current.
  • change your passwords – Your original passwords may have been compromised during the infection, so you should change them. This includes passwords for web sites that may have been cached in your browser. Make the passwords difficult for attackers to guess.
  • keep software up to date – Install software patches so that attackers can’t take advantage of known problems or vulnerabilities. Many operating systems offer automatic updates. If this option is available, you should enable it.
  • install or enable a firewall – Firewalls may be able to prevent some types of infection by blocking malicious traffic before it can enter your computer. Some operating systems actually include a firewall, but you need to make sure it is enabled.
  • use anti-spyware tools – Spyware is a common source of viruses, but you can minimise the number of infections by using a legitimate program that identifies and removes spyware.
  • follow good security practices – Take appropriate precautions when using email and web browsers so that you reduce the risk that your actions will trigger an infection.

As a precaution, maintain backups of your files on external media (e.g., hard drives) so that you have saved copies in the event you are infected again