17 years ago this week, the Melissa worm was released, a destructive virus that targeted Windows computers.New security holes are discovered in Windows and web browsers all the time. Even though Windows 10 is brand new, you can be sure a problem will be found at some point.
New malware can also slip under the radar of anti-malware software and while malware definition updates are usually quick to arrive, there’s often a small window of opportunity when internet nasties can sneak onto your PC undetected.
So how can you tell when your PC is infected by malware and, more importantly, what can you do about it?
Know your anti-malware software
If you’re lucky, you’ll have plenty of warning when your PC picks up a malware infection — your anti-malware software will display an alert.
Just make sure you’re familiar with the look and feel of your own malware software. Some sneaky malware can display very convincing fake ‘alerts’ that try to fool you into installing yet more dangerous software in the guise of getting rid of it.
Windows 10 has Windows Defender built-in, so you shouldn’t need another anti-malware app. Just be sure to let its automatic quick scans to complete unhindered and update its definitions often.
Anti-virus software BT Virus Protect is free to BT broadband customers. Find out more in the box below.
Watch your web browser
Modern web browsers like Chrome and Microsoft Edge are highly resistant to malware attack and will warn when you try to visit a known malware web site. Even so, they can still be hijacked.
So if you find your homepage (the page that opens when you open a new browser tab) has changed to something suspicious, pop-up windows containing ads keep appearing, or web pages that look like anti-malware applications open by themselves, malware is almost certainly the culprit.
Look for other signs of infection
The worst-case scenario is that are no visual clues to a malware infection and your personal data is being pilfered without your knowledge — though regular malware scans should stop that. But if your PC suddenly starts to run far slower than usual, or crashes for no apparent reason, there may be cause to worry.
Ignoring these kinds of subtle warning signs is how ‘botnets’ get so big. These vast collections of malware-infected computers are controlled remotely by hackers and used for cyber attacks — all without their owners’ knowledge.
What to do if you’re infected
Step 1: Run a malware scan
The first thing you should do when you suspect your PC might have a malware infection is launch your anti-malware application and update its malware database. If you are BT customer this may be BT Virus Protect.
Then perform a full system scan — you may have to select this option manually, since some software defaults to a less thorough ‘quick’ scan.
Since malware has already slipped past your anti-malware software, this step may not be much use, but it’s always worth a try.
Step 2: Restart Windows in Safe Mode
If a malware scan finds nothing, or malware stops you from performing a scan in the first place (it can be very devious), restarting in Safe Mode can help.
Safe Mode is a stripped-down version of Windows that disables many of its advanced features, so don’t be surprised if it looks very different to how Windows normally looks. Safe Mode also disables many of the programs that start automatically with Windows — which may include malware. And that’s just what we want.
In Windows 10, elect Power from the Start menu, hold down the [Shift] key and select the Restart option. When the blue Choose an option screen appears, click Troubleshoot > Advanced options > Start-up Settings > Restart. Then press option 4 or 5.
In other versions of Windows, restart in the usual way and as soon as the screen goes black, press the [F8] key on the keyboard repeatedly until you see a black Advanced boot options screen — you may need to try this a few times to activate it before Windows loads normally.
In all cases, continue by selecting the Safe Mode option.
Once Windows has loaded, launch your anti-malware application and perform a full system scan.
Read more in our article: How to restart Windows 10 and whatever happened to safe mode.
Step 3: Run the Microsoft Safety Scanner
If your own anti-malware software doesn’t detect anything, use the Microsoft Safety Scanner, which is a free download.
Disconnect your PC from the internet when the download is complete, but before you run the scanner. This can disable some malware features, making it easier to detect and remove. Just unplug your PC’s network cable or switch off its Wi-Fi to do this.
When the Safety Scanner runs, select the Full scan option when prompted and wait until it completes.
Step 4: Boot from an anti-malware rescue CD
If you get this far without any success, the next step is to boot your PC using a dedicated anti-malware CD. This bypasses Windows completely— and any malware with it — which makes it much easier to detect and clean an infection.
The only catch is that you’ll need to download and create the CD using another, uninfected, PC. Doing it on your own PC risks creating an infected CD, which won’t get you very far.
Ask someone you know to download the Kaspersky Rescue Disk 10 ISO file from http://support.kaspersky.co.uk/4162 and then burn it to a CD. Use the CD to boot your PC and follow the on-screen instructions to scan for — and hopefully remove — any malware.
Step 5: Perform some final checks
If you have successfully detected and removed a malware infection, your work is not yet done. You’ll also need to check your web browser and restore any hijacked web pages — look in its Options to see what the current home page is set to. You should also consider upgrading your anti-malware software to something more effective.
Since malware can also intercept just about everything you do on your PC, you should also change the account passwords for your email and online services, particularly those for financial institutions. Keep an eye on your back accounts, too, just in case a hacker has gained access.
Step 6: If all else fails…
If none of these steps successfully removes a malware infection, you’ve been unlucky enough to catch something that’s all but incurable.
In this case, the only option is to the drastic step of reformatting your PC’s hard drive and reinstalling Windows.
Windows 10 users can try the Reset this PC option from Start > Settings > Update & Security > Recovery, but this may not be successful, depending the sophistication of the malware. In this case, you’ll need to ask someone to download the Windows 10 ISO file and burn it to a DVD for you.
You’ll then need to restore your applications and files from your most recent backup, if you have one. Otherwise, you’ll need to copy your files onto another drive and dig out your software install discs.
In either case, make sure you install and update some anti-malware software as soon as Windows is reinstalled — and before you install anything else.