It can be a gut punch to realize that your PC may be
infected with malware (the catchall term for viruses, Trojans, worms,
and other nasties). If you don't have antimalware software installed and
ready to clean your system, the situation can deteriorate quickly. But
we have tips for basic damage control for your computer and the devices
it's connected to.
Disconnect your PC from the network
Malware
frequently uses the Internet to connect your PC to another computer
that may give yours instructions, make it transmit data, or both.
Malware can even receive patches to fix bugs and performance, just as
legit software does. Another favorite activity is to search your home's
local network for other computers to infect. That's one of the reasons
to practice good security when using public Wi-Fi, and the reason why you should disconnect a PC that you believe has been infected.
If
you are using an Ethernet connection, just unplug the Ethernet cable.
If you are using Wi-Fi on a laptop, there is usually a switch at the top
of the keyboard that will toggle your Wi-Fi off and on. If you are
using Wi-Fi on a desktop PC, there usually isn't a switch, and the
malware may block software-based attempts to shut down your network
connection. You may also have both Ethernet and Wi-Fi options on the
same device, in which case you should disable both.
In Windows 7,
press Windows-X to open the Mobility Center and click the right-hand
button labeled Turn Wireless Off. In Windows 8 and 10, press Ctrl-X to
bring up a menu listing a number of utilities. The Mobility Center
should be second from the top. If you encounter problems while trying to
disable your Wi-Fi connection, move to the next step.
Shut down your PC
Even
if the malware loses its Internet connection, it can harm the device
that it's already on, by deleting or corrupting files or ransoming them.
Ransomware encrypts files that appear to be important (maybe your whole
Documents folder, for example), then demands that you pay to regain
access to those files. So even if you remove ransomware from your
system, you haven't removed the encryption. That requires a password --
designed to be far too complex to guess or crack in a reasonable amount
of time.
Malware may attempt to prevent you from shutting down
your PC, but you can get around that by holding down the power button on
your PC for about five seconds. This will force a shutdown, so save
your documents and close programs before you proceed, or else you may
corrupt files.
The next step is to use emergency/rescue media -- a
DVD or USB thumb drive with a malware scanner installed on it -- to
attempt to clean your PC (or in the case of ransomware, to decide if the
encrypted files are worth paying to decrypt).
Back up your files
Circumstances like this are why regular backups of your data are so important. Put your stuff in a secure cloud,
put it on an external drive, and store copies of your really important
files -- like tax records and contracts -- in a completely different
physical location, such as an archival-grade DVD or an M-Disc in a
safe-deposit box. These are highly durable forms of storage media. (And
given the constant march of technology, we suggest storing an external
optical drive along with it, even throwing in adapters for increasingly
popular connection types such as USB-C.) Your best preparation against
malware is to keep multiple copies of your data in multiple locations.
Create rescue tools to scan your PC
If
you have a rescue disk or thumb drive, you can start your computer and
tell it to boot from this storage medium. The recovery disk or drive
loads a scanner that you've installed on it, and it looks at your
infected computer's internal storage devices for malware before Windows
loads. You can of course scan your computer after Windows boots, but
some malware can interfere with or block the scanning process, or simply
hide itself more easily.
Ideally, you should plan ahead and
create a rescue tool before you run into malware. But if your PC's
already infected, you need a second PC that has an Internet connection
or an antimalware app with an emergency media-creation feature. If you
try to create a rescue disk on the infected machine, the malware may
tamper with the process or even copy malware onto the media. You also
need a blank DVD and DVD burner or else an empty USB thumb drive.
These
days most security software developers offer their recovery tools
separately from their antimalware suites. You can usually download the
recovery tool for free, such as the one from Norton.
We recommend this one because it's kept up-to-date and it doesn't
require you to handle an ISO file. You just download it, open it, and
follow the onscreen instructions.
Boot from the rescue disk
The
process for telling a computer to boot from a DVD or thumb drive
instead of Windows varies by device. You may have to consult your PC's
documentation to figure what buttons to press. For example, sometimes
you just tap F11 while your PC is starting up to get a list of devices
you can boot from. Navigate the list with your keyboard's arrow keys and
select with the Enter key. Other times you must dive into the BIOS or
UEFI -- a rudimentary interface that controls many of the functions of
the different components inside your computer -- and hunt for menu
options related to booting, then save your changes and exit.
Even
the key you press to enter the BIOS/UEFI during boot-up varies from one
device to another. The popular choices are F2, F12, and Delete. If your
computer uses a solid-state drive, your window of opportunity to press
the right key maybe be only a second wide, so you have to press your
chosen key repeatedly, in the hopes of getting one of those presses
inside the window.
It's not an elegant system, but if you don't
have external image backups to restore from, you don't have many
alternatives. Even if you decide to delete Windows and start fresh, some
particularly clever pieces of malware have been known to survive this
process and re-infect the operating system.
Even after you make
and boot a rescue disk, it may not detect the malware, or the issue may
not be malware-related. But as long as you take action quickly against
malware, and as long as you regularly back up your data to multiple
locations, you can help prevent total disaster: the permanent loss of
critical files.
0 comments:
Post a Comment
What's On Your Mind?