Several steps can be taken to protect their device including, initiating frequent scans or enabling automated antivirus scans. Still, malware can sneak in through multiple defenses. Some clients try to protect their devices, but others refuse to install anti-malware software thinking that the barest antivirus protection is enough to prevent malware attack.
Some IT professionals prefer not to deal with the hassle of trying to remove any malware, virus, ransomware, or adware. They prefer to do a complete system restore by wiping the device of all of its content and reinstalling the factory installed the operating system.
Clients can lose a lot of valuable data if this method is used which is actually the last resort. Ideally, clients should create an image copy of the drive when their PC or drive is clean and uninfected. Creating an image copy after infection risks copying the bad sectors on the image copy.
Try these malware removal steps to get rid of malware and viruses from clients computer.
- Isolate or disconnect the hard drive
Trojans, rootkits, spyware, and ransomware can hide in an operating system. One of the best ways to check the hard drive is to isolate that drive and run it through a test machine to find if there are any infections. It is also possible to disconnect the drive and install another operating system. Remember that viruses can find a way to hide anywhere on a computer and that it may not always be on the hard drive.
- Remove the temporary files
There are several ways to remove the temporary files. They can be removed directly from the C drive or through the disk cleanup feature which is much easier. Type disk cleanup in the search bar next to the windows start button and click where it says disk cleanup.
The window will ask which drive you want to clean up. Select the 'C' drive and then click on temporary internet files to have those files removed. It is safe to delete all files from the temporary folder and doing this frequently may help get rid of hidden viruses that have decided to hid in the temp folder.
- After clean up repeat scans
Use antivirus, antimalware, and antispyware programs to scan the computer. After you have performed these scan, return or install the new operating system. Performing several scans with different software ensures that most infections have been removed. Try a variety of security programs that focus on different things like adware, malware, and spyware to have a better chance of removing any and all infections from the computer.
After performing all of the previous steps, reboot the computer and then delete all files, cookies, and the browsing history. Go to the client's selected search engine to verify that the malware did not make any changes to the systems default or LAN connection settings. If any changes have been made correct them.
Visit the random website to make sure everything is working well. Check for popup windows, redirected web searches, and any other anomalies. Verify that the computer can access anti-malware sites like MalwareFox and Symantec. If you don’t get any popups and can access websites that offer protection against malware like MalwareFox and Symantec, then you succeeded in removing the infection from the drive, and the client's computer is safe for their use again.
- Search for remaining hidden infections
If you find that some websites are still blocked or that searches are redirected it is most likely that infections remain in the pc. Try using several programs like Windows native Microsoft System Configuration Utility (Start | Run and type msconfig) or HiJackThis from Trend Micros to look for and detect malware and adware on Microsoft Windows. As a last resort search the registry and remove any infected executables.
If you have tried all of the malware removal steps and infections still persist its time to think about doing a complete system restore and restoring the computer to factory settings. If a hidden infection is still in the system, it's not likely that it will be removed after all these steps. Wipe the computers infected data and reset it to factory settings. This will eliminate all threats and offer protection from hackers.
Other IT consultants may have other tricks up their sleeves like using KNOPPIX or using other methods in the case of an infected Macintosh laptop but when it seems like you are fighting a losing battle against hidden malware its best to restore the computer to factory settings. By removing the infected data, you will remove all hidden malware, spyware, adware, and ransomware.