You've got a virus - what do you do next?

Computer Virus Removal – How To

Picture the scene: you’re slowly sipping your morning coffee, letting the caffeine percolate as you wind yourself up to deal with the day’s work ahead of you. Then, your phone rings. It’s your tech support guy. You take the call and his first words are: “I’m afraid we have a computer virus.”. What do you do?

First of all, verify that the caller is genuine

Before we dive any further into this question, let’s take a moment to remember that scammers do use bogus threats like having discovered a computer virus to frighten you into handing over your details so they can help you. Many people receive calls as frequently as every day saying that someone is calling from Microsoft and has detected a virus on your machine. These are scams and are to be avoided at all costs – never give an unknown caller access to your machine.

In this instance, however, assume we’ve established this is your regular tech support guy, so let’s move on.

Quarantine all computers that could possibly be infected

Part of the definition of a computer virus is that it replicates itself and spreads, which means that if it stays connected to a corporate or cloud network then it may infect other computers on that network.

This means that you need to get your computer off the network as quickly as possible and it is strongly recommended that you remove any other computers that could feasibly have been infected.

If this means you need to disconnect every computer you own, so be it. This may seem like an excessive response, but it will almost certainly be far better to disconnect the computers and then reconnect them when you are sure it is safe to do so than have to deal with the consequences of a virus spreading.

Identify and remove the virus

Make sure you use a tool intended for the virus in question. Update your virus definitions so that, if it’s a very new bug, your anti-virus will still be able to recognise it. If your software is capable of removing the virus, let it do so and then re-update your definitions and run a scan again just to make sure you are completely safe.

If your anti-virus software can’t remove the virus, it’s time to Google its name and look for expert guidance on removing it from your system completely.

Reinstall, restore and update

Many viruses attack computers that have not been kept updated with new versions of software and operating systems. The WannaCry virus was possibly the most (in)famous example of this. So, if anything on your computer was out of date, make sure it is updated, and keep it updated from now on.

Scan everything

By now, you may be congratulating yourself on having fixed the problem, but, as you may have heard, TSB was congratulating itself on a successful systems migration, right before the phones started to ring.

Don’t assume, check. Scan every computer on your network and make 100% sure they are all completely clean.

Learn and prevent

Before you start investigating how the virus got into your network in the first place, update all passwords. The virus may have captured your existing passwords, which means you now have to assume that even though it has been removed, your security doors are now wide open.

Then, is it time to do your due diligence and work out where your security went wrong and what to do about it.