Despite the best efforts to keep malware away from your computers, you may find active malware during a scan process. Once you have identified malware, what do you do? The answer to that question is simple: Follow your malware eradication plan. That means you should have already planned your actions. The time to think through the best way to handle malware infection is before the infection occurs.

There are two primary resources you should consult as you develop a malware eradication plan. Become familiar with these resources. They can help you avoid reinventing the wheel when developing your plan to handle malware infections.

1. Your anti-malware software’s support resources

2. Microsoft’s online resources—specifically, the Microsoft Malicious Software Removal Tool (MSRT)—https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx

In many cases, anti-malware software will suggest an action for each malware instance it finds. You can accept the suggestion or override the suggestion with your own action. Most anti-malware software provides links to follow for more information if you don’t have enough information to make a decision.

If you detect malware soon after installing or updating software, the easiest fix may be to uninstall or downgrade the offending software. Make sure you initiate another scan after taking any action to ensure your action actually fixed the problem.

If the options provided by your anti-malware software are not sufficient to remove the detected malware, the next step is to employ the Microsoft Malicious Software Removal Tool (MSRT). Visit the link provided earlier in this section to download the Microsoft MSRT. Install the tool and run it to help in removing some common malware found on Windows computers.

If the detected malware still persists after taking the actions suggested above, the best course of action is to isolate the infected computer and explore more aggressive actions. Follow as many of these steps as are practical:

1. Disconnect the infected computer from your network.

2. Download at least one alternate anti-malware using another computer connected to the Internet. This chapter includes a list of suggested anti-malware software packages.

3. Install the additional product(s) on the infected computer.

4. Use the new tool(s) to scan the infected computer.

5. Follow instructions presented to remove any detected malware.

If using additional anti-malware tools still does not remove the infection, you should seek additional assistance to clean the computer. It is possible at this point that you’ll need to reinstall the operating system to fully remove all malware.