Your computer is acting strange. Pop-ups you didn't open, programs you didn't install, browser searches going somewhere they shouldn't. You know something's wrong. Now someone — maybe a friend, maybe a tech forum, maybe the tech shop you called — is telling you to either clean it up with a virus removal tool or just factory reset the whole thing.
Both are real options. Neither is always right. Here's how to make the decision based on what's actually happening with your machine.
What Virus Removal Actually Involves
A proper virus removal isn't just running Malwarebytes and rebooting. That's a starting point, not a solution. What a real virus removal process looks like:
Step 1: Identify what you're dealing with. Not all malware is the same. Adware is annoying but rarely dangerous. Ransomware is a crisis. A banking trojan is somewhere in between. The type of infection determines the approach. A tech who doesn't distinguish between these things at the start is already doing it wrong.
Step 2: Isolate and scan. The infected machine should be disconnected from your network before any cleanup begins to prevent lateral spread. Multiple scanning tools should be used — no single scanner catches everything.
Step 3: Remove and verify. Malware can have multiple components — the primary payload, persistence mechanisms, and secondary payloads downloaded after initial infection. Removing the obvious piece without checking for the rest leaves you infected. Verification means re-scanning after removal and reviewing startup entries, scheduled tasks, and browser extensions manually.
Step 4: Harden the system. Update everything — OS, browser, plugins. Review and remove any software installed during the infection window. Change passwords for anything accessed from that machine.
A thorough virus removal takes two to four hours on a typical machine. It's not a 20-minute job.
When Virus Removal Is the Right Call
Virus removal makes sense when:
- The infection is identified and isolated (adware, browser hijacker, lightweight PUP)
- You have data on the machine that's not backed up elsewhere
- The machine is relatively new and the OS install is clean underneath the infection
- The infection hasn't been present long enough to allow secondary payloads to establish persistence
In these cases, removal is faster, cheaper, and less disruptive than a full reset. You keep your files, your installed programs, and your settings.
When Factory Reset Is the Right Call
Some infections warrant a full reset regardless of what the scan results show. If you're dealing with:
- Rootkits: Malware that embeds itself at the operating system level, below where most scanning tools can reliably detect or remove it
- Ransomware: The files are encrypted anyway. Unless you're paying the ransom (not recommended) or recovering from backup, the machine needs to be wiped to be trusted again
- Unknown or polymorphic malware: If scans keep finding new variants, or if behavior persists after removal, the infection may be deeper than surface cleaning can address
- Persistent reinfection: If you've been cleaned twice and you're infected again, something is surviving the removal process
A factory reset — properly done — is a clean slate. The OS is fresh, the drivers are fresh, and whatever was hiding in the old install is gone. The cost is reinstalling your programs and restoring your data from backup.
The Data Problem
The biggest reason people resist factory reset is data loss. This is legitimate — if you don't have a backup, a factory reset means losing your files. But here's the thing: many infections are recoverable for data purposes even when the OS needs to be wiped. A technician can often extract your documents, photos, and important files to an external drive before wiping, then restore them afterward.
Tyler handles this routinely for customers at Born Again Computer Repair. The process is: extract data to secure external storage, wipe and reinstall, verify the data, restore what you need.
Getting It Right the First Time
The choice between virus removal and factory reset depends on the specific infection, the age of the machine, and your data situation — and making the wrong call can mean either wasting money on an incomplete cleanup or losing data unnecessarily.
If your computer is showing signs of infection in the Pittsburgh area, call Tyler at (412) 818-7829. He'll walk you through what's happening, what the right approach is for your situation, and what it'll cost — before any work begins.
Need hands-on help? Call Tyler directly.
Born Again Computer Repair serves Pittsburgh, Washington County, South Hills, and the surrounding SW Pennsylvania area. Mail-in repair is available nationwide.