The Complete Malware Removal Guide: Gavin Phillips

SECURITY
The Complete Malware Removal Guide
By Gavin Phillips / November 30, 2017 / 21 minutes
Facebook Twitter Pinterest Email
Advertisement
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
Malware is everywhere these days. You only have to sneeze in the wrong café, and you have malware. Okay, maybe not that bad.
But as the networked world expands, so does the potential for infection.
This MakeUseOf guide is a step-by-step approach to removing a signi cant amount of malware. Furthermore, we’re going to show
you how to stop malware infecting your system, to begin with. And if you don’t have to worry about malware, you’ll have more time
for the ner things in life.
We cannot deliver a guide detailing removal instructions for every piece of malware or ransomware out there. There are simply too
many. However, we can aim to remove most malware infections for a Windows 10 machine. Furthermore, many of the xes and
methods detailed are compatible with older Windows versions.
Eradicating malware from your system is a lengthy process. Malware of almost any variety is destructive. Furthermore, malware
developers aren’t interested in making removal an easy process — that would be counterproductive. So, for the vast majority of
computer users, removing malware requires guidance.
If you think your computer is infected, you need this guide.
1 How Do I Know I’m Infected?
2 Prepare Your System
3 Safe Mode and System Restore
4 Malware Removal
5 After the Removal Process
6 Ransomware
7 How to Stop Another Malware Infection
8 Home and Dry
1. How Do I Know I’m Infected?
Because there are many different varieties of malware, there are many different malware symptoms. The symptoms vary from the
extremely obvious to the extremely subtle. Below is a list of common malware symptoms.
Your computer shows strange error messages or popups
Your computer takes longer to start and runs more slowly than usual
Freezes or random crashes affect your computer
The homepage of your web browser has changed
Strange or unexpected toolbars appear in your web browser
Your search results are being redirected
You start ending up at websites you didn’t intend to go to
You cannot access security related websites
New icons and programs appear on the desktop that you did not put there
The desktop background has changed without your knowledge
Your programs won’t start
Your security protection has been disabled for no apparent reason
You cannot connect to the internet, or it runs very slowly
Programs and les are suddenly missing
Your computer is performing actions on its own
Your les are locked and won’t open
If your system is displaying one or more these symptoms, malware could be the cause.
2. Prepare Your System

The rst thing to do before commencing with malware removal is to backup your les to a secure of ine location. The removal
process is potentially damaging to your system and other important les. Some malware variants become extremely aggressive
when they sense the removal process taking place, and aim to take down your important and private documents with it.
The Ultimate Windows 10 Data Backup Guide

We've summarized every backup, restore, recovery, and repair option we could nd on Windows 10. Use
our simple tips and never despair over lost data again!
READ MORE
In this case, I strongly advise using an external storage device rather than a cloud solution, and for a good reason. Before
restoring your private les to your soon-to-be-clean computer, we must thoroughly scan your backup for traces of infection. If the
malware is present in your backup, you will copy the infection straight back to your computer — and be back to square one.
(Furthermore, there are ransomware variants that encrypt cloud drives — more on ransomware later.)
2.1 How to Scan Your Backup USB Drive

An easy and quick way to save the trouble is to scan your USB drive before connecting. I’ve got two options for you.
USB Disk Security
USB Disk Security is a handy free tool that delivers a reasonably high level of protection against infected USB drives. Download
and install the tool. When you’re ready, open USB Disk Security and select the USB Scan tab. As we are stopping malware, select
the large USB Vaccine button. When you insert your backup USB drive, it will automatically scan for potential threats.
Ninja Pendisk
Ninja Pendisk is another free tool that will quickly scan and immobilize an infected USB drive. The tool will also create a special
autorun.inf with special permissions to protect against reinfection (in case your system isn’t entirely clean).
5 Ways Your USB Stick Can Be a Security Risk
USB drives are useful for so many different things, but they can be problematic and dangerous if you
don't take the right precautions.
READ MORE
3. Safe Mode and System Restore

Let’s begin the removal process. This can take some time. Furthermore, success might come from the rst x we try. Malware
removal is, at times, a very frustrating process.
Many malware variants meddle with your internet connection. Some malware variants create a proxy to route all of your traf c
while others simply hide your network connection. Others stop you accessing your desktop or prevent certain programs from
running. In all cases, we boot to Safe Mode. Safe Mode is a limited boot mode accessed through Windows’ Advanced Boot Menu.
Windows 10 Won't Boot? Try These 12 Fixes to Get Your PC Running Again
A computer that can't boot is of no use at all. Check out these helpful xes that can restore your PC
back into action.
READ MORE
To access Safe Mode from within Windows 10, press Windows Key + I. Type advanced start in the Settings panel search bar and
select the rst option. Select Restart now under Advanced start-up. This will immediately Restart your system. You will arrive at
the Startup Settings Menu when your computer restarts. Select Enable Safe Mode with Networking from the list.
Windows 10 Safe Mode Advanced Start Up
Alternatively, restart your system and press F8 during the boot process (but before you see the Windows logo). Due to fast
boot (and the rapid boot speeds of SSDs) this procedure will not work on some newer systems.
This Little Tweak Will Make Windows 10 Boot Even Faster

Here's a simple setting you can enable on your PC that will speed up Windows 10's boot time.
READ MORE
3.1 System Restore
Before commencing, let’s check if you have a System Restore point created before your issues started. System Restore allows us
to roll the entire system back to a previous point in time. A Restore Point can quickly alleviate some forms of malware.
What to Do When Windows System Restore Fails
System Restore can roll back Windows to a previous state. We show you how to recover from a System
Restore failure and how to set it up for success.
READ MORE
Type Restore in the Start menu search bar and select the best match. This will open the System Properties panel. Select System
Restore. If you have a restore point, check its creation date. If you believe a restore point was created before the malware
infection, select it from the list, and select Next. (Select Show more restore points to look further back.)
Unsure about what installation introduced malware to your system? Highlight a restore point and select Scan for affected
programs. This lists the programs and drivers installed since the creation of the restore point.
In this instance, it is best to use System Restore in Safe Mode. Some malware variants block System Restore.
5 Things to Check When Your System Restore Is Not Working
System Restore could save you from a PC disaster. But what if it failed you? Check the following options
before reinstalling Windows from scratch.
READ MORE
3.2 Remove from Programs and Features
Type Control Panel into the Start menu search bar. Head to Programs > Programs and Features. Sort the list by Installed on. Look
down the list. Is there anything you don’t recognize? Or with an obscure name? If so, right-click and select Uninstall.
4. Malware Removal
There are numerous malware variants. We’re going to use some of the best tools available to attack as much as possible:
Rkill
Kaspersky TDSSKiller
Malwarebytes Anti-Rootkit BETA
Malwarebytes 3.x
Malwarebytes ADWCleaner
HitmanPro
Seems like a lot? Malware isn’t easy to obliterate.
4.1 Rkill
First up, we use Rkill to kill any malware processes that have made their way into Safe Mode. Theoretically, Safe Mode stops any
malware processes running, but that isn’t always the case. Rkill bypasses and destroys malicious processes that attempt to block
the removal process.
Easily Remove Aggressive Malware With These 7 Tools

Typical free anti-virus suites will only be able to get you so far when it comes to exposing and deleting
malware. These seven utilities will weed out and remove malicious software for you.
READ MORE
Download Rkill and run it. It is an automated process. When Rkill completes be sure to keep your system turned on, or the
malicious processes will start again when you restart.
4.2 Preliminary Rootkit Scan
A rootkit is a type of malware that nestles in the very root of the computer. It takes its name from the Admin accounts found on
Linux and Unix machines. Rootkits cloak themselves with other software and allow remote control over a system. Rootkits act as
a backdoor for other types of malware.
What You Don’t Know About Rootkits Will Scare You

If you don't know anything about rootkits, it's time to change that. What you don't know will scare the
hell out of you, and force you to reconsider your data security.
READ MORE
For instance, someone could scan their system with an antivirus. The antivirus picks up “regular” malware and quarantines the
infections accordingly. The user restarts their computer in the belief they have cleaned the infection. The rootkit, however, allows
the malefactor to reinstall the previously deleted malware automatically — and the user is back where they started.
Rootkits (and the bootkit variant) are notoriously dif cult to detect as they reside in the root directories, latching onto regular
processes. 64-bit Windows 10 users are slightly safer than other versions of the operating system due to the signed driver system.
Enterprising hackers, however, stole legitimate digital certi cates to authenticate their rootkits. You’re not entirely out of the
woods!
What Is a Bootkit, and Is Nemesis a Genuine Threat?
Hackers continue to nd ways to disrupt your system, such as the bootkit. Let's look at what a bootkit is,
how the Nemesis variant works, and consider what you can do to stay clear.
READ MORE
Luckily, there are two tools we scan your system with. That said, they’re not 100% accurate.
Kaspersky TDSSKiller
Kaspersky TDSSKiller is a well-known rapid rootkit scanner. It scans for and removes the malware family Rootkit.Win32.TDSS. The
link above contains the download page as well as a full list of malicious programs TDSSKiller removes.
Download TDSSKiller and run the le. Follow the on-screen instructions, let the scan complete, and remove anything malicious.
Reboot your system into Safe Mode as per the earlier instructions.
Malwarebytes Anti-Rootkit BETA
Malwarebytes Anti-Rootkit BETA (MBAR) is our second easy-to-use rootkit removal tool. Download and run the program,
extracting to your Desktop. MBAR is in beta but has been for years. It is just a disclaimer that the program might not nd an
infection. Update the database, then Scan your system.
Delete any malicious entries when the scan completes. Restart your system in Safe Mode as per the earlier instructions.
4.2 Malwarebytes 3.x

Malwarebytes is a malware removal mainstay. Malwarebytes scans and quarantines malware, allowing us to clean the system
thoroughly. Open Malwarebytes and update your malware de nitions. Then hit Scan Now and wait for the process to complete.
The 10 Best Free Anti-Virus Programs

You must know by now: you need antivirus protection. Macs, Windows and Linux PCs all need it. You
really have no excuse. So grab one of these ten and start protecting your computer!
READ MORE
Malwarebytes tends to throw up a number of false positives. For instance, certain Bitcoin mining apps will appear as malware.
Anything with unsigned digital certi cation will trigger a warning — understandably, as most malware is, of course, unsigned.
Check down the infected items list when the scan completes. Cross-reference items marked malware with their le name. You can
do this by completing an internet search using “[ le name] Malwarebytes false positive.” Alternatively, complete an internet search
for “[ le name] malware.” Quarantine and remove any con rmed malware.
Jotti and Virus Total
I’m just going to throw a word in here regarding online le scanning services Jotti and Virus Total. Both services allow you to upload
individual les for scanning against a number of popular antivirus programs. The results are cataloged by the services and made
available to antivirus developers to increase the detection accuracy of their products.
They are by no means replacement for antivirus and antimalware products. They can, however, quickly ascertain the status of your
false positive.
4.3 Malwarebytes AdwCleaner
Malwarebytes AdwCleaner is next on the list. Another Malwarebytes product, AdwCleaner scans and removes adware and
browser hijackers. AdwCleaner can throw up a lot of results depending on the level of infection on your system.
The latest version of AdwCleaner bundles issues by the program, listing services, registry issues, malicious shortcuts, browser
redirects, and more. For instance, if you use Chrome, issues relating to the browser will all be listed within a drop-down menu. From
there you can quarantine malicious extensions and more.
Another handy Malwarebytes AdwCleaner feature is the integrated Winsock reset. The Winsock de nes how network services
communicate with the wider internet, with a focus on TCP/IP (internet protocols). If your browser searches are being hijacked and
redirected, resetting the Winsock can alleviate some of the problems.
4.4 HitmanPro
HitmaPro is a powerful paid-for secondary malware removal tool. Don’t worry about paying for HitmanPro just yet. You can
download and use the free trial to remove your current infection. Select No, I only want to perform a one-time scan, then select
Next.
Even after other malware removal efforts, HitmanPro can throw up more results. That’s why we use it last — to pick up anything
that has slipped the net. Like some of the other tools we have used, HitmanPro can throw out a false positive or two, so double-
check before quarantining.
4.5 Antivirus
At this point, we scan the system with your antivirus. If you do not have antivirus installed, I presume you’re using Windows
Defender. Windows Defender isn’t the worst product out there by a long shot — it isn’t the best free product, either — but it is
certainly better than nothing. Check out our list of the best free antivirus programs around — I suggest Avira or Avast.
The 10 Best Free Anti-Virus Programs

You must know by now: you need antivirus protection. Macs, Windows and Linux PCs all need it. You
really have no excuse. So grab one of these ten and start protecting your computer!
READ MORE
Back to business. Complete a full system scan to see what is lurking. Hopefully, the answer is nothing. If so, you’re good to head to
the next section.
If not, I’ve some slightly bad news for you. This is where our paths separate. This guide focuses on offering coverall tools for
malware removal. But, friend, all is not lost. You have two options:
Complete the list again, in order. Some malware obfuscates other variants. Running through the list again may catch and
remove further nasties.
Note the speci c names of malware families detailed in the results of your antivirus scan. Complete an internet search for
“[malware family name/type] removal instructions.” You’ll nd much more detailed instructions speci cally for the type of
infection.
5. A er the Removal Process

After you’ve removed the offending malware from your system, there are a few little clean-up jobs to take care of. They don’t take
long but can be the difference between recommencing regular operations and succumbing to malware again.
5.1 System Restore
We attempted to use System Restore to roll back your system. If that didn’t work or you have restore points created after the
introduction of malware to your system, you must delete them. We’ll use Disk Cleanup to remove all but the most recent restore
point.
Type disk clean in the Start menu search bar and select the best match. Select the drive you’d like to clean; in many cases, this will
be C:. Select Clean up system les followed by the drive you’d like to clean (the same one as rst selected). Select the new More
Options tab. Under System Restore and Shadow Copies select Clean up… and proceed with the deletion.
5.2 Temporary Files
Next up, clean your temporary les. We will use CCleaner for this process. Using the link, download the free CCleaner version, and
install. CCleaner now has smart cookie detection, leaving your most visited and important cookies in place.
Press Analyze and wait for the scan to complete. Then press Run Cleaner.
5.3 Change Your Passwords
Some malware variants steal private data. That data includes passwords, banking information, emails, and more. I would strongly
advise changing all of your passwords immediately.
Using a password manager is an excellent way to keep track of the myriad online accounts. Better still, it allows you to use an
extremely strong password in place of others. But if your computer is compromised, you should change your master password for
your manager of choice.
5.4 Reset Your Browser
Some malware variants alter your internet browser settings. We can reset your browser settings to ensure anything malicious is
removed.
Chrome: head to Settings > Show advanced settings > Reset settings.
Firefox: head to Settings. Select Blue Question Mark to open the Help Menu. Select Troubleshooting Information >
Reset Firefox > Reset Firefox.
Opera: close Opera. Open an Elevated Command Prompt by pressing Windows Key + X, and selecting Command Prompt
(Admin). Copy the following command into the window: del %AppData%\Opera\Opera\operaprefs.ini. Press Enter.
Safari: head to Settings > Reset Safari > Reset.
Edge pre-Fall Creators Update: head to Settings > Clear Browser Data. Select the drop-down menu and check all the
boxes.
Edge post-Fall Creators Update: press Windows Key + I. Open Apps. Scroll down to Microsoft Edge and select Advanced
> Reset.
5.5 Check Your Proxy Settings
Adding to the browser reset, it also worth double-checking that there aren’t any unexpected proxies lurking.
Head to Control Panel > Internet Options > Connections > LAN Settings. Check Automatically detect settings and ensure Use a
proxy server remains clear. If there is a proxy address (that you didn’t insert), I would suggest rescanning your computer.
5.6 Restore Default File Associations
Sometimes after a malware infection, you’ll nd that you cannot run or open any programs at all. This issue usually relates to
broken default le associations.
We’ll use a tiny program to x the broken le associations. Use this link to download exeHelper. You’ll have to accept the forum
terms and conditions, but don’t have to sign up to anything. Right-click the downloaded le and select Run as Administrator. Let
the process complete.
You can manually replace le associations using a registry entry le. Use this link to download a comprehensive list of le types
and protocols, via TenForums. Once downloaded, unzip the le and double-click any association you’d like to restore to default.
5.7 Check Your Hosts File
Every operating system has a hosts le. The hosts le de nes which domain names are linked to which websites. The hosts le
trumps your DNS server settings. In that sense, you can make a hosts le point anywhere. That is exactly why some malware
variants add their own IP redirects — to bring you back to a phishing site or other malicious site again and again.
Find your hosts le:
Windows: C:\Windows\system32\drivers\etc\hosts
Mac and Linux: /etc/hosts
You will need administrative access to edit the hosts le. Furthermore, you must edit the hosts le using a text editor.
So, what are you looking for? Anything that looks or sounds untoward. The Windows hosts le should not have anything
uncommented in it — that means lines without a “#” in front of it. Resolutions for your localhost and hostname into 127.0.0.1 is
completely normal, do not panic if you spot that.
Delete any offending entries (after cross-checking online), save your edits, and exit.
5.8 Unhide and Re-Enable
Some malware infections hide all of your les. Other disable access to core applications, like the Control Panel, Task Manager, or
Command Prompt. There are two small applications we use to reverse these issues.
To make your les visible again, download and run Unhide.
To regain access to Control Panel and other vital tools, download and run Re-Enable.
6. Ransomware
Ransomware is a major issue for internet users around the globe. Like malware, there are numerous ransomware variants each
with distinct malicious characteristics. There are, however, a couple of key characteristics that differentiate ransomware from
malware.
A ransomware infection usually begins silently, encrypting your personal and private les using a pre-de ned list of target
le extensions.
Ransomware usually locks your system, forcing you to pay a ransom to retrieve the unlock key.
Finally, even if you remove the ransomware infection, your les do not magically decrypt. (Adding to that, previously
encrypted les aren’t safe — they’re just encrypted, along with the rest.)
The rise of ransomware is a scourge that causes a signi cant amount of trouble. Perhaps the best example of ransomware is
WannaCry. The highly virulent WannaCry ransomware swept around the globe encrypting millions of systems in over 100
countries. Security researcher Marcus Hutchins, aka MalwareTechBlog, stopped the spread of the ransomware by registering a
domain name found in the ransomware source code.
The Global Ransomware Attack and How to Protect Your Data

A massive cyberattack has struck computers around the globe. Have you been affected by the highly
virulent self-replicating ransomware? If not, how can you protect your data without paying the ransom?
READ MORE
Ransomware, then, requires a two-pronged approach. Unfortunately, reactive containment only works if you catch the
ransomware in process. Removing the ransomware and decrypting les is unachievable for many variants.
6.1 Decrypting Ransomware
As just mentioned, there are a huge number of ransomware variants on there. They use different encryption algorithms to render
your private les useless — unless you can decrypt them.
Security researchers have successfully cracked several ransomware algorithms. Other ransomware developers have slipped up
and offered clues to the whereabouts of the decryptor, while law enforcement raids have uncovered troves of private encryption
keys for major ransomware variants.
If you have a ransomware infection, you need to act swiftly.
ID Ransomware
Most ransomware variants announce their presence after encrypting your les, along with their name, via a ransom note. If that
doesn’t happen, you need to upload an encrypted le to ID Ransomware (the site also accepts ransom notes or hyperlinks included
in the ransom). The site will quickly identify the infection.
Find a Decryption Tool
Once you know what you’re facing, you can try to nd a tool to x the damage. Several sites, including ourselves, list decryption
tools.
12 Tools You Can Use to Help Beat Ransomware
One of the biggest issues facing computer users is ransomware. And while a ransomware infection is
notoriously dif cult to ght, it isn't impossible. See how these tools can help.
READ MORE
The No More Ransom Project
Kaspersky Free Ransomware Decryptors
Avast Free Ransomware Decryptors
Fight Ransomware List of Decryption Tools — super list
WatchPoint Decryptors Collection — super list
If you don’t nd the decryption tool you need, try completing an internet search for “[ransomware variant] + decryption tool.” Don’t,
however, head deep into the search results — there are phishing sites and other malicious sites that simply insert the name of what
you’re searching for to ensnare unsuspecting users.
I’m not going to comment on how to use individual tools. There are simply way too many to offer detailed advice and instructions.
The overwhelming majority come with at least some instructions as to their use.
7. How to Stop Another Malware Infection

Now your system is clear of infection it is time to assess how to stop it from happening again. There are so many antiviruses,
antimalware, system cleaning, script blocking, process destroying tools out there it is dif cult to know where to start.
Rest easy. We’ll show you how to build the best walls to keep malware out.
7.1 Antivirus
To start with you need an antivirus suite. If you already had one installed, consider changing it to something better. Honestly, those
of you using Windows Defender are receiving a base level of protection. Windows Defender is a much better tool than in previous
years, but it isn’t comparable to other third-party options.
Try the excellently priced Bitdefender or Trend Micro suites. Alternatively, if you’re happy with a free solution, try Avast.
Bitdefender Antivirus Plus 2018
Trend Micro Antivirus+ Security
Avast Free Antivirus
7.2 Antimalware
Next up we need an antimalware tool. The antimalware tool market has fewer trusted tools than the antivirus market, making our
selections easier.
Malwarebytes Anti-Malware — the Free version is ne, but go for Premium if you can afford the yearly expense.
Zemana AntiMalware — again, the Free version is ne.
7.3 Anti-Ransomware
We are building a multi-layered approach to computer security. It is true that having multiple antivirus suites creates an almost
neutralizing effect. But having multiple services focusing on different attack vectors is quite the opposite. Anti-ransomware tools
focus on stopping ransomware getting into your system in the rst place.
Cybereason RansomFree
Malwarebytes Anti-Ransomware BETA
Alert
7.4 Browser Security
A majorly overlooked vulnerability is your internet browser. There are a vast number of malicious sites out there waiting for you.
Adding to that, malvertising campaigns can infect you without you even realizing anything is awry. Taking the time to beef up your
browser can stop a large number of malware and ransomware attacks before they get going.
Security tools vary by browser, but there are similar tools for most. The below tools are a great starting point for browser security:
NoScript: this Firefox extension stops a number of background scripts from running, preventing logging, clickjacking, and
more.
uBlock Origin: this multi-browser extension stops a huge array of tracking, malvertising servers, clickjackers, and more.
(Pictured above.)
Disconnect: allows you to visualize and block the numerous sites tracking your internet use.
Privacy Badger: blocks trackers and malvertising servers.
HTTPS Everywhere: forces all websites to use HTTPS, boosts your overall security, prevents man-in-the-middle attacks.
The combination of extensions you use depends on your browsing habits. If, however, you are uncomfortable with the extent of
internet tracking, NoScript or uBlock Origin are a must (or our comprehensive guide on avoid internet surveillance!).
Avoiding Internet Surveillance: The Complete Guide

Internet surveillance continues to be a hot topic so we've produced this comprehensive resource on
why it's such a big deal, who's behind it, whether you can completely avoid it, and more.
READ MORE
7.5 More Useful Tools
You don’t need all of the above tools. As I said, more than one antivirus suite is the wrong approach. Personally, I combine
Bitdefender, Malwarebytes Anti-Malware Premium, and Cybereason RansomFree.
There are, however, a host of really helpful tools for you to consider.
Emsisoft Emergency Kit: the Emsisoft Emergency Kit is a portable tool that scans for a wide-range of malware, viruses,
and more. Handy as part of a USB drive recovery kit.
SUPERAntiSpyware: the free version of SUPERAntiSpyware detects and removes a huge range of malware, adware, and
spyware.
Spybot Search & Destroy: Spybot is a long-standing anti-spyware tool that repairs and cleans a vast array of potentially
malicious entities.
Kaspersky Anti-Ransomware Tool: the anti-ransomware tool from Kaspersky blocks a wide range of ransomware
7.6 Linux Live CD/USB
Malware is only a problem if you are unprepared. Add a Linux Live CD or USB to your malware doomsday preparation, and you’ll
be in good stead. Linux Live operating systems operate over your existing installation. You boot the live operating system from a
disc or USB drive, granting yourself access to a powerful array of remedial utilities as well as the infected operating system.
The PC Repair Toolkit in Your Pocket: Boot CD on a USB Stick

Inside my technician's toolkit I keep a USB ash drive loaded with the most amazing tools on the planet:
my PC repair toolkit. In this article, I share its contents.
READ MORE
Here are ve you should consider making a copy of right now. (Recovering infected computers isn’t the only thing Live CDs and
USB drives are good for!)
System Rescue CD
Hiren’s BootCD
Knoppix
Ultimate Boot CD
Trinity Rescue Kit
Once you’ve downloaded one or more of the rescue discs, you will need to burn them to your preferred media.
How to Build Your Own Bootable Linux Live CD

It's easy to create a DIY bootable live CD in Linux, using third-party tools or of cial Linux operating
systems. Need help? Follow these steps to create a Linux Live CD in minutes.
READ MORE
8. Home and Dry

Theoretically, your computer is now completely clear of malware. Furthermore, you’ve installed some antivirus, antimalware, and
an anti-ransomware tool to keep you safe. You’ve also installed a few tools to stop unwanted scripts running in your internet
browser. And to top it off, you’ve created a backup Linux Live CD or USB drive to save your bacon next time around.
Overall, your whole system is looking more secure. But don’t be complacent.
One of the biggest battles is user education — the me and the you behind the screen. Spending a small amount of time preparing
your system and understanding where threats appear is a great step forward!
Good luck and stay safe.
Enjoyed this article? Stay informed by joining our newsletter!
your@email.com Submit
Read our privacy policy
1 COMMENT WRITE A COMMENT
© 2018 MakeUseOf. All Rights Reserved.

The Complete Malware Removal Guide: Gavin Phillips

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

The Complete Malware Removal Guide: Gavin Phillips

Загружено:

Авторское право:

Доступные форматы

SECURITY

The Complete Malware Removal Guide

By Gavin Phillips / November 30, 2017 / 21 minutes

Facebook Twitter Pinterest Email

If you think your computer is infected, you need this guide.

1 How Do I Know I’m Infected?

2 Prepare Your System

3 Safe Mode and System Restore

5 After the Removal Process

7 How to Stop Another Malware Infection

8 Home and Dry

Your computer shows strange error messages or popups

Freezes or random crashes affect your computer

The homepage of your web browser has changed

Strange or unexpected toolbars appear in your web browser

Your search results are being redirected

You start ending up at websites you didn’t intend to go to

You cannot access security related websites

The desktop background has changed without your knowledge

Your programs won’t start

Your security protection has been disabled for no apparent reason

You cannot connect to the internet, or it runs very slowly

Programs and les are suddenly missing

Your les are locked and won’t open

2. Prepare Your System

The Ultimate Windows 10 Data Backup Guide

2.1 How to Scan Your Backup USB Drive

USB Disk Security

3. Safe Mode and System Restore

Windows 10 Safe Mode Advanced Start Up

This Little Tweak Will Make Windows 10 Boot Even Faster

3.1 System Restore

3.2 Remove from Programs and Features

Malwarebytes Anti-Rootkit BETA

Seems like a lot? Malware isn’t easy to obliterate.

Easily Remove Aggressive Malware With These 7 Tools

4.2 Preliminary Rootkit Scan

What You Don’t Know About Rootkits Will Scare You

Malwarebytes Anti-Rootkit BETA

4.2 Malwarebytes 3.x

The 10 Best Free Anti-Virus Programs

Jotti and Virus Total

4.3 Malwarebytes AdwCleaner

The 10 Best Free Anti-Virus Programs

5. A er the Removal Process

5.1 System Restore

5.4 Reset Your Browser

Safari: head to Settings > Reset Safari > Reset.

5.6 Restore Default File Associations

5.7 Check Your Hosts File

Find your hosts le:

Mac and Linux: /etc/hosts

5.8 Unhide and Re-Enable

To make your les visible again, download and run Unhide.

The Global Ransomware Attack and How to Protect Your Data

6.1 Decrypting Ransomware

If you have a ransomware infection, you need to act swiftly.

Find a Decryption Tool

The No More Ransom Project

Kaspersky Free Ransomware Decryptors

Avast Free Ransomware Decryptors

Fight Ransomware List of Decryption Tools — super list

WatchPoint Decryptors Collection — super list