This guide will not work if the computer does not boot.
Complete any OS upgrades AFTER removing malware.
1. Remove all suspicious items from your browser’s extensions and settings/default search providers
2. Run rkill, which can sometimes take a few minutes to complete, and do NOT reboot when complete
1. Kills running malicious processes
2. Removes policies in the registry that prevent normal OS operation
3. Repairs file extension hijacks
3. Download an updated copy of Malwarebytes and turn on “scan for Rootkits” option then run a “scan”
4. Run Malwarebytes ADWCleaner using the “Scan Now” button
1. Removes majority of adware, PuPs, Toolbars, and Browser hijacks
2. Scans for bloatware & pre-installed software and lets you quarantine any or all of it
3. Fixes proxy settings changed by malware
4. Removes certain non-default browser settings
**Links to tools mentioned:**
* rkill
**Optional step but…**
1. Run Sophos HitmanPro
HitmanPro is a phenomenal “second-opinion” malware scanner. I recommend clicking “Settings” and uncheck “Scan for tracking cookies” before starting the scan. This will drastically reduce scan times. This tool can only be run ONCE for free. Use it wisely.
**Please note:** If malware has prohibited you from browsing the web or downloading files, you can try running the NetAdapter Repair Tool with all options checked which will attempt to restore your internet connection & default browser settings. You may have to download these tools on another computer and move them to a flash drive that you can plug into the infected machine.
If you have run all of the above tools successfully, you should be malware-free. Should you still be having issues then please don’t hesitate to call us at 877-481-1205 and we’ll be happy to take a look further.
**Follow-up Steps (highly recommended):**
• Using a computer that has not been infected, change passwords to all your online accounts.
• Consider enabling two-factor authentication on all accounts!
• Install a better anti-virus. See recommendations below.
What is malware?
Malware is an umbrella term used to refer to a variety of forms of hostile or intrusive software, including computer viruses, worms, trojan horses, ransomware, spyware, adware, scareware, and other malicious programs. It can take the form of executable code, scripts, active content, and other software. [Source: Wikipedia.com]
How did I get infected?
It is difficult to track down the source of an infection. Most infections are actually given permission to run unknowingly by the user. It is recommended to keep User Account Control turned on and never give access to something you do not trust or did not open. Many other infections come via exploits in your browser or browser plug-ins on websites you visit. Always be very careful what you install. Make sure you trust the source implicitly. When downloading programs, always use the publisher’s website directly.
How to prevent future infections:
Be very careful what you download and install. Keep your software up-to-date. Using Ninite for installing/updating software is very easy & safe and uses official installers without adding extra software to your PC during installation. Make sure Windows is kept up-to-date as well, including Windows 10 feature updates. Many Windows updates patch exploits and vulnerabilities in your operating system. Most infections are active because the user has unknowingly given it Administrative permission to install and run. The first line of defense starts with you.
The following tools will aide you in keeping your computer clean:
**Free Anti-Virus Suggestions:**
• Malwarebytes (free version must be run manually)
Free anti-viruses will only get you so far. I would highly recommend purchasing the AV of your choice to get better protection. Companies who offer products for free are usually making money of you one way or another. This has been [proven again recently with Avast](https://www.cnet.com/news/privacy/antivirus-firm-avast-is-reportedly-selling-users-web-browsing-data/). Don’t use Avast!
One more helpful tool is [uBlock Origin](https://ublockorigin.com/) which is more useful paired with [Firefox](https://www.firefox.com/en-US/) or a [Firefox-based browser](https://www.reddit.com/r/browsers/comments/1j0p156/list_of_firefoxbased_browsers/) since [Google began phasing out v2 support](https://blog.chromium.org/2024/05/manifest-v2-phase-out-begins.html).
Article [source]
Photo by Antoni Shkraba Studio: https://www.pexels.com/photo/person-using-black-laptop-computer-5475752/