Malware/Virus Remediation on a Windows-Based Computer
The following steps are a generic process to allow you to scan/remove most
malware/viruses from your computer. As these threats can vary in
complexity and are ever-evolving additional steps may be necessary but this
list is a typical starting point which should cover most issues.
Please note that I can make no guarantees with the use of this software.
RKill
This program will attempt to terminate processes running by the malware to
prevent you from scanning your computer.
- Go to the following website:
https://www.bleepingcomputer.com/download/rkill/
- Click one of the green boxes to "DOWNLOAD NOW" (I recommend
downloading from bleeping computer).
- Double click on the rkill file that you downloaded.
- The program will run and notify you that it finished and if any
changes were made by the program.
AdwCleaner
This program is a quick removal tool for certain malware and browser
hijackers
- Go to the following website:
https://toolslib.net/downloads/viewdownload/1-adwcleaner/
- Click on the big blue "Download Now" button on the right side of the
page.
- Double click on the adwcleaner file that you downloaded.
- Agree to the license agreement.
- On the main screen click on the "Scan" button.
- Let the computer scan your system (this will take a few minutes).
- Once the scan finishes click the "Clean" button.
- Once the various threats are removed the tool will require you to
reboot and provide you with a log file after the restart.
Malwarebytes
Malwarebytes is an adware and malware scanner. This tool can also run
continuously on the system (and is a worthwhile investment) but for now we
will just use the basic scanning/removal features.
- Go to the following website: https://www.malwarebytes.com/
- Click on the "FREE DOWNLOAD" button on the main page.
- Double click on the mb3-setup file that you downloaded.
- Accept the license agreement when prompted.
- Uncheck the box to create a Desktop shortcut.
- After the install click on teh "Protection Settings" button in the
Malwarebytes box that appeared in the lower right corner of the screen.
- Normally we would tweak many settings but as we are only using this to
scan you should toggle the following boxes:
- In the "Protection" tab turn "Scan for rootkits" to On and switch
the startup to Off
- Click on "Dashboard" from the list of options on the left of the
screen.
- On the right side of the screen verify that Updates are "Current".
- Click on "Scan" from the list of options on the left side of the
screen.
- Choose "Custom Scan" and click "Configure Scan"
- Check all of the scan boxes and all of the drive letters listed.
- Click "Scan Now"
- The scanning process may take several hours to complete. Once it
finishes allow it to remove any threats that it finds and reboot your
computer.
Superantispyware
Another useful removal tool but we are going to skip it here as it is a
little dated.
Antivirus Software
There are numerous options for antivirus software available for your
computer. The only recommendation that I can make here is that you
should have some sort of antivirus program on your machine and it should be
current with the program and updates (many times users still have just an
expired trial version from when they bought the computer. Some
programs are free and some cost money to maintain. The most popular
ones are as follows:
- Norton Security
(http://norton.symantec.com/norton/ps/bb/ushard/3up_ns1_ns_nsbu_us_en_notw_brnf_nort.html?om_sem_cid=hho_sem_sy:us:bs1:en:e|kw0000006084|12316524939|c&nortoncountry=us)
- this is a paid program but is very good
- Windows Defender - Microsoft includes this with all Windows 10
machines if an existing program is not detected. It is free and
works OK.
- Avast Free Antivirus (https://www.avast.com/en-us/index) - This
program is free and only requires you to register with an email.
It works pretty well.
- AVG Free Antivirus
(http://www.avg.com/us-en/free-antivirus-download) - This program is
also free and works pretty well.
Other Information
If the malware is still on your machine after these steps it may be
necessary to revert your system back to a time before the virus (system
restore) or you may need to take it to a place for service (the Microsoft
store in the Galleria does a wonderful job).
You should remember to always keep your machine patched and up-to-date AND
definitely take regular backups of your important files on your
machine. Your computer and any websites you use should have strong
passphrases (this is different from passwords) and these passwords should be
at least 10 characters long using a combination of letters/numbers/special
characters). Try not to use the same password on multiple sites and if
you use things like sentences for various sites (ex - I walk my dog!) it
becomes easier to remember. For the most critical sites (such as
email/facebook) you can and I strongly recommend that two-factor
authentication is turned on to make it more difficult for others to access
your accounts. These websites will go through the process in detail on
their help pages.
A few backup suggestions:
http://www.pcworld.com/article/2095481/storage/if-we-show-you-how-to-back-up-your-pc-for-free-will-you-finally-do-it.html
http://www.pcworld.com/article/2905400/windows/3-easy-steps-anyone-can-take-now-to-back-up-a-pc.html