Print

This is a general guide for cleaning an infected computer.  Some infections require further work or an experienced eye to remove; meaning you should get someone out to look at it for you.

Disclaimer:

Some infections replace or infect important system files and the act of cleaning them can leave your system in an unstable state.  There is a chance that Windows will no longer boot after removing infections as important files had to be deleted to complete the operation.  The steps listed below will not delete any of your personal files unless they have been identified as infected.  It is your responsibility to keep your data safe.  Please backup any important data before proceeding with this guide.

Preparation

You will need to download some tools from the internet.  If the internet is unusable on the infected computer because of browser hijacks, then you may need to download the tools onto a USB flash drive from a clean computer.  You may be able to get your infected browser working well enough to download these tools by going into the add-ons section and removing anything that looks suspicious.

Most of these tools do not update themselves automatically, so its a good idea to download new versions each time you need them.

Download the following tools:

Uninstall suspicious programs

Some Possibly Unwanted Programs or PUPs can simply be removed from the Programs and Features list in Windows.  Go to Control Panel and find "Programs and Features" or "Uninstall a Program".  Scroll through the list and remove anything with the words coupon, toolbar, savings and anything that looks to be bad.  Be careful not to remove important software and drivers from this list, just because you don't recognise it, doesn't mean its bad; do a quick google on your phone if you are unsure.  Try checking www.shouldiremoveit.com

Disable your antivirus temporarily

Some antivirus programs might flag your new scan tools because of the way they work.  Its best to disable your AV before downloading the tools, or plugging in your flash drive.  Most antivirus products have a right-click menu with some sort of disable option.  Find it in the system tray (down near the clock) and right click the icon.  Some require you to open the app and go into settings to turn off realtime protection.

This will also speed up the scanning process.

Run your scans:

Time to run the scans with your new tools.  Only run one tool at a time and don't fret if you don't understand what they are telling you.  Run each tool as administrator to give them full access to the system.  Right click -> "Run as Administrator".

Check if the infection is gone

Fire up each web browser and be sure that web pages load properly.  Sometimes you need to fix your home page which can be done in the settings.  Chrome sometimes needs to be "Reset" which is done in the bottom "Advanced" section of the settings.  Its a good idea to reset your Internet Explorer settings too from the "Advanced" tab in "Internet Properties" found in the Control Panel.

If you Steam game client is infected, then check out my guide on cleaning Steam - Steam browser hijacked

If the infection persists, then you may need to seek further advice either online from r/techsupport or from a local computer repair company.

Check your antivirus

If you disabled your antivirus before running the scans, then make sure that it is re-enabled.  While you are there, make sure that your subscription has not expired and that it is fully up to date.

Additional free protection

Install Unchecky to help prevent those PUPs from side-loading when you install software.

Preventing future infection

Most of the machines I clean already have paid antivirus installed.  The customer thinks that they are safe because they have paid for protection and use a big brand.  Unfortunately having the most popular antivirus product installed on your system doesn't mean you have the best protection.  Most antivirus products either do not bother detecting PUPs or do a lousy job of it because they are not technically classed as malware.

Possibly Unwanted Programs or PUPs can add extra toolbars or ads to pages on your web browsers.  They can offer to speed up your system, update drivers, or clean up infection; for a fee.  Basically if you didn't install it, and it is annoying or wants money from you, then its probably a PUP.  Some of these programs can negatively affect you privacy or let more junk in.  You need to keep them out.

Most antivirus programs do a pretty good job of keeping traditional viruses out of your computer, but you need something to keep the PUPs out too.  I recommend and use an antivirus product called Emsisoft Internet Security which has a dual virus scanning engine, and pretty good PUP protection built in, as well as a good personal firewall.  If you don't want the firewall, then they have a cheaper version called Emsisoft AntiMalware.  Also install Unchecky which I mentioned earlier.

Here are my affiliate links.  If you plan on purchasing these products, then help me out and use my links please.  I found and joined the affiliate programs for products that I like, use and recommend.  Not the other way around.

Hits: 3583