The Ultimate Malware Removal Guide
Because the best place for malware is NOT your PC
For the past few days, you’ve noticed how your PC’s doing some strange things. For one, it’s a lot slower than before. It takes longer to boot up and for some reason many programs seem to crash or freeze up, even if they didn’t do that before.
After a few more days, pop-ups start to appear randomly in your browser. Even your homepage has been changed.
If you’ve been having these sort of symptoms and others like it, then there’s a very high chance your device might be malware infected. It’s certainly not a fun experience, but there are ways to fight back against the malware and take back your PC.
So how do you remove malware? Let’s not waste time and find out.
0. Backup your documents and files before you start to remove the malware [OPTIONAL]
If you have a deep and severe malware infection, consider backing up your important files and documents. That’s because many malware programs might damage your system and delete important files if it senses a removal process taking place.
We strongly recommend you backup your files on an external source, such as a DVD/CD’s, USB sticks or external drives.
Backing up files and documents on cloud solutions such as Google Drive or Dropbox runs the risk of exposing your personal account information to keyloggers and screen grabbers.
Usually, the files you’ll backup such as Word documents, photos, videos and so on, will be clean. That’s because malware programs are just that, programs, and in order for (most of) them to launch an infection you need to run them.
Even so, if you want to be sure you don’t re-infect yourself with the backup, we recommend you use some of these specialized tools to scan the backup before you reuse the information.
1. Start your PC in Safe Mode with Networking
The first step you should take is to boot up your PC in Safe Mode with Networking. This will make Windows boot up only critical processes, and prevent some malware ones from starting up. This gives you access to the PC in case of a severe and deep infection.
2. Clean your temporary files
To make the scanning processes quicker and simpler, you’ll need to clear up unessential temporary files from your PC.
To do this, simply right click on a windows drive, such as C:/ or D:/, go to Properties, and go do Disk Cleanup. From the menu, choose which file types you want the cleanup to delete and remove.
3. Here are some of the best free malware removal tools
In order to clean up your PC, you’ll need some specialized software to find and clean up the malicious scanning tools. Here’s a list of all the software you’ll need over the course of the cleanup. We’ll cover them more in-depth once we get to use them.
All of these programs are free, and most of them are fairly small in size, under 100 Mb. Some of them however, such as Malwarebytes 3.0 and HitmanPro have full functionality available only for a trial period.
- Kaspersky TDSS Killer
- Malwarebytes 3.0
- Malwarebytes ADWCleaner
- Junkware Removal Tool
4. Use Rkill to freeze and stop any malicious processes
Many malware programs have built in survival measures. These are used to detect installation and activation of various security products such as antivirus or anti-malware software.
Rkill will bypass these measures and kill the malware processes, allowing you to install and use all of the other malware and adware remover tools we’ve mentioned above.
To use Rkill, simply download the program and run it. But be sure you don’t turn off or restart your PC after that, or else the malware processes will start again.
5. Kaspersky TDSSKiller is a free malware removal tool for Windows
Rootkits are nasty types of malware that boots up at the same time as your PC and hide the activity of other malicious software. Rootkits will even gain administrator rights in order to provide deeper access to other types of malware. For this reason, rootkits are difficult to find and remove.
Kaspersky TDSSKiller is one of the better rootkit removal software out there. Thankfully, it’s free and easy to use. Simply download and follow the 3-4 steps required to start the scan and run the rootkit removal.
6. Start removing malware with Malwarebytes 3.0
Malwarebytes Anti-Malware will scan and remove malicious software you have on your PC. It’s a free program, with a small 55 Mb installer and has a 14 day free trial with full features such as malware removal, ransomware protection, rootkit killer and even a repair function for any damaged files.
Use the “Scan now” feature and be sure to remove and kill any malware the product identified.
7. Use ADWCleaner to remove any browser malware you might have on your PC.
This is an important step since an infected browser might try to download other malware programs on your PC.
8. Junkware Removal Tool will clean up any leftover software on your PC.
This free malware removal tool will cleanup any leftover malicious software, and also clear up any remaining junk data used by the malware.
9. Use HitmanPro to do a final double check for any remaining hidden malware
HitmanPro is an excellent second opinion scanner designed to find and identify malware programs other security products somehow skipped.
And best of all, it’s free! Just like all the other programs mentioned in this article. However, its full features are only enabled for a 30 day trial period, after which you will need to purchase the full license.
10. Reset your browser settings
Malware will often change your settings in order to facilitate more malicious downloads. For this reason, you should review some of these settings, particularly your browser ones.
Fix any browser shortcuts the malware might have altered
First, Right click on your browser and then go to Properties.
Under the Shortcut tab you will see a Target field.
The malware might have altered the target field and included a URL in it. So what happens is that now your browser will start up on this page each time you boot it up.
In normal use, the browser target should look something like this:
Chrome: “C:\Program Files (x86)\Google\Chrome\Application\chrome.exe”
In our example case, the browser was targeted to go to a suspicious website, designed to download malware on your PC.
To fix this, simply remove the URL that comes after .exe”.
Browser hijackers will change your homepage
Instead of changing the “Target” field in the “Shortcut” tab, some malware will simply modify your browser homepage.
Chrome browser: Go to the Settings button in the top right corner of the browser. Once there, go to the On startup section.
The first two options don’t have any homepage whatsoever, so you can go ahead and select either one of those.
If however, you want to have your own homepage, then check the option to Open a specific page or set of pages and then click on Set pages. This should take you to this window where you can add or delete malicious links sneakily set as homepage.
Settings for Firefox: You can access the Options menu in the top right corner of the browser. This will immediately take you to the General tab, where you can reset your homepage as you see fit.
Double check your proxy settings
Some malware can even change what Internet server you use to connect to the web. Simply removing the malware won’t reset these proxy settings, so it’s something you should fix before considering your PC squeaky clean.
To access your proxy settings, first go to Control Panel, then Network and Internet and finally press Internet Options.
In the Internet Options menu, go to the Connections tab. Press the LAN settings button.
Make sure that Automatically detect settings is checked in, and that the other two options, “Use automatic configuration script” and “Use a proxy server for your LAN” are empty.
Ideally, your settings should look like this:
11. Things to do after the malware cleanup
Your PC is now cleaned up, but it’s impossible to know just how much damage the malware might have caused. Some malware programs operate stealthily, and don’t visibly affect your PC. Instead, they may collect personal information of yours such as passwords, credit card data, completed forms and screenshots.
Here are some measures you should follow to limit any damage from such data leaks.
Start using two-factor authentication and change all your passwords
If among other things you were also infected with a keylogger, then there’s a high chance your passwords and accounts were compromised.
That’s why you should urgently change all of your passwords, before the malicious hacker has a chance to exploit them and lock you out of your accounts.
Secondly, start using two factor authentication to add another layer of protection to your account.
Keep your software updated
Outdated software are a major cause of malware infections, mostly because they come with many vulnerabilities exploited by cybercriminals.
Keeping your software permanently up to date will greatly limit any windows of opportunity a malicious hacker might have to infect your device.
We know it can be a chore to constantly update your software, particularly those that patch frequently. But our own Heimdal FREE will automatically update your software, without any annoying confirmation pop-ups. It’s light and unobtrusive, so it won’t slow down your system.
Use a good antivirus
An antivirus is a must-have piece of software if you want to keep your device safe and information secure. The real trick is to find the right one for your needs.
Once you’ve decided on one, be sure to keep it updated at all times. So that any vulnerabilities it might have are patched while also keeping an updated malware database.
A traffic filtering solution will keep a lot of malware away
Cybersecurity would be easy if an antivirus could detect 100% of malware out there, but it can’t. Fileless malware and some rootkits are so well programmed and obfuscated, they can be nearly impossible to detect.
A traffic filtering software will nicely complement an antivirus, since it scans incoming and outgoing traffic for any malware, and then blocks that traffic from entering your PC. In other words, the malware never reaches your device.
We believe our own Heimdal PRO is a great security program for the job, and will guard your traffic to make you don’t get infected and also don’t leak personal information.
A few cybersecurity tips & tricks to help keep you safe in the future
There’s a saying in the cyber security industry: “The best antivirus is you”. Not even security software can keep you safe if you keep putting yourself in harm’s way.
Here’s an in-depth list of articles on what types of threats lurk on the Internet and how you can keep yourself safe against them.
- The Ultimate Guide to Secure your Online Browsing Today [Updated]
- Netiquette: Definition and 10 Basic Rules To Dramatically Improve your Safety [Updated]
- 10 Reasons Why Your Traditional Antivirus Can’t Detect Second Generation Malware [Infographic]
What other malware removal tools have you used?