Virus and Malware Removal
Malware (mal´wãr) (n.) Short for malicious software, malware refers to software designed specifically to damage or disrupt a system, such as a virus or a Trojan horse. This pages talks about malware and virus removal on Windows computers, for information on Macintosh, please see Macintosh Adware Removal.
Contents
Signs of Infection
Malware and virus infections can cause symptoms, issues and problems ranging from mildly annoying to catastrophic.
Taking into account privacy, security and functionality, the best and only option to guarantee removal of malware and virus infections is to reformat your hard drive and re-install windows.
Signs and Symptoms of an infection can include:
- Poor Machine Performance
- Pop Ups
- Networking Issues
- Browser Homepage and Toolbar Changes
- Browser Navigation Being Redirected
- Programs Starting Automatically
- Security Program You Never Installed Running
- Security Solutions Being Disabled
- Remote Control Access Given To Unknown Person(s)
Removal Instructions
Taking into account privacy, security and functionality, the best and only option to guarantee removal of malware and virus infections is to backup your data, reformat your hard drive, and re-install Windows/MacOS. If your computer has been remote-controlled, reformatted hard drive and re-installing your operating system is a must. You must also change your Gustavus email password as soon as possible on any non-infected computer. Please report this to the Technology Helpline to verify your account has not been compromised. The Gustavus Technology Helpline is not equipped to assist with the reformatting and re-installation of personally owned devices. Please seek external professional assistance with these steps if they are needed.
Steps For Attempted Removal
The Technology Helpline staff is available during regular hours to help and assist with the removal of malware and viruses from personally owned computers. Please stop by the Technology Helpline, Olin First Floor, for help. Institutionally owned machines will be re-imaged if infected.
If your computer has been remote-controlled, the Technology Helpline can assist you with:
- Changing your Gustavus email password
- Advise you to visit a nearby computer repair shop for: 1)hard drive reformatting and installation of your OS, and 2)identity theft professional guidance
- Notifying our Core Services team about your account to double check your account hasn't been accessed in an unauthorized manner.
Duplicate Security and Antivirus Software Packages
Having more than one antivirus or security package installed will impact machine performance and may result in infections. Action: From the Programs and Features Control Panel look for and uninstall if more than one (in reverse order of installation)—Symantec Anything, Norton Anything, Kaspersky, AVG, McAfee, Avast, BitDefender, Avira, Trend.
Gustavus Technology Services recommends that Windows 7 users use Microsoft Security Essentials and Windows 8 users use Windows Defender.
Installing Malwarebytes Software
Gustavus Technology Services recommends using Malwarebytes for malware removal. Download and install the free version from: Malwarebytes.org. The Malwarebytes installer is also available on the Rescue CDs at the Helpline. Launch Malwarebytes and run updates. You will need a working internet connection for this.
Boot to Safe Mode
Windows 7 - Press and hold the F8 key as your computer restarts. You need to press F8 before the Windows logo appears. Select Safe Mode with networking.
Windows 8/10 - Hold the shift key when selecting restart. Select Advanced Options, Troubleshoot, Advanced options, Windows Startup and Settings, click Restart. Select Safe Mode with Networking when you have the option.
Additional information available at: Safe Mode
Run Full Scan with Malwarebytes in Safe Mode
When booted in safe mode, launch and run a full scan with the Malwarebytes applicaiton. This scan may take hours to complete. After the scan is complete - remove any found issues or problems, reboot and scan again in safe mode.
Run a Full Scan with Your Antivirus Application in Safe Mode
When booted in safe mode, launch and run a full scan with your antivirus application. After the scan is complete - remove any found viruses or problems.
Remove Malicious or Unwanted Software
Check the Programs and Features Control Panel for any unwanted or unknown software. Sorting by date can help identify a group of unwanted applications that maybe have been accidentally installed together. Select the application you wish to remove and click uninstall. Reboot after removal.
Steps for Continued Safe Computing
Windows Updates
Windows Updates are patches and fixes released by Microsoft to improve and protect the operating system. For more information regarding Windows Updates, please see: Windows_Update. Configuring your machine to automatically apply updates is recommended.
Browser Updates
Verifying that your browsers are current and up to date will help keep your browsing experience safe and infection free. Most browsers will automatically check for updates from the About option in the Menu.
Browser Extensions
A browser extension adds functionality to your browser. Extensions introduce increased security risks to your browser. Pay attention to what permissions a browser extension is asking for before installing; does it really need all those permissions? If your browser is displaying odd behavior, check your extensions and remove anything you don't recognize, are not sure the purpose of, or don't need any more.
Remote Control Assistance
Never agree to remote control assistance/help unless you know exactly who you are talking to. Often times, a malicious pop-up will give you a malicious phone number to call and ask you grant them remote-control assistance to "fix the problem." When this malicious remote-control assistance is granted, they go through your files looking for passwords and other sensitive information they can later use to further steal your identity. Always ignore these pop-ups and take your computer to a computer repair shop for further guidance.