Remove malware from your PC
Discover what to do when malware strikes – find out how to remove it, plus clean up afterward.
When your security protection works as it should, you’ll either enjoy a hassle-free life or see the occasional alert pop up when your antivirus tool spots – and blocks – a potential infection from taking hold. But if your security regimen is compromised, you’ll have to take remedial steps to clear any infection from your machine – sudden sluggish performance, random popup alerts and other strange behaviour might all point to infection.
The simplest thing to do is try and run a scan with your existing security tools having first attempted to install the latest updates – if they detect the threat, let them attempt to clean or quarantine it, then reboot and run full scans again. If infections keep cropping up, or you’re unable to open your security tool, you may need to attempt to boot into Safe mode to run your security software from where the malware can’t cripple it.
SCANNING FROM SAFE MODE
There are two ways to enter Safe mode – one method is described opposite in the step-by-step guide. If that takes you back to the normal desktop, try pressing Win-R, typing msconfig and
pressing Enter. Switch to the Boot tab, tick ‘Safe boot’ and select Network before clicking OK and rebooting when prompted.
Some malware removes the Registry keys required to successfully boot into Safe mode – if you’re unable to get Safe mode to work following the steps in the guide opposite, skip to the next section. For those who can get into Safe mode, you’ll need to enter your user password (any PINs aren’t accessible from here) to log in. At the desktop, open your existing security packages, let them update and run full scans.
Hopefully they’ll find and remove the infection, in which case reboot back into normal mode (if you used msconfig to get into Safe mode, you’ll need to open it again and untick ‘Safe boot’ before clicking OK and rebooting) and run final scans to verify the infection has gone.
If you want to be doubly sure the infection has been removed – or your security software doesn’t find anything, try enlisting the help of several additional tools. Most security vendors offer free scan-and-removal tools, so Google ‘virus removal tools’ to see what’s available. One example worth trying – because it employs the services of two separate anti-virus engines – is Emsisoft Emergency Kit (EEK), which you can download and run from www. emsisoft.com/en/software/eek/ for second and third opinions. Also try VIPRE Rescue (www.vipreantivirus.com/vipre-rescue-virus-removal-tool. aspx) if EEK doesn’t work.
USE BOOTABLE RESCUE DISCS
If you’re locked out of Safe mode and have access to another, clean PC, visit your antivirus vendor’s website on there to track down a bootable emergency rescue disc. If it doesn’t offer one, download the Kaspersky Rescue Disc ISO from https://support. kaspersky.com/viruses/rescuedisk to a clean PC. Either right-click the ISO and choose ‘Burn image’ to burn it to CD or DVD, or use a tool like Rufus (https://rufus.akeo.ie/) to create a bootable USB drive.
After booting, a separate desktop environment is loaded and the Kaspersky Rescue Tool will automatically start. Let it scan – multiple times if prompted – to ensure all traces of the infection are removed.