Check for malware
Make sure your PC is free of ransomware and other infections, and if it’s not, discover how to deal with them
Step one of the decluttering process is to make sure your PC is infection-free. Start by opening your anti-virus tool to search for malware infections such as worms, Trojans, rootkits and spyware. Make sure its definitions are up to date, then allow it to perform a full scan. If infections are found, follow the instructions to either quarantine or attempt removal of the malware – you’ll almost certainly be prompted to reboot when you’re done, in which case run a full scan again to verify the infection has gone.
Some infections can be stubborn – if after two or three attempts the infection is still present, reboot into Safe mode. Those running Windows 7 should tap [F8] when the computer starts to boot; Windows 8.1 and 10 users need to navigate to Start > Settings > ‘Update & security’ > Recovery, then click ‘Restart now’. Under ‘Advanced start-up’, navigate to Troubleshoot > Advanced Options > Start-up Settings. Click Restart and press  to select ‘Enable Safe Mode with Networking’.
Once in Safe mode, try updating and running the scan again – most, but not all, malware should be sufficiently crippled in Safe mode to allow its complete removal. If the infection is still there, or you’re locked out of Safe mode, the step-by-step guide on the opposite page reveals further tools and tips to try.
Widen your scan
Even if your main anti-virus tool comes up clean, don’t assume you’re out of the woods. Let’s perform some additional scans with other tools to make sure. Malwarebytes Anti-Malware (www.malwarebytes.com) is our favourite security app for delivering a second opinion – it searches for a wider range of threats than most anti-malware tools, including potentially unwanted programs that may come with spyware or other privacy issues. You’ll need to download and install the free version, but once in place you can update it and run a full scan as with your main security tool – it’ll even run in Safe mode.
If you want to go further, use the Emsisoft Emergency Kit – as featured in the step-by-step guide – to perform scans using two separate anti-virus engines. Other portable tools worth adding to your security toolkit include ClamWin Portable (install this through https://portableapps.com/) and VIPRE Rescue Disk (see the step-by-step guide). Both may find and remove more stubborn infections. If you’re convinced you’ve been attacked by a rootkit, then open Malwarebytes and go to Settings > Protection to flick the ‘Scan for rootkits’ option to On.
Recover from ransomware
If you encounter ransomware, don’t panic. This is doubly true if you have a backup somewhere – whatever else happens, you can wipe your PC’s storage drive and reinstall Windows and live with a small loss of data.
In cases where you’re locked out from your data, make a note of any demands (Bitcoin wallet address, file list of encrypted data and so on), which may give you access to your data later if the criminals are caught and the private keys used to scramble your files are released. Next, perform scans with all the anti-malware tools at your disposal to dispatch the underlying infection. Only when it’s removed should you visit https://noransom.kaspersky.com/ to see if your infection is covered by one of the six free ransomware decryption tools on offer. Other vendors worth checking out include AVG (www.avg.com/en-gb/ ransomware-decryption-tools). If you find yourself locked out of your PC by ransomware, try Trend Micro’s free Ransomware Screen Unlocker Tool (http://bit.ly/trendransomware), which can be run in Safe mode or prepared on another PC if you can’t even get that far.
After you’ve cleaned your PC, you may find certain functions haven’t been restored. Broken network connections can often be fixed with the help of NetAdapter Repair All In One (https://sourceforge.net/projects/netadapter/). If Safe mode still won’t work, or you’re locked out of key parts of your system, then run the Windows Repair Tool (www.tweaking.com). Not only does it give your PC the once-over, it’ll reset Registry and file permissions, and perform other much-needed repairs.
“Most, if not all, malware should be sufficiently crippled in Safe mode to allow complete removal”
The premium version of Malwarebytes offers real-time protection.
Tweaking.com’s Windows Repair tool can quickly undo damage left behind by malware.