7/24/2019 Advanced Malware Clean Up for Windows

1/8

Advanced Malware Clean Up for Windows

The following options are available for mild infections. If the malware/virus is

affecting your ability to access the Internet, please scroll down to Malware

Prevention. If the issues have appeared recently or if you have exhausted thefirst five options, please scroll down to System Restore. Please contact

Student Affairs IT at (406) 243- 2625 or contact your friendly RTA if you run

into any issues!

Malwarebytes

Suspicious Programs

AdwCleaner

Internet Browser Clean-Up

Google Chrome

Mozilla Firefox

Internet ExplorerContact Information

How to Prevent Future Malware Infections

System RestoreWindows 7

Windows 8, 8.1, and 10

Contact Information

MalwarebytesNote: This program may take a couple of hours to complete. If you must interrupt the

session, please select Pause Scan.

1. Go to the following website:https://ninite.com/

2. Check the box next to Malwarebytes under the Security section.

https://ninite.com/https://ninite.com/https://ninite.com/https://ninite.com/

7/24/2019 Advanced Malware Clean Up for Windows

2/8

3. Click Get Installer.

4.

After Malwarebytes downloads, open the file.5. Select Scan at the top of the program

6. Select Custom Scan.7. Then it the green Scan Now button.

8.

Check all unchecked boxes, including Scan for Rootkits.9. Select Start Scan.10. When the scan completes, the suspicious files it triggered on will be ready for

quarantine.

11. Select Quarantine All.12. Go to the History tab at the top

13. Click Delete All to delete everything in the Quarantine.

Suspicious ProgramsNote: This can be done while Malwarebytes is scanning your computer. Please be aware

that some programs may continue to appear after uninstallation, but this will be resolved

once you restart your computer.

1. Navigate to Programs and Features (This can be done by typing programs and

featuresin the search bar of the Start Menu.

7/24/2019 Advanced Malware Clean Up for Windows

3/8

2. Uninstall programs that seem suspicious. These programs include ones that are not

published by Microsoft or your devices manufacturer(ex. HP, Dell, etc.), if they do

not have a listed publisher, or programs that have savings or coupons in the name.

If you are unsure of whether a program is suspicious or not, try looking up the exactname of the program inhttp://www.shouldiremoveit.com/. Some examples of

suspicious programs include: Snap.Do by ReSoft Ltd., StormWatch by Local WeatherLLC, and Remote Desktop Access VuuPC by CMI Limited.

AdwCleanerNote: This program automatically restarts your computer after completion. Please save

your work.

1. Go to the following website:http://www.bleepingcomputer.com/download/adwcleaner/*

and click

2. After it downloads, select Iagree.

3. Select Scan.

4. Once the scan completes, click Cleaning5. Click Yes and Ok in the next few Windows.6. Your computer will restart.

7.

Upon logging in after the reboot, there will be a notepad file opened by AdwCleanerlisting all the things it removed.

http://www.shouldiremoveit.com/http://www.shouldiremoveit.com/http://www.shouldiremoveit.com/http://www.bleepingcomputer.com/download/adwcleaner/http://www.bleepingcomputer.com/download/adwcleaner/http://www.bleepingcomputer.com/download/adwcleaner/http://www.shouldiremoveit.com/

7/24/2019 Advanced Malware Clean Up for Windows

4/8

Internet Browser Clean-Up

Google Chrome

1. Open up Google Chrome and select the hamburger on the top right hand side of the

screen.

2. Select Settings.3. Click on Extensions on the upper left-hand corner.

4. Delete all of the extensions that are notknown/personal orattributed to Google.

5. Select Settings.

6. Click on Manage search engines

7. Hover the cursor over the listed search engines to make one the default. Delete the rest

of the search engines.

8. Select Show advanced settings

9. Under Privacy, select Clear browsing data10. Change the dropdown to the beginning of time.

11. Select Clear browsing data.

12. Scroll to the bottom, and select Reset settings.13. We recommend that you add the extension AdBlock or AdGuard to Google Chrome.

Install AdBlock extension from getadblock.com.

7/24/2019 Advanced Malware Clean Up for Windows

5/8

Mozilla Firefox

1. After Firefox opens, click Ctrl, Shift, Delete. A window should appear to clear recenthistory. Change the time range to clear to Everything. Select Clear Now.

Alternative option:

1. After opening Firefox, select the hamburger in the top right-hand corner (Refer to Step

1 under Google Chrome for an example). Select History then select Clear RecentHistory.

2. Open the hamburger in the top right-hand corner (Refer to Step 1 under Google

Chrome for an example) and select Options.

3. Under the Search tab, choose your preferred Default Search Engine. Remove theremaining search engines. Also check that your homepage is what you want it to be.

4. Press the Alt button on your keyboard. A toolbar should appear at the top of your

Firefox window.5. Click Help > Troubleshooting Information > Reset Firefox6. When Firefox restarts, install the AdBlock Plus extension from adblockplus.org.

Internet Explorer

Note: We recommend using Google Chrome or Mozilla Firefox instead of Internet

Explorer. Internet Explorer is less secure than the other browsers.

7/24/2019 Advanced Malware Clean Up for Windows

6/8

1. After opening Internet Explorer, select the gear symbol in the top right-hand corner.

2. Under Browsing history, select Delete and check off the boxes that you want to

clear. Click Delete.

3. Click on the Advanced tab and select Reset under Reset Internet Explorer

Settings.

How to Prevent Future Malware Infections1. Refrain from purchasing Anti-Virus/Malware Software. Many of the top name brands

do not offer any more coverage than some of the free software available. Windows

includes its own version of security on Windows 8, and 8.1 called Windows Defender.

7/24/2019 Advanced Malware Clean Up for Windows

7/8

For Windows 7, the same program can be downloaded under a different name,

Microsoft Security Essentials.

Note: Having any sort of antivirus software does not prevent malware and virus infection; their

main function is to remove malware. Some have active protection features, but they do not

guarantee complete protection. Practice safe browsing habits to avoid infection.

2. Do not open suspicious links or attachments in emails from an unrecognized source.

Spam and phishing emails should be deleted. Clicking a link or opening an unknown

attachment can create vulnerabilities on your computer: you have given the virus ormalware permission to access your files.

3. Install CCleaner using the following link:

https://www.piriform.com/ccleaner/download. This removes temporary files, history,

cookies, etc. When used regularly, it can clear up space and improve speed.

4. Do not open questionable links. If you are concerned about the legitimacy of a URL or

file, copy the link into the bar athttps://www.virustotal.com/. This runs the site/file

against other scanners and provides the rule it triggered on. Other sites include

https://www.robtex.com/andhttp://www.domaintools.com/.

*If you are having difficulty accessing the website due to the severity of the virus/malware, please try

booting your computer into Safe Mode with Networking:

Windows XP/Vista/7: Tap the F8 key rapidly.

Windows 8/8.1: Hold down the Shift key and restart your computer. Select Troubleshoot, then

Advanced Options, and finally Startup Settings.

Please be aware booting into Safe Mode with Networking is a one-time boot option.

System RestoreNote: This option is only available on Windows 7, 8, 8.1, and 10. If you installed any

programs after the restore point selected, you will have to reinstall those programs once the

restore is complete. Your files will be saved.

Windows 7

1.

Navigate to System Restore, by typing this in the search box.2.

Select Yes toallow the following program to make changes to your computer.

3. Follow the steps in the wizard to choose a restore point BEFORE the noticeable

changes to your computer.

Windows 8, 8.1, and 10

1. Navigate to Recoveryby typing it into the search bar or searching through Control

Panel.

http://windows.microsoft.com/en-us/windows/security-essentials-all-versionshttp://windows.microsoft.com/en-us/windows/security-essentials-all-versionshttps://www.piriform.com/ccleaner/downloadhttps://www.piriform.com/ccleaner/downloadhttps://www.virustotal.com/https://www.virustotal.com/https://www.virustotal.com/https://www.robtex.com/https://www.robtex.com/http://www.domaintools.com/http://www.domaintools.com/http://www.domaintools.com/http://www.domaintools.com/https://www.robtex.com/https://www.virustotal.com/https://www.piriform.com/ccleaner/downloadhttp://windows.microsoft.com/en-us/windows/security-essentials-all-versions

7/24/2019 Advanced Malware Clean Up for Windows

8/8

2. Click Recovery.

3. Select Open System Restore, and follow the instructions provided.

Contact Information

Service DeskLocation: UC next to Jus Chilln

Hours: MondayFriday, 11:004:00Phone Support: MondayFriday, 8:005:00

If you are living in one of the Residence Halls (Aber, Craig, Duniway, Elrod, Jesse, Knowles,Miller, Pantzer, Turner) or in Lewis & Clark Villages, please contact your friendly RTA!

Did you find this information helpful? Emailrta.media@mso.umt.edu and let us know what you

think!

mailto:rta.media@mso.umt.edumailto:rta.media@mso.umt.edu