Anda di halaman 1dari 8

Advanced Malware Clean Up for Windows

The following options are available for mild infections. If the malware/virus is
affecting your ability to access the Internet, please scroll down to Malware
Prevention. If the issues have appeared recently or if you have exhausted the
first five options, please scroll down to System Restore. Please contact
Student Affairs IT at (406) 243- 2625 or contact your friendly RTA if you run
into any issues!

Malwarebytes
Suspicious Programs
AdwCleaner
Internet Browser Clean-Up
Google Chrome
Mozilla Firefox
Internet ExplorerContact Information

How to Prevent Future Malware Infections


System Restore
Windows 7
Windows 8, 8.1, and 10

Contact Information

Malwarebytes
Note: This program may take a couple of hours to complete. If you must interrupt the
session, please select Pause Scan.
1.
2.

Go to the following website: https://ninite.com/


Check the box next to Malwarebytes under the Security section.

3.

4.
5.

6.
7.
8.
9.
10.
11.
12.
13.

Click Get Installer.

After Malwarebytes downloads, open the file.


Select Scan at the top of the program

Select Custom Scan.


Then it the green Scan Now button.
Check all unchecked boxes, including Scan for Rootkits.
Select Start Scan.
When the scan completes, the suspicious files it triggered on will be ready for
quarantine.
Select Quarantine All.
Go to the History tab at the top
Click Delete All to delete everything in the Quarantine.

Suspicious Programs
Note: This can be done while Malwarebytes is scanning your computer. Please be aware
that some programs may continue to appear after uninstallation, but this will be resolved
once you restart your computer.
1.

Navigate to Programs and Features (This can be done by typing programs and
features in the search bar of the Start Menu.

2.

Uninstall programs that seem suspicious. These programs include ones that are not
published by Microsoft or your devices manufacturer (ex. HP, Dell, etc.), if they do
not have a listed publisher, or programs that have savings or coupons in the name.
If you are unsure of whether a program is suspicious or not, try looking up the exact
name of the program in http://www.shouldiremoveit.com/ . Some examples of
suspicious programs include: Snap.Do by ReSoft Ltd., StormWatch by Local Weather
LLC, and Remote Desktop Access VuuPC by CMI Limited.

AdwCleaner
Note: This program automatically restarts your computer after completion. Please save
your work.
1.

2.
3.
4.
5.
6.
7.

Go to the following website: http://www.bleepingcomputer.com/download/adwcleaner/*


and click

After it downloads, select I agree.


Select Scan.
Once the scan completes, click Cleaning
Click Yes and Ok in the next few Windows.
Your computer will restart.
Upon logging in after the reboot, there will be a notepad file opened by AdwCleaner
listing all the things it removed.

Internet Browser Clean-Up


Google Chrome
1.

Open up Google Chrome and select the hamburger on the top right hand side of the
screen.

2.
3.
4.
5.
6.

Select Settings.
Click on Extensions on the upper left-hand corner.
Delete all of the extensions that are not known/personal or attributed to Google.
Select Settings.
Click on Manage search engines

7.

Hover the cursor over the listed search engines to make one the default. Delete the rest
of the search engines.
Select Show advanced settings

8.

9. Under Privacy, select Clear browsing data


10. Change the dropdown to the beginning of time.

11. Select Clear browsing data.


12. Scroll to the bottom, and select Reset settings.
13. We recommend that you add the extension AdBlock or AdGuard to Google Chrome.
Install AdBlock extension from getadblock.com.

Mozilla Firefox
1.

After Firefox opens, click Ctrl, Shift, Delete. A window should appear to clear recent
history. Change the time range to clear to Everything. Select Clear Now.

Alternative option:

1.

2.
3.
4.
5.
6.

After opening Firefox, select the hamburger in the top right-hand corner (Refer to Step
1 under Google Chrome for an example). Select History then select Clear Recent
History.
Open the hamburger in the top right-hand corner (Refer to Step 1 under Google
Chrome for an example) and select Options.
Under the Search tab, choose your preferred Default Search Engine. Remove the
remaining search engines. Also check that your homepage is what you want it to be.
Press the Alt button on your keyboard. A toolbar should appear at the top of your
Firefox window.
Click Help > Troubleshooting Information > Reset Firefox
When Firefox restarts, install the AdBlock Plus extension from adblockplus.org.

Internet Explorer
Note: We recommend using Google Chrome or Mozilla Firefox instead of Internet
Explorer. Internet Explorer is less secure than the other browsers.

1.

2.
3.

After opening Internet Explorer, select the gear symbol in the top right-hand corner.

Under Browsing history, select Delete and check off the boxes that you want to
clear. Click Delete.
Click on the Advanced tab and select Reset under Reset Internet Explorer
Settings.

How to Prevent Future Malware Infections


1.

Refrain from purchasing Anti-Virus/Malware Software. Many of the top name brands
do not offer any more coverage than some of the free software available. Windows
includes its own version of security on Windows 8, and 8.1 called Windows Defender.

For Windows 7, the same program can be downloaded under a different name,
Microsoft Security Essentials.
Note: Having any sort of antivirus software does not prevent malware and virus infection; their
main function is to remove malware. Some have active protection features, but they do not
guarantee complete protection. Practice safe browsing habits to avoid infection.

2.

3.

4.

Do not open suspicious links or attachments in emails from an unrecognized source.


Spam and phishing emails should be deleted. Clicking a link or opening an unknown
attachment can create vulnerabilities on your computer: you have given the virus or
malware permission to access your files.
Install CCleaner using the following link:
https://www.piriform.com/ccleaner/download. This removes temporary files, history,
cookies, etc. When used regularly, it can clear up space and improve speed.
Do not open questionable links. If you are concerned about the legitimacy of a URL or
file, copy the link into the bar at https://www.virustotal.com/. This runs the site/file
against other scanners and provides the rule it triggered on. Other sites include
https://www.robtex.com/ and http://www.domaintools.com/.

*If you are having difficulty accessing the website due to the severity of the virus/malware, please try
booting your computer into Safe Mode with Networking:
Windows XP/Vista/7: Tap the F8 key rapidly.
Windows 8/8.1: Hold down the Shift key and restart your computer. Select Troubleshoot, then
Advanced Options, and finally Startup Settings.
Please be aware booting into Safe Mode with Networking is a one-time boot option.

System Restore
Note: This option is only available on Windows 7, 8, 8.1, and 10. If you installed any
programs after the restore point selected, you will have to reinstall those programs once the
restore is complete. Your files will be saved.

Windows 7
1.
2.
3.

Navigate to System Restore, by typing this in the search box.


Select Yes to allow the following program to make changes to your computer.
Follow the steps in the wizard to choose a restore point BEFORE the noticeable
changes to your computer.

Windows 8, 8.1, and 10


1.

Navigate to Recovery by typing it into the search bar or searching through Control
Panel.

2.
3.

Click Recovery.
Select Open System Restore, and follow the instructions provided.

Contact Information
Service Desk
Location: UC next to Jus Chilln
Hours: Monday Friday, 11:00 4:00
Phone Support: Monday Friday, 8:00 5:00
If you are living in one of the Residence Halls (Aber, Craig, Duniway, Elrod, Jesse, Knowles,
Miller, Pantzer, Turner) or in Lewis & Clark Villages, please contact your friendly RTA!
Did you find this information helpful? Email rta.media@mso.umt.edu and let us know what you
think!

Anda mungkin juga menyukai