Windows virus removal

Malware removal and OS disinfection is a complex process that is always recommended to perform at least under the supervision of an expert. 

If you want to take this action on your own, below you will find a universal guide to removing most types of active malware in the OS. It should be noted, however, that the procedure in this manual may not produce the desired result, and in the extreme case of a serious infection, the OS may be completely disabled.

Warning
If the infection is severe, consider creating a new OS. The existing one may not be completely clean even after applying the procedures mentioned below.

Tip
If the OS cannot even be started due to infection, use the following instructions .

Step # 1: Rootkit

 RKill

• Download RKill (iExplore.exe).
• Save it to the Desktop , right-click it, and select:  Run as administrator .
• Let RKill work, it will display a log when the process is complete. Move to the next section of the manual without restarting the OS .

 Malwarebytes Anti-Rootkit

• Download MBAR .
• Save it to the Desktop , right-click it, and select:  Run as administrator .
• Extract the application to the Desktop (default setting), then it will launch itself.
• Click Next and update the database with the Update button .
• When the update is complete, click Next .
• Check the check box next to all items and click Scan .
• When the MBAR scan is complete, it displays the results.
• In case of findings, check the checkboxes for all items. Also check the box next to Create Restore Point .
• Click on CleanUp .
• Wait for completion. If the OS does not restart automatically, invoke it manually.

---

Step # 2: Malware

 Malwarebytes AdwCleaner

• Download AdwCleaner .
• Save it to the Desktop , right-click it, and select:  Run as administrator .
• Agree to the license terms of the application.
• Click the Scan button .
• 
  
• When the scan is complete, click the Clean button .
• 
  
• Agree to restart the OS.

 Zemana AntiMalware

• Download ZAM Portable .
• Save it to the Desktop , right-click it, and select:  Run as administrator .
• If the application does not start in Czech, open the settings in the upper right corner and change the language manually.
• Make sure you have the current version and click the Scan button .
• When the scan is complete, leave the default actions for the detected threats and click Next .
• Restart the OS.

 Emsisoft Emergency Kit

• Download EEK .
• Save it to the Desktop , right-click it, and select:  Run as administrator .
• Extract the application (leave the default settings), then the EEK folder will open .
• Right- click on the start emergency kit scanner and select the option:  Run as administrator .
• Agree to the application update.
• When the update is complete, open the Scan section . Agree to a PUP search .
• 
  
• Select the Custom scan option .
• Check all available disks to check them and adjust the scan configuration as shown:
• 
  
• Click Continue and wait for the scan to complete.
• When done, close the offer with protection from Emsisoft .
• Use the Move to Quarantine button to delete the detected threats .
• After successful cleaning, close the application along with all pop-ups and restart the OS.

---

Step # 3: Cleaning

 Search

• Download Zoek .
• Save it to the Desktop , right-click it, and select:  Run as administrator .
• Once the application loads, paste the following script into an empty text box:

• createsrpoint;
  autoclean;
  ipconfig /flushdns;b

• Make sure Scan All Users is selected and click the Run script button .
• After the restart, the log is displayed.

 DelFix

• Download DelFix .
• Save it to the Desktop , right-click it, and select:  Run as administrator .
• Set the application according to the picture:
• 
• Click the Run button .
• When DelFix is ​​complete, it displays a log.
• Restart the OS.

Success
Your OS should now be free of active malware and quite usable.