3 Things To Check After Removing Malware From PC
3 Things To Check After Removing Malware From PC
Removing Malware can be a pain. Lots of effects that occur after deleting it. Either the Internet stopped working or the browser settings got messed up after removing the virus from the computer? Malware can wreak havoc while it's active and can put up a fight before being eradicated. Most of the time, the malware will try to mess with our Internet settings so that we won't be able to access it anymore. We don't need to throw away our computer or reinstall Windows because here are 3 things you can do after removing Malware from PC.
1. Browser Settings: Homepage, Search Engine, Add-Ons
The first thing you should check after removing malware is to make sure that all the settings in your browser are at their proper values. You have to make sure that the home page and default search engine are what they should be. Make sure you guys check and reset the homepage in five common browsers. To change your default search engine, view the following pages for each browser: Chrome , Firefox , Internet Explorer.
Toolbars, possibly for Internet Explorer and Firefox, can also appear after malware touches your system. If you use Internet Explorer, the toolbars will most likely need to be removed via the Windows Add/Remove Programs tool. Firefox toolbars usually appear as add-ons, and can be removed via the respective menus. Apart from that, you should check if all your extensions are still installed, and more importantly, remove the unwanted ones. If nothing has changed in your browser, or if you restore everything to their original values and you still cannot access the Internet normally, it means that the malware pulled some sneaky trick.
2. Hosts file
Windows Hosts file
All operating systems have a hosts file that can be used to force certain address resolutions to occur (as well as some other surprising uses). This would allow malware to take you to phishing sites when you type in a normal web address, and broader rules could block Internet access altogether. Check your hosts file to make sure there are no entries, which could mess up the system. You can find the hosts file in this location:
* Windows: C:\Windows\System32\drivers\etc\hosts
* Mac OS X and Linux: /etc/hosts
Keep in mind that you will most likely need administrative permissions to edit this file and save changes. On Windows, you can do this by finding Notepad, right-clicking on it, and selecting "Run as administrator". For Mac OS X and Linux, you should be able to use the "sudo" command in combination with your favorite text editor in the terminal.
Basically, what you guys are doing is looking for odd entries. The Windows hosts file cannot have anything uncommented in it (so no lines without a # in front of them). Some resolution to localhost and your hostname to 127.0.0.1 is acceptable, however, because that's usually found in the Unix hosts file, which is where the concept of hosts file came from.
3. DNS settings
IP DNS Details
If the hosts file is all clear, there's one common place to check: your DNS settings. Sometimes, malware goes far enough to change your DNS settings. A DNS server is a remote server, which can help turn web addresses like "http://www.facebook.com" into actual IP addresses, which computers can use to access Facebook. If malware authors put a lot of effort into their creation, they could potentially create their own malicious DNS server and have the malware change the infected computer's DNS settings to show it. Also, it could just change it to an invalid value, without leaving any DNS resolution.
From the Windows desktop, you can check your DNS settings by right-clicking the network tray icon at the bottom right of your screen, selecting “Open Network and Sharing Center”, clicking “Change adapter settings” on the left side of the window. Right click on the network adapter you are using and select “Properties”, then scroll down in the list and select “Internet Protocol Version 4 (TCP/IPv4)” and click “Properties”. At the bottom of this window you will see your DNS settings.
Make sure that this value is the recommended value, be it your ISP's DNS server address, your router's IP address, or a custom DNS server. If you don't know what to put here, it is recommended to set it to “Obtain DNS server address automatically” or to use Google's DNS servers. The two values for their DNS servers are 184.108.40.206 and 220.127.116.11.
Scan Using an Anti Virus Application
If, after all these steps, your system still goes wrong or your Internet access is changed, try using an antivirus or anti-malware application. They might find and remove traces of malware that your first choice didn't catch. It can also help change some obscure Internet settings that are hard to reach, such as the number of requests your browser can use at one time.
So 3 Things To Check After Removing Malware. If, after all this, you are still struggling, it is best to reinstall your operating system and start fresh. Make sure you have a backup of important data and scan every file you have backed up for malware, so you don't reinstall your system later. While this is the least convenient way to get your computer working again, sometimes it's the only option left.