Your smartphone begins to vibrate. Not the quick vibration that would indicate it's an incoming text message, but a longer one associated with a phone call. Yes, people still communicate via voice, and thanks to Caller ID, you know it's your parents on the other end. It's been a few weeks since you've heard from them and a funny feeling begins to fill the pit of your stomach. You know what's coming next.
A plea for PC help. You listen intently as your folks describe hijacked web searches, a toolbar they don't recognize, and sluggish behavior. Oh, and there are pop-ups. Lots and lots of pop-ups. The list of ailments goes on like a kid reciting a Christmas list to Santa Clause. Only instead of toys and candy, it's rogue programs and malware. It's a good thing you installed TeamViewer because trying to fix the problem over the phone is a time-consuming process that always ends the same way—"I'll be over in the morning."
Or maybe you didn't install TeamViewer and you really will be over in the morning. Either way, the task at hand is to rid a system of malware. Perhaps it's your own system, especially if you let little Billy and sweet little Suzy hop on for a spell. Whatever the case may be, don't panic. Removing malware, while seemingly daunting, isn't all that difficult. Like anything else, you just need the proper know-how and tools, both of which we'll provide here . Be sure to read the entire guide before embarking on your malware removal journey.
Scrub the Browser(s)
Toolbars, hijacked web searches, and pop-ups are often the result of malware, adware, and or other unwanted-ware that was either installed without permission, or sneaked in through a legitimate application through the fine print, usually when installing a free program. That Spongebob screensaver pack that little Billy installed from a site he can't remember? Yeah, we're guessing he mashed the "Okay" or "Next" button throughout the process, at one point agreeing to change your browser's settings. Cut him some slack, the kid still eats his boogers.
Luckily, these are usually easy fixes. Here's what you need to do.
Let's start with Internet Explorer. Click the Gear (Tools) icon in the upper-right corner and select Manage add-ons . On the left-hand side is a column of categories: Toolbars and Extensions, Search Providers, Accelerators, and Tracking Protection. It's the first three that are of interest, starting with Toolbars and Extensions.
See anything you don't recognize? Maybe something like "DealBuddy" or some other descriptor that's a clear giveaway? Click it and select Remove or Disable . If it's an entry you don't recognize, look it up on Google or your search engine of choice. In most cases, however, unwanted entries will stick out like a pimple on prom night.
The same goes for the Search Providers category. The only thing you should see is Bing unless you've added another search provider, like Google. We're making this up (we think), but let's say the default entry is "CouponPal." The option to remove is grayed out, but that's only because it's the default search option. Click on one of the other options—Bing, Google, Yahoo, etc.—and punch the Set as default button , then return to CouponPal and click Remove .
Now let's rinse and repeate for the Accelerators category. Is there a rogue entry? Remove or disable it. When you're finished with all these, close out the Manage add-ons window. Return to the Gear (Tools) icon and select Internet Options . Navigate to the General tab if you're not already there and look at the Home page section. Oftentimes adware will replace the default homepage with its own entry, which will load each time you fire up IE. Highlight the hijacked entry and change it to whatever you want, like http://www.maximumpc.com (c'mon, show us some love!) and click Apply . Now hit OK , close IE, and reload it. If you haven't missed anything, it should work as new again. And if not, you may have a deeper malware problem, which we'll get to in a moment.
The steps are similar in Chrome. To check if the default search engine's been changed, click the three horizontal lines (Chrome Menu) in the upper-right corner and select Settings . Under the Search heading, click Manage search engines . Hover your mouse over whichever one you want to be the default and click Make default . Next, hover over the rogue entry and click the X button on the right to remove it.
Also in the Settings menu is an On startup heading with three options: Open the New Tab page, Continue where you left off, and Open a specific page or set of pages. If your homepage has been taken over, click the Set Pages hyperlink next to the Open a specific page or set of pages option. Go ahead and delete the rogue entry and/or enter whichever page you'd like to load at startup. Alternately, you can use one of the other options.
Go back to the Chrome menu and select More Tools > Extensions . Here is where you'll see a list of installed add-ons, like Adblock (which we hope you've disabled on Maximum PC—we've gotta eat!), Google Play Music, or whatever. See any entries that shouldn't be there? Click the trash icon to dispose of them.
Remember to close Chrome and reload it.
In Firefox, click the three horizontal lines (Firefox Menu) and select Options . Under the Search tab, you'll see a pull-down menu with your default search option, and under that a list of search engines. Highlight any rogue entries and click Remove .
Next, navigate to the General tab to make changes to your homepage. If it's been taken over, you'll most likely see the address here. Change it to whatever you want, or click the Restore to Default button.
Firefox has long supported extensions and plugins. To access them, go back to the Firefox menu and select Add-ons . Remove any rogue extensions, or if you're unsure, click the disable button to see how it affects your browser. You can always come back and remove it.
Following the above steps will help restore your browser(s) to the way it was operating before adware dug its claws in. However, it might not remove the root cause if there's a deeper malware infection. Let's move on.