Nowadays, most malware infections are fake security products. They’re designed to make your system unusable unless you cough up the ransom to “register” it, Thankfully there’s a basic removal procedure that works in most situations.

0. Have Malware Bytes preinstalled on your computer.
1. Restart Windows in safe mode with networking. Do not attempt manual removal in normal mode. It doesn’t work.
2. Open up msconfig, go to the Startup tab, and disable any items that have random names, reside in AppData/Application Data folders, and/or reside in user profile folders. If you’re not sure, uncheck it. If you get experienced with this you can tell which ones are the malware because they just don’t look right.
3. Reset all browsers. Check all proxy server settings to make sure they are disabled.
4. Open up a command line and run the following commands: netsh int ip reset reset.log, netsh winsock reset.
5. Check your hosts file for any redirects.
6. Update and run Malware Bytes.
7. You don’t have Malware Bytes or another cleanup utility? Reboot in normal mode. Your system should be cleaned up enough to download and install it now.

In most cases you’ll be cleaned up. More sophisticated malware will drop rootkits on your system, though. Symptoms include immediate reinfection, abrupt shutdown of antivirus utilities, or continued browser hijacks. If that’s the case, run TDSSKiller or GMER. TDSSKiller will probably handle it. It detects the most common rootkits, including TDSS, TDL4, and Mebroot, and also checks for other suspicious behavior like locked Windows services. GMER is more sophisticated, but harder to use. After removing any rootkits, rerun your cleanup utilities to catch what the rootkit was hiding.